知搜-全球专利检索

  1. Login
  2. Sign Up

Search Results

46 records (took 0.035 seconds)

    Systems and methods for virtual prefix aggregation in on-demand overlay networks
    11.
    发明授权
    Systems and methods for virtual prefix aggregation in on-demand overlay networks 有权

    公开(公告)号:US10826827B1

    公开(公告)日:2020-11-03

    申请号:US16514223

    申请日:2019-07-17

    Applicant: Cisco Technology, Inc.

    Inventor: Alberto Rodriguez Natal Marc Portoles Comeras Vina Ermagan Victor Moreno Fabio Maino Sanjay Hooda

    IPC: H04L12/715 H04L12/741 H04L12/733

    Abstract: In one embodiment, a router includes processors and computer-readable non-transitory storage media coupled to the processors including instructions executable by the processors. The router may store at least one virtual prefix and an associated aggregation threshold. The router may register, with a mapping database of an overlay network, ownership of individual prefixes served by the router. The router may determine an amount of prefixes served by the router that are within an address space of the virtual prefix. The router may register, based on a determination that the amount of prefixes satisfies the aggregation threshold, ownership of the virtual prefix with the mapping database of the overlay network. The registration of the virtual prefix may cause ownership of one or more of the registered individual prefixes served by the router that are within the address space of the virtual prefix to be deregistered.

    NETWORK AUTHORIZATION IN WEB-BASED OR SINGLE SIGN-ON AUTHENTICATION ENVIRONMENTS
    13.
    发明申请
    NETWORK AUTHORIZATION IN WEB-BASED OR SINGLE SIGN-ON AUTHENTICATION ENVIRONMENTS 审中-公开

    公开(公告)号:US20180176218A1

    公开(公告)日:2018-06-21

    申请号:US15384365

    申请日:2016-12-20

    Applicant: Cisco Technology, Inc.

    Inventor: Victor Moreno Sridhar Subramanian Sanjay Kumar Hooda

    IPC: H04L29/06 H04L29/08 H04L29/12

    Abstract: Systems and methods for network authorization are described herein. An example method can include receiving a user credential from a host device connected to a network, authenticating the user credential, and in response to authenticating the user credential, determining an authorization policy associated with the host device. The method can also include polling a network overlay control plane of the network to obtain a network location information associated with the host device, identifying at least one network device of the network using the network location information, and transmitting the authorization policy to the at least one network device.

    Overlay services in communication networks
    14.
    发明授权
    Overlay services in communication networks 有权
    通讯网络覆盖服务

    公开(公告)号:US09240944B2

    公开(公告)日:2016-01-19

    申请号:US13751717

    申请日:2013-01-28

    Applicant: CISCO TECHNOLOGY, INC.

    Inventor: Victor Moreno Dino Farinacci Fabio Maino

    IPC: H04L12/56 H04L12/715 H04L29/12 H04L12/46 H04L12/64

    CPC classification number: H04L45/64 H04L12/4633 H04L12/4641 H04L12/6418 H04L61/103

    Abstract: In one embodiment, a method includes receiving a packet from a first host at a first edge device, the packet comprising a layer 3 address of a second host in communication with a second edge device, using the layer 3 address of the second host to receive a layer 2 address and a location identifier for the second host from a database accessible from a core network, the database comprising a mapping of layer 3 host addresses to layer 2 host addresses and location identifiers, and storing a mapping of the layer 2 address to the location identifier at the first edge device for use in forwarding packets to the second host. The first edge device is in communication with the second edge device in an overlay network defined by the edge devices interconnected by the core network. An apparatus and logic are also disclosed herein.

    Abstract translation: 在一个实施例中,一种方法包括在第一边缘设备处从第一主机接收分组,该分组包括与第二边缘设备通信的第二主机的第3层地址,使用第二主机的第3层地址来接收 来自可从核心网访问的数据库的第二主机的第二层地址和位置标识符,所述数据库包括层3主机地址到层2主机地址和位置标识符的映射,以及将层2地址的映射存储到 在第一边缘设备处的位置标识符用于将分组转发到第二主机。 第一边缘设备在由由核心网互连的边缘设备定义的覆盖网络中与第二边缘设备通信。 本文还公开了一种装置和逻辑。

    Software defined access fabric without subnet restriction to a virtual network
    15.
    发明授权
    Software defined access fabric without subnet restriction to a virtual network 有权

    公开(公告)号:US12192057B2

    公开(公告)日:2025-01-07

    申请号:US18677720

    申请日:2024-05-29

    Applicant: Cisco Technology, Inc.

    Inventor: Sanjay Kumar Hooda Muninder Singh Sambi Victor Moreno Prakash C. Jain Tarunesh Ahuja Satish Kondalam

    IPC: H04L41/0893 G06F9/455 H04L12/46

    Abstract: Systems, methods, and computer-readable storage media are provided for provisioning a common subnet across a number of subscribers and their respective virtual networks using dynamically generated network policies that provide isolation between the subscribers. The dynamic generation of the network policies is performed when a host (e.g. client) is detected (via a switch) as the host joins the computing network via virtual networks. This ability to configure a common subnet for all the subscriber virtual networks allows these subscribers to more easily access external shared services coming from a headquarter site while keeping the separation and segmentation of multiple subscriber virtual networks within a single subnet. This allows the Enterprise fabric to be more simple and convenient to deploy without making security compromises.

    Asymmetric multi-destination traffic replication in overlay networks
    19.
    发明授权
    Asymmetric multi-destination traffic replication in overlay networks 有权

    公开(公告)号:US10326694B2

    公开(公告)日:2019-06-18

    申请号:US15161636

    申请日:2016-05-23

    Applicant: Cisco Technology, Inc.

    Inventor: Victor Moreno Shyam Kapadia Murali Venkateshaiah John Lo Liqin Dong

    IPC: H04L12/715 H04H20/26 H04L12/46 H04L12/753 H04L12/741 H04L12/761 H04L12/18

    Abstract: Presented herein are hybrid approaches to multi-destination traffic forwarding in overlay networks that can be used to facilitate interoperability between head-end-replication-support network devices (i.e., those that only use head-end-replication) and multicast-support network devices (i.e., those that only use native multicast). By generally using existing tunnel end-points (TEPs) supported functionality for sending multi-destination traffic and enhancing the TEPs to receive multi-destination traffic with the encapsulation scheme they do not natively support, the presented methods and systems minimize the required enhancements to achieve interoperability and circumvents any hard limitations that the end-point hardware may have. The present methods and systems may be used with legacy hardware that are commissioned or deployed as well as new hardware that are configured with legacy protocols.

    Inter-domain network tenant identifier
    20.
    发明授权
    Inter-domain network tenant identifier 有权

    公开(公告)号:US09699082B2

    公开(公告)日:2017-07-04

    申请号:US14010707

    申请日:2013-08-27

    Applicant: CISCO TECHNOLOGY, INC.

    Inventor: Victor Moreno Fabio Maino Vina Ermagan

    IPC: H04L12/741 H04L12/715 H04L12/749

    CPC classification number: H04L45/745 H04L45/04 H04L45/741

    Abstract: In one embodiment, a method includes receiving a packet at a tunnel end point in a multi-tenant network, the packet comprising a destination, performing a lookup for the destination in a database comprising a mapping of global identifiers to local tenant identifiers for different hosting locations, each of the global identifiers uniquely identifying a tenant across all of the hosting locations, identifying a destination tunnel end point and a local tenant identifier for the destination, and inserting the destination tunnel end point and the local tenant identifier into the packet and forwarding the packet. An apparatus and logic are also disclosed herein.

Patent Agency Ranking