公开(公告)号：US20150381493A1

公开(公告)日：2015-12-31

申请号：US14320079

申请日：2014-06-30

Applicant: Juniper Networks, Inc.

Inventor： Sachin Bansal ,  Nischal Sheth ,  Prakash M. Bailkeri

IPC: H04L12/741 ,  H04L12/723 ,  H04L12/56 ,  H04L12/725 ,  H04L12/721

CPC classification number: H04L45/745 ,  H04L45/30 ,  H04L45/306 ,  H04L45/38 ,  H04L45/50 ,  H04L45/741

Abstract: In some examples, a controller comprises one or more processors; a control unit configured to obtain, from a router in a first network, a route that specifies a next hop to an address prefix reachable by the first network; and a service chain unit configured to generate a modified route that specifies a service node as the next hop for the address prefix, wherein the service node is external to the first network, and wherein the control unit is further configured to send the modified route to a second network, the modified route marked with an import route target configured for a provider edge router of the second network so that traffic from the first network and destined for the second network is forwarded to the service node.

Abstract translation: 在一些示例中，控制器包括一个或多个处理器; 控制单元，被配置为从第一网络中的路由器获得指定下一跳到由所述第一网络可到达的地址前缀的路由; 以及服务链单元，其被配置为生成指定服务节点作为所述地址前缀的下一跳的修改路由，其中​​，所述服务节点在所述第一网络的外部，并且其中所述控制单元还被配置为将修改的路由发送到 第二网络，所述修改路由标记有为第二网络的提供商边缘路由器配置的导入路由目标，使得来自第一网络且去往第二网络的流量被转发到服务节点。

公开(公告)号：US10212160B2

公开(公告)日：2019-02-19

申请号：US15455904

申请日：2017-03-10

Applicant: JUNIPER NETWORKS, INC.

Inventor： Manjunath Jagannatharao ,  Sachin Bansal ,  Lisa Guo ,  Nagendra K S

IPC: H04L29/06

Abstract: A method may include detecting a presence of a first server device; communicating, with the first server device, to obtain information associated with the first server device; sending, to a second server device, a request for authentication services, where the request includes the information associated with the first server device; receiving, from the second server device, a notification that the first server device has been authenticated, where the notification includes a session threshold; and establishing, based on the notification, a session with the first server device by associating the first server device with a virtual local area network (VLAN), where the associating permits network traffic to be received from or sent to the first server device via the VLAN, and where the network node uses the session threshold received from the second server device, instead of a threshold associated with the VLAN, to determine a duration permitted for the session.

公开(公告)号：US09634936B2

公开(公告)日：2017-04-25

申请号：US14320079

申请日：2014-06-30

Applicant: Juniper Networks, Inc.

Inventor： Sachin Bansal ,  Nischal Sheth ,  Prakash M. Bailkeri

IPC: H04L12/741 ,  H04L12/725 ,  H04L12/721 ,  H04L12/56 ,  H04L12/723

CPC classification number: H04L45/745 ,  H04L45/30 ,  H04L45/306 ,  H04L45/38 ,  H04L45/50 ,  H04L45/741

Abstract: In some examples, a controller comprises one or more processors; a control unit configured to obtain, from a router in a first network, a route that specifies a next hop to an address prefix reachable by the first network; and a service chain unit configured to generate a modified route that specifies a service node as the next hop for the address prefix, wherein the service node is external to the first network, and wherein the control unit is further configured to send the modified route to a second network, the modified route marked with an import route target configured for a provider edge router of the second network so that traffic from the first network and destined for the second network is forwarded to the service node.

公开(公告)号：US10534601B1

公开(公告)日：2020-01-14

申请号：US15639556

申请日：2017-06-30

Applicant: Juniper Networks, Inc.

Inventor： Suresh Kumar Vinapamula Venkata ,  Rajagopalan Sivaramakrishnan ,  Sachin Bansal ,  Praveen K V ,  Hari Prasad Killi

IPC: G06F8/65 ,  H04L12/713 ,  G06F8/61 ,  H04L12/721 ,  H04L12/24

Abstract: Techniques are disclosed for performing an In-Service Software Upgrade (“ISSU”) of a first packet forwarding component (PFC) of a virtual router configured to forward traffic flows for a plurality of session instances within a cloud-based data center. The techniques described herein may retain flow state information throughout the ISSU process without interrupting network traffic flow. In one example, a processor of a plurality of compute nodes within the data center receives a request to perform an ISSU of the first PFC. The processor spawns a second virtual routing agent and a second PFC. The second virtual routing agent synchronizes flow state information with a first virtual routing agent for the virtual router. After synchronizing the flow state information, the virtual router switches from forwarding traffic flows by the first PFC to forwarding traffic flows by the second PFC. The ISSU process deactivates the first virtual router and the first PFC.

公开(公告)号：US10083026B1

公开(公告)日：2018-09-25

申请号：US15087286

申请日：2016-03-31

Applicant: Juniper Networks, Inc.

Inventor： Suresh Kumar Vinapamula Venkata ,  Ashish Ranjan ,  Hampapur Ajay ,  Sachin Bansal

IPC: G06F9/44 ,  G06F8/656 ,  G06F8/65 ,  H04L29/08 ,  H04L12/713 ,  H04L12/24

CPC classification number: G06F8/656 ,  G06F8/65 ,  G06F9/45533 ,  H04L41/082 ,  H04L45/586 ,  H04L45/64 ,  H04L67/148 ,  H04L67/34

Abstract: Techniques are disclosed describing an In-Service Software Upgrade for a Software Defined Networking (SDN) controller of a cloud data center. A cloud data center includes a first SDN controller configured to perform session management of a plurality of session instances, an orchestration engine communicatively coupled to the first SDN controller via a northbound application program interface (API); and a plurality of compute nodes configured to perform compute functions for the plurality of session instances. In response to receiving a request to perform an in-service software upgrade (ISSU) of the first SDN controller, the orchestration engine spawns a second, upgraded SDN controller on the cloud data center. An ISSU process initializes the second SDN controller and transfers session management for the plurality of session instances from the first SDN controller to the second SDN controller. Finally, the ISSU process removes the first SDN controller from the cloud data center.

公开(公告)号：US09596241B2

公开(公告)日：2017-03-14

申请号：US14107805

申请日：2013-12-16

Applicant: JUNIPER NETWORKS, INC.

Inventor： Manjunath Jagannatharao ,  Sachin Bansal ,  Lisa Guo ,  Nagendra K S

IPC: H04L29/06 ,  H04L12/46

CPC classification number: H04L63/0876 ,  H04L12/4641 ,  H04L63/062 ,  H04L63/0884 ,  H04L63/10

Abstract: A method may include detecting a presence of a first server device; communicating, with the first server device, to obtain information associated with the first server device; sending, to a second server device, a request for authentication services, where the request includes the information associated with the first server device; receiving, from the second server device, a notification that the first server device has been authenticated, where the notification includes a session threshold; and establishing, based on the notification, a session with the first server device by associating the first server device with a virtual local area network (VLAN), where the associating permits network traffic to be received from or sent to the first server device via the VLAN, and where the network node uses the session threshold received from the second server device, instead of a threshold associated with the VLAN, to determine a duration permitted for the session.

Abstract translation: 一种方法可以包括检测第一服务器设备的存在; 与第一服务器设备通信以获得与第一服务器设备相关联的信息; 向所述第二服务器设备发送对所述认证服务的请求，其中所述请求包括与所述第一服务器设备相关联的信息; 从所述第二服务器设备接收所述第一服务器设备已被认证的通知，其中所述通知包括会话阈值; 以及基于所述通知，通过将所述第一服务器设备与虚拟局域网（VLAN）相关联来建立与所述第一服务器设备的会话，其中所述关联允许经由所述第一服务器设备从所述第一服务器设备接收或发送到所述第一服务器设备的网络流量 VLAN，以及网络节点使用从第二服务器设备接收到的会话阈值的位置，而不是与VLAN相关联的阈值，以确定会话允许的持续时间。