公开(公告)号：US11477092B2

公开(公告)日：2022-10-18

申请号：US16930947

申请日：2020-07-16

Applicant: Cisco Technology, Inc.

Inventor： Shyam Kapadia ,  Liqin Dong ,  Lukas Krattiger

IPC: H04L41/14 ,  H04L45/02 ,  H04L9/32 ,  H04L9/08 ,  H04L45/64

Abstract: Techniques for utilizing a Software-Defined-Networking (SDN) controller and/or a Data Center Network Manager (DCNM) and network border gateway switches associated with a multi-site cloud computing network to provide reachability data indicating physical links between the border gateways disposed in different sites of the multi-site network to establish secure connection tunnels utilizing the physical links and unique encryption keys. The SDN controller and/or DCNM may be configured to generate a physical underlay model representing the physical underlay, or network transport capabilities, and/or a logical overlay model representing a logical overlay, or overlay control-plane, of the multi-site network. The SDN controller may also generate an encryption key model representing the associations between the encryption keys and the physical links between the associated network border gateway switches. The SDN controller may utilize the models to determine route paths for transmitting network traffic spanning over different sites of the multi-site network at line speed.

公开(公告)号：US11115375B2

公开(公告)日：2021-09-07

申请号：US16577330

申请日：2019-09-20

Applicant: Cisco Technology, Inc.

Inventor： Rex Emmauel Fernando ,  Victor Manuel Moreno ,  Shyam Kapadia ,  Liqin Dong ,  Murali Venkateshaiah

IPC: H04L29/12 ,  H04L12/46 ,  H04L12/24

Abstract: A system and a method are disclosed for enabling interoperability between data plane learning endpoints and control plane learning endpoints in an overlay network environment. An exemplary method for managing network traffic in the overlay network environment includes receiving network packets in an overlay network from data plane learning endpoints and control plane learning endpoints, wherein the overlay network extends Layer 2 network traffic over a Layer 3 network; operating in a data plane learning mode when a network packet is received from a data plane learning endpoint; and operating in a control plane learning mode when the network packet is received from a control plane learning endpoint. Where the overlay network includes more than one overlay segment, the method further includes operating as an anchor node for routing inter-overlay segment traffic to and from hosts that operate behind the data plane learning endpoints.

公开(公告)号：US10673736B2

公开(公告)日：2020-06-02

申请号：US15496146

申请日：2017-04-25

Applicant: Cisco Technology, Inc.

Inventor： Sathish Srinivasan ,  Shyam Kapadia ,  Deepak Kumar ,  Indrajanti Pallikala ,  Rohit Mendiratta ,  Lukas Krattiger

IPC: H04L12/855 ,  H04L12/725 ,  H04L12/741 ,  H04L12/46 ,  H04L12/715 ,  H04L29/12

Abstract: A first network node of a computer network discovers a host route by leveraging a temporary host route on the control plane of the computer network. The first network node receives, from a source host, a request for a host route associated with a destination host. The first network node determines that it has not previously stored the host route associated with the destination host, and generates a temporary host route associated with the destination host. The first network node propagates the temporary host route across the control plane of the computer network, causing each respective network node to discover if the destination host is connected to the respective network node.

公开(公告)号：US10326694B2

公开(公告)日：2019-06-18

申请号：US15161636

申请日：2016-05-23

Applicant: Cisco Technology, Inc.

Inventor： Victor Moreno ,  Shyam Kapadia ,  Murali Venkateshaiah ,  John Lo ,  Liqin Dong

IPC: H04L12/715 ,  H04H20/26 ,  H04L12/46 ,  H04L12/753 ,  H04L12/741 ,  H04L12/761 ,  H04L12/18

Abstract: Presented herein are hybrid approaches to multi-destination traffic forwarding in overlay networks that can be used to facilitate interoperability between head-end-replication-support network devices (i.e., those that only use head-end-replication) and multicast-support network devices (i.e., those that only use native multicast). By generally using existing tunnel end-points (TEPs) supported functionality for sending multi-destination traffic and enhancing the TEPs to receive multi-destination traffic with the encapsulation scheme they do not natively support, the presented methods and systems minimize the required enhancements to achieve interoperability and circumvents any hard limitations that the end-point hardware may have. The present methods and systems may be used with legacy hardware that are commissioned or deployed as well as new hardware that are configured with legacy protocols.

公开(公告)号：US20190166048A1

公开(公告)日：2019-05-30

申请号：US15827183

申请日：2017-11-30

Applicant: Cisco Technology, Inc.

Inventor： Sathish Srinivasan ,  Shyam Kapadia ,  Lukas Krattiger ,  Rajesh Sharma

IPC: H04L12/741 ,  H04L12/713

CPC classification number: H04L45/745 ,  H04L12/4641 ,  H04L45/586 ,  H04L63/0272

Abstract: A first network device advertises routes of locally connected routes/subnetworks based on the connectivity of the host with respect to peer network devices. The first network device establishes a virtual port channel associated with a virtual network address. The virtual port channel includes the first network device associated with a first network address and a second network device associated with a second network address. The first network device detects that a host is connected to the first network device and determines a next hop address to associate with the host. The next hop address is determined based on whether the host is also connected to the second network device of the virtual port channel. The first network device generates a route advertisement associating the next hop address with the host.

公开(公告)号：US10116559B2

公开(公告)日：2018-10-30

申请号：US15711812

申请日：2017-09-21

Applicant: Cisco Technology, Inc.

Inventor： Shyam Kapadia ,  Liqin Dong ,  Yibin Yang

IPC: H04L12/715 ,  H04L12/46 ,  H04L12/721 ,  H04L12/24 ,  H04L12/741

Abstract: Systems, methods, and computer-readable media for OAM in overlay networks. In response to receiving a packet associated with an OAM operation from a device in an overlay network, the system generates an OAM packet. The system can be coupled with the overlay network and can include a tunnel endpoint interface associated with an underlay address and a virtual interface associated with an overlay address. The overlay address can be an anycast address assigned to the system and another device in the overlay network. Next, the system determines that a destination address associated with the packet is not reachable through the virtual interface, the destination address corresponding to a destination node in the overlay network. The system also determines that the destination address is reachable through the tunnel endpoint interface. The system then provides the underlay address associated with the tunnel endpoint interface as a source address in the OAM packet.

公开(公告)号：US09860116B1

公开(公告)日：2018-01-02

申请号：US13921083

申请日：2013-06-18

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Vipin Jain ,  Suran Saminda de Silva ,  Shyam Kapadia ,  Nilesh Shah

IPC: H04L12/24 ,  H04L12/933

CPC classification number: H04L41/0806 ,  H04J2203/0014 ,  H04L41/084 ,  H04L45/586 ,  H04L49/1569

Abstract: A method is provided in one example embodiment and includes creating a segment organization, which includes a configuration profile. The method also includes attaching the configuration profile to a server in the segment organization. The method further includes sending the attached configuration profile to a database in a physical network.

公开(公告)号：US09794085B2

公开(公告)日：2017-10-17

申请号：US15209354

申请日：2016-07-13

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Shyam Kapadia ,  Rick Chang ,  Yibin Yang ,  Rajesh Babu Nataraja

IPC: H04L12/46 ,  H04L12/24 ,  H04L12/931 ,  H04L12/753

CPC classification number: H04L12/4641 ,  H04L12/4625 ,  H04L12/4633 ,  H04L41/0803 ,  H04L41/0816 ,  H04L41/12 ,  H04L41/26 ,  H04L45/48 ,  H04L49/354

Abstract: In accordance with one example embodiment, there is provided a system configured for virtual local area network (VLAN) blocking on a virtual port channel (vPC) member link to handle discrepant virtual network instance (VNI) to VLAN mappings. In other embodiments, the system can be configured for providing Virtual Switch Interface Discovery Protocol (VDP) and virtual switch enhancements to accommodate discrepant VNI to VLAN mappings. In another example embodiment, an apparatus is provided that includes a processor, and a memory coupled to the processor, where the apparatus is configured such that if a server is connected through a virtual port channel, a VDP is used to notify the server of different VNI to VLAN mappings. In another embodiment, the apparatus can extend a VDP Filter Info Field to carry a set of VLANs mapped to a VNI, keyed by leaf MAC addresses that serve as bridge identifiers.

公开(公告)号：US20170171067A1

公开(公告)日：2017-06-15

申请号：US15444791

申请日：2017-02-28

Applicant: Cisco Technology, Inc.

Inventor： Shyam Kapadia ,  Nilesh Shah ,  Bhushan Kanekar

IPC: H04L12/775 ,  H04L12/761 ,  H04L12/741

CPC classification number: H04L45/58 ,  H04L12/1881 ,  H04L45/16 ,  H04L45/54 ,  H04L45/74

Abstract: Systems and methods are provided for a multicast based solution to solving the slow-start problem that ensures both optimal (1-hop) and in-sequence delivery of packets to the destination. Packets are hardware switched thereby completely eliminating the slow software switching path.

公开(公告)号：US09548922B2

公开(公告)日：2017-01-17

申请号：US14074522

申请日：2013-11-07

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Suran Saminda de Silva ,  Shyam Kapadia ,  Rajesh Babu Nataraja ,  Nilesh Shah ,  Pei-chun Cheng

IPC: H04L12/741 ,  H04L12/931 ,  G06F9/44 ,  H04L12/713

CPC classification number: H04L45/745 ,  G06F9/44 ,  G06F9/45558 ,  G06F2009/45595 ,  H04L45/586 ,  H04L49/70

Abstract: A method is provided in one example embodiment and includes receiving at a first network element a packet from a second network element; processing the packet at the first network element to obtain information regarding an identity of a virtual machine (“VM”) hosted by the second network element contained within the packet; and storing at the first network element the identifying information. The identifying information stored at the first network element is accessible by at least one third network element. In some embodiments, the first network element comprises a physical switch and the second network element comprises a virtual switch.

Abstract translation: 在一个示例实施例中提供了一种方法，并且包括在第一网络元件处接收来自第二网络元件的分组; 处理在第一网元处的分组以获得关于由分组中包含的第二网元承载的虚拟机（“VM”）的身份的信息; 以及在所述第一网络元件处存储所述识别信息。 存储在第一网络元件处的识别信息可由至少一个第三网络元件访问。 在一些实施例中，第一网络元件包括物理交换机，第二网络元件包括虚拟交换机。