公开(公告)号：US20190182103A1

公开(公告)日：2019-06-13

申请号：US15834284

申请日：2017-12-07

Applicant: Cisco Technology, Inc.

Inventor： Carlos M. Pignataro ,  Nagendra Kumar Nainar ,  Rajiv Asati

IPC: H04L12/24 ,  H04L12/851

Abstract: A system and method predict risks of failure or performance issues in a network to predictively position traffic flows in the network. For a traffic flow through a network, first data accumulated in a header of packets for the traffic flow is obtained, which header is populated by network elements along a path of the traffic flow through the network. Second data is obtained about the network in general including other network elements not along the path of the traffic flow. Machine learning analysis is performed to derive rules that characterize failure or performance risk issues in the network. The rules and topology data describing a topology of the network are applied to a model to create a topological graphical representation indicating failure or performance issues in the network that affect the traffic flow. A path for the traffic flow is modified based on the topological graphical representation.

公开(公告)号：US20190140863A1

公开(公告)日：2019-05-09

申请号：US15803960

申请日：2017-11-06

Applicant: Cisco Technology, Inc.

Inventor： Nagendra Kumar Nainar ,  Carlos M. Pignataro ,  Roberta Maglione

IPC: H04L12/46 ,  H04L12/803 ,  H04L12/721

Abstract: A method for a dataplane signaled bi-directional/symmetric service chain instantiation for efficient load balancing is provided. In one embodiment, the method includes configuring a policy that refers to multiple service function paths that could be used for load balancing network traffic. The method also includes selecting one of the multiple service function paths to send the network traffic in a forward direction. An encapsulation header includes service path identification information identifying the service function path selected for use in the forward direction and an indicator to indicate that that the network traffic is to be sent in a reverse direction using a same service function path selected used for the forward direction. The method includes encapsulating network traffic with the encapsulation header to causes a reverse classifier to program the same service function path for the reverse direction.

公开(公告)号：US20190123984A1

公开(公告)日：2019-04-25

申请号：US15793557

申请日：2017-10-25

Applicant: Cisco Technology, Inc.

Inventor： Nagendra Kumar Nainar ,  Rajiv Asati ,  Carlos M. Pignataro

IPC: H04L12/26

CPC classification number: H04L43/062 ,  H04L43/026 ,  H04L43/04 ,  H04L43/0876 ,  H04L43/12

Abstract: Systems, methods, and computer-readable media are disclosed for use of an overlay network termination endpoint as a proxy to collect telemetry data for micro-services or specific applications provided by containers in overlay data centers. In one aspect of the present disclosure, a method includes receiving, at a controller, a probe for flow statistics associated with a service path, the probe including corresponding flow identification information, extracting the corresponding flow identification information from the probe, obtaining the flow statistics from an agent based on the flow identification information, the agent being configured to manage a plurality of containers, generating a response packet including the flow statistics obtained from the agent and sending the response packet to an initiator from which the query is received.

公开(公告)号：US20190116124A1

公开(公告)日：2019-04-18

申请号：US15783010

申请日：2017-10-13

Applicant: Cisco Technology, Inc.

Inventor： Carlos M. Pignataro ,  Nagendra Kumar Nainar ,  Rajiv Asati

IPC: H04L12/813 ,  H04L29/08 ,  H04L12/24 ,  H04L12/823

Abstract: Systems, methods, and computer-readable media are disclosed for using real time network traffic for validating policy configuration(s) of containers, virtual machines, bare-metals, etc. In one aspect of the present disclosure a method includes receiving, at a controller, an incoming data packet destined for one or more containers; replicating, at the controller, the incoming data packet for validating at least one non-production container to yield a replicated data packet; sending the replicated data packet to the at least one non-production container; and dropping any data packet received from the at least one non-production container at a corresponding incoming port of the controller.

公开(公告)号：US20190097899A1

公开(公告)日：2019-03-28

申请号：US16200002

申请日：2018-11-26

Applicant: Cisco Technology, Inc.

Inventor： Nagendra Kumar Nainar ,  Carlos M. Pignataro ,  Joseph M. Clarke

IPC: H04L12/24 ,  H04L12/26

CPC classification number: H04L41/5019 ,  H04L41/5009 ,  H04L43/0829 ,  H04L43/087 ,  H04L43/106

Abstract: An ingress node inserts into a header of a packet service level agreement information and forwards the packet. At an egress node of the network, the packet is received and the service level agreement information is obtained from the header of the packet. The egress node verifies whether there is conformance to a service level agreement based on at least one parameter associated with reception of one or more packets at the egress node and the service level agreement information.

公开(公告)号：US10237173B2

公开(公告)日：2019-03-19

申请号：US15253487

申请日：2016-08-31

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Nagendra Kumar Nainar ,  Carlos M. Pignataro ,  Faisal Iqbal

IPC: H04L12/911 ,  H04L12/723 ,  H04L12/733 ,  H04L12/721

Abstract: In one embodiment, a method includes generating a first trace request at an initiator node configured for segment routing, the first trace request comprising a query for FEC (Forwarding Equivalence Class) information, transmitting the first trace request on a path comprising at least one node wherein FEC details for the node are unknown by the initiator node, receiving a response to the first trace request comprising the FEC information, transmitting a second trace request with the FEC information, and receiving a response to the second trace request providing FEC validation. An apparatus is also disclosed herein.

公开(公告)号：US10218524B2

公开(公告)日：2019-02-26

申请号：US14536153

申请日：2014-11-07

Applicant: Cisco Technology, Inc.

Inventor： Ijsbrand Wijnands ,  Gregory J. Shepherd ,  Nagendra Kumar Nainar

IPC: H04L12/18 ,  H04L12/741 ,  H04L12/761 ,  H04L12/721 ,  H04L12/723

Abstract: Various systems and methods for performing bit indexed explicit replication (BIER). For example, one method involves receiving a link layer protocol frame at a network device. The link layer protocol frame includes a MAC address that identifies the link layer protocol frame as a being a multicast frame. The method then involves selecting a subset of ports included on the network device and forwarding the link layer protocol frame to only the selected subset of ports.

公开(公告)号：US20190058654A1

公开(公告)日：2019-02-21

申请号：US16169491

申请日：2018-10-24

Applicant: Cisco Technology, Inc.

Inventor： Nagendra Kumar Nainar ,  Carlos M. Pignataro ,  Stefano B. Previdi

IPC: H04L12/703 ,  H04L12/741 ,  H04L12/707 ,  H04L12/781 ,  H04L12/721

CPC classification number: H04L45/28 ,  H04L45/22 ,  H04L45/52 ,  H04L45/72 ,  H04L45/74

Abstract: Embodiments include generating an error message based on an error associated with a packet, adding to the error message an address of a node in a segment routing domain of a network to serve as a destination address of the error message, and adding a new segment routing header to the error message. Embodiments also include rewriting the packet where the rewriting includes replacing a destination address in the packet with a final destination address associated with the packet. Embodiments further include adding the rewritten packet to the error message, and forwarding the error message to the destination address of the error message. In specific embodiments, the rewriting the packet includes removing a segment routing header of the packet. More specific embodiments include deriving the new segment routing header from information in the packet.

公开(公告)号：US10187306B2

公开(公告)日：2019-01-22

申请号：US15080493

申请日：2016-03-24

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Nagendra Kumar Nainar ,  Carlos M. Pignataro ,  James N. Guichard ,  Paul Quinn

IPC: H04L12/801 ,  H04L12/715 ,  H04L12/46 ,  H04L29/06 ,  H04L29/08

Abstract: There is disclosed an apparatus having logic elements to: receive an incoming packet associated with a first service function chain; identify a next hop service function for the incoming packet as a non-reactive service function; create a duplicate packet; forward the duplicate packet to the non-reactive service function; and forward the incoming packet to a next reactive service function. There is also disclosed an apparatus having logic to: receive an incoming packet associated with a first service function chain (SFC), having a first service path identifier (SPI); determine that the incoming packet has a first service index (SI), and that a next-hop SI identifies a non-reactive service function (NRSF); receive a duplicate packet of the incoming packet; rewrite a service header of the duplicate packet to identify a second SFC having a second SPI, wherein the second SPI is different from the first SPI; and alter the first SI of the incoming packet to identify a next reactive service function in the first SFC.

公开(公告)号：US20180359095A1

公开(公告)日：2018-12-13

申请号：US15620015

申请日：2017-06-12

Applicant: Cisco Technology, Inc.

Inventor： Rajiv Asati ,  Nagendra Kumar Nainar ,  Carlos M. Pignataro

IPC: H04L9/32 ,  H04L12/28

CPC classification number: H04L9/3239 ,  G06F17/3033 ,  H04L12/2809 ,  H04L12/281 ,  H04L63/0823

Abstract: Techniques for use in generating a dynamically-changing IoT device identity with robust blockchain validation are provided. When entering a communication network, an IoT device performs a procedure for registration. The procedure includes communicating, in a transaction, data associated with the IoT device to a network device (e.g. a fog router). The data includes, amongst other data items, an identity for addressing communications to and from the IoT device. A transaction number associated with the transaction is received based on a blockchain registration of the transaction. An updated identity of the IoT device is then derived based on the transaction number. In one example, the updated identity of the IoT device may be derived by combining a static address of the IoT device and the transaction number. The steps may be repeated by the device for each one of a plurality of network registrations.