公开(公告)号：US20160036620A1

公开(公告)日：2016-02-04

申请号：US14880895

申请日：2015-10-12

Applicant: Futurewei Technologies, Inc.

Inventor： Linda Dunbar ,  T. Benjamin Mack-Crane ,  Susan Hares ,  Robert Sultan ,  Peter Ashwood-Smith ,  Guoli Yin

IPC: H04L29/12 ,  H04L12/66 ,  H04L12/721 ,  H04L12/46

CPC classification number: H04L12/4633 ,  H04L12/462 ,  H04L12/4625 ,  H04L12/4641 ,  H04L12/4675 ,  H04L12/66 ,  H04L29/12028 ,  H04L41/12 ,  H04L45/02 ,  H04L45/66 ,  H04L61/103

Abstract: A network component including a receiver configured to receive a plurality of Internet Protocol (IP) addresses for a plurality of hosts in a plurality of external Layer 2 networks located at a plurality of physical locations and interconnected via a service, a logic circuit configured to map the IP addresses of the hosts in the external Layer 2 networks to a plurality of Media Access Control (MAC) addresses of a plurality of corresponding gateways in the same external Layer 2 networks, and a transmitter configured to send to the external Layer 2 networks a plurality of a plurality of IP addresses for a plurality of local hosts in a local Layer 2 network coupled to the external Layer 2 networks via the service.

Abstract translation: 一种网络组件，包括被配置为接收位于多个物理位置并经由服务互连的多个外部第2层网络中的多个主机的多个互联网协议（IP）地址的接收器，配置为映射 外部第二层网络中的主机的IP地址与相同外部第二层网络中的多个对应网关的多个媒体访问控制（MAC）地址以及被配置为向外部第二层网络发送的发射机 多个IP地址，用于经由该服务耦合到外部第二层网络的本地二层网络中的多个本地主机。

公开(公告)号：US10367730B2

公开(公告)日：2019-07-30

申请号：US14689911

申请日：2015-04-17

Applicant: Futurewei Technologies, Inc.

Inventor： Linda Dunbar ,  Susan Hares ,  T. Benjamin Mack-Crane ,  Peter Ashwood-Smith ,  Guoli Yin

IPC: H04L12/28 ,  H04L12/721 ,  H04L12/46 ,  H04L29/12 ,  H04L12/741 ,  H04L12/66

Abstract: An apparatus including a service network and a plurality of Layer 2 sites connected by the service network via a plurality of gateways is provided. The gateways are configured to map a plurality of Internet Protocol (IP) addresses of a plurality of hosts under a plurality of virtual local area networks (VLANs) in a plurality of Layer 2 sites to a plurality of addresses (e.g., MAC or others) of the corresponding other gateways, inform the other gateways in other Layer 2 sites of the IP addresses mapped under each of the VLANs in the local Layer 2 sites, and forward data frames originated from the hosts in the local Layer 2 sites to the other gateways in the other Layer 2 sites when destinations of the data frames are residing in the other Layer 2 sites.

公开(公告)号：US09419894B2

公开(公告)日：2016-08-16

申请号：US13874307

申请日：2013-04-30

Applicant: Futurewei Technologies, Inc.

Inventor： Peter Ashwood-Smith ,  Guoli Yin ,  Yapeng Wu

IPC: H04L12/46 ,  H04L12/741 ,  H04L29/12

CPC classification number: H04L45/74 ,  H04L12/4633 ,  H04L12/4641 ,  H04L61/103

Abstract: A method implemented by a hypervisor located in a first network device (ND), the method comprising sending to and receiving from a second ND a first type of packet, wherein each packet of the first type of packet comprises media access control (MAC) layer information of a client; and sending to and receiving from a third ND a second type of packet, wherein each packet of the second type of packet contains no client MAC layer information.

Abstract translation: 一种由位于第一网络设备（ND）中的管理程序实现的方法，所述方法包括向第二ND发送和接收第一类型的分组，其中第一类型分组的每个分组包括媒体访问控制（MAC）层 客户信息; 以及向第三ND发送和接收第二类型的分组，其中所述第二类型分组的每个分组不包含客户端MAC层信息。

公开(公告)号：US20150326470A1

公开(公告)日：2015-11-12

申请号：US14274410

申请日：2014-05-09

Applicant: Futurewei Technologies, Inc.

Inventor： Xingjun Chu ,  Peter Ashwood-Smith ,  Yapeng Wu ,  Guoli Yin

IPC: H04L12/705 ,  H04L12/733 ,  H04L12/723

CPC classification number: H04L45/50 ,  H04L12/4633 ,  H04L45/122 ,  H04L45/18 ,  H04L45/20 ,  H04L49/354

Abstract: An embodiment method of loop suppression in a layer-two transit network with multiprotocol label switching (MPLS) encapsulation includes receiving a packet at a provider edge (PE) router for the layer-two transit network. The packet is stored in a non-transitory memory on the PE router. The packet is stored according to a packet data structure having an MPLS label field and a layer-two header. A time-to-live (TTL) attribute is then determined for the packet. The TTL attribute is written to the non-transitory memory in the MPLS label field. The packet is then routed according to information in the layer-two header.

Abstract translation: 具有多协议标签交换（MPLS）封装的二层转接网络中的环路抑制的实施方式包括在用于二层转接网络的提供商边缘（PE）路由器处接收分组。 该数据包存储在PE路由器上的非暂存内存中。 分组根据具有MPLS标签字段和二层报头的分组数据结构来存储。 然后为分组确定生存时间（TTL）属性。 TTL属性被写入MPLS标签字段中的非暂存存储器。 然后根据第二层头部中的信息路由该分组。

公开(公告)号：US20150229618A1

公开(公告)日：2015-08-13

申请号：US14177913

申请日：2014-02-11

Applicant: FUTUREWEI TECHNOLOGIES, INC.

Inventor： Tao Wan ,  Peter Ashwood-Smith ,  Mehdi Arashmid Akhavain Mohammadi ,  Guoli Yin ,  Yapeng Wu

IPC: H04L29/06 ,  H04L12/721

CPC classification number: H04L63/0823 ,  H04L45/34 ,  H04L63/12 ,  H04L63/162

Abstract: Embodiments are provided for securing source routing using public key based digital signature. If a protected source route is tampered with, a public key based method allows a downstream node to detect the tampering. The method is based on using digital signatures to protect the integrity of source routes. When creating a source route for a traffic flow, a designated network component computes a digital signature and adds the digital signature to the packets. When the packets are received at a node on the route, the node uses the digital signature and a public key to verify the source route and determines accordingly whether the source route has been tampered with. If tampering is detected, the receiving node stops the forwarding of the packets.

Abstract translation: 提供了使用基于公钥的数字签名来保护源路由的实施例。 如果受保护的源路由被篡改，基于公钥的方法允许下游节点检测到篡改。 该方法基于使用数字签名来保护源路由的完整性。 当为流量流创建源路由时，指定的网络组件计算数字签名并将数字签名添加到分组。 当路由节点接收到报文时，节点使用数字签名和公钥来验证源路由，并确定源路由是否被篡改。 如果检测到篡改，则接收节点停止转发数据包。

公开(公告)号：US20150222534A1

公开(公告)日：2015-08-06

申请号：US14689911

申请日：2015-04-17

Applicant: Futurewei Technologies, Inc.

Inventor： Linda Dunbar ,  Susan Hares ,  T. Benjamin Mack-Crane ,  Robert Sultan ,  Peter Ashwood-Smith ,  Guoli Yin

IPC: H04L12/721 ,  H04L12/66 ,  H04L12/46 ,  H04L12/741

CPC classification number: H04L45/66 ,  H04L12/462 ,  H04L12/4633 ,  H04L12/4641 ,  H04L12/66 ,  H04L29/12028 ,  H04L45/74 ,  H04L61/103

Abstract: An apparatus including a service network and a plurality of Layer 2 sites connected by the service network via a plurality of gateways is provided. The gateways are configured to map a plurality of Internet Protocol (IP) addresses of a plurality of hosts under a plurality of virtual local area networks (VLANs) in a plurality of Layer 2 sites to a plurality of addresses (e.g., MAC or others) of the corresponding other gateways, inform the other gateways in other Layer 2 sites of the IP addresses mapped under each of the VLANs in the local Layer 2 sites, and forward data frames originated from the hosts in the local Layer 2 sites to the other gateways in the other Layer 2 sites when destinations of the data frames are residing in the other Layer 2 sites.

Abstract translation: 提供一种包括服务网络和经由多个网关由服务网络连接的多个第二层站点的装置。 网关被配置为将多个第2层站点中的多个虚拟局域网（VLAN）下的多个主机的多个互联网协议（IP）地址映射到多个地址（例如MAC或其他地址） 相应的其他网关，通知其他二层站点中映射在本地二层站点中每个VLAN下的IP地址的其他网关，并将源自本地二层站点的主机的数据帧转发到其他网关 在其他第2层站点中，当数据帧的目的地驻留在其他第2层站点时。

公开(公告)号：US20150078387A1

公开(公告)日：2015-03-19

申请号：US14552767

申请日：2014-11-25

Applicant: Futurewei Technologies, Inc.

Inventor： Linda Dunbar ,  Guoli Yin

IPC: H04L12/741 ,  H04L12/46

CPC classification number: H04L45/66 ,  H04L12/462 ,  H04L12/4633 ,  H04L12/4641 ,  H04L12/66 ,  H04L29/12028 ,  H04L45/74 ,  H04L61/103

Abstract: A network component comprising a receiver configured to receive an outgoing frame from a local host, a logic circuit configured to map a destination address (DA) for a target host in the outgoing frame to a DA for a target location of the target host and encapsulate the outgoing frame using the DA for the target location, and a transmitter configured to receive a pre-encapsulated outgoing frame from a local switch, and send the pre-encapsulated outgoing frame to a gateway at a target location, wherein the transmitter does not encapsulate frames received from local switches and decapsulates an incoming frame from a remote gateway destined towards local hosts.

Abstract translation: 一种网络组件，包括被配置为从本地主机接收输出帧的接收器，逻辑电路，被配置为将出局帧中的目标主机的目的地地址（DA）映射到目标主机的目标位置的DA，并封装 使用用于目标位置的DA的输出帧，以及发射机，被配置为从本地交换机接收预先封装的输出帧，并且将预先封装的输出帧发送到目标位置处的网关，其中发射机不封装 从本地交换机接收到的帧，并将来自远程本地主机的远程网关的传入帧解封装。

公开(公告)号：US10389629B2

公开(公告)日：2019-08-20

申请号：US14552767

申请日：2014-11-25

Applicant: Futurewei Technologies, Inc.

Inventor： Linda Dunbar ,  Yijun Xiong ,  Guoli Yin

IPC: H04L12/28 ,  H04L12/721 ,  H04L12/46 ,  H04L29/12 ,  H04L12/741 ,  H04L12/66

Abstract: A network component comprising a receiver configured to receive an outgoing frame from a local host, a logic circuit configured to map a destination address (DA) for a target host in the outgoing frame to a DA for a target location of the target host and encapsulate the outgoing frame using the DA for the target location, and a transmitter configured to receive a pre-encapsulated outgoing frame from a local switch, and send the pre-encapsulated outgoing frame to a gateway at a target location, wherein the transmitter does not encapsulate frames received from local switches and decapsulates an incoming frame from a remote gateway destined towards local hosts.

公开(公告)号：US09912495B2

公开(公告)日：2018-03-06

申请号：US14880895

申请日：2015-10-12

Applicant: Futurewei Technologies, Inc.

Inventor： Linda Dunbar ,  T. Benjamin Mack-Crane ,  Susan Hares ,  Robert Sultan ,  Peter Ashwood-Smith ,  Guoli Yin

IPC: H04L12/24 ,  H04L12/46 ,  H04L12/66 ,  H04L12/751 ,  H04L29/12 ,  H04L12/721

CPC classification number: H04L12/4633 ,  H04L12/462 ,  H04L12/4625 ,  H04L12/4641 ,  H04L12/4675 ,  H04L12/66 ,  H04L29/12028 ,  H04L41/12 ,  H04L45/02 ,  H04L45/66 ,  H04L61/103

Abstract: A network component including a receiver configured to receive a plurality of Internet Protocol (IP) addresses for a plurality of hosts in a plurality of external Layer 2 networks located at a plurality of physical locations and interconnected via a service, a logic circuit configured to map the IP addresses of the hosts in the external Layer 2 networks to a plurality of Media Access Control (MAC) addresses of a plurality of corresponding gateways in the same external Layer 2 networks, and a transmitter configured to send to the external Layer 2 networks a plurality of a plurality of IP addresses for a plurality of local hosts in a local Layer 2 network coupled to the external Layer 2 networks via the service.

公开(公告)号：US20150244583A1

公开(公告)日：2015-08-27

申请号：US14191526

申请日：2014-02-27

Applicant: FutureWei Technologies, Inc.

Inventor： Tao Wan ,  Guoli Yin ,  Yapeng Wu ,  Peter Ashwood-Smith ,  Xingjun Chu

IPC: H04L12/24 ,  H04L29/08

CPC classification number: H04L41/145 ,  H04L41/12 ,  H04L41/22

Abstract: Embodiments are provided herein for creating virtual networks with service chains, such as n-tier networks, in the cloud. In an embodiment, a network diagram for a virtual network is received from a user via a graphical user interface. The network diagram comprises elements that represent virtual or physical network components. The network components include switches, routers, firewalls, links, service appliances, virtual machines, servers, or other network components. Upon successfully validating the network diagram, via a validation step, the network diagram is compiled into application programming interface (API) calls ready for execution. The executed APIs are used to establish the virtual network on a physical network infrastructure. The virtual network comprises virtual network components corresponding to the elements or the network diagram.

Abstract translation: 本文提供的实施例用于在云中创建具有诸如n层网络的服务链的虚拟网络。 在一个实施例中，经由图形用户界面从用户接收虚拟网络的网络图。 网络图包括表示虚拟或物理网络组件的元素。 网络组件包括交换机，路由器，防火墙，链路，服务设备，虚拟机，服务器或其他网络组件。 在成功验证网络图后，通过验证步骤将网络图编译成应用程序编程接口（API）调用准备执行。 执行的API用于在物理网络基础架构上建立虚拟网络。 虚拟网络包括对应于元素或网络图的虚拟网络组件。