公开(公告)号：US20230412483A1

公开(公告)日：2023-12-21

申请号：US17867389

申请日：2022-07-18

Applicant: Cisco Technology, Inc.

Inventor： Balaji Sundararajan ,  Vivek Agarwal ,  Jegan Kumar Somi Ramasamy Subramanian ,  Gokul Krishnan ,  Giorgio Valentini ,  Venkatraman Venkatapathy

IPC: H04L43/12 ,  H04L43/08 ,  H04L41/0654

CPC classification number: H04L43/12 ,  H04L43/08 ,  H04L41/0654

Abstract: Techniques for sharing the probing of software-as-a-service clouds among a cluster of routers are described herein. The techniques may include establishing a first path between a cluster of routers and an application infrastructure. Establishing a second path between the cluster of routers and the application infrastructure. Designating a first router in the cluster of routers to send probes over the first path to the application infrastructure. Designating a second router in the cluster of routers to send probes over the second path to the application infrastructure. Distributing, by the first router and to the cluster of routers, first routing performance data indicating a performance of the first path when communicating with the application infrastructure over the first path, distributing, by the second router and to the cluster of routers, second routing performance data indicating a performance of the second path when communicating with the application infrastructure over the second path.

公开(公告)号：US11799821B2

公开(公告)日：2023-10-24

申请号：US17471077

申请日：2021-09-09

Applicant: Cisco Technology, Inc.

Inventor： Balaji Sundararajan ,  Samar Sharma

IPC: H04L61/256 ,  H04L45/00 ,  H04L45/302 ,  H04L45/74 ,  H04L9/40 ,  H04L61/4511 ,  H04L41/0893 ,  H04L45/64

CPC classification number: H04L61/256 ,  H04L45/22 ,  H04L45/306 ,  H04L45/38 ,  H04L45/74 ,  H04L61/4511 ,  H04L63/101 ,  H04L41/0893 ,  H04L45/64

Abstract: Systems, methods, and computer-readable media for creating service chains for inter-cloud traffic. In some examples, a system receives domain name system (DNS) queries associated with cloud domains and collects DNS information associated the cloud domains. The system spoofs DNS entries defining a subset of IPs for each cloud domain. Based on the spoofed DNS entries, the system creates IP-to-domain mappings associating each cloud domain with a respective IP from the subset of IPs. Based on the IP-to-domain mappings, the system programs different service chains for traffic between a private network and respective cloud domains. The system routes, through the respective service chain, traffic having a source associated with the private network and a destination matching the IP in the respective IP-to-domain mapping.

公开(公告)号：US20230077361A1

公开(公告)日：2023-03-16

申请号：US18057703

申请日：2022-11-21

Applicant: Cisco Technology, Inc.

Inventor： Balaji Sundararajan ,  Khalil A. Jabr ,  Anand Oswal ,  Vivek Agarwal ,  Chandramouli Balasubramanian

IPC: H04L45/64 ,  H04L12/46 ,  H04L45/02 ,  H04L45/50 ,  H04L47/2441

Abstract: Systems, methods, and computer-readable media for interconnecting SDWANs through segment routing. A first SDWAN and a second SDWAN of a SDWAN fabric can be identified. A segment routing domain that interconnects the first SDWAN and the second SDWAN can be formed across a WAN underlay of the SDWAN fabric. Data transmission between the first SDWAN and the second SDWAN can be controlled by performing segment routing through the segment routing domain formed between the first SDWAN and the second SDWAN.

公开(公告)号：US11588711B2

公开(公告)日：2023-02-21

申请号：US17120896

申请日：2020-12-14

Applicant: Cisco Technology, Inc.

Inventor： Balaji Sundararajan ,  Ankush Verma ,  Bhavana Malhotra Bodas ,  Kaushik Pratap Biswas ,  Chandramouli Balasubramanian ,  Anirudh Ramnath Ramakrishna ,  Madhuri Kolli

IPC: H04L41/5041 ,  H04L67/10

Abstract: Methods, systems, and non-transitory computer-readable media are provided for deploying intent-driving cloud branches. An example method can include obtaining, by one or more controllers in a software-defined network (SDN), a branch network design template for deploying a remote branch in the SDN, wherein the branch network design template defines networking settings for a plurality of services to be provisioned at the remote branch; obtaining, by the one or more controllers, a plurality of software packages for the plurality of services to be provisioned at the remote branch; and based on the branch network design template and the plurality of software packages, provisioning, by the one or more controllers, the plurality of services at the remote branch and a network connectivity of the plurality of services.

公开(公告)号：US20220417060A1

公开(公告)日：2022-12-29

申请号：US17898214

申请日：2022-08-29

Applicant: Cisco Technology, Inc.

Inventor： Balaji Sundararajan ,  Madhuri Kolli ,  Giorgio Valentini ,  Venkatraman Venkatapathy ,  Avinash Ashok Kumar Chiganmi ,  Vivek Agarwal

IPC: H04L12/46 ,  H04L12/66 ,  H04L45/02 ,  H04L45/00

Abstract: The present technology pertains to receiving a tag associating at least one routing domain in an on-premises site with at least one virtual network in a cloud environment associated with a cloud service provider. The present technology also pertains to the automation of populating route and propagation tables with the cloud service provider.

公开(公告)号：US20220376982A1

公开(公告)日：2022-11-24

申请号：US17882752

申请日：2022-08-08

Applicant: Cisco Technology, Inc.

Inventor： Balaji Sundararajan ,  Vivek Agarwal ,  Anand Oswal ,  Chethan Channappa ,  Subhash Kodnad ,  Jeevan Sharma

IPC: H04L41/0894 ,  G16Y30/10 ,  H04L12/28 ,  H04L47/76 ,  H04L67/12

Abstract: The present disclosure is directed to managing industrial internet of things end points and includes one or more processors and one or more computer-readable non-transitory storage media coupled to the one or more processors and comprising instructions that, when executed by the one or more processors, cause one or more switches to perform operations comprising: identifying a first end point using a protocol associated with the first end point, determining a classification for the identified first end point based on one or more attributes of the first end point, identifying one or more related end points having the classification in common with the first end point, segmenting the first end point with the identified one or more related end points, and applying one or more policies to the segmented first end point and the one or more related end points.

公开(公告)号：US11502871B2

公开(公告)日：2022-11-15

申请号：US17467075

申请日：2021-09-03

Applicant: Cisco Technology, Inc.

Inventor： Balaji Sundararajan ,  Vivek Agarwal ,  Harish A. Kapadia

IPC: H04L12/46 ,  H04L41/0823 ,  H04L9/40 ,  H04L41/0806 ,  H04L49/25 ,  H04L41/0896 ,  H04L41/0893 ,  H04L45/24 ,  H04L47/20

Abstract: A network controller can register WAN edge routers and WAN optimizers distributed across a WAN. The controller can receive a request to establish a WAN optimized connection between first and second hosts. The controller can identify a first WAN optimizer to perform first services (e.g., de-duplication, compression, application acceleration, caching, etc.) for first traffic from the first host to the second host and first complementary services for second traffic from the second host to the first host, and a second WAN optimizer for the second traffic and second complementary services for the first traffic. The controller can establish the optimized connection comprising a first path including the first host, WAN optimizer, and router; a second path including the first router and a second router, and a third path including the second router, WAN optimizer, and host. The controller can route the first and second traffic through the optimized connection.

公开(公告)号：US20220329477A1

公开(公告)日：2022-10-13

申请号：US17389122

申请日：2021-07-29

Applicant: Cisco Technology, Inc.

Inventor： Avinash Ashok Kumar Chiganmi ,  Venkatraman Venkatapathy ,  Giorgio Valentini ,  Madhuri Kolli ,  Karumbayiram Gunasekaran ,  Balaji Sundararajan

IPC: H04L12/24 ,  H04L12/707 ,  H04L12/46

Abstract: The present technology discloses methods, systems, and non-transitory computer-readable storage media for establishing a redundant path connection. An example method can include configuring a software-defined wide-area network (SDWAN) tunnel between an on-premises router and a plurality of SDWAN routers; configuring a virtual layer 2 connection between the plurality of SDWAN routers and handoff locations for a virtual cloud resource (VCR) associated with at least one VCR tag, wherein a software-defined cloud infrastructure (SDCI) underlay associated with at least one SDCI provider connects to a cloud service provider (CSP) at the handoff locations; configuring a VCR connection between at least one VCR associated with the VCR tag and the handoff locations for the at least one VCR; configuring a border gateway protocol (BGP) session between the plurality of SDWAN routers and the handoff locations; and validating the SDWAN tunnel, the virtual layer 2 connection, the VCR connection, and the BGP session.

公开(公告)号：US11418491B2

公开(公告)日：2022-08-16

申请号：US16801430

申请日：2020-02-26

Applicant: Cisco Technology Inc.

Inventor： Balaji Sundararajan ,  Venkatesh Gota B R ,  Sireesha Yeruva ,  Chandramouli Balasubramanian ,  Anand Oswal

IPC: H04L9/40 ,  H04L1/18 ,  H04L45/00 ,  H04L69/22

Abstract: The present disclosure is directed to systems and methods for dynamic firewall discovery on a service plane. The method includes the steps of identifying a source data packet for transmission from a source machine at a source site to a destination machine at a destination site, wherein the source data packet corresponds to a request for connection between the source machine and the destination machine over a WAN, inspecting the source data packet at a first firewall associated with the source site, marking the source data packet with a marker to indicate inspection by the first firewall, transmitting the marked source data packet to the destination site, determining at the destination site that the source data packet has been inspected based on the marker, and forwarding the source data packet to the destination machine at the destination site, without inspection of the source data packet by a second firewall associated with the destination site.

公开(公告)号：US11381478B2

公开(公告)日：2022-07-05

申请号：US17140273

申请日：2021-01-04

Applicant: Cisco Technology, Inc.

Inventor： Balaji Sundararajan ,  Vamsidhar Valluri ,  Chandramouli Balasubramanian ,  Anand Oswal ,  Ram Dular Singh

IPC: H04L12/24 ,  H04L41/5051 ,  H04L43/55 ,  H04L43/091

Abstract: In one embodiment, a method includes providing a first profile to a plurality of edge routers of the SD-WAN, the plurality of edge routers operable to interface a plurality of devices to the SD-WAN. The first profile enables the plurality of edge routers to discover which devices of the plurality of devices support a first application. The method includes receiving, from one or more of the edge routers, information indicating which devices of the plurality of devices support the first application and building a first application fabric based on the information indicating which devices of the plurality of devices support the first application.