公开(公告)号：US10693738B2

公开(公告)日：2020-06-23

申请号：US15786411

申请日：2017-10-17

Applicant: Cisco Technology, Inc.

Inventor： Chandra Nagarajan ,  Advait Dixit

IPC: G06F15/177 ,  H04L12/24 ,  H04L12/715

Abstract: Systems, methods, and computer-readable media for generating switch-level logical models of a network. In some examples, a system can obtain a logical model of a network, such as software-defined network (SDN). The logical model can represent a configuration of objects and object properties defined based on a schema associated with the network. Based on the logical model, the system can generate a rendered logical model of the network and, based on the rendered logical model, generate, for one or more network devices in the network, a respective device-specific representation of the logical model. The respective device-specific representation can project the logical model to a respective network device, such as a switch in the fabric of the network.

公开(公告)号：US20180367390A1

公开(公告)日：2018-12-20

申请号：US15663601

申请日：2017-07-28

Applicant: Cisco Technology, Inc.

Inventor： Kannan Ponnuswamy ,  Advait Dixit ,  Arvind Chari ,  Paul Andrew Raytick ,  Sanchay Harneja

IPC: H04L12/24 ,  H04L12/26

Abstract: Disclosed are systems, methods, and computer-readable media for assuring tenant forwarding in a network environment. Network assurance can be determined in layer 1, layer 2 and layer 3 of the networked environment including, internal-internal (e.g., inter-fabric) forwarding and internal-external (e.g., outside the fabric) forwarding in the networked environment. The network assurance can be performed using logical configurations, software configurations and/or hardware configurations

公开(公告)号：US20180309632A1

公开(公告)日：2018-10-25

申请号：US15693310

申请日：2017-08-31

Applicant: Cisco Technology, Inc.

Inventor： Ramana Rao Kompella ,  Kartik Mohanram ,  Advait Dixit ,  Sundar Iyer

IPC: H04L12/24

CPC classification number: H04L41/0893 ,  H04L41/0806 ,  H04L41/0813 ,  H04L41/0853 ,  H04L41/0869 ,  H04L41/145 ,  H04L41/50

Abstract: In some examples, a system obtains a network logical model and, for each node in a network, a node-level logical, concrete, and hardware model. The system identifies a service function chain, and determines a respective set of service function chain rules. For each node, the system determines whether the respective set of service function chain rules is correctly captured in the node-level logical model and/or concrete model to yield a node containment check result. Based on a comparison of policy actions in the concrete model, hardware model, and at least one of the node-level logical model or network logical model, the system determines whether the respective set of service function chain rules is correctly rendered on each node to yield a node rendering check result. Based on the node containment check result and node rendering check result, the system determines whether the service function chain is correctly configured.

公开(公告)号：US11044273B2

公开(公告)日：2021-06-22

申请号：US16217500

申请日：2018-12-12

Applicant: Cisco Technology, Inc.

Inventor： Advait Dixit ,  Navneet Yadav ,  Navjyoti Sharma ,  Ramana Rao Kompella ,  Kartik Mohanram

IPC: H04L29/06 ,  H04L12/24 ,  H04L12/18 ,  H04L12/46

Abstract: Systems, methods, and computer-readable media for configuring and verifying compliance requirements in a network. An example method can include receiving, via a user interface, endpoint group (EPG) inclusion rules defining which EPGs on a network should be included in specific EPG selectors; selecting EPGs that satisfy the EPG inclusion rules for inclusion in the specific EPG selectors; creating the specific EPG selectors based on the selected EPGs; creating a traffic selector including parameters identifying traffic corresponding to the traffic selector; creating a compliance requirement based on a first and second EPG selector from the specific EPG selectors, the traffic selector, and a communication operator defining a communication condition for traffic associated with the first and second EPG selectors and the traffic selector; determining whether policies on the network comply with the compliance requirement; and generating compliance events indicating whether the policies comply with the compliance requirement.

公开(公告)号：US10904101B2

公开(公告)日：2021-01-26

申请号：US15693280

申请日：2017-08-31

Applicant: Cisco Technology, Inc.

Inventor： Advait Dixit ,  Ramana Rao Kompella ,  Kartik Mohanram ,  Sundar Iyer ,  Shadab Nazar ,  Chandra Nagarajan

IPC: G06F15/173 ,  H04L12/24

Abstract: Systems, methods, and computer-readable media for receiving one or more models of network intents, comprising a plurality of contracts between providers and consumers, each contract containing entries with priority values. Each contract is flattened into a listing of rules and a new priority value is calculated. The listing of rules encodes the implementation of the contract between the providers and the consumers. Each entry is iterated over and added to a listing of entries if it is not already present. For each rule, the one or more entries associated with the contract from which the rule was flattened are identified, and for each given entry a flat rule comprising the combination of the rule and the entry is generated, wherein a flattened priority is calculated based at least in part on the priority value of the given one of given entry and the priority value of the rule.

公开(公告)号：US10547715B2

公开(公告)日：2020-01-28

申请号：US15662906

申请日：2017-07-28

Applicant: Cisco Technology, Inc.

Inventor： Advait Dixit ,  Ramana Rao Kompella

IPC: H04L29/14 ,  H04L12/24 ,  H04L12/707 ,  H04L12/703

Abstract: Systems, methods, and computer-readable media for receiving an indication of an equivalence failure, the equivalence failure corresponding to one or more models of network intents. The indication of the equivalence failure is analyzed and one or more constituent intents that caused the equivalence failure are identified, wherein the one or more constituent intents are associated with a model of the one or more models of network intents. The granularity of the equivalence failure and the identified one or more constituent intents is determined, and an event for external consumption is generated, the event based at least in part on the equivalence failure, the granularity of the equivalence failure, and the identified one or more constituent intents.

公开(公告)号：US20190222485A1

公开(公告)日：2019-07-18

申请号：US15873204

申请日：2018-01-17

Applicant: Cisco Technology, Inc.

Inventor： Divjyot Sethi ,  Chandra Nagarajan ,  Advait Dixit ,  John Thomas Monk ,  Gabriel Cheukbun Ng ,  Ramana Rao Kompella ,  Sundar Iyer

IPC: H04L12/24 ,  H04L12/26 ,  H04W24/06 ,  H04W24/04

CPC classification number: H04L41/145 ,  G06F9/45533 ,  H04L43/50 ,  H04W24/04 ,  H04W24/06

Abstract: Systems, methods, and computer-readable media for emulating a state of a network environment for purposes of re-executing a network assurance appliance in the emulated state of the network environment. In some embodiments, a method can include receiving snapshot data for a network environment corresponding to a specific time in the network environment and including network events occurring in the network environment generated by a network assurance appliance. A state of the network environment at the specific time can be emulated using the snapshot data to create an emulated state of the network environment. Subsequently, the network assurance appliance can be re-executed in the emulated state of the network environment corresponding to the specific time and the network assurance appliance can be debugged outside of the network environment based on re-execution of the network assurance appliance in the emulated state of the network environment.

公开(公告)号：US20180367417A1

公开(公告)日：2018-12-20

申请号：US15693280

申请日：2017-08-31

Applicant: Cisco Technology, Inc.

Inventor： Advait Dixit ,  Ramana Rao Kompella ,  Kartik Mohanram ,  Sundar Iyer ,  Shadab Nazar ,  Chandra Nagarajan

IPC: H04L12/24

Abstract: Systems, methods, and computer-readable media for receiving one or more models of network intents, comprising a plurality of contracts between providers and consumers, each contract containing entries with priority values. Each contract is flattened into a listing of rules and a new priority value is calculated. The listing of rules encodes the implementation of the contract between the providers and the consumers. Each entry is iterated over and added to a listing of entries if it is not already present. For each rule, the one or more entries associated with the contract from which the rule was flattened are identified, and for each given entry a flat rule comprising the combination of the rule and the entry is generated, wherein a flattened priority is calculated based at least in part on the priority value of the given one of given entry and the priority value of the rule.

公开(公告)号：US20180351821A1

公开(公告)日：2018-12-06

申请号：US15786425

申请日：2017-10-17

Applicant: Cisco Technology, Inc.

Inventor： Chandra Nagarajan ,  Advait Dixit

IPC: H04L12/24

CPC classification number: H04L41/0823 ,  H04L41/0233 ,  H04L41/0853 ,  H04L41/0873 ,  H04L41/145

Abstract: Systems, methods, and computer-readable media for generating a network-wide logical model of a network. In some examples, a system obtains, from a plurality of controllers in a network, respective logical model segments associated with the network, each of the respective logical model segments including configurations at a respective one of the plurality of controllers for the network, the respective logical model segments being based on a schema defining manageable objects and object properties for the network. The system determines whether the plurality of controllers are in quorum and, when the plurality of controllers are in quorum, combines the respective logical model segments associated with the network to yield a network-wide logical model of the network, the network-wide logical model including configurations across the plurality of controllers for the network.

公开(公告)号：US20180351820A1

公开(公告)日：2018-12-06

申请号：US15786411

申请日：2017-10-17

Applicant: Cisco Technology, Inc.

Inventor： Chandra Nagarajan ,  Advait Dixit

IPC: H04L12/24 ,  H04L12/715

Abstract: Systems, methods, and computer-readable media for generating switch-level logical models of a network. In some examples, a system can obtain a logical model of a network, such as software-defined network (SDN). The logical model can represent a configuration of objects and object properties defined based on a schema associated with the network. Based on the logical model, the system can generate a rendered logical model of the network and, based on the rendered logical model, generate, for one or more network devices in the network, a respective device-specific representation of the logical model. The respective device-specific representation can project the logical model to a respective network device, such as a switch in the fabric of the network.