公开(公告)号：US20220173976A1

公开(公告)日：2022-06-02

申请号：US17673182

申请日：2022-02-16

Applicant: Cisco Technology, Inc.

Inventor： Ahmed R. Bashandy ,  Clarence Filsfils ,  David D. Ward

IPC: H04L41/12 ,  H04L45/00 ,  H04L45/12 ,  H04L45/50 ,  H04L45/745 ,  H04L45/74 ,  H04L49/60 ,  H04L12/46 ,  H04L47/724

Abstract: An apparatus and method is disclosed for segment routing (SR) over label distribution protocol (LDP). In one embodiment, the method includes a node receiving a packet with an attached segment ID. In response, the node may attach a label to the packet. Thereafter, the node may forward the packet with the attached label and segment ID to another node via a label switched path (LSP).

公开(公告)号：US20220166860A1

公开(公告)日：2022-05-26

申请号：US17671188

申请日：2022-02-14

Applicant: Cisco Technology, Inc.

Inventor： Patrice Brissette ,  Clarence Filsfils ,  Darren Dukes ,  Gaurav Dawra ,  Francois Clad ,  Pablo Camarillo Garvia

IPC: H04L69/22 ,  H04L69/324 ,  H04L45/00 ,  H04L67/10 ,  H04L45/50 ,  H04L12/46 ,  H04L45/74 ,  H04L61/5007 ,  H04L49/35 ,  H04L67/63 ,  H04L45/741

Abstract: In one embodiment, Ethernet Virtual Private Network (EVPN) is implemented using Internet Protocol Version 6 (IPv6) Segment Routing (SRv6) underlay network and SRv6-enhanced Border Gateway Protocol (BGP) signaling. A particular route associated with a particular Internet Protocol Version 6 (IPv6) Segment Routing (SRv6) Segment Identifier (SID) is advertised in a particular route advertisement message of a routing protocol (e.g., BGP). The SID includes encoding representing a particular Ethernet Virtual Private Network (EVPN) Layer 2 (L2) flooding Segment Routing end function of the particular router and a particular Ethernet Segment Identifier (ESI), with the particular SID including a routable prefix to the particular router. The particular router receives a particular packet including the particular SID; and in response, the particular router performs the particular EVPN end function on the particular packet.

公开(公告)号：US20220029918A1

公开(公告)日：2022-01-27

申请号：US17493334

申请日：2021-10-04

Applicant: Cisco Technology, Inc.

Inventor： Clarence Filsfils ,  Jisu Bhattacharya ,  Zafar Ali ,  Syed Kamran Raza

IPC: H04L12/749 ,  H04L12/751 ,  H04L12/741

Abstract: In one embodiment, a method includes receiving a packet comprising a destination address in a destination address field of the packet, where the destination address including at least a first global identifier and a second global identifier, determining that the first global identifier corresponds to the first network apparatus, determining that a local identifier in the destination address is associated with the first global identifier, identifying one or more instructions associated with the local identifier, performing one or more functions instructed by the one or more instructions, updating the destination address in the destination field of the packet to an updated destination address, determining a forwarding rule associated with the packet, and forwarding the packet with the updated destination address based on the forwarding rule.

公开(公告)号：US11165699B2

公开(公告)日：2021-11-02

申请号：US16684006

申请日：2019-11-14

Applicant: Cisco Technology, Inc.

Inventor： Clarence Filsfils ,  Pablo Camarillo Garvia

IPC: H04L12/741 ,  H04L12/26 ,  H04L12/751 ,  H04L29/06

Abstract: The present disclosure provides a packet tracing mechanism will be described that provides packet tracing information to a mobile network controller. In one aspect, a method includes receiving a data packet sent from a source node to a destination node; determining if the data packet is to be updated with packet tracing information; and upon determining that the data packet is to be updated, updating the packet tracing information of the data packet to include identification of the network device and an ingress timestamp of the data packet at the network device for a corresponding network controller to determining network routing policies.

公开(公告)号：US11121961B2

公开(公告)日：2021-09-14

申请号：US16598852

申请日：2019-10-10

Applicant: Cisco Technology, Inc.

Inventor： Peter Psenak ,  Paul William Wells ,  Ketan Jivan Talaulikar ,  Clarence Filsfils

IPC: H04L12/721 ,  H04L29/06

Abstract: In one embodiment, an apparatus includes one or more processors and one or more computer-readable non-transitory storage media coupled to the one or more processors. The one or more computer-readable non-transitory storage media include instructions that, when executed by the one or more processors, cause the apparatus to perform operations including receiving a first type-length-value (TLV) associated with a winning flexible algorithm definition (FAD) from a first element of a network. The operations also include determining a security level for the winning FAD based on the TLV. The operations further include determining a data transmission route through a plurality of elements of the network based on the security level for the winning FAD.

公开(公告)号：US11019075B2

公开(公告)日：2021-05-25

申请号：US16019125

申请日：2018-06-26

Applicant: Cisco Technology, Inc.

Inventor： Clarence Filsfils ,  Pablo Camarillo Garvia ,  Francois Clad

IPC: H04L29/06 ,  H04L9/06 ,  H04L12/743 ,  H04L12/801

Abstract: In one embodiment, a Segment Routing network node provides processing and network efficiencies in protecting Internet Protocol version 6 (IPv6) Segment Routing (SRv6) packets and functions using Security Segment Identifiers, which are included in Segment Lists of a Segment Routing Header of a SRv6 packet. The Security Segment Identifier provides, inter alia, origin authentication, integrity of information in one or more headers of the packet, and/or anti-replay protection. In one embodiment, a Security Segment Identifier includes a value determined based on a secured portion of the packet. A typically secured portion includes the Source and Destination Addresses, one or more Segment Identifiers in a Segment List and the Segments Left value. In one embodiment, the Destination Address and/or a Segment Identifier in the Segment List includes and an anti-replay value (e.g., sequence number or portion thereof) which is also in the secured portion of the packet.

公开(公告)号：US20210092053A1

公开(公告)日：2021-03-25

申请号：US16580944

申请日：2019-09-24

Applicant: Cisco Technology, Inc.

Inventor： Clarence Filsfils ,  Francois Clad ,  Zafar Ali ,  Peter Psenak

IPC: H04L12/721 ,  H04L12/715 ,  H04L29/06

Abstract: Techniques and mechanisms for compressing the size of SIDs to be smaller than a complete IPv6 address (or “micro SIDs”), and scaling micro SIDs across a multi-domain environment using micro SID-domain-blocks. Segment routing over IPv6 (SRv6) uses 128-bit IPv6 addresses as SIDs for segment routing. According to this disclosure, multiple SRv6 SIDs may be expressed in a compact format such that a 128-bit IPv6 address, such as the destination address field of the IPv6 header, may store multiple micro SIDs. Further, SID-domain-blocks may be assigned to each domain in a multi-domain network such that micro SIDs may be expressed in the context of a given domain, rather than being shared in the global multi-domain network. In this way, lists of domain-specific SIDs may be fully expressed in the IPv6 destination address of the packet to scale micro SID into large, multi-domain networks.

公开(公告)号：US10757231B2

公开(公告)日：2020-08-25

申请号：US15981232

申请日：2018-05-16

Applicant: Cisco Technology, Inc.

Inventor： Clarence Filsfils ,  Francois Clad ,  Pablo Camarillo Garvia

IPC: H04L29/06 ,  H04L29/08 ,  H04L12/721 ,  H04L12/46 ,  H04L12/741 ,  H04L29/12 ,  H04L12/931 ,  H04L12/749 ,  H04L12/26

Abstract: In one embodiment, a third-party client network access device sends Internet Protocol (IP) encapsulating packets with a predetermined destination address of a node of the network client service provider (NCSP), with these IP encapsulating packets encapsulating original data packets. These IP encapsulating packets are communicated through the ISP network being used by the NCSP in providing its network services. The predetermined destination address, which is typically also a segment identifier, causes network service processing (e.g., according to a corresponding segment routing function) of the received packet by the node of the NCSP. This processing typically includes creating a segment routing packet encapsulating the original packet (extracted from the received IP encapsulating packet) with its segment list(s) being populated with segment identifier(s) according to a current NCSP segment routing policy reflective of a sequence of forwarding and service chaining operations of the NCSP service offering.

公开(公告)号：US10742556B2

公开(公告)日：2020-08-11

申请号：US16229525

申请日：2018-12-21

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Tim LaBerge ,  Clarence Filsfils ,  Pierre Jean Rene Francois

IPC: H04L12/803 ,  H04L12/751 ,  H04L12/851 ,  H04L12/721 ,  H04L12/801 ,  H04L12/911

Abstract: In one embodiment, a method includes monitoring traffic in a Segment Routing (SR) network through a collection of a Segment Routing Demand Matrix (SRDM) at a Traffic Engineering (TE) system operating at a network device, receiving topology information for the SR network at the TE system, modeling the SR network based on the topology information and the SRDM at the TE system, identifying a violation of a constraint in the SR network at the TE system, and running an optimization algorithm for SR optimization of constraints in the SR network at the TE system, wherein the optimization comprises limiting a number of Segment Identifiers (SIDs) used in a SR policy implemented to resolve the constraint violation. An apparatus is also disclosed herein.

公开(公告)号：US20200252316A1

公开(公告)日：2020-08-06

申请号：US16853450

申请日：2020-04-20

Applicant: Cisco Technology, Inc.

Inventor： Clarence Filsfils ,  Rakesh Gandhi ,  Tarek Saad ,  Sagar Soni ,  Patrick Khordoc

IPC: H04L12/26 ,  H04L12/44 ,  H04L12/721 ,  H04L12/727

Abstract: The present technology is directed to a scalable solution for end-to-end performance delay measurement for Segment Routing Policies on both SR-MPLS and SRv6 data planes. The scalability of the solution stems from the use of distributed PM sessions along SR Policy ECMP paths. This is achieved by dividing the SR policy into smaller sections comprised of SPT trees or sub-paths, each of which is associated with a Root-Node. Downstream SID List TLVs may be used in Probe query messages for signaling SPT information to the Root-Nodes Alternatively, this SPT signaling may be accomplished by using a centralized controller. Root-Nodes are responsible for dynamically creating PM sessions and measuring delay metrics for their associated SPT tree section. The root-nodes then send the delay metrics for their local section to an ingress PE node or to a centralized controller using delay metric TLV field of the response message.