公开(公告)号：US10333822B1

公开(公告)日：2019-06-25

申请号：US15602638

申请日：2017-05-23

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Sebastian Jeuk ,  Gonzalo Salgueiro ,  James Guichard

IPC: H04L29/06 ,  H04L12/721 ,  H04L12/725

Abstract: A method is described and in one embodiment includes receiving at a forwarding node of a Service Function Chain (“SFC”)-enabled network a packet having a packet header including at least one context header comprising metadata information for the packet, wherein the metadata information comprises price information indicative of a value of a traffic flow of which the packet comprises a part; identifying based on the metadata information and at least one of network state and environmental information a Virtual Network Function (“vNF”) to which to forward the packet for processing; and forwarding the packet to the identified vNF for processing.

公开(公告)号：US10263861B2

公开(公告)日：2019-04-16

申请号：US14587981

申请日：2014-12-31

Applicant: Cisco Technology, Inc.

Inventor： Nobushige Akiya ,  Carlos M. Pignataro ,  Nagendra Kumar Nainar ,  Paul Quinn ,  James Guichard

IPC: H04L12/24

Abstract: In one embodiment, a system and method are disclosed for sending a request and receiving a reply. The request contains a network service header including a flow label field and a target index field. The flow label field contains a set of available flow labels. The target index field includes a value indicating a target node. The reply contains information indicating which of the flow labels can be used to route a packet to each of the next hop nodes downstream from the device that sent the reply. This process can be repeated for other nodes on a path, and other paths in a service topology layer. The information determined by this process can be used to perform other necessary functionalities at the service topology layer.

公开(公告)号：US10218593B2

公开(公告)日：2019-02-26

申请号：US15244369

申请日：2016-08-23

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Carlos M. Pignataro ,  Nagendra Kumar Nainar ,  James Guichard

IPC: H04L12/26 ,  H04L29/08 ,  H04L29/06

Abstract: Embodiments are directed to a service function configured to receive, from a service function forwarder, a data packet comprising a bit field to indicate that a packet drop is to be monitored; apply a policy for the data packet; determine that the data packet is to be dropped based on the policy; set a drop-propagate bit in a header of the data packet; and transmit the data packet to the service function forwarder. Embodiments are directed to a service function forwarder configured to receive a data packet from a service function, the data packet comprising a bit set to indicate that a packet drop is to be monitored; generate an Internet Control Message Protocol (ICMP) message, the ICMP message comprising a destination address for the ICMP message identified from the data packet; transmit the ICMP message to the destination address; and drop the data packet from the service function chain.

公开(公告)号：US10158565B2

公开(公告)日：2018-12-18

申请号：US15249260

申请日：2016-08-26

Applicant: Cisco Technology, Inc.

Inventor： Craig Thomas Hill ,  James Guichard ,  Darrin Joseph Miller ,  Carlos M. Pignataro

IPC: H04L12/723 ,  H04L12/911 ,  H04L29/08 ,  H04L12/725 ,  H04L12/721 ,  H04L12/715 ,  H04L29/06

Abstract: In a first enclave of a label switching network (LSN), a protocol data unit (PDU) of the LSN is formatted to include a network service field specifying a service to be applied to the PDU. The service field can be positioned between PDU data link layer and network layer fields. The PDU specifies PDU routing/forwarding information for a path in the LSN ending in an LSN second enclave, and routing/forwarding for a destination between path segments in a non-LSN. The PDU is communicated from the first enclave, via the non-LSN, to the second enclave in accordance with the routing/forwarding information for the destination between path segments in the non-LSN. In the second enclave, each network service specified for the PDU is determined and then applied to the PDU. The second enclave transmits the network serviced PDU from the second enclave in accordance with the routing/forwarding information of the PDU in the label switching network.

公开(公告)号：US20180062962A1

公开(公告)日：2018-03-01

申请号：US15244369

申请日：2016-08-23

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Carlos M. Pignataro ,  Nagendra Kumar Nainar ,  James Guichard

IPC: H04L12/26 ,  H04L29/08 ,  H04L29/06

CPC classification number: H04L43/0829 ,  H04L43/10 ,  H04L67/025 ,  H04L67/16

Abstract: Embodiments are directed to a service function configured to receive, from a service function forwarder, a data packet comprising a bit field to indicate that a packet drop is to be monitored; apply a policy for the data packet; determine that the data packet is to be dropped based on the policy; set a drop-propagate bit in a header of the data packet; and transmit the data packet to the service function forwarder. Embodiments are directed to a service function forwarder configured to receive a data packet from a service function, the data packet comprising a bit set to indicate that a packet drop is to be monitored; generate an Internet Control Message Protocol (ICMP) message, the ICMP message comprising a destination address for the ICMP message identified from the data packet; transmit the ICMP message to the destination address; and drop the data packet from the service function chain.

公开(公告)号：US20180041524A1

公开(公告)日：2018-02-08

申请号：US15226758

申请日：2016-08-02

Applicant: CISCO TECHNOLOGY, INC.

Inventor： K. Tirumaleswar Reddy ,  Carlos M. Pignataro ,  James Guichard ,  Daniel G. Wing ,  Michael D. Geller

IPC: H04L29/06

CPC classification number: H04L63/1416 ,  G06F21/53 ,  H04L45/306 ,  H04L63/1458 ,  H04L67/2804 ,  H04L69/22

Abstract: Aspects of the embodiments are directed to a service classifier configured for steering cloned traffic through a service function chain. The service classifier is configured to create a cloned data packet by creating a copy of a data packet; activate a mirror bit in a network service header (NSH) of the cloned data packet, the mirror bit identifying the cloned packet to a service function forwarder network element as a cloned packet; and transmit the cloned packet to the service function forwarder network element.

公开(公告)号：US09548919B2

公开(公告)日：2017-01-17

申请号：US14522974

申请日：2014-10-24

Applicant: Cisco Technology, Inc.

Inventor： James Guichard ,  Paul Quinn ,  Carlos M. Pignataro

IPC: H04L12/28 ,  H04L12/56 ,  H04L12/725 ,  H04L12/701 ,  H04L12/721 ,  H04L12/859 ,  H04L29/06

CPC classification number: H04L45/306 ,  H04L29/0653 ,  H04L45/00 ,  H04L45/38 ,  H04L47/2475

Abstract: A controller that is in communication with the plurality of network nodes establishes a service path for a service chain defined by an ordered sequence of service functions to be performed at respective ones of one or more of the plurality of network nodes. The controller assigns a predetermined service path identifier and a predetermined service index value for a segment of the service chain that includes only one or more network nodes not capable of decapsulating packets to extract a network service header so as to designate the one or more network nodes determined not capable of decapsulating packets to extract the network service header as a single service hop segment in the service chain.

Abstract translation: 与所述多个网络节点通信的控制器为由所述多个网络节点中的一个或多个网络节点中的一个或多个的相应的一个服务功能定义的服务链建立服务路径。 控制器为仅包括一个或多个不能解包分组的网络节点的服务链的段分配预定的服务路径标识符和预定的服务索引值，以提取网络服务头，以便指定一个或多个网络节点 确定不能解包分组，以将服务链中的单个服务跳段提取为网络服务头。

公开(公告)号：US20160366191A1

公开(公告)日：2016-12-15

申请号：US14734164

申请日：2015-06-09

Applicant: Cisco Technology, Inc.

Inventor： Prashanth Patil ,  Tirumaleswar Reddy ,  Daniel G. Wing ,  James Guichard

IPC: H04L29/06 ,  H04L29/08

CPC classification number: H04L65/1069 ,  H04L63/0281 ,  H04L63/0471 ,  H04L63/166 ,  H04L67/141 ,  H04L67/28

Abstract: A first service node receives a message configured to set up a secure communication session between a client and a server, in which the first service node acts as a proxy. Data packets in the secure communication session are subject to multiple service functions that require decryption of the data packets. A service function chain assigns a service node to each of the service functions. A service header is generated including metadata instructing the service nodes other than the first service node not to act as proxies in the secure communication session. The message and the service header are transmitted to a second service node in the service function chain.

Abstract translation: 第一服务节点接收被配置为在客户机和服务器之间建立安全通信会话的消息，其中第一服务节点用作代理。 安全通信会话中的数据分组受到需要解密数据分组的多种服务功能。 服务功能链将服务节点分配给每个服务功能。 生成服务报头，包括指示不同于第一服务节点的服务节点的元数据不作为安全通信会话中的代理。 消息和服务头部被发送到服务功能链中的第二服务节点。

公开(公告)号：US20160337209A1

公开(公告)日：2016-11-17

申请号：US15223235

申请日：2016-07-29

Applicant: Cisco Technology, Inc.

Inventor： James Guichard ,  Carlos M. Pignataro ,  David Ward ,  Paul Quinn ,  Surendra Kumar

IPC: H04L12/24 ,  H04L12/26 ,  H04L29/08

CPC classification number: H04L41/5009 ,  H04L41/0654 ,  H04L41/0668 ,  H04L41/5038 ,  H04L41/5077 ,  H04L43/0823 ,  H04L43/50 ,  H04L45/28 ,  H04L45/302 ,  H04L45/50 ,  H04L67/10

Abstract: Presented herein are techniques performed in a network comprising a plurality of network nodes each configured to apply one or more service functions to traffic that passes the respective network nodes in a service path. At a network node, an indication is received of a failure or degradation of one or more service functions or applications applied to traffic at the network node. Data descriptive of the failure or degradation is generated. A previous service hop network node at which a service function or application was applied to traffic in the service path is determined. The data descriptive of the failure or degradation is communicated to the previous service hop network node.

Abstract translation: 这里呈现的是在包括多个网络节点的网络中执行的技术，每个网络节点被配置为将一个或多个服务功能应用于通过服务路径中的相应网络节点的业务。 在网络节点处，接收到应用于网络节点处的业务的一个或多个服务功能或应用的故障或劣化的指示。 产生描述故障或退化的数据。 确定应用服务功能或应用程序到服务路径中的业务的先前服务跳网络节点。 将描述故障或劣化的数据传送到先前的服务跳网络节点。

公开(公告)号：US09246799B2

公开(公告)日：2016-01-26

申请号：US13891245

申请日：2013-05-10

Applicant: Cisco Technology, Inc.

Inventor： James Guichard ,  Paul Quinn ,  David Ward ,  Surendra Kumar ,  Navindra Yadav ,  Michael R. Smith ,  Nagaraj A. Bagepalli

IPC: H04L12/28 ,  H04L12/725

CPC classification number: H04L45/306 ,  H04L41/0893 ,  H04L47/2441 ,  H04L69/22

Abstract: Techniques are provided to decouple service chain structure from the underlying network forwarding state and allow for data plane learning of service chain forwarding requirements and any association between services function state requirements and the forward and reverse forwarding paths for a service chain. In a network comprising a plurality of network nodes each configured to apply a service function to traffic that passes through the respective network node, a packet is received at a network node. When the network node determines that the service function it applies is stateful, it updates context information in a network service header of the packet to indicate that the service function applied at the network node is stateful and that traffic for a reverse path matching the classification criteria is to be returned to the network node.

Abstract translation: 提供了技术来将服务链结构与底层网络转发状态分离，并允许服务链转发要求的数据平面学习和服务功能状态要求与服务链的前向和后向转发路径之间的任何关联。 在包括多个网络节点的网络中，每个网络节点被配置为对通过相应网络节点的业务应用服务功能，在网络节点处接收分组。 当网络节点确定其应用的服务功能是有状态时，它更新分组的网络服务报头中的上下文信息，以指示在网络节点处应用的服务功能是有状态的，并且用于与分类标准匹配的反向路径的业务 将被返回到网络节点。