公开(公告)号：US10536561B2

公开(公告)日：2020-01-14

申请号：US15784361

申请日：2017-10-16

Applicant: Cisco Technology, Inc.

Inventor： Pierre Pfister ,  William Mark Townsley ,  Yoann Louis Simon Desmouceaux ,  Guillaume Michel Ruty

IPC: H04L29/06 ,  G06F13/28 ,  G06F3/06 ,  G06F13/42 ,  H04L29/08

Abstract: A content delivery node receives data packets carrying content from an upstream source of content, and writes segments of the received content directly to a memory buffer of a memory using direct memory access (DMA) data transfers. The node derives, for each segment, respective segment-specific metadata based on contents of the segment, and stores the respective segment-specific metadata in the memory. The node receives from multiple downstream client devices respective requests for the same content. Each request includes client-specific information. Responsive to the requests, the node: identifies one or more segments that satisfy the requests; generates, for each client device, client-specific metadata using the client-specific information and the segment-specific metadata for the one or more segments; constructs, for each client, a client-specific data packet that includes the one or more segments and the client-specific metadata; and transmits the client-specific data packets to the downstream client devices.

公开(公告)号：US20190075061A1

公开(公告)日：2019-03-07

申请号：US16179098

申请日：2018-11-02

Applicant: Cisco Technology, Inc.

Inventor： Pierre Pfister ,  Pascal Thubert ,  Victor Nguyen

IPC: H04L12/927 ,  H04L12/18 ,  H04L29/06

CPC classification number: H04L47/806 ,  H04L12/1868 ,  H04L69/161 ,  H04L2212/00

Abstract: Systems, methods, and computer-readable storage media for multi-destination TCP communications using bit indexed explicit replication (BIER). In some examples, a system can generate a TCP packet associated with a TCP session involving a set of destination devices, and encode an array of bits into the TCP packet to yield a TCP multicast packet. The array of bits can define the destination devices as destinations for the multicast packet. The system can transmit the TCP multicast packet towards the destination devices through a BIER domain. The system can receive acknowledgements from a first subset of the destination devices. Based on the acknowledgements, the system can determine that the first subset of the destination devices received the multicast packet and a second subset of the destination devices did not receive the multicast packet. The system can then retransmit the multicast packet to the second subset of the destination devices.

公开(公告)号：US20180219783A1

公开(公告)日：2018-08-02

申请号：US15581942

申请日：2017-04-28

Applicant: Cisco Technology, Inc.

Inventor： Pierre Pfister ,  William Mark Townsley ,  Yoann Desmouceaux ,  Jerome Tollet ,  Andre Surcouf

IPC: H04L12/803 ,  H04L12/741

CPC classification number: H04L47/125 ,  H04L45/34 ,  H04L45/745 ,  H04L61/6059 ,  H04L67/1002 ,  H04L67/1004 ,  H04L67/1023 ,  H04L67/1027 ,  H04L69/22

Abstract: Systems, methods, and computer-readable media for load balancing using segment routing and application monitoring. A method can involve receiving a packet including a request from a source device to an application associated with a virtual address in a network, mapping the request to a set of candidate servers hosting the application associated with the virtual address, and encoding the set of candidate servers as a list of segments in a segment routing header associated with the packet. The method can further involve determining that a first candidate server from the set of candidate servers is a next segment in the list of segments, encoding the first candidate server in a destination address field on a header of the packet, and forwarding the packet to the first candidate server.

公开(公告)号：US20180063024A1

公开(公告)日：2018-03-01

申请号：US15252101

申请日：2016-08-30

Applicant: Cisco Technology, Inc.

Inventor： Pierre Pfister ,  Pascal Thubert ,  Victor Nguyen

IPC: H04L12/927 ,  H04L12/18 ,  H04L29/06

CPC classification number: H04L69/161 ,  H04L12/1868 ,  H04L2212/00

Abstract: Systems, methods, and computer-readable storage media for multi-destination TCP communications using bit indexed explicit replication (BIER). In some examples, a system can generate a TCP packet associated with a TCP session involving a set of destination devices, and encode an array of bits into the TCP packet to yield a TCP multicast packet. The array of bits can define the destination devices as destinations for the multicast packet. The system can transmit the TCP multicast packet towards the destination devices through a BIER domain. The system can receive acknowledgements from a first subset of the destination devices. Based on the acknowledgements, the system can determine that the first subset of the destination devices received the multicast packet and a second subset of the destination devices did not receive the multicast packet. The system can then retransmit the multicast packet to the second subset of the destination devices.

公开(公告)号：US20230179652A1

公开(公告)日：2023-06-08

申请号：US18101845

申请日：2023-01-26

Applicant: Cisco Technology, Inc.

Inventor： Yoann Desmouceaux ,  Pierre Pfister ,  Aloys Augustin ,  Mohammed Hawari

IPC: H04L67/1023 ,  H04L45/24 ,  H04L69/163 ,  H04L69/164 ,  H04L69/165 ,  H04L67/146

CPC classification number: H04L67/1023 ,  H04L45/24 ,  H04L69/163 ,  H04L69/164 ,  H04L69/165 ,  H04L67/146 ,  H04L67/01

Abstract: Techniques are described for providing a distributed application load-balancing architecture that supports multipath transport protocol for client devices connecting to an application service. Rather than having client devices generate new network five-tuples for new subflows to the application servers, the techniques described herein include shifting the burden to the application servers to ensure that the new network five-tuples land in the same bucket in the consistent hashing table. The application servers may receive a hashing function utilized by the load balancers to generate the hash of the network five-tuple. By having the application servers generate the hashes, the load balancers are able to continue stateless, low-level processing of the packets to route them to the correct application servers. In this way, additional subflows can be opened for client devices according to a multipath transport protocol while ensuring that the subflows are routed to the correct application server.

公开(公告)号：US20220413975A1

公开(公告)日：2022-12-29

申请号：US17902677

申请日：2022-09-02

Applicant: Cisco Technology, Inc.

Inventor： Pierre Pfister ,  Ian James Wells ,  Kyle Andrew Donald Mestery ,  William Mark Townsley ,  Yoann Desmouceaux ,  Guillaume Ruty ,  Aloys Augustin

IPC: G06F11/20 ,  G06F9/455 ,  H04L61/2503 ,  H04L61/58 ,  H04L101/00

Abstract: This disclosure describes techniques for providing a distributed scalable architecture for Network Address Translation (NAT) systems with high availability and mitigations for flow breakage during failover events. The NAT servers may include functionality to serve as fast-path servers and/or slow-path servers. A fast-path server may include a NAT worker that includes a cache of NAT mappings to perform stateful network address translation and to forward packets with minimal latency. A slow-path server may include a mapping server that creates new NAT mappings, depreciates old ones, and answers NAT worker state requests. The NAT system may use virtual mapping servers (VMSs) running on primary physical servers with state duplicated VMSs on different physical failover servers. Additionally, the NAT servers may implement failover solutions for dynamically allocated routeable address/port pairs assigned to new sessions by assigning new outbound address/port pairs when a session starts and broadcasting pairing information.

公开(公告)号：US11438186B2

公开(公告)日：2022-09-06

申请号：US16834860

申请日：2020-03-30

Applicant: Cisco Technology, Inc.

Inventor： Ijsbrand Wijnands ,  Pierre Pfister ,  Neale D. R. Ranns ,  W. Mark Townsley ,  Gregory J. Shepherd

IPC: H04L12/18 ,  H04L45/745

Abstract: Methods, network devices and computer readable media are disclosed relating to a communication network. In one embodiment, a method includes receiving a message comprising a message bit array. The message bit array identifies egress nodes for the message within a bit indexed explicit replication (BIER) domain of a communications network. A first bit position in the message bit array represents a first one or more of the egress nodes, and a bit value at the first bit position indicates that the message is to be forwarded to one of the first one or more of the egress nodes. The method further includes accessing a first forwarding table entry corresponding to the first bit position, determining whether the first bit position is an anycast bit position having multiple corresponding forwarding table entries, and forwarding the message to one of the first one or more of the egress nodes.

公开(公告)号：US11436111B2

公开(公告)日：2022-09-06

申请号：US16592613

申请日：2019-10-03

Applicant: Cisco Technology, Inc.

Inventor： Pierre Pfister ,  Ian James Wells ,  Kyle Andrew Donald Mestery ,  William Mark Townsley ,  Yoann Desmouceaux ,  Guillaume Ruty ,  Aloys Augustin

IPC: G06F11/20 ,  G06F9/455 ,  H04L61/2503 ,  H04L61/58

Abstract: This disclosure describes techniques for providing a distributed scalable architecture for Network Address Translation (NAT) systems with high availability and mitigations for flow breakage during failover events. The NAT servers may include functionality to serve as fast-path servers and/or slow-path servers. A fast-path server may include a NAT worker that includes a cache of NAT mappings to perform stateful network address translation and to forward packets with minimal latency. A slow-path server may include a mapping server that creates new NAT mappings, depreciates old ones, and answers NAT worker state requests. The NAT system may use virtual mapping servers (VMSs) running on primary physical servers with state duplicated VMSs on different physical failover servers. Additionally, the NAT servers may implement failover solutions for dynamically allocated routable address/port pairs assigned to new sessions by assigning new outbound address/port pairs when a session starts and broadcasting pairing information.

公开(公告)号：US20210329069A1

公开(公告)日：2021-10-21

申请号：US16853048

申请日：2020-04-20

Applicant: Cisco Technology, Inc.

Inventor： Yoann Desmouceaux ,  Pierre Pfister ,  Aloys Augustin ,  Mohammed Hawari

IPC: H04L29/08 ,  H04L12/707 ,  H04L29/06

Abstract: Techniques are described for providing a distributed application load-balancing architecture that supports multipath transport protocol for client devices connecting to an application service. Rather than having client devices generate new network five-tuples for new subflows to the application servers, the techniques described herein include shifting the burden to the application servers to ensure that the new network five-tuples land in the same bucket in the consistent hashing table. The application servers may receive a hashing function utilized by the load balancers to generate the hash of the network five-tuple. By having the application servers generate the hashes, the load balancers are able to continue stateless, low-level processing of the packets to route them to the correct application servers. In this way, additional subflows can be opened for client devices according to a multipath transport protocol while ensuring that the subflows are routed to the correct application server.

公开(公告)号：US11044199B2

公开(公告)日：2021-06-22

申请号：US16003937

申请日：2018-06-08

Applicant: Cisco Technology, Inc.

Inventor： Pierre Pfister ,  W. Mark Townsley ,  Enzo Fenoglio ,  Hugo Latapie ,  Yoann Desmouceaux

IPC: H04L12/803 ,  H04L12/26 ,  G06N3/08 ,  G06N3/04 ,  H04L29/08

Abstract: In one embodiment, a traffic analysis service obtains traffic characteristics of network traffic associated with a device in a network. The traffic analysis service uses a machine learning model to infer resource usage by the device based on the obtained traffic characteristics of the network traffic associated with the device. The traffic analysis service controls traffic flows in the network based on the inferred resource usage by the device.