公开(公告)号：US10263887B2

公开(公告)日：2019-04-16

申请号：US15922253

申请日：2018-03-15

Applicant: Cisco Technology, Inc.

Inventor： Prashanth Patil ,  K. Tirumaleswar Reddy ,  Gonzalo Salgueiro ,  James N. Guichard ,  Carlos M. Pignataro

IPC: H04L12/721 ,  H04L12/725

Abstract: In one embodiment, a service function classifier device determines a classification of a packet using one or more packet classification rules. The device selects a service function path based on the classification of the packet. The device determines one or more traffic flow characteristics based on the classification of the packet. The device generates a service function chaining (SFC) header that identifies the selected service function path and the determined one or more traffic flow characteristics. The SFC header is configured to cause a device along the service function path to forward the encapsulated packet based on the identified service function path and the determined one or more traffic flow characteristics. The device sends the packet along the selected service function path as an encapsulated packet that includes the generated SFC header.

公开(公告)号：US10243847B2

公开(公告)日：2019-03-26

申请号：US15656474

申请日：2017-07-21

Applicant: Cisco Technology, Inc.

Inventor： Stefano Benedetto Previdi ,  James N. Guichard ,  Clarence Filsfils ,  Carlos M. Pignataro

IPC: H04L12/46 ,  H04L29/06 ,  H04L12/723 ,  H04L12/725 ,  H04L12/741 ,  H04L12/851

Abstract: In one embodiment, a device in a network receives a packet that includes a forwarding label for a service in a service chain. The packet encapsulates a service chain header for the service chain. The device swaps the forwarding label for the service in the packet for a reserved label that identifies the packet as encapsulating the service chain header. The device forwards the packet with the reserved label to the service.

公开(公告)号：US10164875B2

公开(公告)日：2018-12-25

申请号：US15049521

申请日：2016-02-22

Applicant: Cisco Technology, Inc.

Inventor： James N. Guichard ,  Paul Quinn ,  Carlos M. Pignataro ,  Nagendra Kumar Nainar ,  Rajiv Asati

IPC: H04L12/723 ,  H04L12/741 ,  H04L12/725

Abstract: In one embodiment, a device in a network receives a packet that includes one or more forwarding labels and a service function chaining (SFC) header. The device removes the one or more forwarding labels from the packet. The device inserts an indication of the one or more forwarding labels into metadata of the SFC header. The device forwards the packet with the inserted indication of the one or more forwarding labels to a service function.

公开(公告)号：US09979704B2

公开(公告)日：2018-05-22

申请号：US14573564

申请日：2014-12-17

Applicant: Cisco Technology, Inc.

Inventor： Kevin D. Shatzkamer ,  Hendrikus G. P. Bosch ,  Warren Scott Wainner ,  James N. Guichard ,  Surendra M. Kumar

IPC: H04L29/06 ,  G06F9/455 ,  G06F21/60

CPC classification number: H04L63/0428 ,  G06F9/45558 ,  G06F21/606 ,  G06F2009/45587 ,  G06F2009/45595

Abstract: A first virtual machine is established in a virtual private service chain to provide a first network service to virtual private service chain traffic. A second virtual machine is also established the virtual private service chain to provide a second network service to the virtual private service chain traffic. The virtual private service chain traffic is encrypted for transmission within the virtual private service chain from the first virtual machine to the second virtual machine, wherein the encryption uses a key shared by the first and second virtual machines.

公开(公告)号：US09749229B2

公开(公告)日：2017-08-29

申请号：US14825273

申请日：2015-08-13

Applicant: Cisco Technology, Inc.

Inventor： Stefano Benedetto Previdi ,  James N. Guichard ,  Clarence Filsfils ,  Carlos M. Pignataro

IPC: H04L12/701 ,  H04L12/723 ,  H04L12/781 ,  H04L12/741 ,  H04L12/46 ,  H04L12/725 ,  H04L12/851 ,  H04L29/06

CPC classification number: H04L45/507 ,  H04L12/4633 ,  H04L45/306 ,  H04L45/50 ,  H04L45/74 ,  H04L47/2441 ,  H04L69/22

Abstract: In one embodiment, a device in a network receives a packet that includes a forwarding label for a service in a service chain. The packet encapsulates a service chain header for the service chain. The device swaps the forwarding label for the service in the packet for a reserved label that identifies the packet as encapsulating the service chain header. The device forwards the packet with the reserved label to the service.

公开(公告)号：US20170180257A1

公开(公告)日：2017-06-22

申请号：US15449940

申请日：2017-03-04

Applicant: CISCO TECHNOLOGY, INC.

Inventor： James N. Guichard ,  Paul Quinn ,  David D. Ward ,  Carlos M. Pignataro

IPC: H04L12/803 ,  H04L29/08 ,  H04L29/06

CPC classification number: H04L47/125 ,  H04L45/306 ,  H04L45/38 ,  H04L45/74 ,  H04L47/2408 ,  H04L47/2441 ,  H04L67/02 ,  H04L67/1023 ,  H04L67/327 ,  H04L69/22 ,  H04W72/0486

Abstract: A method for load balancing based on metadata in a network service header. The method includes receiving a packet or frame of a traffic flow, wherein the packet or frame has a payload and the network service header including metadata and service path information for the traffic flow identifying the service path, and the metadata comprises classification information of the packet or frame, extracting, by a service header processor of the load balancer, the classification information of the metadata from the packet or frame, and applying, by a load balancing function of the load balancer, a load balancing policy on the packet or frame based on the classification information of the metadata.

公开(公告)号：US20170064039A1

公开(公告)日：2017-03-02

申请号：US14838963

申请日：2015-08-28

Applicant: Cisco Technology, Inc.

Inventor： Naiming Shen ,  Keyur P. Patel ,  Carlos M. Pignataro ,  James N. Guichard

IPC: H04L29/08 ,  H04L12/721 ,  H04L12/24

CPC classification number: H04L67/327 ,  H04L41/0806 ,  H04L41/5054 ,  H04L41/5058 ,  H04L45/306 ,  H04L45/44

Abstract: A system comprising a plurality of service nodes, a controller and a network device in communication with the controller. Each of the plurality of service nodes is configured to support one or more service functions to establish a service function chain that includes a plurality of service functions to be performed by routing traffic among the plurality of service nodes. The controller is configured to generate provisioning information for the service function chain. The provisioning information includes at least one condition upon which a service function reclassification or branching operation is to be performed by at least one service node. The network device is in communication with the controller, and is configured to distribute the provisioning information for the service function chain to the plurality of service nodes using a distributed routing protocol.

Abstract translation: 包括多个服务节点的系统，控制器和与控制器通信的网络设备。 多个服务节点中的每一个被配置为支持一个或多个服务功能来建立服务功能链，该服务功能链包括通过在多个服务节点之间路由业务来执行的多个服务功能。 控制器被配置为生成用于服务功能链的供应信息。 所述供应信息包括由至少一个服务节点执行服务功能重新分类或分支操作的至少一个条件。 网络设备与控制器通信，并且被配置为使用分布式路由协议将服务功能链的供应信息分发到多个服务节点。

公开(公告)号：US09571405B2

公开(公告)日：2017-02-14

申请号：US14631595

申请日：2015-02-25

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Carlos M. Pignataro ,  James N. Guichard ,  Nagendra Kumar Nainar ,  Paul Quinn

IPC: H04L12/851 ,  H04L12/741 ,  H04L12/801 ,  H04L29/06

CPC classification number: H04L47/2441 ,  H04L45/74 ,  H04L47/18 ,  H04L67/327 ,  H04L69/22

Abstract: A method for augmenting metadata of a network service header is disclosed. The method includes receiving, at a first service node, a packet or frame of a traffic flow, wherein the packet has a payload and the network service header including a first metadata and a first service path information for the traffic flow, classifying, by the first service node, at least one of the payload and the first metadata to generate a second metadata different from the first metadata, and augmenting, by the first service node, the first metadata using the second metadata before forwarding the packet or frame to a second service node.

Abstract translation: 公开了一种用于增强网络服务头部的元数据的方法。 该方法包括在第一服务节点处接收业务流的分组或帧，其中所述分组具有有效载荷，并且所述网络服务报头包括所述业务流的第一元数据和第一服务路径信​​息， 第一服务节点，有效载荷和第一元数据中的至少一个，以生成不同于第一元数据的第二元数据，以及在将数据包或帧转发到第二元数据之前由第一服务节点使用第二元数据来扩充第一元数据 服务节点。

公开(公告)号：US20160182458A1

公开(公告)日：2016-06-23

申请号：US14573564

申请日：2014-12-17

Applicant: Cisco Technology, Inc.

Inventor： Kevin D. Shatzkamer ,  Hendrikus G.P. Bosch ,  Warren Scott Wainner ,  James N. Guichard ,  Surendra M. Kumar

IPC: H04L29/06 ,  G06F9/455

CPC classification number: H04L63/0428 ,  G06F9/45558 ,  G06F21/606 ,  G06F2009/45587 ,  G06F2009/45595

Abstract: A first virtual machine is established in a virtual private service chain to provide a first network service to virtual private service chain traffic. A second virtual machine is also established the virtual private service chain to provide a second network service to the virtual private service chain traffic. The virtual private service chain traffic is encrypted for transmission within the virtual private service chain from the first virtual machine to the second virtual machine, wherein the encryption uses a key shared by the first and second virtual machines.

Abstract translation: 在虚拟专用服务链中建立第一虚拟机以向虚拟专用服务链流量提供第一网络服务。 第二个虚拟机也建立了虚拟专用服务链，为虚拟私人服务链流量提供第二个网络服务。 虚拟专用服务链流量被加密以在虚拟专用服务链中从第一虚拟机到第二虚拟机的传输，其中加密使用由第一和第二虚拟机共享的密钥。

公开(公告)号：US20150365322A1

公开(公告)日：2015-12-17

申请号：US14304043

申请日：2014-06-13

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Kevin D. Shatzkamer ,  James N. Guichard ,  Hendrikus G. P. Bosch ,  Alessandro Duminuco ,  Humberto J. La Roche ,  Jeffrey Napper

IPC: H04L12/741 ,  H04L12/851 ,  H04L12/721

CPC classification number: H04L45/74 ,  H04L45/306 ,  H04L45/38 ,  H04L47/2441 ,  H04L47/2483

Abstract: A method provided in one embodiment includes receiving a first data packet of a data flow at a first classifier in which the first data packet includes a first identifier. The method further includes determining a second classifier associated with the first identifier in which the second classifier is further associated with at least one service chain of a service chain environment. The method still further includes forwarding the first data packet to the second classifier. The second classifier is configured to receive the first data packet, determine a particular service chain of the at least one service chain to which the first data packet is to be forwarded, and forward the first data packet to the particular service chain.

Abstract translation: 在一个实施例中提供的方法包括在第一分类器处接收数据流的第一数据分组，其中第一数据分组包括第一标识符。 该方法还包括确定与第一标识符相关联的第二分类器，其中第二分类器进一步与服务链环境的至少一个服务链相关联。 该方法还包括将第一数据分组转发到第二分类器。 第二分类器被配置为接收第一数据分组，确定要转发第一数据分组的至少一个服务链的特定服务链，并将第一数据分组转发到特定服务链。