公开(公告)号：US20200322325A1

公开(公告)日：2020-10-08

申请号：US16574771

申请日：2019-09-18

Applicant: Cisco Technology Inc.

Inventor： Clarence Filsfils ,  Marc Portoles Comeras ,  David Delano Ward ,  Alberto Rodriguez Natal

IPC: H04L29/06

Abstract: In one embodiment, an apparatus of a LISP environment includes one or more processors and computer-readable non-transitory storage media coupled to the one or more processors. The computer-readable non-transitory storage media include instructions that, when executed by the one or more processors, cause the one or more processors to perform operations including receiving an attestation token from a first component of the LISP environment. The operations also include encoding the attestation token using a LISP message format. The operations further include distributing the encoded attestation token with a LISP signaling message to a third component of the LISP environment.

公开(公告)号：US11863434B2

公开(公告)日：2024-01-02

申请号：US17534101

申请日：2021-11-23

Applicant: Cisco Technology, Inc.

Inventor： Fabio Maino ,  Syed Khalid Raza ,  Alberto Rodriguez Natal ,  Marc Portoles Comeras

IPC: H04L45/302 ,  H04L12/46 ,  H04L47/2441 ,  H04L9/40 ,  H04L45/64 ,  H04L47/20 ,  H04L67/63

CPC classification number: H04L45/306 ,  H04L12/4633 ,  H04L45/64 ,  H04L47/20 ,  H04L47/2441 ,  H04L63/20 ,  H04L67/63

Abstract: Disclosed are systems and methods for providing policy selection in a software defined network. An example method includes registering, by an enterprise controller on an enterprise domain, in a shared mapping system on a service provider domain, one or more entries specifying one or more services for one or more classes of traffic to yield registered entries, reading, by a service provider controller, from the shared mapping system, the registered entries, posting, by the service provider controller, the one or more entries to one or more routing tables at a software-defined wide area network of the service provider domain and receiving a request, by a mobile node on the enterprise domain, of a specific service for a particular class of packets according to a classification of the particular class of packets based on a particular label defined in the registered entries for the specific service.

公开(公告)号：US20230344898A1

公开(公告)日：2023-10-26

申请号：US18106304

申请日：2023-02-06

Applicant: Cisco Technology, Inc.

Inventor： Prakash C. Jain ,  Sanjay Kumar Hooda ,  Marc Portoles Comeras ,  Vinay Saini ,  Victor Manuel Moreno

IPC: H04L41/0893 ,  H04L45/76 ,  H04L67/1001 ,  H04L67/51 ,  H04L41/122

CPC classification number: H04L67/10015 ,  H04L41/0893 ,  H04L41/122 ,  H04L45/76 ,  H04L67/51

Abstract: This disclosure describes techniques and mechanisms for providing hybrid cloud services for enterprise fabric. The techniques include enhancing an on-demand protocol (e.g., such as LISP) and allowing simplified security and/or firewall service insertion for datacenter servers providing those services. Accordingly, the techniques described herein provide hybrid cloud services that work in disaggregated, distributed, and consistent way, while avoiding complex datacenter network devices (e.g., such running overlay on TOR), replacing and moving the functionality to on demand protocol enabled servers, which intelligently receive the required mappings as well as registers and publishes the service information to intelligently interact with the network.

公开(公告)号：US20230198902A1

公开(公告)日：2023-06-22

申请号：US17558247

申请日：2021-12-21

Applicant: Cisco Technology, Inc.

Inventor： Balaji Pitta Venkatachalapathy ,  Sanjay Kumar Hooda ,  Marc Portoles Comeras

IPC: H04L45/748

CPC classification number: H04L45/748

Abstract: Techniques for dynamically adapting a router capacity to system needs in a network. The border router may receive a list of summarized prefixes for endpoint devices associated with the router from control-plane nodes. The router may store the list of summarized prefixes in memory of the border router. Once the router receives traffic that is destined for endpoint devices associated with the border router, it may determine that the destination address is included in the summarized prefixes. In some examples, the router may download complete prefixes from the control-plane nodes, and forward the traffic to the destination address indicated by the complete prefixes.

公开(公告)号：US11201818B2

公开(公告)日：2021-12-14

申请号：US16783843

申请日：2020-02-06

Applicant: Cisco Technology, Inc.

Inventor： Fabio Maino ,  Syed Khalid Raza ,  Alberto Rodriguez Natal ,  Marc Portoles Comeras

IPC: H04L12/725 ,  H04L29/08 ,  H04L12/46 ,  H04L12/851 ,  H04L29/06 ,  H04L12/715 ,  H04L12/813

Abstract: Disclosed are systems and methods for providing policy selection in a software defined network. An example method includes registering, by an enterprise controller on an enterprise domain, in a shared mapping system on a service provider domain, one or more entries specifying one or more services for one or more classes of traffic to yield registered entries, reading, by a service provider controller, from the shared mapping system, the registered entries, posting, by the service provider controller, the one or more entries to one or more routing tables at a software-defined wide area network of the service provider domain and receiving a request, by a mobile node on the enterprise domain, of a specific service for a particular class of packets according to a classification of the particular class of packets based on a particular label defined in the registered entries for the specific service.

公开(公告)号：US10484281B1

公开(公告)日：2019-11-19

申请号：US16017554

申请日：2018-06-25

Applicant: Cisco Technology, Inc.

Inventor： Brent P. Mucci ,  Marc Portoles Comeras ,  Vrushali Ashtaputre ,  Victor M. Moreno ,  Hatem Mohammad R.A. Abouzeid

IPC: H04L12/741 ,  H04L12/747 ,  H04L29/06 ,  H04L12/715 ,  H04L12/761 ,  H04L12/751

Abstract: In one illustrative example, a router may be configured to provide a plurality of virtual private network (VPN) instances for a plurality of VPNs associated with a plurality of IDs. Each VPN instance may comprise a forwarding table instance for storing a plurality of host-to-router mappings for the VPN. The router may be further configured to provide a virtual VPN instance for a virtual VPN associated with an ID of a remote extranet VPN. The virtual VPN instance may comprise a map-cache for storing a host-to-router mapping for the remote extranet VPN. The virtual VPN instance has no corresponding forwarding table instance for user plane traffic associated with the remote extranet VPN, but rather serves as part of a control plane interface for control signaling associated with the remote extranet VPN. Accordingly, the router may provide multiple updates to host-to-router mappings in forwarding table instances of the VPNs in accordance with a change in the host-to-router mapping in the virtual VPN instance.

公开(公告)号：US20160119196A1

公开(公告)日：2016-04-28

申请号：US14612691

申请日：2015-02-03

Applicant: Cisco Technology, Inc.

Inventor： Marc Portoles Comeras ,  Preethi Natarajan ,  Alberto Rodriguez Natal ,  Fabio Rodolfo Maino ,  Alberto Cabellos Aparicio ,  Vasileios Lakafosis ,  Lorand Jakab

IPC: H04L12/24 ,  H04L12/707

CPC classification number: H04L41/5054 ,  H04L45/24 ,  H04L47/125 ,  H04L47/193 ,  H04L69/14 ,  H04L69/16 ,  H04L69/161

Abstract: Techniques are provided for a network mapping server device in a network to receive a connection upgrade message comprising information to establish a first data flow from a first endpoint that does not support multiple subflows for the first data flow according to a multipath protocol, where multiple subflows subdivide the first data flow across two or more network paths. The information in the connection upgrade message is analyzed in order to resolve network connectivity to determine potential network connections for at least two subflows of the first data flow to a second endpoint. A response message is sent comprising information configured to establish at least two subflows for the first data flow between the first endpoint and the second endpoint.

Abstract translation: 为网络中的网络映射服务器设备提供技术，以接收包括信息的连接升级消息，以便根据多路径协议从不支持第一数据流的多个子流的第一端点建立第一数据流，其中多个子流 第一个数据流跨越两个或多个网络路径细分。 分析连接升级消息中的信息以便解析网络连接以确定到第二端点的至少两个子流的第一数据流的潜在网络连接。 发送响应消息，包括被配置为为第一端点和第二端点之间的第一数据流建立至少两个子流的信息。

公开(公告)号：US12052313B2

公开(公告)日：2024-07-30

申请号：US18106304

申请日：2023-02-06

Applicant: Cisco Technology, Inc.

Inventor： Prakash C. Jain ,  Sanjay Kumar Hooda ,  Marc Portoles Comeras ,  Vinay Saini ,  Victor Manuel Moreno

IPC: H04L67/51 ,  H04L41/0893 ,  H04L41/122 ,  H04L45/76 ,  H04L67/1001

CPC classification number: H04L67/10015 ,  H04L41/0893 ,  H04L41/122 ,  H04L45/76 ,  H04L67/51

Abstract: This disclosure describes techniques and mechanisms for providing hybrid cloud services for enterprise fabric. The techniques include enhancing an on-demand protocol (e.g., such as LISP) and allowing simplified security and/or firewall service insertion for datacenter servers providing those services. Accordingly, the techniques described herein provide hybrid cloud services that work in disaggregated, distributed, and consistent way, while avoiding complex datacenter network devices (e.g., such running overlay on TOR), replacing and moving the functionality to on demand protocol enabled servers, which intelligently receive the required mappings as well as registers and publishes the service information to intelligently interact with the network.

公开(公告)号：US12028253B2

公开(公告)日：2024-07-02

申请号：US17558247

申请日：2021-12-21

Applicant: Cisco Technology, Inc.

Inventor： Balaji Pitta Venkatachalapathy ,  Sanjay Kumar Hooda ,  Marc Portoles Comeras

IPC: H04L45/748

CPC classification number: H04L45/748

Abstract: Techniques for dynamically adapting a router capacity to system needs in a network. The border router may receive a list of summarized prefixes for endpoint devices associated with the router from control-plane nodes. The router may store the list of summarized prefixes in memory of the border router. Once the router receives traffic that is destined for endpoint devices associated with the border router, it may determine that the destination address is included in the summarized prefixes. In some examples, the router may download complete prefixes from the control-plane nodes, and forward the traffic to the destination address indicated by the complete prefixes.

公开(公告)号：US20220086083A1

公开(公告)日：2022-03-17

申请号：US17534101

申请日：2021-11-23

Applicant: Cisco Technology, Inc.

Inventor： Fabio Maino ,  Syed Khalid Raza ,  Alberto Rodriguez Natal ,  Marc Portoles Comeras

IPC: H04L12/725 ,  H04L29/08 ,  H04L12/46 ,  H04L12/851 ,  H04L29/06 ,  H04L12/715 ,  H04L12/813

Abstract: Disclosed are systems and methods for providing policy selection in a software defined network. An example method includes registering, by an enterprise controller on an enterprise domain, in a shared mapping system on a service provider domain, one or more entries specifying one or more services for one or more classes of traffic to yield registered entries, reading, by a service provider controller, from the shared mapping system, the registered entries, posting, by the service provider controller, the one or more entries to one or more routing tables at a software-defined wide area network of the service provider domain and receiving a request, by a mobile node on the enterprise domain, of a specific service for a particular class of packets according to a classification of the particular class of packets based on a particular label defined in the registered entries for the specific service.