公开(公告)号：US06651101B1

公开(公告)日：2003-11-18

申请号：US10191605

申请日：2002-07-09

申请人： Silvano Gai ,  Keith McCloghrie ,  Shai Mohaban

发明人： Silvano Gai ,  Keith McCloghrie ,  Shai Mohaban

IPC分类号： G06F1516

CPC分类号： H04L41/0893 ,  H04L41/5003 ,  H04L41/5045 ,  H04L41/5096 ,  H04L47/10 ,  H04L47/20 ,  H04L47/2408 ,  H04L47/2433 ,  H04L47/2441 ,  H04L47/2475 ,  H04L47/70 ,  H04L47/724 ,  H04L47/803 ,  H04L47/808

摘要： A system within a computer network identifies specific traffic flows originating from a given network entity and requests and applies appropriate policy rules or service treatments to the traffic flows. A network entity includes a flow declaration component that communicates with one or more application programs executing on the entity. The flow declaration component includes a message generator and an associated memory for storing one or more traffic flow data structures. For a given traffic flow, the application program issues one or more calls to the flow declaration component providing it with information identifying the traffic flows. The flow declaration component then opens a flow management session with a local policy enforcer that obtains policy rules or service treatments for the identified flow from a policy server and applies those rules or treatments to the specific traffic flows from the network entity.

公开(公告)号：US06286052B1

公开(公告)日：2001-09-04

申请号：US09206067

申请日：1998-12-04

申请人： Keith McCloghrie ,  Silvano Gai ,  Shai Mohaban

发明人： Keith McCloghrie ,  Silvano Gai ,  Shai Mohaban

IPC分类号： G06F1300

CPC分类号： H04L41/0893 ,  H04L41/5003 ,  H04L41/5045 ,  H04L41/5096 ,  H04L47/10 ,  H04L47/20 ,  H04L47/2408 ,  H04L47/2433 ,  H04L47/2441 ,  H04L47/2475 ,  H04L47/70 ,  H04L47/724 ,  H04L47/803 ,  H04L47/808

摘要： A system within a computer network identifies specific traffic flows originating from a given network entity and requests and applies appropriate policy rules or service treatments to the traffic flows. A network entity includes a flow declaration component that communicates with one or more application programs executing on the entity. The flow declaration component includes a message generator and an associated memory for storing one or more traffic flow data structures. For a given traffic flow, the application program issues one or more calls to the flow declaration component providing it with information identifying the traffic flows. The flow declaration component then opens a flow management session with a local policy enforcer that obtains policy rules or service treatments for the identified flow from a policy server and applies those rules or treatments to the specific traffic flows from the network entity.

摘要翻译： 计算机网络内的系统识别源自给定网络实体的特定业务流，并向业务流请求并应用适当的策略规则或业务处理。 网络实体包括与在该实体上执行的一个或多个应用程序进行通信的流声明组件。 流声明组件包括用于存储一个或多个业务流数据结构的消息发生器和相关联的存储器。 对于给定的流量，应用程序向流量声明组件发出一个或多个呼叫，为其提供标识流量的信息。 流声明组件随后打开与本地策略执行器的流管理会话，该策略执行器从策略服务器获取所识别流的策略规则或服务处理，并将这些规则或处理应用于来自网络实体的特定业务流。

公开(公告)号：US06434624B1

公开(公告)日：2002-08-13

申请号：US09911122

申请日：2001-07-23

申请人： Silvano Gai ,  Keith McCloghrie ,  Shai Mohaban

发明人： Silvano Gai ,  Keith McCloghrie ,  Shai Mohaban

IPC分类号： G06F1300

CPC分类号： H04L41/0893 ,  H04L41/5003 ,  H04L41/5045 ,  H04L41/5096 ,  H04L47/10 ,  H04L47/20 ,  H04L47/2408 ,  H04L47/2433 ,  H04L47/2441 ,  H04L47/2475 ,  H04L47/70 ,  H04L47/724 ,  H04L47/803 ,  H04L47/808

摘要： A system within a computer network identifies specific traffic flows originating from a given network entity and requests and applies appropriate policy rules or service treatments to the traffic flows. A network entity includes a flow declaration component that communicates with one or more application programs executing on the entity. The flow declaration component includes a message generator and an associated memory for storing one or more traffic flow data structures. For a given traffic flow, the application program issues one or more calls to the flow declaration component providing it with information identifying the traffic flows. The flow declaration component then opens a flow management session with a local policy enforcer that obtains policy rules or service treatments for the identified flow from a policy server and applies those rules or treatments to the specific traffic flows from the network entity.

摘要翻译： 计算机网络内的系统识别源自给定网络实体的特定业务流，并向业务流请求并应用适当的策略规则或业务处理。 网络实体包括与在该实体上执行的一个或多个应用程序进行通信的流声明组件。 流声明组件包括用于存储一个或多个业务流数据结构的消息发生器和相关联的存储器。 对于给定的流量，应用程序向流量声明组件发出一个或多个呼叫，为其提供标识流量的信息。 流声明组件随后打开与本地策略执行器的流管理会话，该策略执行器从策略服务器获取所识别流的策略规则或服务处理，并将这些规则或处理应用于来自网络实体的特定业务流。

公开(公告)号：US20050060393A1

公开(公告)日：2005-03-17

申请号：US10960162

申请日：2004-10-06

申请人： Itzhak Parnafes ,  Shai Mohaban ,  Keith McCloghrie

发明人： Itzhak Parnafes ,  Shai Mohaban ,  Keith McCloghrie

IPC分类号： G06F15/16 ,  G06F15/177 ,  H04L12/24 ,  H04L12/56

CPC分类号： H04L41/0893 ,  H04L41/0213

摘要： A method and apparatus for communicating a COPS protocol policy to a non-COPS-enabled network device is provided. A COPS proxy is connected between a policy server and a non-COPS-enabled network device. The policy server is configured to communicate COPS protocol policies to the COPS proxy, which is, in turn, configured to translate the COPS protocol policy into a policy that is in accordance with a policy protocol that the non-COPS-enabled network device can receive and correctly interpret (“non-COPS protocol”). The translation of the policy utilizes a mapping database that delineates predetermined relationships between COPS protocol policies and the non-COPS protocol policies. More specifically, the mapping database can include relationships between COPS protocol policy information base variables, network device roles and characteristics, and non-COPS protocol parameters and associated values. Further, the COPS proxy can be configured to detect and reconcile policy conflicts for one or more network devices.

摘要翻译： 提供了一种用于将COPS协议策略传送到非COPS的网络设备的方法和装置。 COPS代理连接在策略服务器和启用非COPS的网络设备之间。 策略服务器被配置为向COPS代理传送COPS协议策略，COPS代理又被配置为将COPS协议策略转换成符合非COPS使能的网络设备可以接收的策略协议的策略 并正确解释（“非COPS协议”）。 策略的翻译利用一个映射数据库，描绘COPS协议策略和非COPS协议策略之间的预定关系。 更具体地说，映射数据库可以包括COPS协议策略信息基础变量，网络设备角色和特性之间的关系，以及非COPS协议参数和相关联的值。 此外，可以配置COPS代理以检测和协调一个或多个网络设备的策略冲突。

公开(公告)号：US07991907B2

公开(公告)日：2011-08-02

申请号：US10960162

申请日：2004-10-06

申请人： Itzhak Parnafes ,  Shai Mohaban ,  Keith McCloghrie

发明人： Itzhak Parnafes ,  Shai Mohaban ,  Keith McCloghrie

IPC分类号： G06F15/16 ,  G06F15/177 ,  H04J3/16

CPC分类号： H04L41/0893 ,  H04L41/0213

摘要： A method and apparatus for communicating a COPS protocol policy to a non-COPS-enabled network device is provided. A COPS proxy is connected between a policy server and a non-COPS-enabled network device. The policy server is configured to communicate COPS protocol policies to the COPS proxy, which is, in turn, configured to translate the COPS protocol policy into a policy that is in accordance with a policy protocol that the non-COPS-enabled network device can receive and correctly interpret (“non-COPS protocol”). The translation of the policy utilizes a mapping database that delineates predetermined relationships between COPS protocol policies and the non-COPS protocol policies. More specifically, the mapping database can include relationships between COPS protocol policy information base variables, network device roles and characteristics, and non-COPS protocol parameters and associated values. Further, the COPS proxy can be configured to detect and reconcile policy conflicts for one or more network devices.

摘要翻译： 提供了一种用于将COPS协议策略传送到非COPS的网络设备的方法和装置。 COPS代理连接在策略服务器和启用非COPS的网络设备之间。 策略服务器被配置为向COPS代理传送COPS协议策略，COPS代理又被配置为将COPS协议策略转换成符合非COPS使能的网络设备可以接收的策略协议的策略 并正确解释（“非COPS协议”）。 策略的翻译利用一个映射数据库，描绘COPS协议策略和非COPS协议策略之间的预定关系。 更具体地说，映射数据库可以包括COPS协议策略信息基础变量，网络设备角色和特性之间的关系，以及非COPS协议参数和相关联的值。 此外，可以配置COPS代理以检测和协调一个或多个网络设备的策略冲突。

公开(公告)号：US06839766B1

公开(公告)日：2005-01-04

申请号：US09482326

申请日：2000-01-14

申请人： Itzhak Parnafes ,  Shai Mohaban ,  Keith McCloghrie

发明人： Itzhak Parnafes ,  Shai Mohaban ,  Keith McCloghrie

IPC分类号： G06F15/16 ,  G06F15/177 ,  H04L12/24 ,  H04L12/56

CPC分类号： H04L41/0893 ,  H04L41/0213

摘要： A method and apparatus for communicating a COPS protocol policy to a non-COPS-enabled network device (i.e., a device or one or more interfaces included in the device) is provided. A COPS proxy is networked with a policy server and a non-COPS-enabled network device such that the COPS proxy can communicate with the policy server and the non-COPS-enabled network device. The policy server is configured to communicate COPS protocol policies to the COPS proxy, which, in turn, is configured to translate the COPS protocol policy into a policy that is in accordance with a policy protocol that the non-COPS-enabled network device can receive and correctly interpret (a “non-COPS protocol”). The translation of the policy utilizes a mapping database that delineates predetermined relationships between COPS protocol policies and the non-COPS protocol policies. More specifically, the mapping database can include relationships between COPS protocol policy information base variables, network device roles and characteristics, and non-COPS protocol parameters and associated values. Further, the COPS proxy can be configured to detect and reconcile policy conflicts for one or more network devices.

摘要翻译： 提供了一种用于将COPS协议策略传送到不支持COPS的网络设备（即，设备或包括在设备中的一个或多个接口）的方法和装置。 COPS代理与策略服务器和非COPS启用的网络设备联网，使得COPS代理可以与策略服务器和不启用COPS的网络设备进行通信。 策略服务器被配置为将COPS协议策略通信给COPS代理，COPS代理被配置为将COPS协议策略转换为与非启用COPS的网络设备可以接收的策略协议一致的策略 并正确解释（“非COPS协议”）。 策略的翻译利用一个映射数据库，描绘COPS协议策略和非COPS协议策略之间的预定关系。 更具体地说，映射数据库可以包括COPS协议策略信息基本变量，网络设备角色和特性之间的关系，以及非COPS协议参数和相关联的值。 此外，可以配置COPS代理以检测和协调一个或多个网络设备的策略冲突。

公开(公告)号：US07428237B1

公开(公告)日：2008-09-23

申请号：US10752341

申请日：2004-01-06

申请人： Silvano Gai ,  Keith McCloghrie ,  Merwyn B. Andrade

发明人： Silvano Gai ,  Keith McCloghrie ,  Merwyn B. Andrade

IPC分类号： H04L12/28 ,  H04L12/56 ,  H04L12/26 ,  G06F15/16 ,  G06F15/173

CPC分类号： H04L12/462 ,  H04L12/4641 ,  H04L12/465 ,  H04L41/06 ,  H04L41/0663

摘要： A system for rapidly switching at least one virtual local area network (VLAN) from a first loop-free topology to a second loop-free topology in response to a failure within the first loop-free topology. Each VLAN has one “logical” VLAN which represents the network entities organized into the VLAN and a set of “physical” VLANs each having its own VLAN designation. For each physical VLAN, a different loop-free topology is defined, although only one physical VLAN is “active” at any given time. Messages associated with the logical VLAN are tagged with the designation of the currently active physical VLAN, and forwarded along its loop-free topology. Upon detecting a failure in the loop-free topology, the logical VLAN is rapidly switched to the loop-free topology defined by a second, back-up physical VLAN. Following the switch, messages associated with the logical VLAN are tagged with the designation of this back-up VLAN and are forwarded along its loop-free topology.

摘要翻译： 用于响应于第一无环路拓扑中的故障，将至少一个虚拟局域网（VLAN）从第一环无拓扑拓扑快速切换到第二无环路拓扑的系统。 每个VLAN都有一个“逻辑”VLAN，它表示组织在VLAN中的网络实体和一组“物理”VLAN，每个VLAN都有自己的VLAN名称。 对于每个物理VLAN，定义了不同的无环路拓扑，尽管在任何给定时间只有一个物理VLAN“活动”。 与逻辑VLAN相关联的消息被标记为当前活动的物理VLAN的指定，并沿其无环路拓扑转发。 检测到无环路拓扑故障时，逻辑VLAN将迅速切换到第二个备份物理VLAN所定义的无环路拓扑。 切换后，与逻辑VLAN相关联的消息将被标记为该备份VLAN的指定，并沿其无环路拓扑转发。

公开(公告)号：US06976088B1

公开(公告)日：2005-12-13

申请号：US10259959

申请日：2002-09-27

申请人： Silvano Gai ,  Keith McCloghrie ,  Dinesh G. Dutt

发明人： Silvano Gai ,  Keith McCloghrie ,  Dinesh G. Dutt

IPC分类号： G06F15/173 ,  H04L12/28 ,  H04L12/46

CPC分类号： H04L12/4641

摘要： A method that rapidly reconfigures a computer network having a plurality of devices executing the spanning tree algorithm. First, one or more devices are configured and arranged so that one port, providing connectivity to the root, is in the forwarding state and the remaining ports, providing connectivity to the root, are in the blocked state. Next, one or more of the blocked ports are designated as back-up ports. Upon detection of a failure at the active forwarding port, one of the back-up ports immediately transitions from blocked to forwarding, thereby becoming the new active port for the device. Following the transition to a new active port, dummy multicast messages are transmitted, each containing the source address of an entity directly coupled to the affected device or downstream thereof. By examining the dummy multicast messages, other devices in the network learn to use to the new forwarding port of the affected device. Rapid reconfiguration of the network is also provided upon detection of a new or repaired link or device representing a better path toward the root. The method is also compatible with networks supporting virtual local area network (VLAN) designations and allows load balancing among different VLANs.

摘要翻译： 一种快速重新配置具有执行生成树算法的多个设备的计算机网络的方法。 首先，配置和布置一个或多个设备，使得提供与根的连接的一个端口处于转发状态，并且提供与根的连接的其余端口处于阻塞状态。 接下来，一个或多个阻塞端口被指定为备份端口。 在主动转发端口检测到故障后，其中一个备份端口立即从阻塞转发到转发，从而成为设备的新的活动端口。 在转换到新的活动端口之后，传输虚拟多播消息，每个消息包含直接耦合到受影响设备或其下游的实体的源地址。 通过检查虚拟组播消息，网络中的其他设备学习使用受影响设备的新转发端口。 在检测到新的或修复的链接或设备，表示朝向根的更好路径时，也提供网络的快速重新配置。 该方法还与支持虚拟局域网（VLAN）的网络兼容，并允许不同VLAN之间的负载平衡。

公开(公告)号：US06813250B1

公开(公告)日：2004-11-02

申请号：US09748534

申请日：2000-12-22

申请人： Michael Fine ,  Silvano Gai ,  Keith McCloghrie

发明人： Michael Fine ,  Silvano Gai ,  Keith McCloghrie

IPC分类号： H04L1228

CPC分类号： H04L45/48 ,  H04L12/4645 ,  H04L12/4695 ,  H04L45/023

摘要： A shared spanning tree protocol (SSTP) creates a plurality of spanning trees (i.e., loop-free paths) which are shared among one or more virtual local area network (VLAN) designations for data transmission within a computer network. Each shared spanning tree includes and is defined by a primary VLAN and may be associated with one or more secondary VLANs. In order to associate VLAN designation(s) with a single shared spanning tree, network devices exchange novel shared spanning tree protocol data units (SST-PDUs). Each SST-PDU corresponds to a given primary VLAN and preferably includes one or more fields which list the secondary VLAN designations associated with the given primary VLAN. The association of VLAN designations to shared spanning trees, moreover, preferably depends on which path traffic is to follow as well as the anticipated load characteristics of the various VLANs. The association of VLAN designations to shared spanning trees thus provides a degree of load balancing within the network. Data messages tagged with a particular VLAN designation are then distributed by the devices only along the shared spanning tree to which that VLAN has been associated by SSTP.

摘要翻译： 共享生成树协议（SSTP）创建在一个或多个虚拟局域网（VLAN）指定之间共享的多个生成树（即，无环路径），用于计算机网络内的数据传输。 每个共享生成树包括并由主VLAN定义，并且可以与一个或多个辅助VLAN相关联。 为了将VLAN指定与单个共享生成树相关联，网络设备交换新的共享生成树协议数据单元（SST-PDU）。 每个SST-PDU对应于给定的主VLAN，并且优选地包括一个或多个列出与给定主VLAN相关联的辅助VLAN名称的字段。 此外，VLAN标识与共享生成树的关联优选地取决于哪个路径业务将遵循，以及各种VLAN的预期负载特性。 因此，VLAN名称与共享生成树的关联在网络中提供了一定程度的负载平衡。 标有特定VLAN标识的数据消息随后由SSTP与该VLAN关联的共享生成树分配。

公开(公告)号：US06658458B1

公开(公告)日：2003-12-02

申请号：US09599311

申请日：2000-06-22

申请人： Silvano Gai ,  Keith McCloghrie

发明人： Silvano Gai ,  Keith McCloghrie

IPC分类号： G06F1200

CPC分类号： G06F17/30982 ,  G11C15/00 ,  H04L29/06 ,  H04L69/16 ,  H04L69/161 ,  Y10S707/99933

摘要： A system for efficiently organizing data or information into an associative memory device, such as a ternary content addressable memory (TCAM), for subsequent searching divides the TCAM is divided into a plurality of individual stages that are interconnected in a cascading fashion. The data or information that is to be stored into the TCAM for subsequent searching is initially translated into a first Boolean representation, such as a binary decision diagram (BDD), that is partitioned into a plurality of segments. Each segment defines one or more outputs, and the outputs from one segment define the inputs to the next segment. After partitioning the BDD and identifying the resulting outputs, each BDD segment along with its corresponding outputs is mapped into a particular stage of the TCAM.

摘要翻译： 用于将数据或信息有效地组织到诸如三元内容可寻址存储器（TCAM）的关联存储器设备中用于后续搜索划分TCAM的系统被分成以级联方式互连的多个单独级。 要存储到TCAM中用于后续搜索的数据或信息最初被转换成被划分成多个段的第一布尔表示，例如二进制判定图（BDD）。 每个段定义一个或多个输出，并且来自一个段的输出定义到下一段的输入。 在分割BDD并识别结果输出之后，每个BDD段及其相应的输出被映射到TCAM的特定阶段。