公开(公告)号：US20230246955A1

公开(公告)日：2023-08-03

申请号：US18134285

申请日：2023-04-13

Applicant: Cisco Technology, Inc.

Inventor： Amir Khan

IPC: H04L45/00 ,  H04L45/74 ,  H04L45/02

CPC classification number: H04L45/34 ,  H04L45/74 ,  H04L45/04

Abstract: Techniques and mechanisms for monitoring and processing telemetry information of an Internet Protocol version 6 (IPv6) packet in a network. The IPv6 packet includes an IPv6 header having a Segment Identifier (SID) field, and a function field. According to this disclosure, the function field may include a function associated with an operation for collecting telemetry information of a first node indicated by the SID field. When the function executed by the first node, it may collect the telemetry information from the first node, and export the telemetry information to a collector node. Further, the function may indicate an operation for collecting the telemetry information of a set of paths including one or more nodes, where the telemetry path can be changed dynamically. In this way, each node in the telemetry path may define a new path for collecting the telemetry information.

公开(公告)号：US20230224382A1

公开(公告)日：2023-07-13

申请号：US17681381

申请日：2022-02-25

Applicant: Cisco Technology, Inc.

Inventor： Amir Khan

IPC: H04L69/22 ,  H04L47/24 ,  H04L47/2425 ,  H04L47/2441

CPC classification number: H04L69/22 ,  H04L47/2458 ,  H04L47/2433 ,  H04L47/2441

Abstract: Methods are provided to categorize and filter node metadata by adding a priority field to the node metadata, obtained as part of in-band network telemetry data collection. The methods involve obtaining, by a first network device, a packet having a header and a payload and adding, by the first network device, to the header of the packet, metadata which includes first telemetry data and a metadata priority level that indicates a priority of the first telemetry data added to the header of the packet by the first network device. The methods further involve providing the packet to a second network device in a path of a network.

公开(公告)号：US11671354B2

公开(公告)日：2023-06-06

申请号：US17540975

申请日：2021-12-02

Applicant: Cisco Technology, Inc.

Inventor： Amir Khan

IPC: H04L12/00 ,  H04L45/00 ,  H04L45/74 ,  H04L45/02

CPC classification number: H04L45/34 ,  H04L45/04 ,  H04L45/74

Abstract: Techniques and mechanisms for monitoring and processing telemetry information of an Internet Protocol version 6 (IPv6) packet in a network. The IPv6 packet includes an IPv6 header having a Segment Identifier (SID) field, and a function field. According to this disclosure, the function field may include a function associated with an operation for collecting telemetry information of a first node indicated by the SID field. When the function executed by the first node, it may collect the telemetry information from the first node, and export the telemetry information to a collector node. Further, the function may indicate an operation for collecting the telemetry information of a set of paths including one or more nodes, where the telemetry path can be changed dynamically. In this way, each node in the telemetry path may define a new path for collecting the telemetry information.

公开(公告)号：US20210152344A1

公开(公告)日：2021-05-20

申请号：US17162473

申请日：2021-01-29

Applicant: Cisco Technology, Inc.

Inventor： Syed Khalid Raza ,  Praveen Raju Kariyanahalli ,  Rameshbabu Prabagaran ,  Amir Khan

IPC: H04L9/08 ,  H04L29/06

Abstract: A method for securing communications for a given network topology is provided. The method comprises generating by a node N(i) of the network, security parameters for the node N(i);transmitting by the node N(i), said security parameters to a controller for the network; maintaining by the controller said security parameters for the node N(i);receiving by the controller a request from a node N(j) for the security parameters for the node N(i); retrieving by the controller the security parameters for the node N(i); and transmitting by the controller said security parameters to the node N(j).

公开(公告)号：US11496294B2

公开(公告)日：2022-11-08

申请号：US16988439

申请日：2020-08-07

Applicant: Cisco Technology, Inc.

Inventor： Syed Khalid Raza ,  Praveen Raju Kariyanahalli ,  Rameshbabu Prabagaran ,  Amir Khan

IPC: H04L9/08 ,  H04L9/40

Abstract: A method for securing communications for a given network topology is provided. The method comprises generating by a node N(i) of the network, security parameters for the node N(i); transmitting by the node N(i), said security parameters to a controller for the network; maintaining by the controller said security parameters for the node N(i); receiving by the controller a request from a node N(j) for the security parameters for the node N(i); retrieving by the controller the security parameters for the node N(i); and transmitting by the controller said security parameters to the node N(j).

公开(公告)号：US20200036686A1

公开(公告)日：2020-01-30

申请号：US16536756

申请日：2019-08-09

Applicant: Cisco Technology, Inc.

Inventor： Lars Olof Stefan Olofsson ,  Atif Khan ,  Syed Khalid Raza ,  Himanshu H. Shah ,  Amir Khan ,  Nehal Bhau

IPC: H04L29/06 ,  H04L12/46 ,  H04L9/08 ,  H04L12/715 ,  H04L29/08

Abstract: A method for operating a network is provided. The method comprises segmenting the network into a plurality of virtual private networks, wherein each virtual private network runs on an underlying physical network; and wherein each virtual private network represents a particular context; and configuring at least some nodes within the network to send and receive traffic based on context.

公开(公告)号：US20230118989A1

公开(公告)日：2023-04-20

申请号：US17540975

申请日：2021-12-02

Applicant: Cisco Technology, Inc.

Inventor： Amir Khan

IPC: H04L45/00 ,  H04L45/74

Abstract: Techniques and mechanisms for monitoring and processing telemetry information of an Internet Protocol version 6 (IPv6) packet in a network. The IPv6 packet includes an IPv6 header having a Segment Identifier (SID) field, and a function field. According to this disclosure, the function field may include a function associated with an operation for collecting telemetry information of a first node indicated by the SID field. When the function executed by the first node, it may collect the telemetry information from the first node, and export the telemetry information to a collector node. Further, the function may indicate an operation for collecting the telemetry information of a set of paths including one or more nodes, where the telemetry path can be changed dynamically. In this way, each node in the telemetry path may define a new path for collecting the telemetry information.

公开(公告)号：US10742402B2

公开(公告)日：2020-08-11

申请号：US15881666

申请日：2018-01-26

Applicant: Cisco Technology, Inc.

Inventor： Syed Khalid Raza ,  Praveen Raju Kariyanahalli ,  Rameshbabu Prabagaran ,  Amir Khan

IPC: H04L9/08 ,  H04L29/06

Abstract: A method for securing communications for a given network topology is provided. The method comprises generating by a node N(i) of the network, security parameters for the node N(i); transmitting by the node N(i), said security parameters to a controller for the network; maintaining by the controller said security parameters for the node N(i); receiving by the controller a request from a node N(j) for the security parameters for the node N(i); retrieving by the controller the security parameters for the node N(i); and transmitting by the controller said security parameters to the node N(j).

公开(公告)号：US10142254B1

公开(公告)日：2018-11-27

申请号：US14028514

申请日：2013-09-16

Applicant: Cisco Technology, Inc.

Inventor： Lars Olof Stefan Olofsson ,  Atif Khan ,  Syed Khalid Raza ,  Himanshu H. Shah ,  Amir Khan ,  Nehal Bhau

IPC: H04L12/28 ,  H04L12/911

Abstract: A method for routing is disclosed. The method comprises establishing an overlay network, comprising a plurality of network elements and an overlay controller; wherein the overlay controller is in communication with each network element via a secure tunnel established through an underlying transport network; receiving by the overlay controller, information from each service-hosting network element information said information identifying a service hosted at that service-hosting network element, and label associated with the service-hosting network element; identifying by the overlay controller, at least one policy that associates traffic from a site with a service; and causing by said overly controller, the at least one policy to be executed so that traffic from the site identified in the policy is routed using the underlying transport network to the service-hosting network element associated with the said service.

公开(公告)号：US20230396541A1

公开(公告)日：2023-12-07

申请号：US17833128

申请日：2022-06-06

Applicant: Cisco Technology, Inc.

Inventor： Amir Khan ,  Ankit Ashokkumar Kansara

IPC: H04L45/74 ,  H04L47/2483 ,  H04L69/22

CPC classification number: H04L45/74 ,  H04L47/2483 ,  H04L69/22

Abstract: Methods are provided to decrease amount of the telemetry data traversed in a network. The methods involve obtaining, by a first network device, a packet of a traffic flow. The packet has a header and a payload. The methods further involve adding, by the first network device, to the header of the packet, telemetry node level metadata while skipping at least one element of the telemetry node level metadata that is redundant to telemetry node level information of the traffic flow and providing the packet to a second network device in a path of a network.