公开(公告)号：US11336482B2

公开(公告)日：2022-05-17

申请号：US16369330

申请日：2019-03-29

Applicant: Juniper Networks, Inc.

Inventor： Sankar Ramamoorthi ,  Ravi Shekhar ,  Venkata Rajasekharu Athreyapurapu ,  Rajeev Gupta ,  Kaushik Dutta Majumdar ,  Mohan Kumar A P ,  Pranav Koushik

IPC: H04L12/28 ,  H04L12/46 ,  H04L12/715 ,  H04L12/707 ,  H04L45/00 ,  H04L45/64 ,  H04L12/64

Abstract: Techniques are described for policy driven on-demand tunnel creation and deletion between end points in a software-defined wide area network (SD-WAN) having a hub-and-spoke topology. A software-defined networking (SDN) controller that facilitates cloud-based services of a service provider network that sets up the SD-WAN is configured to determine whether a tunnel between end-points is to be created or deleted based on information indicative of the traffic, such as amount, time, application generating the traffic, and the like, between end-points.

公开(公告)号：US20190036813A1

公开(公告)日：2019-01-31

申请号：US15663052

申请日：2017-07-28

Applicant: Juniper Networks, Inc.

Inventor： Nagaraja Manikkar Shenoy ,  Prasad V. ,  Kaushik Dutta Majumdar

IPC: H04L12/721 ,  H04L12/24 ,  H04L12/707

CPC classification number: H04L45/34 ,  H04L12/4633 ,  H04L12/4641 ,  H04L41/5003 ,  H04L41/5019 ,  H04L45/02 ,  H04L45/24 ,  H04L45/28 ,  H04L45/50 ,  H04L45/64

Abstract: Techniques are described for selecting paths in accordance with service level agreements. For example, spoke and hub routers may advertise routes associated with virtual routing and forwarding (VRF) instances mapped to service level agreements (SLAs). A virtual route reflector of an intermediate router may receive route advertisements and may add respective path communities associated with particular links selected based on link state measurements in accordance with the SLAs. The hub or spoke routers may receive the route advertisements including a respective path community and install the selected path as a next-hop for a given SLA. In this way, spoke and hub routers may forward traffic on links that satisfy particular SLAs such that Quality of Experience (QoE) for an application may be restored or improved.

公开(公告)号：US20240195844A1

公开(公告)日：2024-06-13

申请号：US18584531

申请日：2024-02-22

Applicant: Juniper Networks, Inc.

Inventor： Kaushik Dutta Majumdar ,  FNU Nadeem ,  Shanmukh Uppuluri

IPC: H04L9/40 ,  G06F16/245

CPC classification number: H04L63/20 ,  G06F16/245 ,  H04L63/0227

Abstract: In an example, systems and methods enable automatic implementation of intent-based security policies in a network system, such as a software-defined wide area network system, in which network segment prefixes for network segments at one or more sites are dynamically learned. A service orchestrator controller translates an intent-based security policy input by a user to a security policy for a first site. The security policy for the first site specifies a segment-specific queryable resource associated with a second site. To implement the security policy, a device associated with the first site queries the segment-specific queryable resource associated with the second site, and updates one or more forwarding tables of the device with the network segment prefixes associated with one or more network segments at the second site received in response to the query. The first site forwards network traffic to the second site based on the updated forwarding tables.

公开(公告)号：US20220321604A1

公开(公告)日：2022-10-06

申请号：US17301278

申请日：2021-03-30

Applicant: Juniper Networks, Inc.

Inventor： Kaushik Dutta Majumdar ,  FNU Nadeem ,  Shanmukh Uppuluri

IPC: H04L29/06 ,  G06F16/245 ,  G06N20/00

Abstract: In an example, systems and methods enable automatic implementation of intent-based security policies in a network system, such as a software-defined wide area network system, in which network segment prefixes for network segments at one or more sites are dynamically learned. A service orchestrator controller translates an intent-based security policy input by a user to a security policy for a first site. The security policy for the first site specifies a segment-specific queryable resource associated with a second site. To implement the security policy, a device associated with the first site queries the segment-specific queryable resource associated with the second site, and updates one or more forwarding tables of the device with the network segment prefixes associated with one or more network segments at the second site received in response to the query. The first site forwards network traffic to the second site based on the updated forwarding tables.

公开(公告)号：US12095817B2

公开(公告)日：2024-09-17

申请号：US17301278

申请日：2021-03-30

Applicant: Juniper Networks, Inc.

Inventor： Kaushik Dutta Majumdar ,  Fnu Nadeem ,  Shanmukh Uppuluri

IPC: H04L9/40 ,  G06F16/245

CPC classification number: H04L63/20 ,  G06F16/245 ,  H04L63/0227

Abstract: In an example, systems and methods enable automatic implementation of intent-based security policies in a network system, such as a software-defined wide area network system, in which network segment prefixes for network segments at one or more sites are dynamically learned. A service orchestrator controller translates an intent-based security policy input by a user to a security policy for a first site. The security policy for the first site specifies a segment-specific queryable resource associated with a second site. To implement the security policy, a device associated with the first site queries the segment-specific queryable resource associated with the second site, and updates one or more forwarding tables of the device with the network segment prefixes associated with one or more network segments at the second site received in response to the query. The first site forwards network traffic to the second site based on the updated forwarding tables.

公开(公告)号：US10523560B2

公开(公告)日：2019-12-31

申请号：US15663052

申请日：2017-07-28

Applicant: Juniper Networks, Inc.

Inventor： Nagaraja Manikkar Shenoy ,  Prasad V ,  Kaushik Dutta Majumdar

IPC: H04L12/721 ,  H04L12/24 ,  H04L12/707 ,  H04L12/46 ,  H04L12/715 ,  H04L12/751 ,  H04L12/703 ,  H04L12/723

Abstract: Techniques are described for selecting paths in accordance with service level agreements. For example, spoke and hub routers may advertise routes associated with virtual routing and forwarding (VRF) instances mapped to service level agreements (SLAs). A virtual route reflector of an intermediate router may receive route advertisements and may add respective path communities associated with particular links selected based on link state measurements in accordance with the SLAs. The hub or spoke routers may receive the route advertisements including a respective path community and install the selected path as a next-hop for a given SLA. In this way, spoke and hub routers may forward traffic on links that satisfy particular SLAs such that Quality of Experience (QoE) for an application may be restored or improved.

公开(公告)号：US10454812B2

公开(公告)日：2019-10-22

申请号：US15663075

申请日：2017-07-28

Applicant: Juniper Networks, Inc.

Inventor： Nagaraja Manikkar Shenoy ,  Prasad V ,  Kaushik Dutta Majumdar

IPC: H04L12/721 ,  H04L12/24 ,  H04L12/715 ,  H04L12/751 ,  H04L12/703 ,  H04L12/713 ,  H04L12/26

Abstract: Techniques are described for selecting paths in accordance with service level agreements. For example, spoke and hub routers may advertise routes associated with virtual routing and forwarding (VRF) instances mapped to service level agreements (SLAs). A virtual route reflector of an intermediate router may receive route advertisements and may add respective path communities associated with particular links selected based on link state measurements in accordance with the SLAs. The hub or spoke routers may receive the route advertisements including a respective path community and install the selected path as a next-hop for a given SLA. In this way, spoke and hub routers may forward traffic on links that satisfy particular SLAs such that Quality of Experience (QoE) for an application may be restored or improved.

公开(公告)号：US11916963B2

公开(公告)日：2024-02-27

申请号：US17301278

申请日：2021-03-30

Applicant: Juniper Networks, Inc.

Inventor： Kaushik Dutta Majumdar ,  Fnu Nadeem ,  Shanmukh Uppuluri

IPC: H04L9/40 ,  G06F16/245

CPC classification number: H04L63/20 ,  G06F16/245 ,  H04L63/0227

Abstract: In an example, systems and methods enable automatic implementation of intent-based security policies in a network system, such as a software-defined wide area network system, in which network segment prefixes for network segments at one or more sites are dynamically learned. A service orchestrator controller translates an intent-based security policy input by a user to a security policy for a first site. The security policy for the first site specifies a segment-specific queryable resource associated with a second site. To implement the security policy, a device associated with the first site queries the segment-specific queryable resource associated with the second site, and updates one or more forwarding tables of the device with the network segment prefixes associated with one or more network segments at the second site received in response to the query. The first site forwards network traffic to the second site based on the updated forwarding tables.

公开(公告)号：US20200252234A1

公开(公告)日：2020-08-06

申请号：US16369330

申请日：2019-03-29

Applicant: Juniper Networks, Inc.

Inventor： Sankar Ramamoorthi ,  Ravi Shekhar ,  Venkata Rajasekharu Athreyapurapu ,  Rajeev Gupta ,  Kaushik Dutta Majumdar ,  Mohan Kumar A P ,  Pranav Koushik

IPC: H04L12/28 ,  H04L12/46 ,  H04L12/715 ,  H04L12/707

Abstract: Techniques are described for policy driven on-demand tunnel creation and deletion between end points in a software-defined wide area network (SD-WAN) having a hub-and-spoke topology. A software-defined networking (SDN) controller that facilitates cloud-based services of a service provider network that sets up the SD-WAN is configured to determine whether a tunnel between end-points is to be created or deleted based on information indicative of the traffic, such as amount, time, application generating the traffic, and the like, between end-points.

公开(公告)号：US20190036808A1

公开(公告)日：2019-01-31

申请号：US15663075

申请日：2017-07-28

Applicant: Juniper Networks, Inc.

Inventor： Nagaraja Manikkar Shenoy ,  Prasad V ,  Kaushik Dutta Majumdar

IPC: H04L12/721 ,  H04L12/24

Abstract: Techniques are described for selecting paths in accordance with service level agreements. For example, spoke and hub routers may advertise routes associated with virtual routing and forwarding (VRF) instances mapped to service level agreements (SLAs). A virtual route reflector of an intermediate router may receive route advertisements and may add respective path communities associated with particular links selected based on link state measurements in accordance with the SLAs. The hub or spoke routers may receive the route advertisements including a respective path community and install the selected path as a next-hop for a given SLA. In this way, spoke and hub routers may forward traffic on links that satisfy particular SLAs such that Quality of Experience (QoE) for an application may be restored or improved.