公开(公告)号：US20240251029A1

公开(公告)日：2024-07-25

申请号：US18517167

申请日：2023-11-22

申请人： Microsoft Technology Licensing, LLC

发明人： Praveen BALASUBRAMANIAN ,  Matthew A. OLSON ,  Nicholas A. BANKS ,  Sourav DAS ,  Nicholas J. GRIFKA

IPC分类号： H04L69/164 ,  H04L69/16 ,  H04L69/165 ,  H04L69/168

CPC分类号： H04L69/164 ,  H04L69/161 ,  H04L69/162 ,  H04L69/165 ,  H04L69/168 ,  H04L69/169

摘要： A system having scalable sockets to support User Datagram Protocol (UDP) connections identifies a plurality of UDP connections, wherein a plurality of remote clients connect to corresponding ones of the plurality of UDP connections. Each one of a plurality of UDP sockets is associated with a corresponding one of the plurality of UDP connections. A network stack lookup for UDP packets in network traffic is performed using a network stack to identify the UDP socket corresponding to the remote client associated with each of the UDP packet. The UDP packets are buffered with a send buffer and a receive buffer for the UDP socket corresponding to the remote client associated with the UDP packets as determined by the network stack lookup to support communication over the plurality of UDP connections using the plurality of UDP sockets. The system thereby operates more efficiently and/or is more scalable.

公开(公告)号：US20240223584A1

公开(公告)日：2024-07-04

申请号：US18609958

申请日：2024-03-19

申请人： HUAWEI TECHNOLOGIES CO., LTD.

发明人： Bo WU

IPC分类号： H04L9/40 ,  H04L1/1829 ,  H04L69/164

CPC分类号： H04L63/1416 ,  H04L1/1858 ,  H04L63/0236 ,  H04L69/164

摘要： This application discloses a method for identifying a source address of a packet and an apparatus, and pertains to the field of network security. A protecting device intercepts a packet whose destination address is an IP address of a protected device, where the protected device provides a service according to the QUIC protocol. The protecting device sends a retry packet to a source address of the packet in response to that the packet is an initial packet. The protecting device identifies the source address of the packet as an attack source address if the protecting device receives no response packet corresponding to the retry packet. The protecting device determines the source address of the intercepted initial packet to identify an attack source address used by an attacker, and subsequently prevents only packets from the attack source address from being sent to the protected device.

公开(公告)号：US11973851B2

公开(公告)日：2024-04-30

申请号：US18081200

申请日：2022-12-14

申请人： Huawei Technologies Co., Ltd.

发明人： Yingzhen Qu ,  Alvaro Retana

IPC分类号： H04L69/164 ,  H04L65/60

CPC分类号： H04L69/164 ,  H04L65/60

摘要： A method of establishing streams within a QUIC connection implemented by a first network device, comprising: transmitting a first open message through the QUIC connection to a second network device, the first open message identifying a protocol; receiving a second open message through the QUIC connection from the second network device in response to transmitting the first open message, the second open message identifying the protocol; and establishing a first stream between the first network device and the second network device within the QUIC connection for the protocol identified in the first open message and in the second open message.

公开(公告)号：US20230403318A1

公开(公告)日：2023-12-14

申请号：US17840371

申请日：2022-06-14

申请人： NVIDIA Corporation

发明人： Frank James Spitulski

IPC分类号： H04L67/02 ,  H04L9/40 ,  H04L69/164

CPC分类号： H04L67/02 ,  H04L63/0892 ,  H04L63/0807 ,  H04L69/164

摘要： Systems and methods related to transferring (e.g., large) files over a network are disclosed. In at least one embodiment, a client-server framework establishes a QUIC connection between a server application and a client application. Source files are processed by the server application to divide the source files into a number of chunks. Differential file transfer can be implemented between the client application and the server application by comparing metadata for chunks of the source file with metadata of local chunks of a destination file already stored in a local storage associated with the client application. Missing chunks can be requested from the server application and transferred to the client application using HTTP/3 messages.

公开(公告)号：US11843683B2

公开(公告)日：2023-12-12

申请号：US16368368

申请日：2019-03-28

申请人： Apple Inc.

发明人： Cahya Adiansyah Masputra ,  Sandeep Nair ,  Darrin Jewell

IPC分类号： H04L69/16 ,  H04L69/163 ,  H04L69/164 ,  H04L12/46 ,  G06F9/54 ,  H04L9/40 ,  G06F9/48 ,  G06F9/50 ,  G06F12/10 ,  G06F13/16 ,  G06F3/06 ,  G06F9/46 ,  G06F12/02 ,  H04L47/2475 ,  H04L47/2483 ,  H04L47/6295 ,  H04L49/00 ,  H04L49/9047 ,  H04L69/00 ,  G06F9/455 ,  H04L47/193 ,  H04L47/283 ,  G06F9/52 ,  H04L43/0864 ,  G06F16/23 ,  G06F21/52 ,  H04L47/24 ,  H04L47/30 ,  H04L47/32 ,  H04L47/6275 ,  G06F21/56 ,  H04L69/22 ,  G06F16/22 ,  H04L61/103 ,  H04L61/2503 ,  H04L67/146 ,  H04L69/18 ,  H04L1/00

CPC分类号： H04L69/162 ,  G06F3/0604 ,  G06F3/0631 ,  G06F3/0644 ,  G06F3/0673 ,  G06F9/45558 ,  G06F9/461 ,  G06F9/4881 ,  G06F9/5005 ,  G06F9/5016 ,  G06F9/5022 ,  G06F9/52 ,  G06F9/542 ,  G06F9/545 ,  G06F12/023 ,  G06F12/10 ,  G06F13/1668 ,  G06F16/2228 ,  G06F16/2365 ,  G06F21/52 ,  G06F21/568 ,  H04L12/4641 ,  H04L43/0864 ,  H04L47/193 ,  H04L47/2458 ,  H04L47/2475 ,  H04L47/2483 ,  H04L47/283 ,  H04L47/30 ,  H04L47/32 ,  H04L47/6275 ,  H04L47/6295 ,  H04L49/30 ,  H04L49/9052 ,  H04L61/103 ,  H04L61/2542 ,  H04L63/166 ,  H04L67/146 ,  H04L69/02 ,  H04L69/161 ,  H04L69/163 ,  H04L69/164 ,  H04L69/18 ,  H04L69/22 ,  G06F9/50 ,  G06F2009/45595 ,  G06F2209/5011 ,  G06F2212/657 ,  G06F2221/032 ,  G06F2221/034 ,  H04L1/0061

摘要： Methods and apparatus for active queue management in user space networking stacks. Unlike prior art monolithic networking stacks, the exemplary networking stack architecture described hereinafter includes various components that span multiple domains (both in-kernel, and non-kernel). For example, unlike traditional “socket” based communication, disclosed embodiments can transfer data directly between the kernel and user space domains. Additionally, user space networking stacks require a new flow control methodology that is responsive to networking congestion and/or packet loss. For example, embodiments of the present disclosure introduce a flow advisory table that may, for example, utilize an eventing methodology for active queue management in addition to, or alternatively then, legacy active queue management. Exemplary systems can support multiple networking protocol stack instances (including an in-kernel traditional network stack) as well as flow advisory tables (and legacy active queue management).

公开(公告)号：US20230379397A1

公开(公告)日：2023-11-23

申请号：US17900673

申请日：2022-08-31

申请人： Hughes Network Systems, LLC

发明人： Chi-Jiun SU ,  John Leonard BORDER ,  Robert James TORRES ,  Bhavit Jogeshkumar SHAH

IPC分类号： H04L67/56 ,  H04L69/163 ,  H04L69/164 ,  H04L69/22 ,  H04L67/141 ,  H04L47/11

CPC分类号： H04L67/56 ,  H04L69/163 ,  H04L69/164 ,  H04L69/22 ,  H04L67/141 ,  H04L47/115

摘要： An Encrypted Transport Proxy Backbone Protocol module is configured to set up ET Proxy Backbone connections with another distributed proxy device with each ET Proxy Backbone connection including multiple ET Proxy Backbone channels for transmitting ET proxy packets having different QoS classes. Each ET Proxy Backbone channel includes a separate queue. The ET Proxy Backbone Protocol module is also configured to schedule transmissions of the ET proxy packets from each respective queue; multiplex the ET proxy packets from each respective queue via the associated ET Proxy Backbone channel; perform local recovery of network impairments over the access network and perform congestion control to prevent packets from client devices and web servers from causing network congestion to the access network.

公开(公告)号：US11777850B2

公开(公告)日：2023-10-03

申请号：US17216308

申请日：2021-03-29

申请人： Juniper Networks, Inc.

发明人： Anantharamu Suryanarayana ,  Manish Krishnan ,  Jacopo Pianigiani ,  Vivekananda Shenoy ,  Mahesh Sivakumar

IPC分类号： H04L12/46 ,  H04L45/64 ,  G06F9/455 ,  H04L45/00 ,  H04L45/50 ,  H04L45/745 ,  H04L69/164

CPC分类号： H04L45/64 ,  G06F9/45541 ,  H04L12/4633 ,  H04L12/4641 ,  H04L45/34 ,  H04L45/50 ,  H04L45/745 ,  H04L69/164

摘要： Techniques are described in which a centralized controller constructs a service chain between a bare metal server (BMS) and a virtual execution element (e.g., virtual machine or container), or in some instances a remote BMS, across a plurality of networks. In some examples, the controller may construct a service chain between a BMS and a virtual execution element or remote BMS using Ethernet Virtual Private Network (EVPN)-Virtual Extensible Local Area Network (VXLAN) and Internet Protocol Virtual Private Networks (IP VPNs) such as BGP/Multiprotocol Label Switching (BGP/MPLS) IP VPNs.

公开(公告)号：US11683148B2

公开(公告)日：2023-06-20

申请号：US17361346

申请日：2021-06-29

申请人： SHENZHEN LENKENG TECHNOLOGY CO., LTD

发明人： Binghai Gao

IPC分类号： H04J3/06 ,  H04L7/00 ,  H04L69/164

CPC分类号： H04L7/0008 ,  H04L69/164

摘要： Disclosed are a method and a receiving device for clock frequency synchronization. The method includes the following. A user datagram protocol (UDP) packet is obtained by a receiving device. A value of the data volume of the UDP packet in the cache and a first value are performed, by the receiving device, an operation to obtain the absolute value of the difference between the value of the data volume and the first value. When the absolute value is greater than the preset threshold, a clock frequency of the crystal oscillator in the receiving device is adjusted to obtain a target clock frequency, where after the clock frequency of the crystal oscillator is adjusted, the absolute value of the difference is less than or equal to the preset threshold. The receiving device maintains clock frequency synchronization between the receiving device and the transmitting device based on the target clock frequency.

公开(公告)号：US20230116449A1

公开(公告)日：2023-04-13

申请号：US18081200

申请日：2022-12-14

申请人： Huawei Technologies Co., Ltd.

发明人： Yingzhen Qu ,  Alvaro Retana

IPC分类号： H04L69/164 ,  H04L65/60

摘要： A method of establishing streams within a QUIC connection implemented by a first network device, comprising: transmitting a first open message through the QUIC connection to a second network device, the first open message identifying a protocol; receiving a second open message through the QUIC connection from the second network device in response to transmitting the first open message, the second open message identifying the protocol; and establishing a first stream between the first network device and the second network device within the QUIC connection for the protocol identified in the first open message and in the second open message.

公开(公告)号：US20230095354A1

公开(公告)日：2023-03-30

申请号：US17807669

申请日：2022-06-17

申请人： Iotium, Inc.

发明人： Ron David Victor ,  Dhawal Tyagi ,  Srivatsan Rajagopal ,  Dhruva Narasimhan

IPC分类号： H04L69/164 ,  H04L9/40 ,  H04L12/46 ,  H04L67/133 ,  H04L69/168 ,  H04L67/563

摘要： Disclosed herein are various systems, apparatuses, software, and methods relating to data diode-TCP proxy with a User Datagram Protocol (UDP) across a wide area network (WAN) providing a WAN data diode using a uni-directional semantics protocol, providing a set of data diode proxies in either end of a point-to-point WAN link, providing a symmetric key encryption semantics to extend the WAN data diode securely across a WAN that is specified, wherein the symmetric key encryption semantics are implemented through the set of data diode proxies on either end of the point-to-point WAN link, employing a unidirectional protocol in communication transmitted using the WAN and, with data diode proxies, terminating one or more data channels on either end of the point-to-point WAN link or transporting a requisite information across the WAN over the uni-directional protocol.