公开(公告)号：WO2006057772A1

公开(公告)日：2006-06-01

申请号：PCT/US2005/039373

申请日：2005-10-31

Applicant: CISCO TECHNOLOGY, INC.

Inventor： FINN, Norman, W. ,  SMITH, Michael, R.

IPC: H04L29/06 ,  H04L12/46

CPC classification number: H04L63/08 ,  H04L63/104

Abstract: A method and apparatus for including network security information in a frame is disclosed. Network security information (330) is included in a secure portion of overhead of a frame (340). The network security information is configured to facilitate network security. A network device (600) configured to process a frame is also disclosed. The frame includes frame security information and network security information. The frame security information is configured to facilitate securing a portion of overhead of the frame, and the network security information is located in the secure portion of the overhead of the frame and is configured to facilitate network security.

Abstract translation: 公开了一种在网络中包含网络安全信息的方法和装置。 网络安全信息（330）被包括在帧的开销的安全部分（340）中。 网络安全信息被配置为便于网络安全。 还公开了一种被配置为处理帧的网络设备（600）。 该帧包括帧安全信息和网络安全信息。 帧安全信息被配置为有助于保护帧的开销的一部分，并且网络安全信息位于帧的开销的安全部分中，并且被配置为便于网络安全性。

公开(公告)号：WO2015191467A1

公开(公告)日：2015-12-17

申请号：PCT/US2015/034726

申请日：2015-06-08

Applicant: CISCO TECHNOLOGY, INC.

Inventor： FINN, Norman, W.

IPC: H04L12/24 ,  H04L12/703 ,  H04L12/707 ,  H04L29/06 ,  H04L29/14

CPC classification number: H04L45/28 ,  H04L41/0668 ,  H04L45/24 ,  H04L69/14 ,  H04L69/40

Abstract: Delivering every packet of a stream simultaneously along two different paths gives a high assurance that the destination will receive at least one of them, even if a single failure occurs. The present idea uses the topology protocols to know when to regenerate a dual stream after one failure occurs, so that the dual delivery, and thus assurance against further failures, is maintained.

Abstract translation: 即使发生单一故障，也可以沿着两个不同的路径同时传送流的每个数据包，以确保目的地将接收其中至少一个。 本想法使用拓扑协议来知道何时在一个故障发生之后重新生成双流，从而保持双重传送，从而保证防止进一步的故障。

公开(公告)号：WO2009094158A3

公开(公告)日：2009-07-30

申请号：PCT/US2009/000400

申请日：2009-01-22

Applicant: CISCO TECHNOLOGY, INC.

Inventor： FINN, Norman, W.

IPC: H04L7/00 ,  H04L29/06

Abstract: In one embodiment, a physical (PHY) layer (lower protocol stack layer) of a device may add a timestamp to a received frame, and pass the frame and timestamp up the protocol stack toward a synchronization (sync) recognition layer (upper protocol stack layer). The sync recognition layer determines whether the frame relates to synchronization, and if so, places the timestamp into a data structure along with a frame association for recovery by follow up processing. Conversely, in another embodiment, the sync recognition layer may add to a frame for transmission a frame ID having an indication of whether to timestamp the frame and may pass the frame and frame ID down the protocol stack toward the FY layer. The FY layer determines whether the frame ID indicates that the frame is to be time stamped, and if so, places a timestamp corresponding to frame transmission into a data structure with the frame ID.

公开(公告)号：WO2007092132A2

公开(公告)日：2007-08-16

申请号：PCT/US2007/001091

申请日：2007-01-16

Applicant: CISCO TECHNOLOGY, INC.

Inventor： NARAYANAN, Manoj, T. ,  HEBBAR, Hemant, K. ,  PARAMESWARANNAIR, Vinayakumar, V. ,  TAN, Eden ,  SMITH, Michael, R. ,  FINN, Norman, W.

CPC classification number: H04L49/557 ,  H04L49/357 ,  H04L49/552 ,  H04L49/70

Abstract: A system and method detects and responds to failures occurring in a virtual switch. The virtual switch is formed from two or more physical switches interconnected by a Virtual Switch Link (VSL). One physical switch is elected the Master, and it executes a link aggregation protocol for the virtual switch. If the VSL fails, one of the other physical switches assumes that it should become the Master for the virtual switch, and it begins executing the link aggregation protocol. By adding information unique to the physical switches in the control packets of the link aggregation protocol, remote switches can identify when the VSL fails, and report this condition to the original Master. In response, the original Master or the new Master takes corrective action.

Abstract translation: 系统和方法检测并响应虚拟交换机中发生的故障。 虚拟交换机由两个或更多物理交换机组成，通过虚拟交换机链路（VSL）互连。 一台物理交换机被选为Master，并为虚拟交换机执行链路聚合协议。 如果VSL发生故障，其他物理交换机之一假定它应成为虚拟交换机的主设备，并开始执行链路聚合协议。 通过在链路聚合协议的控制分组中添加对于物理交换机唯一的信息，远程交换机可以识别VSL何时失效，并向原始主站报告这种情况。 作为回应，原来的主人或新主人采取纠正措施。

公开(公告)号：WO2006130278A1

公开(公告)日：2006-12-07

申请号：PCT/US2006/015879

申请日：2006-04-26

Applicant: CISCO TECHNOLOGY, INC. ,  RAHMAN, Shahriar, I. ,  FINN, Norman, W.

Inventor： RAHMAN, Shahriar, I. ,  FINN, Norman, W.

IPC: H04L12/56

CPC classification number: H04W40/24 ,  H04L45/02 ,  H04L45/123 ,  H04L45/48 ,  H04W40/12 ,  Y02D70/1222 ,  Y02D70/142 ,  Y02D70/144 ,  Y02D70/22 ,  Y02D70/34

Abstract: A method of implementing a spanning tree protocol for a wireless network conforming to a wireless network standard, the spanning tree protocol substantially conforming to the IEEE 802.1 standard, including a first wireless bridging node wirelessly transmitting BPDU information to other wireless bridging nodes of the network or wirelessly receiving BPDU information from other wireless bridging nodes, the BPDU information encapsulated in one or more control/management frames, e.g., beacon or probe response frames of the wireless network standard, the BPDU information relating to a spanning tree topology containing the first and other wireless bridging nodes.

Abstract translation: 实现符合无线网络标准的无线网络的生成树协议的方法，生成树协议基本上符合IEEE 802.1标准，包括第一无线桥接节点将BPDU信息无线地传送到网络的其他无线桥接节点，或者 无线接收来自其他无线桥接节点的BPDU信息，封装在一个或多个控制/管理帧中的BPDU信息，例如无线网络标准的信标或探测响应帧，涉及包含第一和另外的生成树拓扑的BPDU信息 无线桥接节点

公开(公告)号：WO2005112348A3

公开(公告)日：2005-11-24

申请号：PCT/US2005/015980

申请日：2005-05-09

Applicant: CISCO TECHNOLOGY, INC.

Inventor： FINN, Norman, W.

IPC: G01R31/08 ,  H04L12/28 ,  G06F15/173 ,  G06F15/177

Abstract: A system and method monitors links in a computer network and rapidly detects failures of such links. Network entities (106) disposed at opposite ends of a link are provided with failure detection engines (210) that signal their presence to each other. Thereafter, each failure detection engine ensures that its entity transmits a continuous stream to the other entity by sending either data frames (204) or newly defined failure detection packets. If an interruption in this continuous stream is detected, then the failure detection engine (210) con­cludes that the link has failed. In response, the failure detection engine preferably noti­fies other applications or protocols of the failure, and causes the link to be shut-down.

公开(公告)号：WO2007133539A2

公开(公告)日：2007-11-22

申请号：PCT/US2007/011101

申请日：2007-05-08

Applicant: CISCO TECHNOLOGY, INC.

Inventor： FINN, Norman, W.

IPC: F21V33/00

CPC classification number: H04L12/4691 ,  H04L12/462 ,  H04L12/4641 ,  H04L45/12 ,  H04L45/48

Abstract: A technique efficiently manages bandwidth (BW) registration for multiple spanning tree options in a computer network. According to the novel technique, an entry bridge determines multiple spanning tree paths to other bridges of the network (namely, one or more available spanning trees rooted at one or more bridges of the network) and determines a utilized (registered) BW on each of those paths. Upon receiving a request to initiate BW registration for a data flow to a destination end point, e.g., from an application source end point, the entry bridge selects one of the spanning tree paths to utilize for the data flow. Selection of the spanning tree path from among the multiple available paths may be based on (i) available bandwidth of the paths, (ii) a shortest of the paths, and (iii) a lowest bridge identifier ID for the bridge root for the path. The entry bridge sends a registration message for the data flow towards the destination end point along the selected spanning tree path. If successful, the data flow is transmitted on the selected path. If not, the entry bridge attempts to register the data flow on a next best alternate spanning tree, e.g., until a successful registration or until a determination that no further alternate spanning trees exist.

Abstract translation: 技术有效地管理计算机网络中的多个生成树选项的带宽（BW）注册。 根据新颖的技术，入口桥接器确定到网络的其他网桥的多个生成树路径（即，一个或多个根据网络的一个或多个网桥的可用生成树），并且确定每个 那些路径。 在接收到针对目的地端点（例如从应用源端点）的数据流发起BW注册的请求时，入口网桥选择用于数据流的生成树路径之一。 从多个可用路径中选择生成树路径可以基于（i）路径的可用带宽，（ii）最短路径，以及（iii）用于路径的桥根的最低桥标识符ID 。 入口桥沿着所选择的生成树路径向目的地端点发送数据流的注册消息。 如果成功，数据流将在所选路径上传输。 如果不是，入口桥将尝试将数据流注册在下一个最佳备用生成树上，例如，直到成功注册或直到确定不存在另外的备用生成树为止。

公开(公告)号：WO2005032063A2

公开(公告)日：2005-04-07

申请号：PCT/US2004/031199

申请日：2004-09-23

Applicant: CISCO TECHNOLOGY, INC.

Inventor： FINN, Norman, W.

IPC: H04L12/46

CPC classification number: H04L12/4691 ,  H04L12/4641

Abstract: A system and method efficiently conveys Virtual Local Area Network (VLAN) membership information across a bridged network. In particular, an intermediate network device, such as a bridge, includes a plurality of ports for interconnecting entities s of a computer network. For each port, a Generic Attribute Registration Protocol (GARP) participant is established that has a compact GARP VLAN Registration Protocol (GVRP) application component and a GARP Information Declaration (GID) component. The GID component operates a plurality of state machines to maintain registration state for all of the VLANs of which the port has been made aware. The compact- GVRP application component further includes an encoder/decoder unit that collapses VLAN registration information according to an encoding algorithm. The collapsed VLAN registration information is then loaded into a single compact-GVRP PDU message for transmission from the respective port. The encoder/decoder unit also recovers encoded VLAN registration from received compact-GVRP PDU messages for operating the state machines.

Abstract translation: 系统和方法通过桥接网络有效传达虚拟局域网（VLAN）成员信息。 特别地，诸如桥接器的中间网络设备包括用于互连计算机网络的实体的多个端口。 对于每个端口，建立具有紧凑型GARP VLAN注册协议（GVRP）应用组件和GARP信息声明（GID）组件的通用属性注册协议（GARP）参与者。 GID组件操作多个状态机以维护端口已经被识别的所有VLAN的注册状态。 紧凑型GVRP应用组件还包括根据编码算法折叠VLAN注册信息的编码器/解码器单元。 然后将折叠的VLAN注册信息加载到单个紧凑型GVRP PDU消息中，以从相应端口传输。 编码器/解码器单元还从接收到的用于操作状态机的compact-GVRP PDU消息中恢复编码的VLAN注册。

公开(公告)号：WO2004040855A1

公开(公告)日：2004-05-13

申请号：PCT/US2003/033886

申请日：2003-10-27

Applicant: CISCO TECHNOLOGY, INC.

Inventor： DE SILVA, Suran Saminda ,  FINN, Norman, W.

IPC: H04L12/46

CPC classification number: H04L47/2491 ,  H04L12/4641 ,  H04L49/205 ,  H04L49/3018 ,  H04L49/351 ,  H04L49/354 ,  H04L2012/5665

Abstract: A system maps network messages between a customer Virtual Local Area Net­work (VLAN) domain and a provider VLAN domain. Specifically, one or more ports of an intermediate network device includes frame mapping logic and may further in­clude a plurality of highly flexible, programmable mapping tables. In accordance with the invention, a received frame associated with a customer VLAN is mapped to a pro­vider VLAN that is selected as a function of the frame's customer VLAN and the par­ticular port on which the frame is received. The frame may also be mapped to a pro­vider CoS value that is selected as a function of the frame's customer CoS value, cus­tomer VLAN and the port on which the frame is received The provider VLAN desig­nation and provider CoS value may be appended to the frame. Forwarding decisions within the provider domain are based, at least in part, on the frame's provider VLAN designation and provider CoS value.

Abstract translation: 系统在客户虚拟局域网（VLAN）域和提供商VLAN域之间映射网络消息。 具体地，中间网络设备的一个或多个端口包括帧映射逻辑，并且还可以包括多个高度灵活的可编程映射表。 根据本发明，与客户VLAN相关联的接收帧被映射到根据帧的客户VLAN和接收帧的特定端口选择的提供商VLAN。 该帧还可以映射到作为帧的客户CoS值，客户VLAN和接收到帧的端口的函数选择的提供商CoS值。提供商VLAN指定和提供商CoS值可以被附加到该帧。 提供者域内的转发决定至少部分地基于帧的提供商VLAN指定和提供商CoS值。

公开(公告)号：WO2004040844A3

公开(公告)日：2004-05-13

申请号：PCT/US2003/034423

申请日：2003-10-29

Applicant: CISCO TECHNOLOGY, INC.

Inventor： FINN, Norman, W.

IPC: H04L12/56

Abstract: A method and system for multi-bridge LAN aggregation is disclosed. The method includes aggregating a plurality of LAN coupling a host (356) to a first (342) and a second (344) intermediate network device. The system includes an intermediate network device. The intermediate network device includes a multi-bridge engine (404). The multi-bridge engine (404) includes a tunnel engine (410) coupled to a bridge interconnect port (412) and a first physical port (402).