公开(公告)号：US11677630B2

公开(公告)日：2023-06-13

申请号：US17246301

申请日：2021-04-30

Applicant: Cisco Technology, Inc.

Inventor： Lele Zhang ,  Li Zhao ,  Haibo Dong ,  Yihua Dai

IPC: H04L41/12 ,  H04L9/40

CPC classification number: H04L41/12 ,  H04L63/062 ,  H04L63/065 ,  H04L63/0892

Abstract: Techniques are described for managing devices using multiple virtual personal area networks (VPANs). A border router can receive a first request to join a network from a first device. The first device may be assigned to a first virtual personal area network (VPAN), which has an associated first group temporal key (GTK). The first GTK can be distributed to the first virtual device. The border router can also receive a second request to join a network from a second device. The second device may be assigned to a second VPAN, which has an associated second GTK. The second GTK can be distributed to the second virtual device.

公开(公告)号：US11050619B1

公开(公告)日：2021-06-29

申请号：US16782958

申请日：2020-02-05

Applicant: Cisco Technology, Inc.

Inventor： Li Zhao ,  Pascal Thubert ,  Huimin She ,  Lele Zhang

IPC: H04L12/24 ,  H04L29/12 ,  H04L12/753 ,  H04W84/18 ,  H04L29/08 ,  H04W8/00 ,  H04W4/70 ,  H04W4/80 ,  H04W4/38

Abstract: In one embodiment, a method comprises: detecting, by a root network device in a low power and lossy network (LLN) operating in a downward-routing mode, an outage among at least a substantial number of LLN devices in the LLN; initiating, by the root network device, a dynamic suspension of network operations in the LLN during the outage, including causing existing Internet Protocol (IP) addresses of all the LLN devices to be maintained during the outage, and causing all the LLN devices to limit transmissions to Power Outage Notification (PON) messages, Power Restoration Notification (PRN) messages, or minimal-bandwidth data packets, based on the root network device switching the LLN from the downward-routing mode to a collection-only mode; and selectively restoring, by the root network device, the LLN to the downward-routing mode in response to detecting PRN messages from at least substantially all the substantial number of LLN devices.

公开(公告)号：US12267682B2

公开(公告)日：2025-04-01

申请号：US18353772

申请日：2023-07-17

Applicant: Cisco Technology, Inc.

Inventor： Lele Zhang ,  Yajun Xia ,  Chuanwei Li ,  Li Zhao

IPC: H04W12/122 ,  G16Y30/10 ,  H04L9/40 ,  H04L43/0829 ,  H04L43/16 ,  H04W4/70 ,  H04W24/08 ,  H04W64/00 ,  H04W84/18

Abstract: A method includes determining a number of drops of a plurality of messages sent to a first node of a plurality of nodes within a mesh network. Based at least in part on the number of drops of the plurality of messages exceeding a threshold number of drops for a time period, decrementing a first rating assigned to the first node to a second rating assigned to the first node. Based at least in part on the second rating being below a rating threshold, determining that the first node is a potentially malicious node. Based at least in part on a first distance to the first node being larger than a distance threshold, identifying that the first node is a malicious node. The method may further include ending communications with the first node.

公开(公告)号：US11799751B2

公开(公告)日：2023-10-24

申请号：US17409985

申请日：2021-08-24

Applicant: Cisco Technology, Inc.

Inventor： Pascal Thubert ,  Li Zhao ,  Huimin She ,  Chuanwei Li

IPC: H04L43/16 ,  H04L45/121 ,  H04L41/12 ,  H04L43/0882

CPC classification number: H04L43/16 ,  H04L41/12 ,  H04L43/0882 ,  H04L45/121

Abstract: In one embodiment, a method comprises: joining, by a network device, a network topology rooted by a root network device in a data network, and in response transmitting an advertisement indicating a position of the network device in the network topology; suppressing a second transmission based on initiating a deferred transmission operation in response to transmitting the advertisement; maintaining the deferred transmission operation to enable a prescribed minimum number of other network devices to join the network topology at respective identified lower positions than the position of the network device; and changing, by the network device, from the deferred transmission operation to an accelerated operation in response to expiration of a prescribed deferral interval or detecting the prescribed minimum number of other network devices having the respective identified lower positions, the accelerated operation enabling the network device to initiate transmission of a data packet before the other network devices.

公开(公告)号：US20210377157A1

公开(公告)日：2021-12-02

申请号：US16890241

申请日：2020-06-02

Applicant: Cisco Technology, Inc.

Inventor： Li Zhao ,  Chuanwei Li ,  Lele Zhang ,  Haibo Dong ,  Akram Ismail Sheriff

IPC: H04L12/707 ,  H04L12/751 ,  H04W28/10 ,  H04L12/803

Abstract: Techniques for distributed sub-controller permission for control of data-traffic flow within software-defined networking (SDN) mesh networks to limit control plane traffic of the network are described herein. A technique described herein includes a network node of a data-traffic path of an SDN mesh network obtaining SDN sub-controller permission from a border controller of the SDN mesh network. Further, the technique includes suppression of data traffic from sibling and children nodes of data-traffic path allied nodes to the data-traffic path allied nodes. The data-traffic path allied nodes include network nodes that are part of the data-traffic path of the SDN mesh network. Further still, the technique includes the transmission of data across the data-traffic path.

公开(公告)号：US20210029038A1

公开(公告)日：2021-01-28

申请号：US16518130

申请日：2019-07-22

Applicant: Cisco Technology, Inc.

Inventor： Lele Zhang ,  Chuanwei Li ,  Li Zhao ,  Yajun Xia

IPC: H04L12/803 ,  H04L12/24 ,  H04L12/753 ,  H04L12/721 ,  H04L12/26 ,  G06N20/00

Abstract: In one embodiment, a technique for load balancing of throughput for multi-PHY networks using decision trees is provided. A first device of a mesh communication network may collect at least one transmission metric indicative of a primary link and a secondary link between the first device and a second device of the mesh communication network. The first device may provide the at least one transmission metric as input to one or more decision trees comprising one or more attributes that are each indicative of a threshold for a corresponding transmission metric. The first device may obtain an output from the decision tree comprising a selection of either the primary link or the secondary link. The first device may send, based on the output from the decision tree, one or more packets to the second device using the selected link.

公开(公告)号：US20200296001A1

公开(公告)日：2020-09-17

申请号：US16353137

申请日：2019-03-14

Applicant: Cisco Technology, Inc.

Inventor： Huimin She ,  Li Zhao ,  Nan Yi ,  Haibo Dong

IPC: H04L12/24 ,  H04L12/751 ,  H04L12/703 ,  H04L29/12 ,  H04L12/44

Abstract: In one embodiment, a device in a mesh network rooted at a root node receives a subroot selection notification. The subroot selection notification indicates that the device should function as a root of a sub-directed acyclic graph (DAG) were a power outage to occur. The device determines that a power outage has occurred. The device forms, after determining that a power outage has occurred, a sub-DAG that is rooted at the device by establishing one or more other devices in the mesh network as routing children of the device in the sub-DAG. The device joins the sub-DAG to a DAG rooted at the root node.

公开(公告)号：US11653220B2

公开(公告)日：2023-05-16

申请号：US16375778

申请日：2019-04-04

Applicant: Cisco Technology, Inc.

Inventor： Li Zhao ,  Chuanwei Li ,  Lele Zhang ,  Huimin She

IPC: H04W16/18 ,  H04W4/02 ,  G06F30/20 ,  H04W84/18

CPC classification number: H04W16/18 ,  G06F30/20 ,  H04W4/025 ,  H04W84/18

Abstract: Systems, methods, and computer-readable media for identifying a deployment scheme for forming a wireless mesh network based on environmental characteristics and an optimum deployment scheme. In some examples, a geographical area for deployment of a wireless mesh network is identified. Additionally, environmental information of the geographical area can be collected. Network characteristics of an optimum deployment scheme for forming the wireless mesh network can be defined. As follows, a deployment scheme for forming the wireless mesh network can be identified based on the network characteristics of the optimum deployment scheme and the environmental information of the geographical area.

公开(公告)号：US20230139002A1

公开(公告)日：2023-05-04

申请号：US17515014

申请日：2021-10-29

Applicant: Cisco Technology, Inc.

Inventor： Lele Zhang ,  Li Zhao ,  Chuanwei Li ,  Feiliang Wang

IPC: H04L29/06 ,  H04L12/751 ,  H04L12/733 ,  G06K9/62 ,  G06N20/00

Abstract: The present disclosure provides a hierarchical method of identifying unauthorized network traffic in a network by applying, at one of a first plurality of nodes of a network, a first level of network traffic analysis to identify received network traffic as one of authorized or suspicious network traffic, the one of the first plurality of nodes having a first path for traffic routing and a second path to one of a second plurality of nodes of the network, the second path being used for forwarding the suspicious network traffic to the one of the second plurality of nodes; tagging the received network traffic as the suspicious network traffic; and sending the suspicious network traffic to the one of the second plurality of nodes over the second path, the second network node applying a second level of network analysis to determine if the received network traffic is authorized, unauthorized or remains suspicious.

公开(公告)号：US20220353149A1

公开(公告)日：2022-11-03

申请号：US17246301

申请日：2021-04-30

Applicant: Cisco Technology, Inc.

Inventor： Lele Zhang ,  Li Zhao ,  Haibo Dong ,  Yihua Dai

IPC: H04L12/24 ,  H04L29/06

Abstract: Techniques are described for managing devices using multiple virtual personal area networks (VPANs). A border router can receive a first request to join a network from a first device. The first device may be assigned to a first virtual personal area network (VPAN), which has an associated first group temporal key (GTK). The first GTK can be distributed to the first virtual device. The border router can also receive a second request to join a network from a second device. The second device may be assigned to a second VPAN, which has an associated second GTK. The second GTK can be distributed to the second virtual device.