公开(公告)号：US09525619B2

公开(公告)日：2016-12-20

申请号：US14078219

申请日：2013-11-12

Applicant: Cisco Technology, Inc.

Inventor： Clarence Filsfils ,  Nagendra Kumar ,  Ahmed R Bashandy ,  Stefano Benedetto Previdi ,  Pierre Jean Rene Francois ,  Carlos M. Pignataro

IPC: H04L12/751 ,  H04L12/707 ,  H04L12/721 ,  H04L12/703 ,  H04L12/723

CPC classification number: H04L45/22 ,  H04L45/02 ,  H04L45/28 ,  H04L45/34 ,  H04L45/50

Abstract: In one embodiment, a method comprises generating, by a first provider edge router associated with a first segment identifier, a primary label for reaching a destination, and repair information for reaching the destination if a second provider edge router is unavailable to reach the destination; allocating, by the first provider edge router, a first protected next-hop address associated with the first segment identifier for protected reachability to at least the destination; and sending via a core network, by the first provider edge router, an advertisement specifying the label and the repair information, enabling an ingress provider edge router to insert, into a data packet destined for the destination, the labels from the first provider edge router and the second provider edge router based on the repair information, for fast rerouting to the destination via one of the first or second provider edge router if the other is unavailable.

Abstract translation: 在一个实施例中，一种方法包括由与第一段标识符相关联的第一提供商边缘路由器生成用于到达目的地的主标签，以及如果第二提供商边缘路由器不可用于到达目的地则修复用于到达目的地的信息; 由所述第一提供商边缘路由器分配与所述第一分段标识符相关联的第一受保护的下一跳地址以将所保护的可达性分配给至少所述目的地; 并且经由核心网络由第一提供商边缘路由器发送指定标签和修复信息的广告，使得入口提供商边缘路由器能够将来自第一提供商边缘路由器的标签插入到目的地为目的地的数据分组中 以及基于所述修复信息的所述第二提供商边缘路由器，用于通过所述第一或第二提供商边缘路由器之一快速重新路由到所述目的地，如果所述修复信息不可用。

公开(公告)号：US20160342950A1

公开(公告)日：2016-11-24

申请号：US14719412

申请日：2015-05-22

Applicant: Cisco Technology, Inc.

Inventor： Carlos M. Pignataro ,  James D. Stanley, III ,  Rajesh Vargheese

IPC: G06Q10/10

CPC classification number: G06Q10/1095

Abstract: Techniques are presented herein for scheduling meeting rooms for participants by a server in communication with user devices. The server receives a meeting trigger signifying a necessity for scheduling of a meeting. The server then determines that a meeting room is needed for the meeting. After determining that a meeting room is needed, the server queries the plurality of meeting rooms located within a proximity of the first user for characteristics of the meeting rooms. The server then filters a subset of the plurality of meeting rooms based on a set of constraints for the meeting. Any rooms whose characteristics do not meet the constraints are filtered out of the plurality of meeting rooms. The subset of the plurality of meeting rooms are then sorted based on their usage state. The server then reserves one of the meeting rooms from the subset for the meeting between the participants.

Abstract translation: 这里介绍了用于通过与用户设备通信的服务器为参与者安排会议室的技术。 服务器接收会议触发，表示安排会议的必要性。 然后，服务器确定会议需要会议室。 在确定需要会议室之后，为了会议室的特征，服务器查询位于第一用户附近的多个会议室。 然后，服务器基于会议的一组约束过滤多个会议室的子集。 特征不符合约束的任何房间都从多个会议室中过滤掉。 然后根据其使用状态对多个会议室的子集进行排序。 然后，服务器从参与者之间的会议的子集中预留会议室之一。

公开(公告)号：US09444715B2

公开(公告)日：2016-09-13

申请号：US14514209

申请日：2014-10-14

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Carlos M. Pignataro ,  Plamen Nedeltchev Nedeltchev ,  Aamer Saeed Akhter

IPC: H04W4/00 ,  H04L12/26 ,  H04L29/06 ,  H04L12/24

CPC classification number: H04L63/0435 ,  H04L41/0893 ,  H04L41/28 ,  H04L43/08 ,  H04L43/0817 ,  H04L43/0829 ,  H04L43/0864 ,  H04L43/087 ,  H04L43/0876 ,  H04L63/065 ,  H04L63/104

Abstract: The present disclosure describes methods and systems for providing and enforcing scalable federated policies for network-provided flow-based performance metrics. Due to different security concerns related to different domains, varying group policies can be applied to different domains to ensure proper sharing and receipt of flow-based performance metrics. Some policies can limit the type of performance metric being shared among the nodes in the domain. Some policies allow less information to be exposed by specifying aggregated performance metrics to be shared among the nodes in the domain. A group key management infrastructure can be provided to enforce these group policies in the network in a scalable manner.

Abstract translation: 本公开描述了用于为网络提供的基于流的性能度量提供和实施可扩展联合策略的方法和系统。 由于与不同域名相关的不同安全性问题，不同的组策略可以应用于不同的域，以确保正确共享和接收基于流的性能指标。 一些策略可以限制在域中的节点之间共享的性能度量的类型。 一些策略允许通过指定要在域中的节点之间共享的聚合性能指标来公开较少的信息。 可以提供组密钥管理基础设施，以可扩展的方式在网络中强制实施这些组策略。

公开(公告)号：US20160134481A1

公开(公告)日：2016-05-12

申请号：US14587981

申请日：2014-12-31

Applicant: Cisco Technology, Inc.

Inventor： Nobushige Akiya ,  Carlos M. Pignataro ,  Nagendra Kumar Nainar ,  Paul Quinn ,  James Guichard

IPC: H04L12/24

CPC classification number: H04L41/5058 ,  H04L41/5038

Abstract: In one embodiment, a system and method are disclosed for sending a request and receiving a reply. The request contains a network service header including a flow label field and a target index field. The flow label field contains a set of available flow labels. The target index field includes a value indicating a target node. The reply contains information indicating which of the flow labels can be used to route a packet to each of the next hop nodes downstream from the device that sent the reply. This process can be repeated for other nodes on a path, and other paths in a service topology layer. The information determined by this process can be used to perform other necessary functionalities at the service topology layer.

Abstract translation: 在一个实施例中，公开了用于发送请求并接收回复的系统和方法。 请求包含包括流标签字段和目标索引字段的网​​络服务头。 流标签字段包含一组可用流标签。 目标索引字段包括指示目标节点的值。 答复包含指示哪些流标签可以用于将分组路由到发送回复的设备下游的下一跳节点的信息。 可以对路径上的其他节点以及服务拓扑层中的其他路径重复此过程。 该过程确定的信息可用于在服务拓扑层执行其他必要的功能。

公开(公告)号：US20160119226A1

公开(公告)日：2016-04-28

申请号：US14522974

申请日：2014-10-24

Applicant: Cisco Technology, Inc.

Inventor： James Guichard ,  Paul Quinn ,  Carlos M. Pignataro

IPC: H04L12/725 ,  H04L29/06

CPC classification number: H04L45/306 ,  H04L29/0653 ,  H04L45/00 ,  H04L45/38 ,  H04L47/2475

Abstract: A controller that is in communication with the plurality of network nodes establishes a service path for a service chain defined by an ordered sequence of service functions to be performed at respective ones of one or more of the plurality of network nodes. The controller assigns a predetermined service path identifier and a predetermined service index value for a segment of the service chain that includes only one or more network nodes not capable of decapsulating packets to extract a network service header so as to designate the one or more network nodes determined not capable of decapsulating packets to extract the network service header as a single service hop segment in the service chain.

Abstract translation: 与所述多个网络节点通信的控制器为由所述多个网络节点中的一个或多个网络节点中的一个或多个的相应的一个服务功能定义的服务链建立服务路径。 控制器为仅包括一个或多个不能解包分组的网络节点的服务链的段分配预定的服务路径标识符和预定的服务索引值，以提取网络服务头，以便指定一个或多个网络节点 确定不能解包分组，以将服务链中的单个服务跳段提取为网络服务头。

公开(公告)号：US09325667B2

公开(公告)日：2016-04-26

申请号：US13630143

申请日：2012-09-28

Applicant: Cisco Technology, Inc.

Inventor： Carlos M. Pignataro ,  Gonzalo A. Salgueiro ,  Joseph M. Clarke

IPC: H04L29/06 ,  H04L12/46 ,  H04L12/58

CPC classification number: H04L63/0272 ,  H04L12/4641 ,  H04L51/04

Abstract: According to one embodiment, an apparatus receives a virtual private network (VPN) establishment request and a plurality of packets communicated over at least one first protocol, with the first protocol being at least one of the Session Initiation Protocol, the Open System for Communication in Realtime protocol, and the Extended Messaging and Presence Protocol. The apparatus prioritizes the VPN establishment request over the plurality of packets and communicates a negotiation packet comprising a destination port and a response port. The apparatus receives, over a second communication protocol, a datagram through a communication tunnel established in response to receiving the negotiation packet, wherein the datagram is associated with a payload type, the datagram comprises an encapsulation envelope indicating the payload type, the datagram is received at the destination port, a response to the datagram is communicated to the response port, and the second communication protocol is different from the first protocol.

Abstract translation: 根据一个实施例，一种装置接收虚拟专用网络（VPN）建立请求和通过至少一个第一协议传送的多个分组，其中第一协议是会话发起协议，用于通信的开放系统 实时协议，以及扩展消息和在线协议。 该设备通过多个分组对VPN建立请求进行优先级排队，并传送包括目的端口和响应端口的协商报文。 所述装置通过第二通信协议通过响应于接收到所述协商分组而建立的通信隧道接收数据报，其中所述数据报与有效载荷类型相关联，所述数据报包括指示所述有效载荷类型的封装包络，所述数据报被接收 在目的地端口，对数据报的响应被传送到响应端口，并且第二通信协议与第一协议不同。

公开(公告)号：US20160099864A1

公开(公告)日：2016-04-07

申请号：US14508570

申请日：2014-10-07

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Nobushige Akiya ,  Nagendra Kumar Nainar ,  Carlos M. Pignataro

IPC: H04L12/703 ,  H04L12/741 ,  H04L12/823 ,  H04L12/24 ,  H04L12/723

CPC classification number: H04L45/28 ,  H04L45/50 ,  H04L45/74 ,  H04L47/24 ,  H04L47/32

Abstract: In one embodiment, a method includes identifying a failure of a service function at a service node in a service chain, receiving a packet at the service node, and processing the packet at the service node according to a flag associated with the service function and set based on a criticality of the service function. An apparatus is also disclosed herein.

Abstract translation: 在一个实施例中，一种方法包括识别服务链中的服务节点处的服务功能的故障，在服务节点处接收分组，以及根据与服务功能相关联的标志处理服务节点处的分组，并设置 基于服务功能的关键性。 本文还公开了一种装置。

公开(公告)号：US20160099853A1

公开(公告)日：2016-04-07

申请号：US14504076

申请日：2014-10-01

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Plamen Nedeltchev Nedeltchev ,  Aamer Saeed Akhter ,  Carlos M. Pignataro

IPC: H04L12/26 ,  H04L29/08 ,  H04L29/06

CPC classification number: H04L43/0852 ,  H04L43/026 ,  H04L43/0829 ,  H04L43/0888 ,  H04L43/106 ,  H04L43/18 ,  H04L69/22 ,  H04L69/28 ,  H04L69/324

Abstract: The present disclosure describes a technique for performing performance monitoring of service chains. Variations on performance monitoring can include: passive monitoring, active monitoring, or hybrid monitoring. To provide performance monitoring, the Network Service Header (NSH) is modified to include telemetry information usable for monitoring the performance of a particular traffic flow being transported over a service path.

Abstract translation: 本公开描述了一种用于执行服务链的性能监视的技术。 性能监控的变化可以包括：被动监控，主动监控或混合监控。 为了提供性能监控，网络服务头（NSH）被修改为包括可用于监视通过服务路径传输的特定业务流的性能的遥测信息。

公开(公告)号：US20150381444A1

公开(公告)日：2015-12-31

申请号：US14315570

申请日：2014-06-26

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Nagendra Kumar Nainar ,  Carlos M. Pignataro ,  Nobushige Akiya

IPC: H04L12/26

CPC classification number: H04L43/0811 ,  H04L43/10

Abstract: In one embodiment, a method includes generating a path validation packet at a network device, the path validation packet including a plurality of segment identifiers for use in segment routing and an operations, administration, and management (OAM) segment identifier for use in path validation, transmitting from the network device the path validation packet on a path having a plurality of routers associated with the segment identifiers, one of the routers associated with the OAM segment identifier, and validating the path if a return path validation packet is received. An apparatus is also disclosed herein.

Abstract translation: 在一个实施例中，一种方法包括在网络设备处生成路径验证分组，所述路径验证分组包括用于分段路由的多个分段标识符以及用于路径验证的操作，管理和管理（OAM）段标识符 从网络设备发送具有与段标识符相关联的多个路由器的路径上的路径验证分组，与OAM分段标识符相关联的路由器之一，以及如果接收到返回路径验证分组则验证该路径。 本文还公开了一种装置。

公开(公告)号：US20150207729A1

公开(公告)日：2015-07-23

申请号：US14160804

申请日：2014-01-22

Applicant: Cisco Technology, Inc.

Inventor： Roque Gagliano ,  Alvaro E. Retana ,  Keyur P. Patel ,  Burjiz F. Pithawala ,  Ed Kern ,  Carlos M. Pignataro

IPC: H04L12/721 ,  H04L29/08 ,  H04L12/24 ,  H04L12/741 ,  H04L12/805

CPC classification number: H04L45/44 ,  H04L41/0893 ,  H04L45/04 ,  H04L45/745 ,  H04L47/36 ,  H04L67/2819 ,  H04L69/22

Abstract: In one embodiment, a router located at an exit edge of an autonomous system (AS) receives a data packet in a data plane, and determines a destination of the data packet and an associated AS-path information to the destination. The router may then insert the AS-path information into the data packet, and forwards the data packet with the AS-path information toward the destination, such that a receiving device in a destination AS can validate whether the data packet was routed through a path that was secure from a control plane perspective based on a collection of one or more insertions of AS-path information.

Abstract translation: 在一个实施例中，位于自治系统（AS）的出口边缘处的路由器接收数据平面中的数据分组，并且确定数据分组的目的地和相关联的AS路径信息到目的地。 路由器然后可以将AS路径信息插入到数据包中，并将数据包与AS路径信息转发到目的地，使得目的地AS中的接收设备可以验证数据包是否通过路径路由 基于AS路径信息的一个或多个插入的集合，从控制平面的角度来看是安全的。