公开(公告)号：US20180034686A1

公开(公告)日：2018-02-01

申请号：US15221538

申请日：2016-07-27

Applicant: CISCO TECHNOLOGY, INC

Inventor： Ramanan Vaidyanathan ,  Ajay Modi ,  Azeem Suleman ,  Krishna Doddapaneni ,  Sarang Dharmapurikar ,  Ganlin Wu

IPC: H04L12/24 ,  G06F11/07 ,  H04B17/17 ,  H04L29/06 ,  H04L12/947

CPC classification number: H04L41/0677 ,  G06F11/0709 ,  G06F11/0751 ,  G06F11/0772 ,  G06F11/079 ,  H04B17/17 ,  H04L41/0873 ,  H04L43/08 ,  H04L49/25 ,  H04L69/16 ,  H04L69/22

Abstract: Systems, methods, and computer-readable media for improving debugging and troubleshooting of datacenter networks, and more particularly improving the speed of forwarding/data path related problems without going into ASIC level debugging. A switch could, for example, have a processor which communicates with an ASIC. The processor can receive flow information and a notification from the ASIC, the notification indicating a predefined error condition has been identified in a packet. The processor can modify the ASIC programming based on the notification, such that the ASIC records additional, more-detailed, flow information for the switch. The processor can then receive, from the modified ASIC, the additional flow information. The additional flow information can then be used (either by the processor or by an operator) to identify the exact reason for the errors in the flow path.

公开(公告)号：US20170346748A1

公开(公告)日：2017-11-30

申请号：US15682339

申请日：2017-08-21

Applicant: Cisco Technology, Inc.

Inventor： Mohammadreza Alizadeh Attar ,  Thomas James Edsall ,  Sarang Dharmapurikar

IPC: H04L12/833 ,  H04L12/841

CPC classification number: H04L47/2458 ,  H04L47/283

Abstract: In one embodiment, a next set of packets in a first flow may be identified. A counter may be incremented, where the counter indicates a first number of initial sets of packets in first flow that have been identified. The identified next set of packets may be prioritized such that the first number of initial sets of packets in the first flow are prioritized and a sequential order of all packets in the first flow is maintained. The identifying, incrementing, and prioritizing may be repeated until no further sets of packets in the first flow remain to be identified or the first number of initial sets of packets is equal to a first predefined number.

公开(公告)号：US10382345B2

公开(公告)日：2019-08-13

申请号：US15682339

申请日：2017-08-21

Applicant: Cisco Technology, Inc.

Inventor： Mohammadreza Alizadeh Attar ,  Thomas James Edsall ,  Sarang Dharmapurikar

IPC: H04L12/833 ,  H04L12/841

Abstract: In one embodiment, a next set of packets in a first flow may be identified. A counter may be incremented, where the counter indicates a first number of initial sets of packets in first flow that have been identified. The identified next set of packets may be prioritized such that the first number of initial sets of packets in the first flow are prioritized and a sequential order of all packets in the first flow is maintained. The identifying, incrementing, and prioritizing may be repeated until no further sets of packets in the first flow remain to be identified or the first number of initial sets of packets is equal to a first predefined number.

公开(公告)号：US10432628B2

公开(公告)日：2019-10-01

申请号：US15051454

申请日：2016-02-23

Applicant: Cisco Technology, Inc.

Inventor： Thomas J. Edsall ,  Smita Rai ,  Satyam Sinha ,  Kit Chiu Chu ,  Sarang Dharmapurikar ,  Ashutosh Agrawal ,  Ravikanth Nasika

IPC: H04L29/06 ,  H04L12/911 ,  H04L12/725

Abstract: Disclosed are systems, methods, and computer-readable storage media for minimizing the number of entries in network access control lists (ACLs). In some embodiments of the present technology a networking device can receive, from a first computing device, a first data transmission intended for a second computing device, the first data transmission including first transmission data. The networking device can normalize at least a subset of the first transmission data based on a predetermined normalization algorithm, yielding a first normalized data set for the first data transmission. Subsequently, the networking device can identify a first access control list entry from a set of access control list entries based on the first normalized data set, the first access control list entry identifying a first action, and implement the first action in relation to the first data transmission.

公开(公告)号：US10142168B2

公开(公告)日：2018-11-27

申请号：US15221538

申请日：2016-07-27

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Ramanan Vaidyanathan ,  Ajay Modi ,  Azeem Suleman ,  Krishna Doddapaneni ,  Sarang Dharmapurikar ,  Ganlin Wu

IPC: H04L12/24 ,  H04L29/06 ,  H04L12/947 ,  H04B17/17 ,  G06F11/07 ,  H04L12/26

Abstract: Systems, methods, and computer-readable media for improving debugging and troubleshooting of datacenter networks, and more particularly improving the speed of forwarding/data path related problems without going into ASIC level debugging. A switch could, for example, have a processor which communicates with an ASIC. The processor can receive flow information and a notification from the ASIC, the notification indicating a predefined error condition has been identified in a packet. The processor can modify the ASIC programming based on the notification, such that the ASIC records additional, more-detailed, flow information for the switch. The processor can then receive, from the modified ASIC, the additional flow information. The additional flow information can then be used (either by the processor or by an operator) to identify the exact reason for the errors in the flow path.

公开(公告)号：US20170244645A1

公开(公告)日：2017-08-24

申请号：US15051454

申请日：2016-02-23

Applicant: Cisco Technology, Inc.

Inventor： Thomas J. Edsall ,  Smita Rai ,  Satyam Sinha ,  Kit Chiu Chu ,  Sarang Dharmapurikar ,  Ashutosh Agrawal ,  Ravikanth Nasika

IPC: H04L12/911

CPC classification number: H04L63/10 ,  H04L45/30 ,  H04L47/70 ,  H04L63/08 ,  H04L63/101 ,  H04L63/105 ,  H04L63/20

Abstract: Disclosed are systems, methods, and computer-readable storage media for minimizing the number of entries in network access control lists (ACLs). In some embodiments of the present technology a networking device can receive, from a first computing device, a first data transmission intended for a second computing device, the first data transmission including first transmission data. The networking device can normalize at least a subset of the first transmission data based on a predetermined normalization algorithm, yielding a first normalized data set for the first data transmission. Subsequently, the networking device can identify a first access control list entry from a set of access control list entries based on the first normalized data set, the first access control list entry identifying a first action, and implement the first action in relation to the first data transmission.

公开(公告)号：US20170212684A1

公开(公告)日：2017-07-27

申请号：US15004615

申请日：2016-01-22

Applicant: Cisco Technology, Inc.

Inventor： Sarang Dharmapurikar ,  Ganlin Wu ,  Alex Seibulescu ,  Wanli Wu

IPC: G06F3/06 ,  H04L12/26 ,  G06F12/02

CPC classification number: G06F3/0605 ,  G06F3/0608 ,  G06F3/0631 ,  G06F3/0673 ,  G06F12/023 ,  G06F2212/1044 ,  G06F2212/154 ,  H04L43/08

Abstract: According to one aspect, a method includes determining whether at least one memory storage unit in a first stage of a multi-stage array is available for use by a first counter associated with the first stage, and allocating the at least one memory storage unit for use by the first counter when the at least one memory storage unit is available. When the at least one memory storage unit is not available for use by the first counter, the method includes identifying a second counter stored in a first location in the first stage, the first location including a first memory storage unit and a second memory storage unit, and moving the second counter to a second stage of the multi-stage array, storing a pointer to the second stage in the first memory storage unit, and allocating the second memory storage unit to the first counter.

公开(公告)号：US09502111B2

公开(公告)日：2016-11-22

申请号：US14450106

申请日：2014-08-01

Applicant: Cisco Technology, Inc.

Inventor： Sarang Dharmapurikar ,  Mohammadreza Alizadeh Attar ,  Navindra Yadav ,  Ramanan Vaidyanathan ,  Kit Chiu Chu

IPC: H04L12/28 ,  G11C15/04 ,  H04L12/707 ,  H04L12/803

CPC classification number: H04L45/7453 ,  G06F9/30018 ,  G06K15/107 ,  G11C11/4096 ,  G11C15/00 ,  G11C15/04 ,  G11C2207/002 ,  H04L45/24 ,  H04L47/125

Abstract: In some implementations, network traffic can be routed along equal cost paths based on weights assigned to each path. For example, weighted equal cost multipath routing can be implemented by assigning weights to each equal cost path (e.g., uplink, next hop node) to a destination device. When the network device receives a packet, the network device can generate a key (e.g., a random value, a hash value based on packet data, a value between 0 and n, etc.). The key can be used to select an uplink or path upon which to forward the packet. A key can be generated for a packet flow or flowlet. Each flow can be associated with the same key so that each packet in a flow will be forwarded along the same path. Each flowlet can be forwarded along a different uplink.

Abstract translation: 在一些实现中，基于分配给每个路径的权重，网络流量可以沿着相等的成本路径路由。 例如，可以通过向目标设备分配权重给每个相等成本路径（例如，上行链路，下一跳节点）来实现加权等成本多径路由。 当网络设备接收到分组时，网络设备可以生成密钥（例如，随机值，基于分组数据的哈希值，0和n之间的值等）。 密钥可以用于选择转发数据包的上行链路或路径。 可以为分组流或小流生成密钥。 每个流可以与相同的密钥相关联，使得流中的每个分组将沿着相同的路径被转发。 每条流都可以沿不同的上行链路转发。

公开(公告)号：US10530712B2

公开(公告)日：2020-01-07

申请号：US15373616

申请日：2016-12-09

Applicant: Cisco Technology, Inc.

Inventor： Sameer Dilip Merchant ,  Sarang Dharmapurikar ,  Praveen Jain

IPC: H04L29/06 ,  H04L12/931 ,  H04L12/725 ,  H04L12/721 ,  H04L12/743

Abstract: Techniques for providing a reflexive access control list (ACL) on a virtual switch are provided. Embodiments receive a first packet corresponding to a first network flow and a second packet corresponding to a second network flow. Upon determining that a SYN flag is set within the first packet, a first entry is created in the reflexive ACL for the first network flow. Upon determining that the first packet was received over a client port of the first physical switch, the first packet is forwarded to a second physical switch within virtual switch. Upon determining that the second packet has a SYN flag enabled, a second entry is created in the reflexive ACL. Finally, upon determining that the second packet was received from the second physical switch, the second packet is forwarded over an uplink port to a destination defined by the second packet.

公开(公告)号：US10305799B2

公开(公告)日：2019-05-28

申请号：US15239164

申请日：2016-08-17

Applicant: Cisco Technology, Inc.

Inventor： Sarang Dharmapurikar ,  Kit Chiu ,  Ganlin Wu ,  Alexandru Seibulescu ,  Francisco Matus ,  Wanli Wu

IPC: H04L12/741 ,  H04L29/06 ,  H04L12/935

Abstract: Presented herein are techniques for performing packet forwarding or routing using a pipeline of a plurality of tiles. A method includes receiving a packet, parsing the packet to generate a vector, passing the vector to a first tile dedicated to a first type of lookup, performing a lookup in the first tile, storing a result of the first type of lookup in the vector to obtain a first updated vector, passing the first updated vector to a second tile dedicated to a second type of lookup, performing a lookup in the second tile, storing a result of the second type of lookup in the vector to obtain a second updated vector, and transmitting the packet from the network routing device via an output port thereof selected based on the second updated vector.