公开(公告)号：US20230014842A1

公开(公告)日：2023-01-19

申请号：US17935771

申请日：2022-09-27

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Jackson Ngoc Ki Pang ,  Navindra Yadav ,  Anubhav Gupta ,  Shashidhar Gandham ,  Supreeth Hosur Nagesh Rao ,  Sunil Kumar Gupta

IPC: H04L43/045 ,  H04L9/40 ,  G06F9/455 ,  G06N20/00 ,  G06F21/55 ,  G06F21/56 ,  G06F16/28 ,  G06F16/2457 ,  G06F16/248 ,  G06F16/29 ,  G06F16/16 ,  G06F16/17 ,  G06F16/11 ,  G06F16/13 ,  G06F16/174 ,  G06F16/23 ,  G06F16/9535 ,  G06N99/00 ,  H04L9/32 ,  H04L41/0668 ,  H04L43/0805 ,  H04L43/0811 ,  H04L43/0852 ,  H04L43/106 ,  H04L45/00 ,  H04L45/50 ,  H04L67/12 ,  H04L43/026 ,  H04L61/5007 ,  H04L67/01 ,  H04L67/51 ,  H04L67/75 ,  H04L67/1001 ,  H04L43/062 ,  H04L43/10 ,  H04L47/2441 ,  H04L41/0893 ,  H04L43/08 ,  H04L43/04 ,  H04W84/18 ,  H04L67/10 ,  H04L41/046 ,  H04L43/0876 ,  H04L41/12 ,  H04L41/16 ,  H04L41/0816 ,  G06F21/53 ,  H04L41/22 ,  G06F3/04842 ,  G06F3/04847 ,  H04L41/0803 ,  H04L43/0829 ,  H04L43/16 ,  H04L1/24 ,  H04W72/08 ,  H04L9/08 ,  H04J3/06 ,  H04J3/14 ,  H04L47/20 ,  H04L47/32 ,  H04L43/0864 ,  H04L47/11 ,  H04L69/22 ,  H04L45/74 ,  H04L47/2483 ,  H04L43/0882 ,  H04L41/0806 ,  H04L43/0888 ,  H04L43/12 ,  H04L47/31 ,  G06F3/0482 ,  G06T11/20 ,  H04L43/02 ,  H04L47/28 ,  H04L69/16 ,  H04L45/302

Abstract: An approach for establishing a priority ranking for endpoints in a network. This can be useful when triaging endpoints after an endpoint becomes compromised. Ensuring that the most critical and vulnerable endpoints are triaged first can help maintain network stability and mitigate damage to endpoints in the network after an endpoint is compromised. The present technology involves determining a criticality ranking and a secondary value for a first endpoint in a datacenter. The criticality ranking and secondary value can be combined to form priority ranking for the first endpoint which can then be compared to a priority ranking for a second endpoint to determine if the first endpoint or the second endpoint should be triaged first.

公开(公告)号：US11558779B2

公开(公告)日：2023-01-17

申请号：US17684263

申请日：2022-03-01

Applicant: Cisco Technology, Inc.

Inventor： Robert Edgar Barton ,  Russell Paul Gyurek ,  Jerome Henry

IPC: H04L12/723 ,  H04W28/06 ,  H04L45/50 ,  H04W40/02

Abstract: Systems, methods, and computer-readable media for the secure creation of application containers for 5G slices. A MEC application in a MEC layer of a 5G network can be associated with a specific network slice of the 5G network. A backhaul routing policy for the MEC application can be defined based on the association of the MEC application with the specific network slice of the 5G network. Further, a SID for the MEC application that associates the MEC application with a segment routing tunnel through a backhaul of the 5G network can be generated. A MEC layer access policy for the MEC application can be defined based on the SID for the MEC application. As follows, access to the MEC application through the 5G network can be controlled based on both the backhaul routing policy for the MEC application and the MEC layer access policy for the application.

公开(公告)号：US11558274B2

公开(公告)日：2023-01-17

申请号：US17181843

申请日：2021-02-22

Applicant: Huawei Technologies Co., Ltd.

Inventor： Lianshu Zheng ,  Guoyi Chen

IPC: H04L12/26 ,  H04L43/0811 ,  H04L43/00 ,  H04L45/16 ,  H04L45/00 ,  H04L45/50

Abstract: Embodiments of this application provide a bit-forwarding ingress router, a bit-forwarding router, and an OAM test method, and pertain to the field of multicast networks. A first BFR receives an OAM request packet from a BFIR; the first BFR determines, according to the OAM request packet, that a destination BFR corresponding to the OAM request packet is the first BFR; and the first BFR obtains a first OAM response packet according to an ID of the BFIR, and sends the first OAM response packet to the BFIR. According to the method and the apparatus that are provided in the embodiments of this application, a problem that a BFIR cannot diagnose or handle a transmission fault when the fault occurs during transmission of a multicast packet can be resolved, which helps implement connectivity testing by using an OAM packet and enables testing of multiple BFERs.

公开(公告)号：US11552887B2

公开(公告)日：2023-01-10

申请号：US16986982

申请日：2020-08-06

Applicant: Arista Networks, Inc.

Inventor： Hugh W. Holbrook ,  Francois Labonte ,  Ramakrishna Shivaramaiah Paduvalli ,  Xuanran Zong

IPC: H04L45/50 ,  G06K9/62 ,  H04L47/2441 ,  H04L45/745

Abstract: A method and apparatus of a network element that processes network data using a transformed packet classification list in a network element is described. A network element receives a packet classification list and transforms a first set of the plurality of range sets corresponding to a first one of the two or more types of packet characteristics into a first set of range labels. In addition, the network element transforms a second set of the plurality of range sets corresponding to a second one of the two or more types of packet characteristics into a second set of range labels. The network element may create a set of combination labels. The network element further processes network data by performing a first lookup to derive a first combination packet label, performing a second lookup of at least the first combination packet label, and applying a rule resulting from the second lookup to the network data.

公开(公告)号：US20220407787A1

公开(公告)日：2022-12-22

申请号：US17822656

申请日：2022-08-26

Applicant: Cisco Technology, Inc.

Inventor： Khawar Deen ,  Navindra Yadav ,  Anubhav Gupta ,  Shashidhar Gandham ,  Rohit Chandra Prasad ,  Abhishek Ranjan Singh ,  Shih-Chun Chang

IPC: H04L43/045 ,  H04L9/40 ,  G06F9/455 ,  G06N20/00 ,  G06F21/55 ,  G06F21/56 ,  G06F16/28 ,  G06F16/2457 ,  G06F16/248 ,  G06F16/29 ,  G06F16/16 ,  G06F16/17 ,  G06F16/11 ,  G06F16/13 ,  G06F16/174 ,  G06F16/23 ,  G06F16/9535 ,  G06N99/00 ,  H04L9/32 ,  H04L41/0668 ,  H04L43/0805 ,  H04L43/0811 ,  H04L43/0852 ,  H04L43/106 ,  H04L45/00 ,  H04L45/50 ,  H04L67/12 ,  H04L43/026 ,  H04L61/5007 ,  H04L67/01 ,  H04L67/51 ,  H04L67/75 ,  H04L67/1001 ,  H04L43/062 ,  H04L43/10 ,  H04L47/2441 ,  H04L41/0893 ,  H04L43/08 ,  H04L43/04 ,  H04W84/18 ,  H04L67/10 ,  H04L41/046 ,  H04L43/0876 ,  H04L41/12 ,  H04L41/16 ,  H04L41/0816 ,  G06F21/53 ,  H04L41/22 ,  G06F3/04842 ,  G06F3/04847 ,  H04L41/0803 ,  H04L43/0829 ,  H04L43/16 ,  H04L1/24 ,  H04W72/08 ,  H04L9/08 ,  H04J3/06 ,  H04J3/14 ,  H04L47/20 ,  H04L47/32 ,  H04L43/0864 ,  H04L47/11 ,  H04L69/22 ,  H04L45/74 ,  H04L47/2483 ,  H04L43/0882 ,  H04L41/0806 ,  H04L43/0888 ,  H04L43/12 ,  H04L47/31 ,  G06F3/0482 ,  G06T11/20 ,  H04L43/02 ,  H04L47/28 ,  H04L69/16 ,  H04L45/302

Abstract: A method includes capturing first data associated with a first packet flow originating from a first host using a first capture agent deployed at the first host to yield first flow data, capturing second data associated with a second packet flow originating from the first host from a second capture agent deployed on a second host to yield second flow data and comparing the first flow data and the second flow data to yield a difference. When the difference is above a threshold value, the method includes determining that the second packet flow was transmitted by a component that bypassed an operating stack of the first host or a packet capture agent at the device to yield a determination, detecting that hidden network traffic exists, and predicting a malware issue with the first host based on the determination.

公开(公告)号：US11528223B2

公开(公告)日：2022-12-13

申请号：US15837752

申请日：2017-12-11

Applicant: Futurewei Technologies, Inc.

Inventor： Lucy Yong

IPC: H04L45/02 ,  H04L45/50 ,  H04L45/00 ,  H04L47/33 ,  H04L49/354

Abstract: A network apparatus comprising a trunk end point associated with an Ethernet-tree (E-Tree) service in a network domain and configured to forward a frame that comprises a tag according to the tag in the frame, wherein the tag in the frame is a root tag that indicates a root source of the frame or a leaf tag that indicates a leaf source of the frame, and wherein the trunk end point is coupled to a second end point associated with the E-tree service outside the network domain.

公开(公告)号：US11528214B2

公开(公告)日：2022-12-13

申请号：US16906905

申请日：2020-06-19

Applicant: VMware, Inc.

Inventor： Ganesan Chandrashekhar ,  Abhishek Goliya ,  Nisarg Parikh

IPC: H04L12/717 ,  H04L45/021 ,  H04L45/028 ,  H04L45/586 ,  H04L45/00 ,  H04L49/25 ,  H04L49/65 ,  H04L61/2592 ,  H04L67/289 ,  H04L41/0893 ,  H04L45/42 ,  H04L49/00 ,  H04L12/46 ,  H04L12/66 ,  H04L45/74 ,  H04L45/64 ,  H04L45/02 ,  H04L45/24 ,  H04L45/50 ,  H04L41/0803 ,  H04L45/44 ,  H04L61/5007 ,  H04L101/622

Abstract: Some embodiments provide a method for implementing a logical network across multiple datacenters. The method receives a configuration for a logical router that handles data traffic between the logical network implemented in the plurality of datacenters and networks external to the logical network. The method, for each datacenter defines (i) an active centralized routing component of the logical router in the datacenter and (ii) a standby centralized routing component of the logical router in the datacenter. The centralized routing components for a particular datacenter handle the data traffic between the logical network in the particular datacenter and the external networks. The active and standby centralized routing components are each assigned to edge computing devices in the datacenter that implement the centralized routing components.

公开(公告)号：US11489943B2

公开(公告)日：2022-11-01

申请号：US16274433

申请日：2019-02-13

Applicant: Red Hat, Inc.

Inventor： Alissa Bonas

IPC: H04L29/08 ,  H04L67/63 ,  G06F16/955 ,  H04L45/50 ,  H04L67/563

Abstract: A processing device can receive a request directed to an application such as a service and parse the request to determine a version identifier based on the content of the request. The processing device can acquire a version label corresponding to at least one instance of the application from among multiple instances of the application and match the version label and the version identifier, providing automatic detection and routing of a request to an instance of an application with the correct version. The computing device can store version labels and routing rules for each instance among the multiple instances of the application deployed in the network prior to receiving requests, or determine version labels and routing when a request is received.

公开(公告)号：US11483379B2

公开(公告)日：2022-10-25

申请号：US17099313

申请日：2020-11-16

Applicant: AT&T Intellectual Property I, L.P.

Inventor： Abhigyan ,  Aleksandr Zelezniak ,  Kaustubh Joshi ,  Oliver Spatscheck

IPC: G06F15/177 ,  H04L67/10 ,  H04L49/354 ,  H04L12/46 ,  H04L45/50

Abstract: A method, computer-readable medium, and apparatus for supporting services for customer traffic using edge clouds are disclosed. For example, a processing system may receive an indication of a set of customer devices of a customer of a network provider and an indication of a service of an edge cloud to be applied to customer traffic of the customer devices, support configuration of a network of the network provider to support a customer segment for the customer including configuration of a gateway of the network and a switch of the network that is associated with the edge cloud, support configuration of a virtual network between the switch and an edge cloud element supporting the service, and support configuration of the switch to support an association of the customer segment and the virtual network for supporting routing of the customer traffic to the service via the virtual network.

公开(公告)号：US11483235B2

公开(公告)日：2022-10-25

申请号：US16741163

申请日：2020-01-13

Applicant: Huawei Technologies Co., Ltd.

Inventor： Mahendra Singh Negi ,  Prejeeth Kaladharan ,  Wumin Huang

IPC: H04L12/28 ,  H04L45/50 ,  H04L45/12 ,  H04L45/00 ,  H04L61/2592 ,  H04L61/5007 ,  H04L47/125 ,  H04L101/35 ,  H04L101/659

Abstract: A method for establishing Segment Routing (SR) tunnel based on Internet Protocol version 6 (IPv6) data-plane using a path computation element communication protocol (PCEP) includes generating, by a path computation element (PCE), a first PCEP message, wherein the first PCEP message comprises indicating information and segment identifier (SID), and wherein the indicating information indicates that the SID is an IPv6 prefix of a node in a tunnel. A first path computation client (PCC) receives a first PCEP message from a PCE and the first PCC establishes an SR for IPv6 forwarding plane (SRv6) tunnel from the first PCC to a second PCC.