公开(公告)号：US10567441B2

公开(公告)日：2020-02-18

申请号：US15870957

申请日：2018-01-14

Applicant: Cisco Technology, Inc.

Inventor： Nagendra Kumar Nainar ,  Rajiv Asati ,  Carlos M. Pignataro

IPC: H04L29/06 ,  H04L29/12

Abstract: In one embodiment, a system includes a first host computer including a host interface configured to receive traffic from a domain ingress node of a first domain, and processing machinery configured to instantiate worker nodes, instantiate a master node and a security gateway agent on the master node, instantiate a plurality of security clients on the worker nodes, wherein each worker node includes at least one security client, wherein each security client is configured to monitor at least part of the traffic being forwarded in the one worker node for malicious traffic, and report a first data item about the malicious traffic to the security gateway agent, and wherein the security gateway agent is configured to forward a second data item about the malicious traffic to a security server to determine at least one security policy to mitigate the malicious traffic, and to be enforced by a node.

公开(公告)号：US10555054B2

公开(公告)日：2020-02-04

申请号：US15096337

申请日：2016-04-12

Applicant: Cisco Technology, Inc.

Inventor： Charles Calvin Byers ,  Gonzalo Salgueiro ,  Joseph Michael Clarke ,  Carlos M. Pignataro ,  Nagendra Kumar Nainar

IPC: H04Q1/00

Abstract: In one embodiment, an autonomous carrier transports a fog computing module to an enclosure at a location determined to be in need of a particular fog computing resource, and aligns and anchors the fog computing module to the enclosure, where the aligning and anchoring is based on mating mechanical connectors on the fog computing module and enclosure. One or more electronic components of the fog computing module may then interface to the enclosure due to the anchoring, and the fog computing module activates at the location, accordingly. In one particular embodiment, the particular fog computing resource of the fog computing module is an additive resource to an existing fog computing resource module at the enclosure, and the existing fog computing resource module provides the mechanical connectors and interfaced electronic components of the enclosure.

公开(公告)号：US20190356583A1

公开(公告)日：2019-11-21

申请号：US16202780

申请日：2018-11-28

Applicant: Cisco Technology, Inc.

Inventor： Pascal Thubert ,  Nagendra Kumar Nainar ,  Carlos M. Pignataro

IPC: H04L12/753 ,  H04L12/721 ,  H04L12/44 ,  H04W40/24 ,  H04L12/751

Abstract: In one embodiment, a method is performed. A spine node in communication with a network may determine a subtree of a shadow cone of the spine node. The subtree may comprise a plurality of nodes and a plurality of links connecting pairs of the nodes. The spine node may determine a disaggregated route to a first leaf node to which a disaggregated prefix may be attached. The disaggregated route may be propagated to the plurality of the nodes of the subtree.

公开(公告)号：US20190342213A1

公开(公告)日：2019-11-07

申请号：US16511730

申请日：2019-07-15

Applicant: Cisco Technology, Inc.

Inventor： Rajiv Asati ,  Nagendra Kumar Nainar ,  Carlos M. Pignataro

IPC: H04L12/741 ,  H04L29/08 ,  H04L29/06 ,  H04L12/715

Abstract: A method is provided in one example embodiment and may include receiving a packet by a forwarder in an Information-Centric Networking (ICN) network; determining Bit Index Explicit Replication (BIER) information associated with the packet; and forwarding the packet based, at least in part, on the BIER information associated with the packet. The packet can be an interest packet or a data packet received by the forwarder in the ICN network.

公开(公告)号：US10447571B2

公开(公告)日：2019-10-15

申请号：US15869322

申请日：2018-01-12

Applicant: Cisco Technology, Inc.

Inventor： Nagendra Kumar Nainar ,  Carlos M. Pignataro

IPC: H04L12/26 ,  H04L12/741 ,  H04L12/721

Abstract: Dataplane-based Seamless Bidirectional Forwarding Detection (S-BFD) monitoring for network entities is provided. In one embodiment, a method of S-BFD monitoring includes assigning, by a network element, a unique segment identifier (ID) to each entity of a plurality of entities that are monitored by the network element. The method includes receiving an S-BFD control packet at the network element, including a first segment ID associated with a particular entity. The method also includes performing a lookup operation for the first segment ID in stored data of the network element. Based on the lookup operation, when a first action is designated in the stored data for the first segment ID, the method includes returning the S-BFD control packet to its source, and, when a second action is designated in the stored data for the first segment ID, the method includes forwarding the S-BFD control packet to an S-BFD reflector session.

公开(公告)号：US20190297005A1

公开(公告)日：2019-09-26

申请号：US15927334

申请日：2018-03-21

Applicant: Cisco Technology, Inc.

Inventor： Carlos M. Pignataro ,  Nagendra Kumar Nainar ,  Vengada Prasad Govindan ,  Pawel Piotr Sowinski

IPC: H04L12/761 ,  H04L12/707 ,  H04L12/749 ,  H04L12/703 ,  H04L12/723 ,  H04L1/00

Abstract: Multipoint seamless Bi-directional Forwarding Detection (BFD) may be provided. First, a discriminator and data identifying a headend device may be received by a node from the headend device. The discriminator may be received over a point-to-multipoint pseudowire between the node and the headend device. Next, the node may start a reflector session in response to receiving the discriminator. The reflector session may correspond to the discriminator and the data identifying the headend device. The reflector session may then receive a control packet from the headend device and determine that the control packet includes the discriminator. The control packet may be received over the point-to-multipoint pseudowire. Next, the reflector session on the node may send a reply packet to the headend device in response to determining that the control packet includes the discriminator. The reply packet may be sent over a unicast pseudowire between the node and the headend device.

公开(公告)号：US20190288923A1

公开(公告)日：2019-09-19

申请号：US16383956

申请日：2019-04-15

Applicant: Cisco Technology, Inc.

Inventor： Nobushige Akiya ,  Carlos M. Pignataro ,  Nagendra Kumar Nainar ,  Paul Quinn ,  James Guichard

IPC: H04L12/24

Abstract: In one embodiment, a system and method are disclosed for sending a request and receiving a reply. The request contains a network service header including a flow label field and a target index field. The flow label field contains a set of available flow labels. The target index field includes a value indicating a target node. The reply contains information indicating which of the flow labels can be used to route a packet to each of the next hop nodes downstream from the device that sent the reply. This process can be repeated for other nodes on a path, and other paths in a service topology layer. The information determined by this process can be used to perform other necessary functionalities at the service topology layer.

公开(公告)号：US10404548B2

公开(公告)日：2019-09-03

申请号：US15250499

申请日：2016-08-29

Applicant: Cisco Technology, Inc.

Inventor： Carlos M. Pignataro ,  Ludwig Alexander Clemm ,  Yegnanarayanan Chandramouli

IPC: H04L12/24 ,  H04L12/26

Abstract: Installing on a node of a computer network, an agent of a network system. The installed agent receives a network task via the network. The network task involves a second node of the network. The receiving agent generates a probe implementing the task and targeted to the second node. Either the receiving agent or the generated probe generates a command for the second node. The command is related to the probe and can be in the form of a data link layer protocol data unit for network operations, administration, and maintenance (OAM). The agent or node that generates the command communicates the command to the second node. The second node executes the communicated command. The second node communicates an acknowledgment of the executed command to the first node.

公开(公告)号：US10404488B2

公开(公告)日：2019-09-03

申请号：US15712400

申请日：2017-09-22

Applicant: Cisco Technology, Inc.

Inventor： Gonzalo Salgueiro ,  Prashanth Patil ,  K. Tirumaleswar Reddy ,  Carlos M. Pignataro

IPC: H04L12/28 ,  H04L12/46 ,  H04L12/751 ,  H04L12/741 ,  H04L29/08

Abstract: A network node in a service function chaining system receives a media stream from an endpoint device. The media stream is associated with a media session between the endpoint and at least one other endpoint. The network node determines a path for the media stream. The path includes an ordered list of functions to process the media stream. The network node determines a session identifier for the media stream and encapsulates the media stream with a header. The header includes an indication of the path and the session identifier.

公开(公告)号：US10250474B2

公开(公告)日：2019-04-02

申请号：US14230224

申请日：2014-03-31

Applicant: Cisco Technology, Inc.

Inventor： Aamer Akhter ,  Plamen Nedeltchev ,  Carlos M. Pignataro

IPC: H04L12/26

Abstract: In one implementation, data is communicated along a communications route in a network. A mediatrace request is generated for the communications route. Responses to the mediatrace request are received from along the communications route. The hop-by-hop latency is passively measured, from the responses, with one-way delay along the communications route in the network.