公开(公告)号：US10673734B2

公开(公告)日：2020-06-02

申请号：US16126859

申请日：2018-09-10

Applicant: Cisco Technology, Inc.

Inventor： Pascal Thubert ,  Jean-Philippe Vasseur ,  Patrick Wetterwald ,  Eric Michel Levy-Abegnoli

IPC: H04L12/751 ,  H04L12/707 ,  H04L12/761 ,  H04L12/703 ,  H04L12/46 ,  H04L12/721 ,  H04L12/933

Abstract: In one embodiment, a method comprises generating a switched link layer topology from a source device to a destination device, the switched link layer topology comprising a first sequence of switching devices, a second sequence of switching devices, and one or more bridging links between the first and second sequences of switching devices; generating first and second chains of resilient link layer segments for respective first and second multi-hop link layer connections based on generating a sequence of link layer loops overlying the switched link layer topology, and setting for each of the first and second multi-hop link layer connections a corresponding set of connection blocks in each link layer loop; and causing replication of a data packet across the first and second multi-hop link layer connections, enabling a failure in the switched link layer topology to be bypassed based on removing at least one of the connection blocks.

公开(公告)号：US20200028888A1

公开(公告)日：2020-01-23

申请号：US16585761

申请日：2019-09-27

Applicant: Cisco Technology, Inc.

Inventor： Eric Levy-Abegnoli ,  Pascal Thubert ,  Patrick Wetterwald ,  Jean-Philippe Vasseur

IPC: H04L29/08 ,  H04L12/727 ,  H04L12/24 ,  H04L12/721 ,  H04L12/771 ,  H04L12/729 ,  H04L12/26

Abstract: In one embodiment, a device in a network receives a path computation agent configured to determine a path in the network that satisfies an objective function. The device executes the path computation agent to update state information regarding the network maintained by the path computation agent. The device selects a neighbor of the device in the network to execute the path computation agent based on the updated state information regarding the network. The device instructs the selected neighbor to execute the path computation agent with the updated state information regarding the network. The device unloads the path computation agent from the device after selecting the neighbor of the device to execute the path computation agent.

公开(公告)号：US10530665B2

公开(公告)日：2020-01-07

申请号：US15485695

申请日：2017-04-12

Applicant: Cisco Technology, Inc.

Inventor： Pascal Thubert ,  Jean-Philippe Vasseur ,  Patrick Wetterwald ,  Eric Levy-Abegnoli

IPC: H04L12/24 ,  H04L29/06 ,  G06N20/00 ,  H04L12/46 ,  H04L29/08

Abstract: In one embodiment, a server instructs one or more networking devices in a local area network (LAN) to form a virtual network overlay in the LAN that redirects traffic associated with a particular node in the LAN to the server. The server identifies a configuration for the particular node based on a node profile for the particular node. The server accesses a configuration interface of the particular node and instructs the particular node to use the identified configuration via the accessed configuration interface.

公开(公告)号：US10524194B2

公开(公告)日：2019-12-31

申请号：US16248108

申请日：2019-01-15

Applicant: Cisco Technology, Inc.

Inventor： Pascal Thubert ,  Jean-Philippe Vasseur ,  Patrick Wetterwald ,  Eric Levy-Abegnoli

IPC: H04W24/02 ,  H04W48/14 ,  H04L1/18 ,  H04W88/08

Abstract: In one embodiment, a supervisory device in a network receives from a plurality of access points (APs) in the network data regarding a network availability request broadcast by a node seeking to access the network and received by the APs in the plurality. The supervisory device uniquely associates the node with a virtual access point (VAP) for the node and forms a VAP mapping between the VAP for the node and a set of the APs in the plurality selected based on the received data regarding the network availability request. One of the APs in the mapping is designated as a primary access point for the node. The supervisory device instructs the primary AP to send a network availability response to the node that includes information for the VAP. The node uses the information for the VAP to access the network via the set of APs in the VAP mapping.

公开(公告)号：US10516661B2

公开(公告)日：2019-12-24

申请号：US15430617

申请日：2017-02-13

Applicant: Cisco Technology, Inc.

Inventor： Patrick Wetterwald ,  Maik Seewald

IPC: H01L29/06 ,  H04L29/06 ,  H04L29/08

Abstract: In one embodiment, a supervisory device for a network of a power substation identifies a plurality of nodes in the network of the power substation. The supervisory device associates each of the nodes with one or more security certificates. A particular security certificate authenticates a particular node to the supervisory device and authorizes the particular node to communicate in the network of the power substation. The supervisory device determines a security perimeter for the nodes in the network. The supervisory device schedules communications among the nodes using the one or more security certificates and based on the determined security perimeter.

公开(公告)号：US20190334644A1

公开(公告)日：2019-10-31

申请号：US15962053

申请日：2018-04-25

Applicant: Cisco Technology, Inc.

Inventor： Pascal Thubert ,  Huimin She ,  Patrick Wetterwald ,  Feiliang Wang

IPC: H04J3/24 ,  H04L29/08 ,  H04B1/713

Abstract: In one embodiment, a device receives data indicative of a routing topology of a network. The network includes a root node and each node in the network has an associated network depth relative to the root. The device selects a first subset of timeslots from a slotframe of a communication schedule based on the network depth of a particular node in the network. The device selects a second subset of timeslots from the first subset, based on a media access control (MAC) address of the particular node. The device assigns the second subset of timeslots to the particular node for reception in the slotframe of the communication schedule. The device sends the communication schedule to one or more nodes in the network.

公开(公告)号：US10439871B2

公开(公告)日：2019-10-08

申请号：US15713827

申请日：2017-09-25

Applicant: Cisco Technology, Inc.

Inventor： Pascal Thubert ,  Patrick Wetterwald ,  Rekha Ramachandran ,  Eric Michel Levy-Abegnoli

IPC: H04W24/08 ,  H04L12/24 ,  H04L12/26

Abstract: In one embodiment, a method comprises: receiving, by a switching device, one or more identified flows of data packets from first deterministic flows of a first deterministic segment in a first deterministic domain, the first deterministic segment established based on first deterministic attributes in the first deterministic domain; receiving, by the switching device, second deterministic attributes about second deterministic flows for a second deterministic segment in a second different deterministic domain, the second deterministic attributes different than the first deterministic attributes; and allocating, by the switching device based on the first deterministic attributes and the second deterministic attributes, at least a portion of the second deterministic flows for deterministic stitching of the one or more identified flows of data packets from the first deterministic segment in the first deterministic domain into the second deterministic segment in the second deterministic domain according to a guaranteed deterministic constraint.

公开(公告)号：US20190289022A1

公开(公告)日：2019-09-19

申请号：US15920651

申请日：2018-03-14

Applicant: Cisco Technology, Inc.

Inventor： Pascal Thubert ,  Patrick Wetterwald ,  Eric Levy-Abegnoli ,  Jean-Philippe Vasseur

IPC: H04L29/06 ,  H04L12/823

Abstract: In one embodiment, an elimination point device in a network obtains a master secret from a network controller. The elimination point device assesses, using the master secret, whether an incoming packet received by the elimination point device from a redundant path between the elimination point device and a replication point device in the network includes a valid message integrity check (MIC). The elimination point device determines whether the incoming packet was injected maliciously into the redundant path, based on the assessment of the incoming packet. The elimination point device initiates performance of a mitigation action in the network, when the elimination point device determines that the incoming packet was injected maliciously into the redundant path.

公开(公告)号：US10349335B2

公开(公告)日：2019-07-09

申请号：US15795637

申请日：2017-10-27

Applicant: Cisco Technology, Inc.

Inventor： Pascal Thubert ,  Patrick Wetterwald ,  Eric Levy-Abegnoli

IPC: H04W40/22 ,  H04W40/12 ,  H04W40/24 ,  H04W56/00 ,  H04W72/04 ,  H04L12/723 ,  H04W84/10 ,  H04W84/18 ,  H04W88/04 ,  H04W92/18

Abstract: In one illustrative example, one or more controllers may be configured to perform a path selection procedure for selecting a connection path for multi-hop device-to-device (D2D) communications. Identifiers of candidate D2D device pairings from D2D peer discovery performed by a plurality of UEs served in a plurality of base stations and link quality data associated with each candidate D2D device pairings are obtained. D2D network topology map data including a plurality of link-state relationships are generated based on the identifiers of candidate D2D device pairings. A plurality of connection paths of UEs are computed based on the generated link-state relationships and the link quality data, where each computed connection path includes UEs indicated as required nodes and at least one UE indicated as a candidate relay node. An optimal connection path that satisfies a latency parameter is selected from the plurality of computed connection paths (e.g. based on a shortest path first or SPF algorithm). The selected connection path may be part of an operational control loop for low latency, deterministic D2D communications.

公开(公告)号：US20190199626A1

公开(公告)日：2019-06-27

申请号：US15854040

申请日：2017-12-26

Applicant: Cisco Technology, Inc.

Inventor： Pascal Thubert ,  Eric Levy-Abegnoli ,  Jean-Philippe Vasseur ,  Patrick Wetterwald

IPC: H04L12/715 ,  H04L12/801 ,  H04L12/709

CPC classification number: H04L45/64 ,  H04L45/245 ,  H04L47/19

Abstract: In one embodiment, a cloud-based service instructs one or more networking devices in a local area network (LAN) to form a virtual network overlay in the LAN that redirects traffic associated with a particular node in the LAN to a first isolation application instance hosted by the service. The first isolation application instance receives the redirected traffic associated with the particular node. The first isolation application instance determines a routing path for the traffic that comprises one or more other isolation application instances hosted by the cloud-based service. The first isolation application instance tags the traffic to indicate the determined routing path. The first isolation application forwards the tagged traffic to a second isolation application instance along the determined routing path.