公开(公告)号：US20240106744A1

公开(公告)日：2024-03-28

申请号：US18531947

申请日：2023-12-07

Applicant: Juniper Networks, Inc.

Inventor： Tarek SAAD ,  Manish TALWAR ,  Raveendra TORVI ,  Ajay KACHRANI ,  Kireeti KOMPELLA

IPC: H04L45/50 ,  H04L9/40 ,  H04L45/00 ,  H04L69/22

CPC classification number: H04L45/50 ,  H04L45/66 ,  H04L63/0464 ,  H04L63/061 ,  H04L69/22

Abstract: In some implementations, an egress network device of a multiprotocol label switching (MPLS) network may exchange Internet key exchange (IKE) messages with an ingress network device of the MPLS network to establish a security association between the egress network device and the ingress network device. The egress network device may receive an MPLS packet that includes an MPLS header, a secure MPLS data header, and an MPLS payload. The egress network device may process the MPLS header to determine a label associated with a label-switched path (LSP) and a secure function indicator. The egress network device may decrypt, using a secure function identified based on the secure MPLS data header, the MPLS payload to generate a decrypted packet. The egress network device may transmit the decrypted packet towards a destination device.

公开(公告)号：US20230370369A1

公开(公告)日：2023-11-16

申请号：US17663319

申请日：2022-05-13

Applicant: Juniper Networks, Inc.

Inventor： Tarek SAAD ,  Manish TALWAR ,  Raveendra TORVI ,  Ajay KACHRANI ,  Kireeti KOMPELLA

IPC: H04L45/50 ,  H04L45/00 ,  H04L9/40 ,  H04L69/22

CPC classification number: H04L45/50 ,  H04L45/66 ,  H04L63/0464 ,  H04L63/061 ,  H04L69/22

Abstract: In some implementations, an ingress network device of a multiprotocol label switching (MPLS) network may receive a packet destined for a destination network device. The ingress network device may determine, based on the packet, a secure function to secure the packet and a label associated with a label-switched path (LSP) from the ingress network device to an egress network device of the MPLS network that is associated with the destination network device. The ingress network device may encrypt, using the secure function, the packet to generate an encrypted packet. The ingress network device may generate an MPLS packet comprising: an MPLS header that includes the label and a secure function indicator, a secure MPLS data header that includes information identifying the secure function, and an MPLS payload that includes the encrypted packet. The ingress network device may forward, based on the label, the MPLS packet.

公开(公告)号：US20160043921A1

公开(公告)日：2016-02-11

申请号：US14885154

申请日：2015-10-16

Applicant: Juniper Networks, Inc.

Inventor： Kireeti KOMPELLA

IPC: H04L12/26 ,  H04L29/06 ,  H04L12/24

CPC classification number: H04L43/0817 ,  H04L41/0654 ,  H04L43/00 ,  H04L43/06 ,  H04L43/0811 ,  H04L43/10 ,  H04L45/00 ,  H04L45/02 ,  H04L45/026 ,  H04L45/52 ,  H04L61/2007 ,  H04L69/08

Abstract: The liveness of routing protocols can be determined using a mechanism to aggregate liveness information for the protocols. The ability of an interface to send and receive packets and the forwarding capability of an interface can also be determined using this mechanism. Since liveness information for multiple protocols, the liveness of interfaces, the forwarding capability of interfaces, or both, may be aggregated in a message, the message can be sent more often than could individual messages for each of the multiple protocols. This allows fast detection of failures, and sending connectivity messages for the individual protocols, such as neighbor “hellos,” to be sent less often.

Abstract translation: 路由协议的活动可以使用用于聚合协议的活动信息的机制来确定。 接口发送和接收报文的能力以及接口的转发能力也可以使用这种机制来确定。 由于多个协议的活动信息，接口的活跃性，接口的转发能力或两者都可以聚合在消息中，所以可以比每个多个协议的单个消息更频繁地发送消息。 这允许快速检测故障，并且发送诸如邻居“hellos”的各个协议的连通性消息被更少地发送。

公开(公告)号：US20140341046A1

公开(公告)日：2014-11-20

申请号：US14450663

申请日：2014-08-04

Applicant: JUNIPER NETWORKS, INC.

Inventor： Kireeti KOMPELLA ,  Nitin BAHADUR

IPC: H04L12/26 ,  H04L12/723

CPC classification number: H04L43/0811 ,  H04L43/10 ,  H04L45/22 ,  H04L45/28 ,  H04L45/50

Abstract: A method performed by a network device may include assembling a multiprotocol label switching (MPLS) echo request, the echo request including an instruction for a transit node to forward the echo request via a bypass path associated with the transit node, and an instruction for an egress node to send an echo reply indicating that the echo request was received on the bypass path. The method may also include sending the MPLS echo request over a functioning label switched path (LSP).

Abstract translation: 由网络设备执行的方法可以包括组合多协议标签交换（MPLS）回波请求，所述回应请求包括用于传输节点的指令，以经由与所述传输节点相关联的旁路路径来转发所述回声请求，以及用于 出口节点发送回应应答，指示在旁路路径上接收到回应请求。 该方法还可以包括通过功能标签交换路径（LSP）发送MPLS回应请求。

公开(公告)号：US20130156032A1

公开(公告)日：2013-06-20

申请号：US13692701

申请日：2012-12-03

Applicant: Juniper Networks, Inc.

Inventor： Alex BABAN ,  Jean-Marc FRAILONG ,  Kireeti KOMPELLA ,  Nitin KUMAR ,  Jamsheed WANIA ,  Murtuza ATTARWALA

IPC: H04L12/18

CPC classification number: H04L12/18 ,  H04L45/16 ,  H04L49/10 ,  H04L49/201

Abstract: A network device receives a packet with a multicast nexthop identifier, and creates a mask that includes addresses of egress packet forwarding engines, of the network device, to which to provide the packet. The network device divides the mask into two portions, generates two copies of the packet, provides a first portion of the mask in a first copy of the packet, and provides a second portion of the mask in a second copy of the packet. The network device also forwards the first copy of the packet to an address of a first egress packet forwarding engine provided in the first portion of the mask, and forwards the second copy of the packet to an address of a second egress packet forwarding engine provided in the second portion of the mask.

Abstract translation: 网络设备接收具有多播下一标识符的分组，并创建包括提供分组的网络设备的出站分组转发引擎的地址的掩码。 网络设备将掩码分成两部分，生成分组的两个副本，在分组的第一副本中提供该掩码的第一部分，并在分组的第二副本中提供该掩码的第二部分。 网络设备还将分组的第一副本转发到在掩码的第一部分中提供的第一出口分组转发引擎的地址，并将分组的第二副本转发到提供的第二出口分组转发引擎的地址 掩模的第二部分。