-
公开(公告)号:US20080189769A1
公开(公告)日:2008-08-07
申请号:US11970976
申请日:2008-01-08
申请人: Martin Casado , Nick Mckeown , Dan Boneh , Michael J. Freedman , Scott Shenker
发明人: Martin Casado , Nick Mckeown , Dan Boneh , Michael J. Freedman , Scott Shenker
CPC分类号: H04L63/102 , G06F21/6281 , G06F21/85 , G06F2221/2129 , G06F2221/2141
摘要: Use of a centralized control architecture in a network. Policy declaration, routing computation, and permission checks are managed by a logically centralized controller. By default, hosts on the network can only route to the network controller. Hosts and users must first authenticate themselves with the controller before they can request access to the network resources. The controller uses the first packet of each flow for connection setup. When a packet arrives at the controller, the controller decides whether the flow represented by that packet should be allowed. The switches use a simple flow table to forward packets under the direction of the controller. When a packet arrives that is not in the flow table, it is forwarded to the controller, along with information about which port the packet arrived on. When a packet arrives that is in the flow table, it is forwarded according to the controller's directive.
摘要翻译: 在网络中使用集中控制架构。 策略声明,路由计算和权限检查由逻辑集中控制器管理。 默认情况下,网络中的主机只能路由到网络控制器。 主机和用户必须首先通过控制器对其进行身份验证,然后才能请求访问网络资源。 控制器使用每个流的第一个数据包进行连接建立。 当数据包到达控制器时,控制器决定是否允许由该数据包表示的流。 交换机使用简单的流表在控制器的方向转发数据包。 当数据包到达不在流表中时,它将转发到控制器,以及数据包到达哪个端口的信息。 当流表中的数据包到达时,它将根据控制器的指令进行转发。
-
公开(公告)号:US08204982B2
公开(公告)日:2012-06-19
申请号:US11855745
申请日:2007-09-14
申请人: Martin Casado , Michael J. Freedman
发明人: Martin Casado , Michael J. Freedman
IPC分类号: G06F15/173
CPC分类号: H04L63/10 , H04L63/0492 , H04L67/18 , H04W4/02
摘要: A computer-implemented system and method to detect and characterize middleboxes is disclosed. Embodiments of the system and method include a middlebox detection engine to provide a plurality of middlebox detection modules, and to use at least one middlebox detection module of the plurality of middlebox detection modules to determine if a middlebox exists on a path between a first communicating entity of a network and a second communicating entity of the network.
摘要翻译: 公开了一种用于检测和表征中间盒的计算机实现的系统和方法。 该系统和方法的实施例包括提供多个中间箱检测模块的中间箱检测引擎,并且使用多个中间箱检测模块中的至少一个中间箱检测模块来确定中间箱是否存在于第一通信实体 的网络和第二通信实体。
-
公开(公告)号:US20120079104A1
公开(公告)日:2012-03-29
申请号:US13309860
申请日:2011-12-02
申请人: Martin Casado , Michael J. Freedman
发明人: Martin Casado , Michael J. Freedman
IPC分类号: G06F15/173
CPC分类号: H04L63/10 , H04L63/0492 , H04L67/18 , H04W4/02
摘要: A computer-implemented system and method to detect and characterize middleboxes is disclosed. Embodiments of the system and method include a middlebox detection engine to provide a plurality of middlebox detection modules, and to use at least one middlebox detection module of the plurality of middlebox detection modules to determine if a middlebox exists on a path between a first communicating entity of a network and a second communicating entity of the network.
摘要翻译: 公开了一种用于检测和表征中间盒的计算机实现的系统和方法。 该系统和方法的实施例包括提供多个中间箱检测模块的中间箱检测引擎,并且使用多个中间箱检测模块中的至少一个中间箱检测模块来确定中间箱是否存在于第一通信实体 的网络和第二通信实体。
-
公开(公告)号:US08463904B2
公开(公告)日:2013-06-11
申请号:US13309860
申请日:2011-12-02
申请人: Martin Casado , Michael J. Freedman
发明人: Martin Casado , Michael J. Freedman
IPC分类号: G06F15/173
CPC分类号: H04L63/10 , H04L63/0492 , H04L67/18 , H04W4/02
摘要: A computer-implemented system and method to detect and characterize middleboxes is disclosed. Embodiments of the system and method include a middlebox detection engine to provide a plurality of middlebox detection modules, and to use at least one middlebox detection module of the plurality of middlebox detection modules to determine if a middlebox exists on a path between a first communicating entity of a network and a second communicating entity of the network.
摘要翻译: 公开了一种用于检测和表征中间盒的计算机实现的系统和方法。 该系统和方法的实施例包括提供多个中间箱检测模块的中间箱检测引擎,并且使用多个中间箱检测模块中的至少一个中间箱检测模块来确定中间箱是否存在于第一通信实体 的网络和第二通信实体。
-
公开(公告)号:US09692655B2
公开(公告)日:2017-06-27
申请号:US13225553
申请日:2011-09-06
申请人: Teemu Koponen , Keith E. Amidon , Paul S. Ingram , Martin Casado
发明人: Teemu Koponen , Keith E. Amidon , Paul S. Ingram , Martin Casado
IPC分类号: H04L12/28 , H04L12/46 , G06F15/16 , G06F15/173 , H04L12/24 , H04L12/933 , H04L12/713 , H04L12/54 , H04L12/935 , H04L12/911 , H04L12/931 , H04L29/12 , G06F11/07
CPC分类号: H04L41/0893 , G06F11/07 , G06F15/17312 , H04L12/4633 , H04L41/0816 , H04L41/0853 , H04L41/0896 , H04L45/00 , H04L45/586 , H04L47/783 , H04L49/00 , H04L49/1546 , H04L49/3063 , H04L49/70 , H04L61/2007 , H04L61/6022
摘要: Some embodiments provide a managed network for implementing a logical switching element. The managed network includes several managed edge switching elements that are each for (1) receiving packets for forwarding through the logical switching element and (2) forwarding packets that are known to the managed edge switching element to other managed edge switching elements in the several managed edge switching elements. The managed network includes a set of managed non-edge switching elements for (1) receiving packets from the several managed edge switching elements that are unknown to a particular managed edge switching element in the several managed edge switching elements and (2) forwarding packets to the several managed edge switching elements that are unknown to the several managed edge switching elements.
-
6.发明授权公开(公告)号:US09007903B2
公开(公告)日:2015-04-14
申请号:US13218472
申请日:2011-08-26
申请人: Teemu Koponen , Martin Casado
发明人: Teemu Koponen , Martin Casado
IPC分类号: H04L12/28 , H04L12/54 , G06F15/16 , G06F15/173 , H04L12/931 , H04L12/24 , G06F11/07
CPC分类号: H04L41/0893 , G06F11/07 , G06F15/17312 , H04L12/4633 , H04L41/0816 , H04L41/0853 , H04L41/0896 , H04L45/00 , H04L45/586 , H04L47/783 , H04L49/00 , H04L49/1546 , H04L49/3063 , H04L49/70 , H04L61/2007 , H04L61/6022
摘要: Some embodiments provide a network system that includes several non-edge switching elements that are each for forwarding network data to other non-edge switching elements. The network system includes several edge switching elements that are each for (1) coupling to a set of network hosts and (2) forwarding network data to the non-edge switching elements and to the set of network hosts. Each of the non-edge switching elements of the several non-edge switching elements is further for forwarding network data to the several edge switching elements. The network system includes a set of network controllers for (1) receiving a definition of a logical switching element that couples to the sets of network hosts and (2) managing the several edge switching elements by configuring the several edge switching elements to forward network data between the sets of network hosts based on the definition of the logical switching element.
摘要翻译: 一些实施例提供一种网络系统,其包括几个非边缘交换元件,每个非边缘交换元件用于将网络数据转发到其他非边缘交换元件。 网络系统包括几个边缘交换元件,每个边缘交换元件各自用于(1)耦合到一组网络主机,以及(2)将网络数据转发到非边缘交换元件和网络主机集合。 几个非边缘交换元件的每个非边缘交换元件还用于将网络数据转发到多个边缘交换元件。 网络系统包括一组网络控制器,用于(1)接收耦合到网络主机集合的逻辑交换元件的定义,以及(2)通过配置多个边缘交换元件来转发网络数据来管理多个边缘交换元件 基于逻辑交换元素的定义在两组网络主机之间。
-
7.发明授权Use of network information base structure to establish communication between applications 有权使用网络信息库结构建立应用程序之间的通信公开(公告)号:US08966040B2
公开(公告)日:2015-02-24
申请号:US13177541
申请日:2011-07-06
申请人: Teemu Koponen , Martin Casado , Jeremy Stribling , Natasha Gude
发明人: Teemu Koponen , Martin Casado , Jeremy Stribling , Natasha Gude
IPC分类号: G06F15/173 , H04L12/931 , H04L12/24 , H04L12/28 , G06F11/07
CPC分类号: H04L41/0893 , G06F11/07 , G06F15/17312 , H04L12/4633 , H04L41/0816 , H04L41/0853 , H04L41/0896 , H04L45/00 , H04L45/586 , H04L47/783 , H04L49/00 , H04L49/1546 , H04L49/3063 , H04L49/70 , H04L61/2007 , H04L61/6022
摘要: Some embodiments provide a program for managing several switching elements. The program receives, at a network information base (NIB) data structure that stores data for managing the several switching elements, a request to notify a first application that uses the NIB when a set of data stored in the NIB is changed. The program changes, in response to an instruction from a second application, the set of data in the NIB. The program sends a notification to the first application of the change to the set of data in the NIB.
摘要翻译: 一些实施例提供用于管理若干开关元件的程序。 该程序在存储用于管理多个交换单元的数据的网络信息库(NIB)数据结构中接收到当存储在NIB中的一组数据改变时通知使用NIB的第一应用的请求。 响应于来自第二应用的指令,该程序改变NIB中的一组数据。 该程序向NIB中的数据集发送通知给第一次应用更改。
-
公开(公告)号:US08830823B2
公开(公告)日:2014-09-09
申请号:US13177538
申请日:2011-07-06
申请人: Teemu Koponen , Martin Casado , Natasha Gude , Jeremy Stribling
发明人: Teemu Koponen , Martin Casado , Natasha Gude , Jeremy Stribling
IPC分类号: H04J1/16 , H04L12/931 , H04L12/24 , G06F11/07
CPC分类号: H04L41/0893 , G06F11/07 , G06F15/17312 , H04L12/4633 , H04L41/0816 , H04L41/0853 , H04L41/0896 , H04L45/00 , H04L45/586 , H04L47/783 , H04L49/00 , H04L49/1546 , H04L49/3063 , H04L49/70 , H04L61/2007 , H04L61/6022
摘要: Some embodiments provide a program that monitors several network controllers in a network. Each network controller manages a logical data path set that is implemented across several managed switching elements. The program detects that a first network controller in the several network controllers has failed. The program selects a second network controller in the several network controllers to manage the logical data path set managed by the first network controller.
摘要翻译: 一些实施例提供了监视网络中的若干网络控制器的程序。 每个网络控制器管理跨多个管理的交换元件实现的逻辑数据路径集合。 该程序检测到几个网络控制器中的第一个网络控制器出现故障。 程序选择多个网络控制器中的第二个网络控制器来管理由第一个网络控制器管理的逻辑数据路径集。
-
公开(公告)号:US08775594B2
公开(公告)日:2014-07-08
申请号:US13218433
申请日:2011-08-25
申请人: Teemu Koponen , Martin Casado , Jeremy Stribling , Natasha Gude
发明人: Teemu Koponen , Martin Casado , Jeremy Stribling , Natasha Gude
IPC分类号: G06F15/173
CPC分类号: H04L41/0893 , G06F11/07 , G06F15/17312 , H04L12/4633 , H04L41/0816 , H04L41/0853 , H04L41/0896 , H04L45/00 , H04L45/586 , H04L47/783 , H04L49/00 , H04L49/1546 , H04L49/3063 , H04L49/70 , H04L61/2007 , H04L61/6022
摘要: A network control system that includes several controllers for managing several switching elements and a distributed hash table (DHT) formed across the controllers for storing data regarding the switching elements that is accessible by the controllers. Each hash table serves as a DHT instance. In some embodiments, the DHT instances of all controller instances collectively store one set of records that is indexed based on hashed indices for quick access. These records are distributed across the different controller instances to minimize the size of the records within each instance and to allow for the size of the DHT to be increased by adding other DHT instances. According to this scheme, each DHT record is not stored in each controller instance. In fact, in some embodiments, each DHT record is stored in at most one controller instance.
摘要翻译: 一种网络控制系统,其包括用于管理多个交换元件的多个控制器和跨越控制器形成的分布式哈希表(DHT),用于存储关于控制器可访问的交换元件的数据。 每个哈希表用作DHT实例。 在一些实施例中,所有控制器实例的DHT实例共同地存储基于用于快速访问的散列索引进行索引的一组记录。 这些记录分布在不同的控制器实例之间,以最小化每个实例中记录的大小,并允许通过添加其他DHT实例来增加DHT的大小。 根据该方案,每个DHT记录不存储在每个控制器实例中。 事实上,在一些实施例中,每个DHT记录被存储在至多一个控制器实例中。
-
10.发明授权公开(公告)号:US08717895B2
公开(公告)日:2014-05-06
申请号:US13177530
申请日:2011-07-06
申请人: Teemu Koponen , Pankaj Thakkar , Martin Casado , W. Andrew Lambeth , Alexander Yip , Jeremy Stribling
发明人: Teemu Koponen , Pankaj Thakkar , Martin Casado , W. Andrew Lambeth , Alexander Yip , Jeremy Stribling
IPC分类号: H04L12/26 , H04L12/54 , G06F15/173 , G06F12/10
CPC分类号: H04L41/0893 , G06F11/07 , G06F15/17312 , H04L12/4633 , H04L41/0816 , H04L41/0853 , H04L41/0896 , H04L45/00 , H04L45/586 , H04L47/783 , H04L49/00 , H04L49/1546 , H04L49/3063 , H04L49/70 , H04L61/2007 , H04L61/6022
摘要: Some embodiments provide a virtualizer for managing a plurality of managed switching elements that forward data through a network. The virtualizer comprises a first set of tables for storing input logical forwarding plane data and a second set of tables for storing output physical control plane data. It also includes a table mapping engine for mapping the input logical forwarding plane data in the first set of tables to output physical control plane data in the second set of tables by performing a set of database join operations on the input logical forwarding plane data in the first set of tables. In some embodiments, the physical control plane data is subsequently translated into physical forwarding behaviors that direct the forwarding of data by the managed switching elements.
摘要翻译: 一些实施例提供了一种虚拟器,用于管理通过网络转发数据的多个被管理的交换元件。 虚拟器包括用于存储输入逻辑转发平面数据的第一组表和用于存储输出物理控制平面数据的第二组表。 它还包括一个表映射引擎,用于映射第一组表中的输入逻辑转发平面数据,以通过对输入的逻辑转发平面数据执行一组数据库连接操作来输出第二组表中的物理控制平面数据 第一套表。 在一些实施例中,物理控制平面数据随后被转换成物理转发行为,其指导被管理的交换元件转发数据。
-
-
-
-
-
-
-
-
-
搜索结果
87 条记录 (耗时 0.045 秒)
