公开(公告)号：US11190607B2

公开(公告)日：2021-11-30

申请号：US17155129

申请日：2021-01-22

Applicant: ALAXALA Networks Corporation

Inventor： Shouhei Fukuzaki ,  Masaya Arai

IPC: H04L29/08 ,  H04L29/12 ,  H04L29/06

Abstract: A monitoring apparatus holds extracted information including: extracted data from first communication between a proxy and a first network and from second communication between the proxy and a second network; and reception times of a target data, wherein the extracted data includes kinds of communication, sources and destinations of the target data in the first communication, and the sources in the second network and the destinations in the first network after the target data is relayed by the proxy in the second communication, the monitoring apparatus: for first extracted data of first kind of communication in the first communication, acquires second extracted data in the second communication whose reception time is coincidental time zone of the reception time of the first extracted data; and determines whether communication using the target data from which the acquired second extracted data is extracted is included in a series of end-to-end communication.

公开(公告)号：US10693890B2

公开(公告)日：2020-06-23

申请号：US15591189

申请日：2017-05-10

Applicant: ALAXALA Networks Corporation

Inventor： Yuichi Ishikawa ,  Nobuhito Matsuyama

IPC: H04L29/06 ,  H04L12/46 ,  H04L12/931

Abstract: A packet relay apparatus, which is configured to transmit from a mirror port a mirror packet copied from one of a packet to be received and a packet to be transmitted, the packet relay apparatus comprising: a packet receiving module configured to receive a packet from an input port; a security judgment module configured to judge whether or not the packet is possibly one of an attack and an attack sign; a mirror processing module configured to generate, when it is judged that the packet is possibly one of an attack and an attack sign, a replica of the packet as the mirror packet; and a transmitting module configured to transmit the mirror packet from the mirror port.

公开(公告)号：US10237177B2

公开(公告)日：2019-03-19

申请号：US15219333

申请日：2016-07-26

Applicant: ALAXALA Networks Corporation

Inventor： Dai Akashi

IPC: H04L12/28 ,  H04L12/721 ,  H04L29/12

Abstract: A transfer device includes: first and second ports connected to L3 and L2 networks, respectively; a storage unit that stores data processing information which brings a MAC address of a communication device in the L2 network into correspondence with information regarding processing of data, and address information which brings an IP address of the communication device in the L2 network into correspondence with the MAC address thereof; and a transfer unit that, upon receiving data addressed to the communication device in the L2 network through the first port, searches the address information with an IP address in the data to acquire a MAC address corresponding to the IP address, searches the data processing information with the acquired MAC address, and depending on a search result, controls whether to transfer the data through the first port based on information regarding processing of data corresponding to the acquired MAC address.

公开(公告)号：US10158502B2

公开(公告)日：2018-12-18

申请号：US15403391

申请日：2017-01-11

Applicant: ALAXALA Networks Corporation

Inventor： Hiroyuki Yoshino ,  Motohide Noumi

IPC: H04L12/66 ,  H04L12/46 ,  H04L12/741 ,  H04L12/721

Abstract: A network device is configured to: detect a virtual network that is unable to relay communication as a failed virtual network; identify, as a failed virtual network identifier, a virtual network identifier assigned to a combination of the failed virtual network and a physical port through which communication of the failed virtual network pass, based on mapping information; identify a first virtual tunnel end point that relays communication of the failed virtual network; identify a second virtual tunnel end point of another network device that communicates with the first virtual tunnel end point based on the tunnel information; and send, to the second virtual tunnel end point, a clear request including the failed virtual network identifier and an IP address of the first virtual tunnel end point, and the clear request being used for clearing a MAC address used in Layer 2 protocol.

公开(公告)号：US09882741B2

公开(公告)日：2018-01-30

申请号：US14959149

申请日：2015-12-04

Applicant: ALAXALA Networks Corporation

Inventor： Motohide Nomi

IPC: H04L12/18 ,  H04L12/46 ,  H04L12/911 ,  H04L12/927 ,  H04L12/801 ,  H04L29/08 ,  H04L12/721 ,  H04L12/26

CPC classification number: H04L12/4641 ,  H04L12/4633 ,  H04L43/08 ,  H04L43/0811 ,  H04L45/66 ,  H04L47/13 ,  H04L47/805 ,  H04L47/825 ,  H04L69/321 ,  H04L2012/4629

Abstract: A virtual tunnel endpoint that makes a communication of a specific tenant is separated from virtual tunnel endpoints that make communications of the other tenants. A forwarding route from the virtual tunnel endpoint that makes a communication of the specific tenant is separated from a forwarding route from the virtual tunnel endpoints that make communications of the other tenants. Accordingly, a communication of the specific tenant is forwarded with priority.

公开(公告)号：US09559986B2

公开(公告)日：2017-01-31

申请号：US13924963

申请日：2013-06-24

Applicant: ALAXALA Networks Corporation

Inventor： Masayuki Shinohara ,  Nobuhito Matsuyama ,  Takayuki Muranaka ,  Isao Kimura ,  Shinichi Akahane

IPC: H04M1/00 ,  H04L12/947 ,  H04L12/931 ,  H04L12/939

CPC classification number: H04L49/25 ,  H04L49/40 ,  H04L49/552

Abstract: Network switching arrangements including: setting an operation mode of a target switching block to a operation mode that is different from an operation mode of a first switching block while the first switching block is handling a switching process, the target switching block being one switching block selected from second switching blocks; performing a switchover process including starting the switching process using the target switching block instead of the first switching block, after completion of setting the operation mode of the target switching block; and copying the switching information held by the first switching block to the target switching block, prior to starting the switching process using the target switching block, after completion of setting the operation mode of the target switching block.

Abstract translation: 网络交换装置包括：在第一切换块正在处理切换处理的同时，将目标切换块的操作模式设置为与第一切换块的操作模式不同的操作模式，所述目标切换块是被选择的一个切换块 从第二切换块; 在完成所述目标切换块的操作模式之后，执行包括使用所述目标切换块而不是所述第一切换块开始切换处理的切换处理; 以及在完成对目标切换块的操作模式的设置之后，在开始使用目标切换块的切换处理之前，将由第一切换块保持的切换信息复制到目标切换块。

公开(公告)号：US09521163B2

公开(公告)日：2016-12-13

申请号：US14573069

申请日：2014-12-17

Applicant: ALAXALA Networks Corporation

Inventor： Satoru Kato ,  Tomomi Suzuki ,  Michihiro Yoshida

IPC: G06F15/16 ,  H04L29/06

CPC classification number: H04L63/1458 ,  H04L63/08

Abstract: A system manager sets a port connected to a specific device (for example, a router device) among a plurality of ports of a switch device as a reliable port. If a packet is received in the reliable port, the switch device manages an IP address and a MAC address of the router device by a reliable port information table. When a packet is received from a port not set as the reliable port, the switch device refers to the reliable port information table. At this time, when the received packet is an address resolution packet having impersonated a router device, the switch device discards the packet without transmitting the packet, thereby preventing a cyber attack on a terminal.

Abstract translation: 系统管理器将连接到交换机设备的多个端口中的特定设备（例如，路由器设备）的端口设置为可靠端口。 如果在可靠端口收到数据包，交换机将通过可靠的端口信息表管理路由器设备的IP地址和MAC地址。 当从未设置为可靠端口的端口接收到报文时，交换机设备可以参考可靠的端口信息表。 此时，当接收到的分组是具有模拟路由器设备的地址解析分组时，交换机设备在不发送分组的情况下丢弃分组，从而防止对终端的网络攻击。

公开(公告)号：US20160294733A1

公开(公告)日：2016-10-06

申请号：US14777542

申请日：2014-08-06

Applicant: ALAXALA NETWORKS CORPORATION

Inventor： Junji BABA

IPC: H04L12/931 ,  H05K7/20

CPC classification number: H04L49/40 ,  H05K7/20572 ,  H05K7/207

Abstract: The communication apparatus includes: a first circuit board unit including, on a front surface of the communication apparatus, a port for transmitting and receiving data to and from the network; a second circuit board unit including a plurality of first connectors connected to at least one of the first circuit board units, a second connector being capable of accommodating at least a bandwidth accommodated by the plurality of first circuit board units, and being connected, via a cable, to the other communication apparatus of a standby system; and a cross bar switch for selectively outputting data to the first connectors or the second connector as a data output destination, and a ventilation control unit for controlling a flow of air flowing between each of the first circuit board unit and the second circuit board unit, and outside of the communication apparatus.

Abstract translation: 通信装置包括：第一电路板单元，在通信装置的前表面上包括用于向网络发送数据和从网络接收数据的端口; 第二电路板单元，包括连接到所述第一电路板单元中的至少一个的多个第一连接器，第二连接器能够容纳由所述多个第一电路板单元容纳的至少带宽，并且经由 电缆连接到备用系统的其他通信装置; 以及用于选择性地将数据输出到作为数据输出目的地的第一连接器或第二连接器的横杆开关，以及用于控制在第一电路板单元和第二电路板单元之间流动的空气流的换气控制单元， 并且在通信设备外部。

公开(公告)号：US09385941B2

公开(公告)日：2016-07-05

申请号：US13482006

申请日：2012-05-29

Applicant: Masaya Arai ,  Manabu Fujita ,  Ken Watanabe ,  Kensuke Ino

Inventor： Masaya Arai ,  Manabu Fujita ,  Ken Watanabe ,  Kensuke Ino

IPC: H04L12/28 ,  H04L12/707 ,  H04L12/703 ,  H04L12/931 ,  H04L12/939 ,  H04J1/16

CPC classification number: H04L45/22 ,  H04L45/28 ,  H04L49/354 ,  H04L49/552

Abstract: A Provider Edge PE3 replicates a received packet and relays these to virtual circuits VC1, VC2 respectively, and Provider Edges PE2, PE2 respectively receive the packets from the virtual circuits VC1, VC2, whereupon the Provider Edges PE2, PE2, on the basis of an agreement between them, decide to handle the received packets such that one of the first edges relays the packet to a Customer Edge CE1 for forwarding to a Host A, while the other edge discards the packet without relaying it to the Customer Edge CE1.

Abstract translation: 提供商边缘PE3复制接收到的分组，并将它们中继到虚拟电路VC1，VC2，提供者边缘PE2，PE2分别接收来自虚拟电路VC1，VC2的分组，由此提供者边缘PE2，PE2基于 它们之间的协议决定处理接收到的数据包，使得第一个边缘之一将数据包中继到客户端CE1以转发到主机A，而另一个边缘丢弃数据包而不将其转发到客户端CE1。

公开(公告)号：US09323596B2

公开(公告)日：2016-04-26

申请号：US14309247

申请日：2014-06-19

Applicant: ALAXALA Networks Corporation

Inventor： Takashi Nagumo

IPC: G06F11/00 ,  G06F11/07 ,  G06F11/30

CPC classification number: G06F11/076 ,  G06F11/0724 ,  G06F11/3024 ,  G06F11/3055

Abstract: To detect a failure in each processor core appropriately. It is provided a network apparatus for transferring a packet, comprising: a control unit; and a network processor including a plurality of processor cores, each configured to perform a process of transferring a packet input over a network. The control unit being configured to: transmit a packet to the network processor; acquire a packet processing status of each of the plurality of processor cores; and monitor a status of the each of the plurality of processor cores based on the acquired packet processing status.

Abstract translation: 以适当地检测每个处理器核心的故障。 提供了一种用于传送分组的网络装置，包括：控制单元; 以及包括多个处理器核心的网络处理器，每个处理器核心被配置为执行传送通过网络输入的分组的处理。 所述控制单元被配置为：向所述网络处理器发送分组; 获取所述多个处理器核心中的每一个的分组处理状态; 并且基于所获取的分组处理状态来监视所述多个处理器核心中的每一个的状态。