公开(公告)号：US09491094B2

公开(公告)日：2016-11-08

申请号：US14037143

申请日：2013-09-25

Applicant: Cisco Technology, Inc.

Inventor： Sourabh Suresh Patwardhan ,  Maithili Narasimha ,  Suraj Nellikar

IPC: H04L12/721 ,  H04L12/727 ,  H04L12/725

CPC classification number: H04L45/44 ,  H04L45/121 ,  H04L45/308

Abstract: An example method for path optimization in distributed service chains in a network environment is provided and includes receiving information about inter-node latency of a distributed service chain in a network environment comprising a distributed virtual switch (DVS), where the inter-node latency is derived at least from packet headers of respective packets traversing a plurality of service nodes comprising the distributed service chain, and modifying locations of the service nodes in the DVS to reduce the inter-node latency. In specific embodiments, the method further includes storing and time-stamping a path history of each packet in a network service header portion of the respective packet header. A virtual Ethernet Module (VEM) of the DVS stores and time-stamps the path history and a last VEM in the distributed service chain calculates runtime traffic latencies from the path history and sends the calculated runtime traffic latencies to a virtual supervisor module.

Abstract translation: 提供了一种在网络环境中的分布式服务链中的路径优化的示例方法，包括在包括分布式虚拟交换机（DVS）的网络环境中接收关于分布式服务链的节点间延迟的信息，其中节点间等待时间 至少从穿过包括分布式服务链的多个服务节点的各个分组的分组报头导出，以及修改DVS中的服务节点的位置以减少节点间等待时间。 在具体实施例中，该方法还包括在相应分组报头的网络服务报头部分中存储和时间戳每个分组的路径历史。 DVS的虚拟以太网模块（VEM）存储并对路径历史进行时间戳，并且分布式服务链中的最后一个VEM从路径历史中计算运行时流量延迟，并将计算的运行时流量延迟发送到虚拟主管模块。

公开(公告)号：US11968198B2

公开(公告)日：2024-04-23

申请号：US18147448

申请日：2022-12-28

Applicant: Cisco Technology, Inc.

Inventor： Sourabh Suresh Patwardhan ,  Jalaja Padma ,  Srinivasan Krishnamurthy ,  Rajasekhar Manam

IPC: G06F21/44 ,  G06F9/455 ,  G06F21/45 ,  H04L9/40

CPC classification number: H04L63/08 ,  G06F9/45558 ,  G06F21/44 ,  G06F21/45 ,  H04L63/10 ,  G06F2009/45562 ,  G06F2009/4557 ,  G06F2009/45587 ,  G06F2009/45595

Abstract: The disclosed technology provides solutions for performing rapid authentication and authorization for distributed containerized microservices. In some aspects, a process of the technology can include steps for: associating a service type with a set of microservices or service pods, detecting deployment of a first microservice on a first host, and receiving an authentication and authorization state from a first virtual network edge (VNE) of the first host. In some aspects, the process can further include steps for distributing the authentication state to a second VNE on a second host, wherein the authentication state is configured to facilitate authentication of one or more subsequent microservices instantiated on the second host by the second VNE. Systems and machine readable media are also provided.

公开(公告)号：US20210111984A1

公开(公告)日：2021-04-15

申请号：US16598919

申请日：2019-10-10

Applicant: Cisco Technology, Inc.

Inventor： Sourabh Suresh Patwardhan ,  Naga Venkata Kiran Kumar Chunduri

IPC: H04L12/751

Abstract: This disclosure describes various methods, systems, and devices related to dynamic service node discovery in a network. In an example method, an intermediary node receives a Link Layer Discovery Protocol (LLDP) message from a first node. The LLDP message includes a discovery Type-Length-Value (TLV) that indicates a location of a service node in the network. The method further includes forwarding the LLDP message to a second node.

公开(公告)号：US20190386973A1

公开(公告)日：2019-12-19

申请号：US16012597

申请日：2018-06-19

Applicant: Cisco Technology, Inc.

Inventor： Sourabh Suresh Patwardhan ,  Jalaja Padma ,  Srinivasan Krishnamurthy ,  Rajasekhar Manam

IPC: H04L29/06 ,  G06F9/455 ,  G06F21/44 ,  G06F21/45

Abstract: The disclosed technology provides solutions for performing rapid authentication and authorization for distributed containerized microservices. In some aspects, a process of the technology can include steps for: associating a service type with a set of microservices or service pods, detecting deployment of a first microservice on a first host, and receiving an authentication and authorization state from a first virtual network edge (VNE) of the first host. In some aspects, the process can further include steps for distributing the authentication state to a second VNE on a second host, wherein the authentication state is configured to facilitate authentication of one or more subsequent microservices instantiated on the second host by the second VNE. Systems and machine readable media are also provided.

公开(公告)号：US20150263959A1

公开(公告)日：2015-09-17

申请号：US14209395

申请日：2014-03-13

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Sourabh Suresh Patwardhan ,  Ajay A. Kulkarni

IPC: H04L12/801 ,  H04L12/26 ,  H04L12/823

CPC classification number: H04L47/193 ,  H04L43/0858 ,  H04L47/32

Abstract: An example method for performance enhancement in a heterogeneous network environment with multipath transport protocols is provided and includes receiving packets according to Transmission Control Protocol (TCP packets) and packets according to multipath TCP (MPTCP packets) in a network environment, determining that TCP packets are experiencing congestion in comparison to the MPTCP packets, and delaying acknowledgement packets (MPTCP ACK packets) corresponding to the MPTCP packets for a pre-determined time interval. In a specific embodiment, a local MPTCP proxy intercepts the TCP packets and forwards underlying data of the TCP packets according to MPTCP.

Abstract translation: 提供了具有多径传输协议的异构网络环境中的性能提升的示例性方法，包括：根据传输控制协议（TCP packet）和根据网络环境中的多径TCP（MPTCP分组）的分组接收分组，确定TCP分组是 遇到与MPTCP分组相比的拥塞，并且将与MPTCP分组相对应的确认分组（MPTCP ACK分组）延迟预定的时间间隔。 在具体实施例中，本地MPTCP代理拦截TCP分组，并根据MPTCP转发TCP分组的底层数据。

公开(公告)号：US09060027B2

公开(公告)日：2015-06-16

申请号：US13936060

申请日：2013-07-05

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Sourabh Suresh Patwardhan

IPC: H04L29/12 ,  H04L12/28 ,  H04L12/66 ,  G06F15/177

CPC classification number: H04L61/2015 ,  G06F15/177 ,  H04L12/28 ,  H04L12/66 ,  H04L61/103 ,  H04L61/3065 ,  H04L61/609

Abstract: An example method for assigning location identifiers (IDs) to nodes in a distributed computer cluster network environment is provided and includes receiving notification of attachment of a compute node to a Top-of-Rack (ToR) switch in the distributed computer cluster network environment, retrieving compute node information from an inventory database in the ToR switch, calculating a location ID of the compute node as a function of at least a portion of the compute node information, and communicating the location ID from the ToR switch to the compute node. The location ID indicates an Open Systems Interconnection (OSI) model Layer 7 logical group associated with an OSI model Layer 1 physical location of the compute node in the distributed computer cluster network environment.

Abstract translation: 提供了一种将分配位置标识符（ID）分配给分布式计算机集群网络环境中的节点的示例性方法，并且包括接收计算节点对分布式计算机集群网络环境中的顶层架构（ToR）交换机的附接通知， 从所述ToR交换机中的清单数据库检索计算节点信息，根据所述计算节点信息的至少一部分来计算所述计算节点的位置ID，以及将所述位置ID从所述ToR交换机传送到所述计算节点。 位置ID指示与分布式计算机集群网络环境中的计算节点的OSI模型第1层物理位置相关联的开放系统互连（OSI）模型第7层逻辑组。

公开(公告)号：US20150085870A1

公开(公告)日：2015-03-26

申请号：US14037210

申请日：2013-09-25

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Maithili Narasimha ,  Suraj Nellikar ,  Sourabh Suresh Patwardhan ,  Srinivas Sardar

IPC: H04L12/931 ,  H04L12/721

CPC classification number: H04L49/70 ,  H04L45/44 ,  H04L45/54 ,  H04L49/50

Abstract: An example method for co-operative load sharing and redundancy in distributed service chains is provided and includes deriving a service chain comprising a plurality of services in a distributed virtual switch (DVS) network environment, where a first service node provides a first portion of a specific service in the plurality of services to a packet traversing the network, and a second service node provides a second portion of the specific service to the packet, and configuring service forwarding tables at virtual Ethernet Modules associated with respective service nodes in the service chain. In a specific embodiment, the first service node and the second service node provide substantially identical service functions to the packet, wherein the specific service comprises the service functions. In various embodiments, each service node tags each packet to indicate a service completion history of service functions performed on the packet at the service node.

Abstract translation: 提供了一种用于分布式服务链中的合作负载共享和冗余的示例性方法，包括在分布式虚拟交换机（DVS）网络环境中导出包括多个服务的服务链，其中第一服务节点提供第一部分 所述多个业务中的特定服务是通过所述网络的分组，第二服务节点向所述分组提供所述特定服务的第二部分，以及在与所述服务链中的相应服务节点相关联的虚拟以太网模块处配置服务转发表。 在具体实施例中，第一服务节点和第二服务节点为分组提供基本上相同的服务功能，其中特定服务包括服务功能。 在各种实施例中，每个服务节点标记每个分组以指示在服务节点处对分组执行的服务功能的服务完成历史。

公开(公告)号：US20150012625A1

公开(公告)日：2015-01-08

申请号：US13936060

申请日：2013-07-05

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Sourabh Suresh Patwardhan

IPC: H04L29/12

CPC classification number: H04L61/2015 ,  G06F15/177 ,  H04L12/28 ,  H04L12/66 ,  H04L61/103 ,  H04L61/3065 ,  H04L61/609

Abstract: An example method for assigning location identifiers (IDs) to nodes in a distributed computer cluster network environment is provided and includes receiving notification of attachment of a compute node to a Top-of-Rack (ToR) switch in the distributed computer cluster network environment, retrieving compute node information from an inventory database in the ToR switch, calculating a location ID of the compute node as a function of at least a portion of the compute node information, and communicating the location ID from the ToR switch to the compute node. The location ID indicates an Open Systems Interconnection (OSI) model Layer 7 logical group associated with an OSI model Layer 1 physical location of the compute node in the distributed computer cluster network environment.

Abstract translation: 提供了一种将分配位置标识符（ID）分配给分布式计算机集群网络环境中的节点的示例性方法，并且包括接收计算节点对分布式计算机集群网络环境中的顶层架构（ToR）交换机的附接通知， 从所述ToR交换机中的清单数据库检索计算节点信息，根据所述计算节点信息的至少一部分来计算所述计算节点的位置ID，以及将所述位置ID从所述ToR交换机传送到所述计算节点。 位置ID指示与分布式计算机集群网络环境中的计算节点的OSI模型第1层物理位置相关联的开放系统互连（OSI）模型第7层逻辑组。

公开(公告)号：US20150012621A1

公开(公告)日：2015-01-08

申请号：US13936966

申请日：2013-07-08

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Sourabh Suresh Patwardhan ,  Maithili Narasimha ,  Shankar Ramachandran

IPC: H04L12/24

CPC classification number: H04L41/0803

Abstract: An example method for network-assisted configuration and programming of gateways in a network environment is provided and includes registering a non-Virtual eXtensible Local Area Network (VXLAN) device with a central controller, for example, by generating registration information associating the non-VXLAN device with a virtual local area network (VLAN) in a network environment, receiving a communication request from a VXLAN enabled device to communicate with the non-VXLAN device, mapping, based on the registration information, a VXLAN segment corresponding to the VXLAN enabled device with the VLAN associated with the non-VXLAN device, and configuring a gateway with the mapping through a suitable application programming interface exposed at the gateway.

Abstract translation: 提供了网络环境中的网络辅助配置和网关编程的示例方法，包括例如通过产生将非VXLAN相关联的注册信息，将非虚拟可扩展局域网（VXLAN）设备注册到中央控制器 在网络环境中具有虚拟局域网（VLAN）的设备，接收来自启用VXLAN的设备的通信请求以与非VXLAN设备进行通信，基于注册信息，映射与启用VXLAN的设备相对应的VXLAN段 其中与非VXLAN设备关联的VLAN，以及通过在网关上公开的合适的应用程序编程接口进行映射来配置网关。