公开(公告)号：US11516133B2

公开(公告)日：2022-11-29

申请号：US16920993

申请日：2020-07-06

Applicant: Nokia Solutions and Networks OY

Inventor： Hyunseok Chang ,  Fang Hao ,  Muralidharan Kodialam ,  T. V. Lakshman ,  Sarit Mukherjee ,  Limin Wang

IPC: H04L12/747 ,  H04L12/721 ,  G06F12/0802 ,  H04L12/743 ,  H04L12/931 ,  H04L45/74 ,  H04L45/7453 ,  H04L49/00 ,  H04L45/00

Abstract: Packet-processing circuitry including one or more flow caches whose contents are managed using a cache-entry replacement policy that is implemented based on one or more updatable counters maintained for each of the cache entries. In an example embodiment, the implemented policy enables the flow cache to effectively catch and keep elephant flows by giving to the caught elephant flows appropriate preference in terms of the cache dwell time, which can beneficially improve the overall cache-hit ratio and/or packet-processing throughput. Some embodiments can be used to implement an Open Virtual Switch (OVS). Some embodiments are advantageously capable of implementing the cache-entry replacement policy with very limited additional memory allocation.

公开(公告)号：US20240064203A1

公开(公告)日：2024-02-22

申请号：US18498950

申请日：2023-10-31

Applicant: NOKIA SOLUTIONS AND NETWORKS OY

Inventor： Hyunseok Chang ,  Sarit Mukherjee

IPC: H04L67/1097 ,  H04L9/40

CPC classification number: H04L67/1097 ,  H04L63/0435 ,  H04L63/20

Abstract: Various example embodiments for supporting zero-trust policy enforcement in a communication system are presented herein. Various example embodiments for supporting zero-trust policy enforcement in a communication system may be configured to support zero-trust policy enforcement, including zero-trust authentication, for Remote Direct Memory Access (RDMA) communications. Various example embodiments for supporting zero-trust policy enforcement for RDMA communications may be configured to support transparent zero-trust policy enforcement for RDMA communications by leveraging programmable Smart Network Interface Cards (SmartNICs). Various example embodiments for supporting zero-trust policy enforcement for RDMA communications based on leveraging of programmable SmartNICs may be configured to support zero-trust policy enforcement for RDMA communications by applying zero-trust policies on a connection-by-connection basis within SmartNICs for RDMA connections between RDMA applications hosted on end hosts served by the SmartNICs.

公开(公告)号：US11818213B2

公开(公告)日：2023-11-14

申请号：US17691544

申请日：2022-03-10

Applicant: NOKIA SOLUTIONS AND NETWORKS OY

Inventor： Hyunseok Chang ,  Sarit Mukherjee

IPC: G06F15/16 ,  H04L67/1097 ,  H04L9/40

CPC classification number: H04L67/1097 ,  H04L63/0435 ,  H04L63/20

Abstract: Various example embodiments for supporting zero-trust policy enforcement in a communication system are presented herein. Various example embodiments for supporting zero-trust policy enforcement in a communication system may be configured to support zero-trust policy enforcement, including zero-trust authentication, for Remote Direct Memory Access (RDMA) communications. Various example embodiments for supporting zero-trust policy enforcement for RDMA communications may be configured to support transparent zero-trust policy enforcement for RDMA communications by leveraging programmable Smart Network Interface Cards (SmartNICs). Various example embodiments for supporting zero-trust policy enforcement for RDMA communications based on leveraging of programmable SmartNICs may be configured to support zero-trust policy enforcement for RDMA communications by applying zero-trust policies on a connection-by-connection basis within SmartNICs for RDMA connections between RDMA applications hosted on end hosts served by the SmartNICs.

公开(公告)号：US20230291797A1

公开(公告)日：2023-09-14

申请号：US17691544

申请日：2022-03-10

Applicant: NOKIA SOLUTIONS AND NETWORKS OY

Inventor： Hyunseok Chang ,  Sarit Mukherjee

IPC: H04L67/1097 ,  H04L9/40

CPC classification number: H04L67/1097 ,  H04L63/0435 ,  H04L63/20

Abstract: Various example embodiments for supporting zero-trust policy enforcement in a communication system are presented herein. Various example embodiments for supporting zero-trust policy enforcement in a communication system may be configured to support zero-trust policy enforcement, including zero-trust authentication, for Remote Direct Memory Access (RDMA) communications. Various example embodiments for supporting zero-trust policy enforcement for RDMA communications may be configured to support transparent zero-trust policy enforcement for RDMA communications by leveraging programmable Smart Network Interface Cards (SmartNICs). Various example embodiments for supporting zero-trust policy enforcement for RDMA communications based on leveraging of programmable SmartNICs may be configured to support zero-trust policy enforcement for RDMA communications by applying zero-trust policies on a connection-by-connection basis within SmartNICs for RDMA connections between RDMA applications hosted on end hosts served by the SmartNICs.

公开(公告)号：US20250133143A1

公开(公告)日：2025-04-24

申请号：US18891904

申请日：2024-09-20

Applicant: Nokia Solutions and Networks Oy

Inventor： Sarit MUKHERJEE ,  Hyunseok Chang ,  Fang Hao ,  Kimmo Kalervo Hätönen ,  TV Lakshman

IPC: H04L67/141

Abstract: Various example embodiments for supporting pub-sub systems may be configured to support communications between pub-sub clients of pub-sub systems based on separation of control plane functions and data plane functions of legacy pub-sub brokers which typically facilitate establishment and use of pub-sub sessions by pub-sub clients. Various example embodiments for supporting pub-sub systems may be configured to support communications between pub-sub clients of pub-sub systems based on separation of the control plane functions and the data plane functions of a legacy pub-sub broker into individual logical entities in the form of a control function (CF) and a data function (DF), respectively. Various example embodiments for supporting pub-sub systems may be configured to support communications of a pub-sub client of a pub-sub system based on appropriate DF selection at pub-sub session setup and DF reselection within the active pub-sub session as conditions change.

公开(公告)号：US12113859B2

公开(公告)日：2024-10-08

申请号：US18498950

申请日：2023-10-31

Applicant: NOKIA SOLUTIONS AND NETWORKS OY

Inventor： Hyunseok Chang ,  Sarit Mukherjee

IPC: G06F15/16 ,  H04L9/40 ,  H04L67/1097

CPC classification number: H04L67/1097 ,  H04L63/0435 ,  H04L63/20

Abstract: Various example embodiments for supporting zero-trust policy enforcement in a communication system are presented herein. Various example embodiments for supporting zero-trust policy enforcement in a communication system may be configured to support zero-trust policy enforcement, including zero-trust authentication, for Remote Direct Memory Access (RDMA) communications. Various example embodiments for supporting zero-trust policy enforcement for RDMA communications may be configured to support transparent zero-trust policy enforcement for RDMA communications by leveraging programmable Smart Network Interface Cards (SmartNICs). Various example embodiments for supporting zero-trust policy enforcement for RDMA communications based on leveraging of programmable SmartNICs may be configured to support zero-trust policy enforcement for RDMA communications by applying zero-trust policies on a connection-by-connection basis within SmartNICs for RDMA connections between RDMA applications hosted on end hosts served by the SmartNICs.

公开(公告)号：US11876691B2

公开(公告)日：2024-01-16

申请号：US17586969

申请日：2022-01-28

Applicant: Nokia Solutions and Networks Oy

Inventor： Hyunseok Chang ,  Limin Wang ,  Sarit Mukherjee ,  Walid Abdelrahman

IPC: H04L43/06 ,  G06F13/28 ,  H04L43/08

CPC classification number: H04L43/06 ,  G06F13/28 ,  H04L43/08 ,  G06F2213/28

Abstract: An end-to-end telemetry system for a Remote Direct Memory Access (RDMA) communication network having multiple end-servers. The system includes an RDMA tracer for each end-server, one or more programmable data planes, and a telemetry collector. Each RDMA tracer extracts host-level telemetry information for one or more RDMA sessions associated with the corresponding end-server. Each programmable data plane extracts network-level telemetry information for one or more RDMA sessions associated with the programmable data plane. The telemetry collector (i) receives the host-level telemetry information from the RDMA tracers and the network-level telemetry information from the one or more programmable data planes and (ii) generates telemetry reports based on the host-level and network-level telemetry information. In some implementations, the system enables real-time monitoring of RDMA traffic at the RDMA protocol level granularity across all RDMA-enabled workloads for different use cases.

公开(公告)号：US11811801B2

公开(公告)日：2023-11-07

申请号：US16999548

申请日：2020-08-21

Applicant: Nokia Solutions and Networks Oy

Inventor： Hyunseok Chang ,  Muralidharan Kodialam ,  T. V. Lakshman ,  Sarit Mukherjee

IPC: G06F21/00 ,  H04L9/40 ,  G06F11/34 ,  G06F18/214 ,  G06N3/044

CPC classification number: H04L63/1425 ,  G06F11/3409 ,  G06F18/214 ,  G06N3/044 ,  H04L63/0227 ,  H04L63/1441

Abstract: System, method, and software for detecting anomalies in data generated by microservices. In one embodiment, an anomaly detector collects performance metrics for a microservice deployed in a data center for an application. The anomaly detector transforms the performance metrics into a time-series structured dataset for the microservice, and feeds the structured dataset to a machine learning system to determine whether an anomaly exists in the structured dataset based on an anomaly detection model. The anomaly detector performs an anomaly classification with the machine learning system based on an anomaly classification model and the structured dataset when an anomaly is detected in the structured dataset, and performs an action based on the anomaly classification.

公开(公告)号：US20230246931A1

公开(公告)日：2023-08-03

申请号：US17586969

申请日：2022-01-28

Applicant: Nokia Solutions and Networks Oy

Inventor： Hyunseok Chang ,  Limin Wang ,  Sarit Mukherjee ,  Walid Abdelrahman

IPC: H04L43/06 ,  H04L43/08 ,  G06F13/28

CPC classification number: H04L43/06 ,  H04L43/08 ,  G06F13/28 ,  G06F2213/28

Abstract: An end-to-end telemetry system for a Remote Direct Memory Access (RDMA) communication network having multiple end-servers. The system includes an RDMA tracer for each end-server, one or more programmable data planes, and a telemetry collector. Each RDMA tracer extracts host-level telemetry information for one or more RDMA sessions associated with the corresponding end-server. Each programmable data plane extracts network-level telemetry information for one or more RDMA sessions associated with the programmable data plane. The telemetry collector (i) receives the host-level telemetry information from the RDMA tracers and the network-level telemetry information from the one or more programmable data planes and (ii) generates telemetry reports based on the host-level and network-level telemetry information. In some implementations, the system enables real-time monitoring of RDMA traffic at the RDMA protocol level granularity across all RDMA-enabled workloads for different use cases.

公开(公告)号：US11909656B1

公开(公告)日：2024-02-20

申请号：US18155416

申请日：2023-01-17

Applicant: Nokia Solutions and Networks Oy

Inventor： Hyunseok Chang ,  Sarit Mukherjee ,  Limin Wang

IPC: G06F15/16 ,  H04L47/2483 ,  H04L47/11 ,  H04L41/0895

CPC classification number: H04L47/2483 ,  H04L41/0895 ,  H04L47/11

Abstract: A CPU implements a virtual network function (VNF) associated with flow processing and can offload at least some of the flow processing to a hardware accelerator. A module (e.g., TOR switch), external to the software-based processor and the hardware accelerator, examines packet flows and determines (e.g., using a top-K elephant-flow-detection algorithm) which ones are more suitable for offloading from the software-based processor to the hardware accelerator than others. The external module communicates the relative suitability for offloading to the CPU using packet tags or out-of-band messaging, and the CPU uses the relative suitability to determine which flows to offload or onload. In some implementations, the CPU can instruct the external module to change the value of K used in the algorithm.