-
公开(公告)号:US20190028376A1
公开(公告)日:2019-01-24
申请号:US15658215
申请日:2017-07-24
Applicant: Cisco Technology, Inc.
Inventor: Sivakumar Ganapathy , Rajagopalan Janakiraman , Kalyan Ghosh , Sapan Shah
IPC: H04L12/26 , H04L29/12 , H04L12/743 , H04L12/46
CPC classification number: H04L43/12 , H04L12/4679 , H04L43/026 , H04L43/04 , H04L45/7453 , H04L61/2069
Abstract: Disclosed is a method that includes calculating, at a collector receiving a data flow and via a hashing algorithm, all possible hashes associated with at least one virtual attribute associated with the data flow to yield resultant hash values. Based on the resultant hash values, the method includes computing a multicast address group and multicasting the data flow to n leafs based on the multicast address group. At respective other collectors, the method includes filtering received sub-flows of the data flow based on the resultant hashes, wherein if a respective hash is owned by a collector, the respective collector accepts and saves the sub-flow in a local switch collector database. A scalable, distributed netflow is possible with the ability to respond to queries for fabric-level netflow statistics even on virtual constructs.
-
公开(公告)号:US20220385498A1
公开(公告)日:2022-12-01
申请号:US17335887
申请日:2021-06-01
Applicant: Cisco Technology, Inc.
Inventor: Rajagopalan Janakiraman , Arun Saha , Sivakumar Ganapathy , Jose Carlos Recuero Arias , Sapan Shah , Shashank Chaturvedi
Abstract: Techniques are described for dynamically establishing and scaling IPSec tunnels to connect hundreds of sites of a network by making use of the user intent of connecting certain applications for applying security policies and translating it dynamically based on the location and needs of the workloads to set up the network on demand. The techniques involve a tight loop between the network controller of a site (e.g., a cloud Application Policy Infrastructure Controller) and the inter-site or multi-cloud inter-connect controller, stitched through services that enable security and network automation at scale. In particular, to control the number of IPSec tunnels, IPSec tunnels are established only when required. Additionally, IPSec tunnels may be eliminated when no longer required. Thus, resources of a network may be used in a measured way that is necessary and sufficient to meet network traffic demand.
-
公开(公告)号:US11159412B2
公开(公告)日:2021-10-26
申请号:US16808830
申请日:2020-03-04
Applicant: Cisco Technology, Inc.
Inventor: Sivakumar Ganapathy , Rajagopalan Janakiraman , Kalyan Ghosh , Sapan Shah
IPC: H04L12/26 , H04L29/12 , H04L12/46 , H04L12/743
Abstract: Disclosed is a method that includes calculating, at a collector receiving a data flow and via a hashing algorithm, all possible hashes associated with at least one virtual attribute associated with the data flow to yield resultant hash values. Based on the resultant hash values, the method includes computing a multicast address group and multicasting the data flow to n leafs based on the multicast address group. At respective other collectors, the method includes filtering received sub-flows of the data flow based on the resultant hashes, wherein if a respective hash is owned by a collector, the respective collector accepts and saves the sub-flow in a local switch collector database. A scalable, distributed netflow is possible with the ability to respond to queries for fabric-level netflow statistics even on virtual constructs.
-
公开(公告)号:US11233721B2
公开(公告)日:2022-01-25
申请号:US16808768
申请日:2020-03-04
Applicant: Cisco Technology, Inc.
Inventor: Sivakumar Ganapathy , Rajagopalan Janakiraman , Kalyan Ghosh , Sapan Shah
IPC: H04L12/26 , H04L29/12 , H04L12/46 , H04L12/743
Abstract: Disclosed is a method that includes calculating, at a collector receiving a data flow and via a hashing algorithm, all possible hashes associated with at least one virtual attribute associated with the data flow to yield resultant hash values. Based on the resultant hash values, the method includes computing a multicast address group and multicasting the data flow to n leafs based on the multicast address group. At respective other collectors, the method includes filtering received sub-flows of the data flow based on the resultant hashes, wherein if a respective hash is owned by a collector, the respective collector accepts and saves the sub-flow in a local switch collector database. A scalable, distributed netflow is possible with the ability to respond to queries for fabric-level netflow statistics even on virtual constructs.
-
公开(公告)号:US10601693B2
公开(公告)日:2020-03-24
申请号:US15658215
申请日:2017-07-24
Applicant: Cisco Technology, Inc.
Inventor: Sivakumar Ganapathy , Rajagopalan Janakiraman , Kalyan Ghosh , Sapan Shah
IPC: H04L12/26 , H04L29/12 , H04L12/46 , H04L12/743
Abstract: Disclosed is a method that includes calculating, at a collector receiving a data flow and via a hashing algorithm, all possible hashes associated with at least one virtual attribute associated with the data flow to yield resultant hash values. Based on the resultant hash values, the method includes computing a multicast address group and multicasting the data flow to n leafs based on the multicast address group. At respective other collectors, the method includes filtering received sub-flows of the data flow based on the resultant hashes, wherein if a respective hash is owned by a collector, the respective collector accepts and saves the sub-flow in a local switch collector database. A scalable, distributed netflow is possible with the ability to respond to queries for fabric-level netflow statistics even on virtual constructs.
-
-
-
-