公开(公告)号：US07468978B2

公开(公告)日：2008-12-23

申请号：US10701947

申请日：2003-11-04

申请人： Ross W. Callon ,  John K. Renwick

发明人： Ross W. Callon ,  John K. Renwick

IPC分类号： H04L12/28 ,  H04L12/56

CPC分类号： H04L12/4633 ,  H04L12/4641 ,  H04L45/24 ,  H04L69/14

摘要： An apparatus and method for encapsulating and forwarding packets on a network are disclosed. The network can include a first subnetwork such as a virtual private network connected to a larger public network such as the Internet. An encapsulating header is attached to a packet to be transferred across the public network from a source node on the private network to a destination node on the private network, such that the packet can be transferred across the public network. The encapsulating header includes a value which is derived from the private header on the packet used to transfer the packet along the private network. The value is therefore associated with a source/destination pair within the private network. The value can be derived by performing a hash operation on the private network header. After the public network header containing the value derived from the private network header is attached to the packet, it can be forwarded across the public network. A logical operation such as a hash operation can be performed on the public network header to select one of a plurality of possible paths on the public network to forward the packet. As a result, each source/destination pair within the private network will be associated with a path within the public network. Traffic from the private network can therefore be distributed over multiple paths in the public network, thus reducing or eliminating traffic congestion and overload.

摘要翻译： 公开了一种用于在网络上封装和转发分组的装置和方法。 网络可以包括第一子网，例如连接到诸如因特网的较大公共网络的虚拟专用网。 封装头连接到要从专用网络上的源节点通过公共网络传输到专用网络上的目的地节点的分组，使得分组可以跨越公共网络传送。 封装头包括一个值，该值是从用于沿着专用网络传送数据包的数据包的专用头部导出的。 因此，该值与专用网络中的源/目标对相关联。 可以通过在专用网络头上执行散列操作来导出该值。 在包含从专用网络头部导出的值的公共网络头部附加到分组之后，可以通过公共网络转发。 可以在公共网络报头上执行诸如散列操作的逻辑操作，以选择公共网络上的多个可能路径中的一个来转发分组。 因此，专用网络内的每个源/目的地对将与公共网络内的路径相关联。 因此，可以通过公网中的多条路径分配来自专网的流量，从而减少或消除流量拥塞和超载。

公开(公告)号：US06643287B1

公开(公告)日：2003-11-04

申请号：US09444921

申请日：1999-11-24

申请人： Ross W. Callon ,  John K. Renwick

发明人： Ross W. Callon ,  John K. Renwick

IPC分类号： H04L1256

CPC分类号： H04L12/4633 ,  H04L12/4641 ,  H04L45/24 ,  H04L69/14

摘要： An apparatus and method for encapsulating and forwarding packets on a network are disclosed. The network can include a first subnetwork such as a virtual private network connected to a larger public network such as the Internet. An encapsulating header is attached to a packet to be transferred across the public network from a source node on the private network to a destination node on the private network, such that the packet can be transferred across the public network. The encapsulating header includes a value which is derived from the private header on the packet used to transfer the packet along the private network. The value is therefore associated with a source/destination pair within the private network. The value can be derived by performing a hash operation on the private network header. After the public network header containing the value derived from the private network header is attached to the packet, it can be forwarded across the public network. A logical operation such as a hash operation can be performed on the public network header to select one of a plurality of possible paths on the public network to forward the packet. As a result, each source/destination pair within the private network will be associated with a path within the public network. Traffic from the private network can therefore be distributed over multiple paths in the public network, thus reducing or eliminating traffic congestion and overload.

摘要翻译： 公开了一种用于在网络上封装和转发分组的装置和方法。 网络可以包括第一子网，例如连接到诸如因特网的较大公共网络的虚拟专用网。 封装头连接到要从专用网络上的源节点通过公共网络传输到专用网络上的目的地节点的分组，使得分组可以跨越公共网络传送。 封装头包括一个值，该值是从用于沿着专用网络传送数据包的数据包的专用头部导出的。 因此，该值与专用网络中的源/目标对相关联。 可以通过在专用网络头上执行散列操作来导出该值。 在包含从专用网络头部导出的值的公共网络头部附加到分组之后，可以通过公共网络转发。 可以在公共网络报头上执行诸如散列操作的逻辑操作，以选择公共网络上的多个可能路径中的一个来转发分组。 因此，专用网络内的每个源/目的地对将与公共网络内的路径相关联。 因此，可以通过公网中的多条路径分配来自专网的流量，从而减少或消除流量拥塞和超载。

公开(公告)号：US07151775B1

公开(公告)日：2006-12-19

申请号：US09405237

申请日：1999-09-23

申请人： John K. Renwick ,  Ross W. Callon

发明人： John K. Renwick ,  Ross W. Callon

IPC分类号： H04L12/28 ,  H04L12/56

CPC分类号： H04L45/50 ,  H04L45/00 ,  H04L45/26

摘要： An apparatus and method for forwarding data on a network are described. A label-switching subnetwork within the network includes an ingress node and an egress node coupled to source and destination nodes, respectively, on the network. The ingress node sends a signal along a route within the subnetwork through a plurality of subnetwork nodes to the egress node. In response, the subnetwork nodes transmit response signals back along the route toward the ingress node which define the route through the subnetwork and simultaneously allocate a plurality of paths within the route. A single path can be selected for forwarding of data packets associated with a source/destination pair, ensuring that data packets arriving at the destination are not misaligned.

摘要翻译： 描述了一种用于在网络上转发数据的装置和方法。 网络内的标签交换子网络包括分别耦合到网络上的源节点和目的节点的入节点和出节点。 入口节点通过多个子网节点沿着子网内的路由向出口节点发送信号。 作为响应，子网节点沿着路由向路由节点发送响应信号，该入节点定义通过子网络的路由并且同时在该路由内分配多条路径。 可以选择单个路径来转发与源/目的地对相关联的数据分组，确保到达目的地的数据分组不对齐。

公开(公告)号：US20140003227A1

公开(公告)日：2014-01-02

申请号：US13539424

申请日：2012-06-30

申请人： John Galen Scudder ,  Ross W. Callon

发明人： John Galen Scudder ,  Ross W. Callon

IPC分类号： H04L29/14 ,  H04L12/56

CPC分类号： H04L45/021 ,  H04L41/0668 ,  H04L41/0672 ,  H04L45/023 ,  H04L45/04 ,  H04L45/28 ,  H04L69/40

摘要： In general, techniques are described for selectively invoking graceful restart procedures when a route reflector member of a redundant route cluster fails. In one example, a method is provided that includes determining, by a provider edge router that supports graceful restart procedures, that a first router forms a redundant group with at least a second router. The method also includes detecting a failure of the first router and determining that at least the second router in the redundant group is operating approximately while the first router is failed. The method further includes overriding graceful restart procedures with respect to the failed first router when at least the second router is operating. The method also includes forwarding one or more data packets according to route information provided via the second router.

摘要翻译： 一般来说，描述了当冗余路由集群的路由反射器成员发生故障时选择性地调用平滑重启过程的技术。 在一个示例中，提供了一种方法，其包括由支持平滑重启过程的提供商边缘路由器确定第一路由器与至少第二路由器形成冗余组。 该方法还包括检测第一路由器的故障，并且确定至少第二路由器在第一路由器发生故障时大致操作冗余组中的第二路由器。 该方法还包括当至少第二路由器正在运行时相对于故障的第一路由器重写优雅的重新启动过程。 该方法还包括根据经由第二路由器提供的路由信息​​转发一个或多个数据分组。

公开(公告)号：US07154891B1

公开(公告)日：2006-12-26

申请号：US10132117

申请日：2002-04-23

申请人： Ross W. Callon

发明人： Ross W. Callon

IPC分类号： H04L12/56

CPC分类号： H04L29/12009 ,  H04L29/12367 ,  H04L61/2514

摘要： Network address translation (NAT) translates between globally unique addresses used within a global network and a local network. A method, for example, includes mapping a first set of globally non-routable global addresses to a second set of globally routable global addresses, and forwarding packets in accordance with the mapping. The method may further include assigning the first set of addresses to devices of a local network, and forwarding packets between the devices of the local network and a global network. These techniques may significantly reduce the demand placed on routing devices in a global network.

摘要翻译： 网络地址转换（NAT）在全球网络和本地网络中使用的全球唯一地址之间进行转换。 例如，一种方法包括将第一组全局不可路由的全局地址映射到第二组全局可路由的全局地址，以及根据映射转发分组。 该方法还可以包括将第一组地址分配给本地网络的设备，以及在本地网络的设备与全球网络之间转发分组。 这些技术可以显着地降低对全球网络中路由设备的需求。

公开(公告)号：US08004990B1

公开(公告)日：2011-08-23

申请号：US12628736

申请日：2009-12-01

申请人： Ross W. Callon

发明人： Ross W. Callon

IPC分类号： H04J3/14

CPC分类号： H04L47/10 ,  H04L47/125 ,  H04L2012/5624

摘要： Techniques are described for distributing network traffic across parallel data paths. For example, a router may perform a hash on routing information of the packet to generate a hash value corresponding to the packet flow associated with the packet. The router may map the hash value of the packet to a forwarding element associated with a data path. The router may dynamically update the mapping of hash values to forwarding elements in accordance with traffic flow statistics. In this manner, the router may distribute the packet flows from data paths with high volumes of traffic to data paths with smaller volumes of traffic. The router may further prevent out of sequence delivery of packets by updating the mapping upon a gap in the packet flow exceeding a threshold gap. For example, the router may update the mapping when a packet for a packet flow associated with the particular hash value has not been received for at least a defined time interval.

摘要翻译： 描述了跨并行数据路径分配网络流量的技术。 例如，路由器可以对分组的路由信息​​执行哈希，以产生与分组相关联的分组流对应的哈希值。 路由器可以将分组的哈希值映射到与数据路径相关联的转发元素。 路由器可以根据流量统计动态更新哈希值到转发元素的映射。 以这种方式，路由器可以将具有大量流量的数据路径的分组流分配到具有较小流量的数据路径。 路由器可以进一步通过在分组流中的间隙上更新映射来防止分组的不顺序递送超过阈值间隙。 例如，当与特定散列值相关联的分组流的分组尚未被接收至少定义的时间间隔时，路由器可以更新映射。

公开(公告)号：US09178797B2

公开(公告)日：2015-11-03

申请号：US13539424

申请日：2012-06-30

申请人： John Galen Scudder ,  Ross W. Callon

发明人： John Galen Scudder ,  Ross W. Callon

IPC分类号： H04L12/26 ,  H04L12/755 ,  H04L12/757 ,  H04L29/14 ,  H04L12/24 ,  H04L12/715

CPC分类号： H04L45/021 ,  H04L41/0668 ,  H04L41/0672 ,  H04L45/023 ,  H04L45/04 ,  H04L45/28 ,  H04L69/40

摘要： In general, techniques are described for selectively invoking graceful restart procedures when a route reflector member of a redundant route cluster fails. In one example, a method is provided that includes determining, by a provider edge router that supports graceful restart procedures, that a first router forms a redundant group with at least a second router. The method also includes detecting a failure of the first router and determining that at least the second router in the redundant group is operating approximately while the first router is failed. The method further includes overriding graceful restart procedures with respect to the failed first router when at least the second router is operating. The method also includes forwarding one or more data packets according to route information provided via the second router.

摘要翻译： 一般来说，描述了当冗余路由集群的路由反射器成员发生故障时选择性地调用优雅重启过程的技术。 在一个示例中，提供了一种方法，其包括由支持平滑重启过程的提供商边缘路由器确定第一路由器与至少第二路由器形成冗余组。 该方法还包括检测第一路由器的故障，并且确定至少第二路由器在第一路由器发生故障时大致操作冗余组中的第二路由器。 该方法还包括当至少第二路由器正在运行时相对于故障的第一路由器重写优雅的重新启动过程。 该方法还包括根据经由第二路由器提供的路由信息​​转发一个或多个数据分组。

公开(公告)号：US07389537B1

公开(公告)日：2008-06-17

申请号：US10431395

申请日：2003-05-08

申请人： Ross W. Callon ,  Frank Kastenholz

发明人： Ross W. Callon ,  Frank Kastenholz

IPC分类号： G06F11/00

CPC分类号： H04L63/1441 ,  H04L47/10 ,  H04L63/0218 ,  H04L63/0263 ,  H04L63/1416 ,  H04L63/1425 ,  H04L63/1458

摘要： A network device coordinates with other devices in a network to create a distributed filtering system. The device detects an attack in the network, such as a distributed denial of service attack, and forwards attack information to the other devices. The devices may categorize data into one or more groups and rate limit the amount of data being forwarded based on rate limits for the particular categories. The rate limits may also be updated based on the network conditions. The rate limits may further be used to guarantee bandwidth for certain categories of data.

摘要翻译： 网络设备与网络中的其他设备进行协调，以创建分布式过滤系统。 设备检测网络中的攻击，如分布式拒绝服务攻击，并将攻击信息转发给其他设备。 设备可以将数据分类为一个或多个组，并且基于特定类别的速率限制对速率限制转发的数据量。 速率限制也可以根据网络条件进行更新。 速率限制可以进一步用于保证某些类别的数据的带宽。

公开(公告)号：US06999459B1

公开(公告)日：2006-02-14

申请号：US09113491

申请日：1998-07-10

申请人： Ross W. Callon ,  Thierry Maison

发明人： Ross W. Callon ,  Thierry Maison

IPC分类号： H04L12/56

CPC分类号： H04L45/00 ,  G06F11/1423 ,  H04L45/22 ,  H04L45/28

摘要： A network comprises a plurality of switching nodes interconnected by communication links for transferring digital packets. At least one switching node in the network pre-establishes a bypass virtual circuit through the network to bypass an element of the network, such as a switching node or a communication link, in the network. The bypass virtual circuit defines a path to another switching node in the network. The first switching node uses the bypass virtual circuit so constructed in forwarding of a packet in the event of a failure or other malfunction of the element if the first switching node would otherwise transfer the packet over that element.

摘要翻译： 网络包括通过用于传送数字分组的通信链路互连的多个交换节点。 网络中的至少一个交换节点通过网络预先建立旁路虚拟电路以绕过网络中的诸如交换节点或通信链路的网络的元件。 旁路虚拟电路定义到网络中另一交换节点的路径。 如果第一交换节点否则在该元件上传送分组，则第一交换节点使用如果在发生故障或元件的其他故障的情况下转发分组而构造的旁路虚拟电路。

公开(公告)号：US06870849B1

公开(公告)日：2005-03-22

申请号：US09610278

申请日：2000-07-06

申请人： Ross W. Callon ,  James D. Carlson ,  Douglas C. Ehlert ,  Yuval Peduel

发明人： Ross W. Callon ,  James D. Carlson ,  Douglas C. Ehlert ,  Yuval Peduel

IPC分类号： H04L12/56

CPC分类号： H04L45/745 ,  H04L45/00 ,  H04L45/24

摘要： An apparatus and method for efficient hashing uses both an identifying portion of a data packet, e.g., source and destination ID, and an identifying value of the node, e.g., the IP address of the node, to generate a hash result. By inserting a unique value into the hash operation at each node, the invention effectively provides for a different hash implementation at each node. As a result, in situations where multiple paths or multiple links within a path are available to forward packets, traffic can be split over the multiple paths and links. Inefficient utilization of network links found in prior systems which use the same hash operation at each node are eliminated.

摘要翻译： 用于高效散列的装置和方法使用数据分组的识别部分（例如，源和目的地ID）以及节点的标识值（例如节点的IP地址）来生成散列结果。 通过在每个节点处将独特的值插入到散列操作中，本发明在每个节点处有效地提供不同的哈希实现。 因此，在路由中的多个路径或多个链路可用于转发数据包的情况下，流量可以在多个路径和链路上分割。 消除了在每个节点使用相同散列操作的现有系统中发现的网络链路的低效利用。