公开(公告)号：US20180302269A1

公开(公告)日：2018-10-18

申请号：US15946213

申请日：2018-04-05

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Balaji Sankaran ,  Badrish Havaralu Rama Chandra Adiga ,  Venkatesh Natarajan

IPC: H04L12/24 ,  H04L29/06

Abstract: Examples disclosed herein relate to providing a failover in a MACsec capable device. In an example, a primary management engine that runs a protocol of MACsec standard in a MACsec capable device may determine whether a parameter related to a protocol of MACsec standard on the MACsec capable device has changed. In response to the determination that the parameter has changed, primary management engine may synchronize data related to the parameter to a secondary management engine, which acts as a failover component for the primary management engine. In response to a determination that the primary management engine has failed, secondary management engine may recreate the latest state of the protocol of MACsec standard in the MACsec capable device prior to the failure of the primary management engine, based on the data related to the parameter.

公开(公告)号：US20220385620A1

公开(公告)日：2022-12-01

申请号：US17334005

申请日：2021-05-28

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Ankit Kumar Sinha ,  Saumya Dikshit ,  Vinayak Joshi ,  Venkatesh Natarajan

IPC: H04L29/12 ,  H04L12/46 ,  H04L12/66 ,  H04L12/715

Abstract: One aspect provides a method and system for managing address resolution requests in a network. During operation, a gateway of the network advertises a route for sending address resolution requests and determines whether a cached entry corresponding to an address resolution request received via the route exists in a neighbor table. In response to determining that the cached entry exists, the gateway responds to the address resolution request based on the cached entry; in response to determining that the cached entry does not exist, the gateway replicates the address resolution request to edge devices in the network, thereby facilitating discovery of a target host corresponding to the address resolution request.

公开(公告)号：US20220224626A1

公开(公告)日：2022-07-14

申请号：US17147019

申请日：2021-01-12

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Badrish Adiga H R ,  Venkatesh Natarajan

IPC: H04L12/751 ,  H04L29/12 ,  H04L12/721 ,  H04L12/741 ,  H04L12/46

Abstract: One embodiment provides a system and method for managing, at a network node, a data structure indicating neighbor node address information. During operation, the system can determine, based on a media access control (MAC) address or an Internet protocol (IP) address associated with an entry in the data structure, a type of the entry, and set a timeout value for the entry based on the determined type. In response to detecting that an entry corresponding to the MAC address expires in a MAC table maintained by the network node, the system can identify an interface on the network node to which a neighbor associated with the MAC address was previously coupled and transmit a unicast neighbor-probe packet on the identified interface to determine a connection status of the neighbor.

公开(公告)号：US11646991B2

公开(公告)日：2023-05-09

申请号：US17334005

申请日：2021-05-28

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Ankit Kumar Sinha ,  Saumya Dikshit ,  Vinayak Joshi ,  Venkatesh Natarajan

IPC: H04L61/103 ,  H04L45/02 ,  H04L61/255 ,  H04L12/46 ,  H04L12/66 ,  H04L61/58 ,  H04L61/59

CPC classification number: H04L61/103 ,  H04L12/4641 ,  H04L12/66 ,  H04L45/04 ,  H04L61/255 ,  H04L61/58 ,  H04L61/59

Abstract: One aspect provides a method and system for managing address resolution requests in a network. During operation, a gateway of the network advertises a route for sending address resolution requests and determines whether a cached entry corresponding to an address resolution request received via the route exists in a neighbor table. In response to determining that the cached entry exists, the gateway responds to the address resolution request based on the cached entry; in response to determining that the cached entry does not exist, the gateway replicates the address resolution request to edge devices in the network, thereby facilitating discovery of a target host corresponding to the address resolution request.

公开(公告)号：US20240333580A1

公开(公告)日：2024-10-03

申请号：US18329689

申请日：2023-06-06

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Anoop Govindan Nair ,  Venkatesh Natarajan ,  Vincent Giles ,  Saurabh Mohan ,  Nisarg Shah

IPC: H04L41/0654

CPC classification number: H04L41/0654

Abstract: Methods and systems configured for fast failover in ISP peering are disclosed herein. One method comprises: establishing a fault detection protocol session between a first router and a second router, the first and second routers being computing network peers; the first router responding to a data communication connection between the first router and a first provider edge router going down by altering a status of the fault detection protocol session to a changed status; and the second router responding to the changed status of the fault detection protocol session by rerouting traffic served by the first provider edge router to a second provider edge router.

公开(公告)号：US11804983B2

公开(公告)日：2023-10-31

申请号：US17150762

申请日：2021-01-15

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Venkatesh Natarajan ,  Badrish Adiga H R

IPC: H04L12/46 ,  H04L41/0806 ,  H04L45/748 ,  H04L41/0813

CPC classification number: H04L12/4633 ,  H04L12/4641 ,  H04L41/0806 ,  H04L41/0813 ,  H04L45/748

Abstract: One embodiment provides a system which facilitates scaling of routing in an EVPN. During operation, the system determines, in an Ethernet Virtual Private Network (EVPN), a plurality of virtual tunnel endpoints (VTEPs) coupled to a plurality of subnets, wherein a respective subnet includes one or more hosts, wherein a first VTEP is configured with a first number of host routes for a first subnet coupled to a second VTEP, and wherein each of the first number of host routes corresponds to a host residing in the first subnet. Responsive to detecting that a total number of routes configured on the first VTEP exceeds a first predetermined threshold, the system aggregates the first number of host routes by replacing the first number of host routes with a first prefix route which indicates the first subnet.

公开(公告)号：US20190386824A1

公开(公告)日：2019-12-19

申请号：US16007594

申请日：2018-06-13

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Badrish Havaralu Rama Chandra Adiga ,  Balaji Sankaran ,  Venkatesh Natarajan

IPC: H04L9/08 ,  H04L29/06 ,  H04L9/32

Abstract: Examples disclosed herein relate to providing a failover in a MACsec capable device. In an example, a determination may be made on a Media Access Control (MAC) Security (MACsec) capable device, whether a primary management engine that manages a protocol related to MACsec standard on the MACsec capable device has failed. In response to a determination that the primary management engine has failed, a secondary management engine in the MACsec capable device may create a Connectivity Association (CA) between the MACsec capable device and a peer MACsec capable device by performing an IEEE 802.1X re-authentication with the peer MACsec capable device within MACsec Key Agreement (MKA) lifetime. The MKA lifetime may refer to a period during which no MACsec Key Agreement Protocol Data Unit (MKPDU) is received by the peer MACsec capable device from the MACsec capable device.

公开(公告)号：US20180124074A1

公开(公告)日：2018-05-03

申请号：US15728844

申请日：2017-10-10

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Venkatesh Natarajan ,  Khiruthigai Balasubramanian ,  Badrish Adiga HR

IPC: H04L29/06 ,  H04L12/24

CPC classification number: H04L63/1416 ,  H04L41/12 ,  H04L43/0811 ,  H04L63/1441

Abstract: Examples disclosed herein relate to security actions that can be taken at a network appliance based on a received copy of a neighbor discovery packet. The neighbor discovery packet copy is received on a control plane of a network that originated at a port on a data plane of the network. The neighbor discovery packet copy includes identification information including an internet protocol address, a media access control address, and information about the port. The identification information is compared to a binding state table to determine that the internet protocol address and the media access control address match the binding state table, but the port does not match a previous port on the binding state table for the internet protocol address. A security action is performed.

公开(公告)号：US20220231880A1

公开(公告)日：2022-07-21

申请号：US17150762

申请日：2021-01-15

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Venkatesh Natarajan ,  Badrish Adiga H R

IPC: H04L12/46 ,  H04L12/24 ,  H04L12/745

Abstract: One embodiment provides a system which facilitates scaling of routing in an EVPN. During operation, the system determines, in an Ethernet Virtual Private Network (EVPN), a plurality of virtual tunnel endpoints (VTEPs) coupled to a plurality of subnets, wherein a respective subnet includes one or more hosts, wherein a first VTEP is configured with a first number of host routes for a first subnet coupled to a second VTEP, and wherein each of the first number of host routes corresponds to a host residing in the first subnet. Responsive to detecting that a total number of routes configured on the first VTEP exceeds a first predetermined threshold, the system aggregates the first number of host routes by replacing the first number of host routes with a first prefix route which indicates the first subnet.