公开(公告)号：US20240031266A1

公开(公告)日：2024-01-25

申请号：US17872754

申请日：2022-07-25

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Saumya Dikshit ,  Srinath K. Rao ,  Santosh Sudam Easale ,  Ashwini Dahiya

IPC: H04L43/10 ,  H04L12/46

CPC classification number: H04L43/10 ,  H04L12/4641 ,  H04L12/4633

Abstract: A system for facilitating remote reachability checks for a switch. During operation, the system can receive one or more control messages from a management platform. Here, a respective control message can include one or more type-length-value (TLV) data structures. If the system identifies a first TLV data structure associated with validation in a first control message, the system can determine a validating plane based on a value of the first TLV data structure. The system can then validate the first control message at the validating plane. Upon identifying, in a second control message, a second TLV data structure associated with a plurality of parameters for a request in the second control message, the system can determine a subset of active parameters from the plurality of parameters based on an indicator in the second TLV data structure. The system can then process the request based on the subset of active parameters.

公开(公告)号：US11502927B2

公开(公告)日：2022-11-15

申请号：US17221813

申请日：2021-04-04

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Saumya Dikshit ,  Vinayak Joshi

IPC: H04L43/0882 ,  H04L43/0823 ,  H04L43/0817 ,  H04L12/46 ,  H04L45/00 ,  H04L45/24 ,  H04L45/28

Abstract: An example network orchestrator of a SDN is configured to receive, based on a user input, credentials associated with a traffic flow. Based on the credentials, it is determined whether the traffic flow is received at an ingress overlay network node. Route information and encapsulation information of the traffic flow is extracted from the ingress overlay network node. A first set of underlay network nodes each of which is a potential next hop for the traffic flow is identified. It is determined, based on the encapsulation information, whether the traffic flow is received by one of the first set of underlay network nodes. It is determined whether the traffic flow is received at an egress overlay network node from one of the first. A network trace of the traffic flow is determined based on the determinations of whether the traffic flow is received at the ingress overlay network node, one of the first set of underlay network nodes, and the egress overlay network node. Based on the network trace, a fault in a link between network nodes or in the ingress overlay network node or in the egress overlay network node or in one of the first set of underlay network nodes is detected.

公开(公告)号：US20250016091A1

公开(公告)日：2025-01-09

申请号：US18347459

申请日：2023-07-05

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Saumya Dikshit ,  Balaji Sankaran ,  Badrish Havaralu Rama Chandra Adiga

IPC: H04L45/64 ,  H04L12/46 ,  H04L45/02 ,  H04L45/74

Abstract: A system for facilitating segmentation by a first switch of an overlay tunnel fabric is provided. During operation, the system can receive a route update packet for the fabric. The packet can be based on a control plane that allows the exchange of route information via the tunnel and can include a first media access control (MAC) address learned at a second switch and a first role identifier of a first role. The first role can indicate a level of access granted to a first device associated with the first MAC address. The system can store the first MAC address and the first role identifier in a local address data structure. Upon receiving a packet from the first device, the system can then determine, based on the first role identifier and a first segmentation policy, whether a local device is allowed to receive the packet from the first device.

公开(公告)号：US12095642B2

公开(公告)日：2024-09-17

申请号：US17872754

申请日：2022-07-25

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Saumya Dikshit ,  Srinath K. Rao ,  Santosh Sudam Easale ,  Ashwini Dahiya

IPC: H04L43/10 ,  H04L12/46

CPC classification number: H04L43/10 ,  H04L12/4633 ,  H04L12/4641

Abstract: A system for facilitating remote reachability checks for a switch. During operation, the system can receive one or more control messages from a management platform. Here, a respective control message can include one or more type-length-value (TLV) data structures. If the system identifies a first TLV data structure associated with validation in a first control message, the system can determine a validating plane based on a value of the first TLV data structure. The system can then validate the first control message at the validating plane. Upon identifying, in a second control message, a second TLV data structure associated with a plurality of parameters for a request in the second control message, the system can determine a subset of active parameters from the plurality of parameters based on an indicator in the second TLV data structure. The system can then process the request based on the subset of active parameters.

公开(公告)号：US11646991B2

公开(公告)日：2023-05-09

申请号：US17334005

申请日：2021-05-28

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Ankit Kumar Sinha ,  Saumya Dikshit ,  Vinayak Joshi ,  Venkatesh Natarajan

IPC: H04L61/103 ,  H04L45/02 ,  H04L61/255 ,  H04L12/46 ,  H04L12/66 ,  H04L61/58 ,  H04L61/59

CPC classification number: H04L61/103 ,  H04L12/4641 ,  H04L12/66 ,  H04L45/04 ,  H04L61/255 ,  H04L61/58 ,  H04L61/59

Abstract: One aspect provides a method and system for managing address resolution requests in a network. During operation, a gateway of the network advertises a route for sending address resolution requests and determines whether a cached entry corresponding to an address resolution request received via the route exists in a neighbor table. In response to determining that the cached entry exists, the gateway responds to the address resolution request based on the cached entry; in response to determining that the cached entry does not exist, the gateway replicates the address resolution request to edge devices in the network, thereby facilitating discovery of a target host corresponding to the address resolution request.

公开(公告)号：US11552824B2

公开(公告)日：2023-01-10

申请号：US17391790

申请日：2021-08-02

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Saumya Dikshit ,  Vinayak Joshi

IPC: H04L12/46 ,  H04L45/64 ,  H04L45/50

Abstract: Examples disclosed herein relate to a method comprising receiving a data packet originating from a first device and intended for a second device, wherein the first device and the first access device belong to a first branch of a Wide Area Network (WAN) using a MPLS overlay and the second device belongs to a second branch of the WAN. The method includes encapsulating the data packet in VXLAN including a VXLAN label identifying a role type and transmitting the data packet to a first core device. The method includes determining an MPLS label corresponding to the role type and transmitting the data packet over the MPLS overlay to a second core device belonging to the second branch of the WAN. The method includes translating the MPLS label into the VXLAN label and transmitting the data packet including the VXLAN label to a second access device for an enforcement action.

公开(公告)号：US20220345330A1

公开(公告)日：2022-10-27

申请号：US17391790

申请日：2021-08-02

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Saumya Dikshit ,  Vinayak Joshi

IPC: H04L12/46 ,  H04L12/723 ,  H04L12/715

Abstract: Examples disclosed herein relate to a method comprising receiving a data packet originating from a first device and intended for a second device, wherein the first device and the first access device belong to a first branch of a Wide Area Network (WAN) using a MPLS overlay and the second device belongs to a second branch of the WAN. The method includes encapsulating the data packet in VXLAN including a VXLAN label identifying a role type and transmitting the data packet to a first core device. The method includes determining an MPLS label corresponding to the role type and transmitting the data packet over the MPLS overlay to a second core device belonging to the second branch of the WAN. The method includes translating the MPLS label into the VXLAN label and transmitting the data packet including the VXLAN label to a second access device for an enforcement action.

公开(公告)号：US11909819B1

公开(公告)日：2024-02-20

申请号：US18070209

申请日：2022-11-28

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Saumya Dikshit ,  Thimma Reddy Gadekal

IPC: H04L67/1095 ,  H04L69/16

CPC classification number: H04L67/1095 ,  H04L69/16

Abstract: A method and system are provided which facilitate synchronization of client IP binding databases across an extended network by leveraging the BGP control plane. During operation, a switch configures a first synchronization identifier indicating validated Internet Protocol (IP) binding information of an associated client. The switch receives a Border Gateway Protocol (BGP) update message associated with a first client, wherein the BGP update message includes a second synchronization identifier. Responsive to determining that the second synchronization identifier matches the first synchronization identifier, the switch: extracts from the BGP update message reachability information, which includes media access control (MAC) and IP information associated with the first client; validates the MAC and IP information based on security policies; and adds the MAC and IP information to a local IP binding database, thereby allowing synchronization of the validated IP binding information of the first client between the switch and other switches.

公开(公告)号：US20230024996A1

公开(公告)日：2023-01-26

申请号：US17374422

申请日：2021-07-13

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Vinayak Joshi ,  Tathagata Nandy ,  Venkatavaradhan Devarajan ,  Saumya Dikshit

IPC: H04W4/08 ,  H04W36/18 ,  H04L12/721 ,  H04L12/761

Abstract: In an example, a wired network device receives a first join message originating from a client device associated with a first wireless access point (WAP) connected to another wired network device in a broadcast domain. An entry corresponding to the client device is created in a remote receiver record of the wired network device. In response to the client device transitioning from the first WAP to a second WAP connected to the wired network device, it is determined that the client device is locally connected to the wired network device. Intention of the client device to receive multicast traffic is identified. A second join message directed to the network address of the multicast group and distributed in the broadcast domain. A traffic flow path for the multicast traffic via the wired network device and the second WAP to the client device is configured.

公开(公告)号：US20220400075A1

公开(公告)日：2022-12-15

申请号：US17391836

申请日：2021-08-02

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Saumya Dikshit ,  Vinayak Joshi ,  Venkatavaradhan Devarajan

IPC: H04L12/703 ,  H04L12/709 ,  H04L12/741 ,  H04L12/24 ,  H04L29/12 ,  H04L12/46

Abstract: In an example, a failure event is detected in a network, where the failure event is indicative of a network outage in a network device or a peer network device of an MC-LAG. The network device and the peer network device may be configured as a first VTEP in an overlay network. It may be determined that reprovisioning of virtual tunnels in the network device is incomplete. State parameters between the network device and the peer network device is synchronized. The set of virtual tunnels in the network device is provisioned based on the state parameters. After completion of provisioning of the virtual tunnels, an IP address of the first VTEP is published to underlay network devices connecting the first VTEP to a second VTEP over an underlay network. Subsequently, communication links between the MC-LAG and a host device is enabled.