公开(公告)号：US10833987B2

公开(公告)日：2020-11-10

申请号：US16260820

申请日：2019-01-29

Applicant: Cisco Technology, Inc.

Inventor： Patrick Wetterwald ,  Eric Levy-Abegnoli ,  Pascal Thubert

IPC: H04L12/801 ,  H04L12/741 ,  H04L12/721 ,  H04L12/865 ,  H04L12/823

Abstract: In one embodiment, a particular device along a path in a deterministic network receives a first packet sent from a source towards a destination via the path. The particular device sends the first packet to a next hop device along the path, according to a deterministic schedule associated with the first packet. The particular device determines, after sending the first packet, an action to be performed on the first packet. The particular device then sends a second packet to the next hop device indicative of the determined action. The second packet causes another device along the path to perform the action on the first packet.

公开(公告)号：US10771476B2

公开(公告)日：2020-09-08

申请号：US15920651

申请日：2018-03-14

Applicant: Cisco Technology, Inc.

Inventor： Pascal Thubert ,  Patrick Wetterwald ,  Eric Levy-Abegnoli ,  Jean-Philippe Vasseur

IPC: H04L29/06 ,  H04L12/823 ,  H04W12/12 ,  H04L9/32 ,  H04L12/28

Abstract: In one embodiment, an elimination point device in a network obtains a master secret from a network controller. The elimination point device assesses, using the master secret, whether an incoming packet received by the elimination point device from a redundant path between the elimination point device and a replication point device in the network includes a valid message integrity check (MIC). The elimination point device determines whether the incoming packet was injected maliciously into the redundant path, based on the assessment of the incoming packet. The elimination point device initiates performance of a mitigation action in the network, when the elimination point device determines that the incoming packet was injected maliciously into the redundant path.

公开(公告)号：US10757647B2

公开(公告)日：2020-08-25

申请号：US15499017

申请日：2017-04-27

Applicant: Cisco Technology, Inc.

Inventor： Pascal Thubert ,  Jean-Philippe Vasseur ,  Patrick Wetterwald ,  Eric Levy-Abegnoli

IPC: H04W48/20 ,  H04W28/02 ,  H04L29/08

Abstract: In one embodiment, a supervisory device in a network forms a virtual access point (VAP) for a node in the network. A plurality of access points (APs) in the network are mapped to the VAP as part of a VAP mapping and the node treats the APs in the VAP mapping as a single AP for purposes of communicating with the network. The supervisory device determines a traffic type of traffic associated with the node. The supervisory device assigns the node to a selected wireless channel based in part on the traffic type of the traffic associated with the node. The supervisory device controls the VAP to use the channel assigned to the node.

公开(公告)号：US20200259746A1

公开(公告)日：2020-08-13

申请号：US16269723

申请日：2019-02-07

Applicant: Cisco Technology, Inc.

Inventor： Pascal Thubert ,  Jean-Philippe Vasseur ,  Eric Levy-Abegnoli ,  Patrick Wetterwald

IPC: H04L12/803 ,  H04L12/851 ,  H04L12/715 ,  H04L12/24

Abstract: In one embodiment, a supervisory device for a software defined networking (SDN) fabric predicts a failure in the SDN fabric using a machine learning-based failure prediction model. The supervisory device identifies a plurality of traffic flows having associated leaves in the SDN fabric that would be affected by the predicted failure. The supervisory device selects a subset of the identified plurality of traffic flows and their associated leaves. The supervisory device disaggregates routes for the selected subset of traffic flows and their associated leaves, to avoid the predicted failure.

公开(公告)号：US20200221274A1

公开(公告)日：2020-07-09

申请号：US16820843

申请日：2020-03-17

Applicant: Cisco Technology, Inc.

Inventor： Pascal Thubert ,  Jean-Philippe Vasseur ,  Patrick Wetterwald ,  Eric Levy-Abegnoli

IPC: H04W4/70 ,  H04W48/18 ,  H04W24/02

Abstract: In one embodiment, a supervisory device in a network forms a virtual access point (VAP) for a node in the network. A set of access points (APs) in the network are mapped to the VAP as part of a VAP mapping and the node treats the APs in the VAP mapping as a single AP for purposes of communicating with the network. The supervisory device receives measurements from the APs in the VAP mapping regarding communications associated with the node. The supervisory device identifies a movement of the node based on the received measurements from the APs in the VAP mapping. The supervisory device adjusts the set of APs in the VAP mapping based on the identified movement of the node.

公开(公告)号：US10397058B2

公开(公告)日：2019-08-27

申请号：US15599767

申请日：2017-05-19

Applicant: Cisco Technology, Inc.

Inventor： Pascal Thubert ,  Jean-Philippe Vasseur ,  Patrick Wetterwald ,  Eric Levy-Abegnoli

IPC: H04W84/12 ,  H04L12/24 ,  H04L12/911 ,  H04W88/08 ,  H04L12/931

Abstract: In one embodiment, a supervisory device in a network assigns different access points in the network to different access point groupings. Each of the different access point groupings uses a different network path to communicate with a given endpoint in the network. The supervisory device selects at least one of the access points in each of the different access point groupings for mapping to a virtual access point (VAP) for a node in the network as part of a VAP mapping. The supervisory device instructs the selected access points to form a VAP for the node. The node treats the access points in the VAP mapping as a single access point for purposes of communicating with the network.

公开(公告)号：US10367623B2

公开(公告)日：2019-07-30

申请号：US15498715

申请日：2017-04-27

Applicant: Cisco Technology, Inc.

Inventor： Pascal Thubert ,  Jean-Philippe Vasseur ,  Patrick Wetterwald ,  Eric Levy-Abegnoli

IPC: H04L5/00 ,  H04W28/02 ,  H04L12/801 ,  H04L12/931 ,  H04L1/00 ,  H04L29/08 ,  H04W84/18 ,  H04W88/00

Abstract: In one embodiment, a supervisory device in a network forms a virtual access point (VAP) for a node in the network whereby a plurality of access points (APs) in the network are mapped to the VAP as part of a VAP mapping. The node treats the APs in the VAP mapping as a single AP for purposes of communicating with the network. The supervisory device determines a data traffic management strategy for the node based on traffic associated with the node. The supervisory device instructs the APs in the VAP mapping to implement the data traffic management strategy for the node.

公开(公告)号：US10298542B2

公开(公告)日：2019-05-21

申请号：US15485708

申请日：2017-04-12

Applicant: Cisco Technology, Inc.

Inventor： Pascal Thubert ,  Jean-Philippe Vasseur ,  Patrick Wetterwald ,  Eric Levy-Abegnoli

IPC: H04L12/46 ,  H04L29/06 ,  G06N20/00

Abstract: In one embodiment, a networking device in a local area network (LAN) establishes a virtual network overlay in the LAN to redirect traffic associated with a particular node in the LAN to a server for analysis. The networking device receives an indication from the server that at least a portion of the traffic associated with the particular node is trusted for local sending within the LAN and adjusts the virtual network overlay to locally send the trusted portion of the traffic associated with the particular node to one or more other nodes in the LAN without redirection to the server. The networking device collects characteristic information regarding the trusted portion of the traffic sent locally within the LAN via the adjusted virtual network overlay and sends the collected characteristic information to the server for analysis.

公开(公告)号：US10027581B2

公开(公告)日：2018-07-17

申请号：US14886352

申请日：2015-10-19

Applicant: Cisco Technology, Inc.

Inventor： Pascal Thubert ,  Patrick Wetterwald ,  Jean-Philippe Vasseur ,  Eric Levy-Abegnoli

IPC: H04L12/28 ,  H04L12/721 ,  H04L12/823 ,  H04L12/801 ,  H04W40/24

Abstract: In one embodiment, a device in a network receives packet arrival information for a packet from a neighbor of the device in the network. The packet arrival information indicates a likelihood of the packet being received by a target node that is moving in the network were the packet forwarded by the neighbor to the target node. The device forwards the packet to the target node based on a determination that the device has a higher likelihood of the packet being received by target node were the packet forwarded by the device to the target node than were the packet forwarded by the neighbor to the target node.

公开(公告)号：US20180109496A1

公开(公告)日：2018-04-19

申请号：US15485708

申请日：2017-04-12

Applicant: Cisco Technology, Inc.

Inventor： Pascal Thubert ,  Jean-Philippe Vasseur ,  Patrick Wetterwald ,  Eric Levy-Abegnoli

IPC: H04L29/06 ,  H04L12/46 ,  G06N99/00

CPC classification number: H04L63/0236 ,  G06N99/005 ,  H04L12/462 ,  H04L63/029 ,  H04L63/1425

Abstract: In one embodiment, a networking device in a local area network (LAN) establishes a virtual network overlay in the LAN to redirect traffic associated with a particular node in the LAN to a server for analysis. The networking device receives an indication from the server that at least a portion of the traffic associated with the particular node is trusted for local sending within the LAN and adjusts the virtual network overlay to locally send the trusted portion of the traffic associated with the particular node to one or more other nodes in the LAN without redirection to the server. The networking device collects characteristic information regarding the trusted portion of the traffic sent locally within the LAN via the adjusted virtual network overlay and sends the collected characteristic information to the server for analysis.