公开(公告)号：US11706133B2

公开(公告)日：2023-07-18

申请号：US17865125

申请日：2022-07-14

Applicant: Cisco Technology, Inc.

Inventor： Clarence Filsfils ,  Ahmed Mohamed Ahmed Abdelsalam ,  Francois Clad ,  Pablo Camarillo Garvia ,  Kiran Sasidharan Pillai

IPC: H04L45/50 ,  H04L12/46 ,  H04L45/74 ,  H04L45/28 ,  H04L69/22 ,  H04L45/42 ,  H04L45/00 ,  H04L45/741

CPC classification number: H04L45/50 ,  H04L12/4633 ,  H04L45/28 ,  H04L45/42 ,  H04L45/566 ,  H04L45/74 ,  H04L45/741 ,  H04L69/22

Abstract: The present technology pertains to a group-based network policy using Segment Routing over an IPv6 dataplane (SRv6). After a source application sends a packet, an ingress node can receive the packet, and if the source node is capable, it can identify an application policy and apply it. The ingress node indicates that the policy has been applied by including policy bits in the packet encapsulation. When the packet is received by the egress node, it can determine whether the policy was already applied, and if so, the packet is forward to the destination application. If the egress node determines that the policy has not be applied the destination application can apply the policy. Both the ingress node and egress nodes can learn of source application groups, destination application groups, and applicable policies through communication with aspects of the segment routing fabric.

公开(公告)号：US11611505B2

公开(公告)日：2023-03-21

申请号：US17404817

申请日：2021-08-17

Applicant: Cisco Technology, Inc.

Inventor： Clarence Filsfils ,  Francois Clad ,  Zafar Ali ,  Peter Psenak

IPC: H04L12/721 ,  H04L45/00 ,  H04L69/22 ,  H04L45/02

Abstract: Techniques and mechanisms for compressing the size of SIDs to be smaller than a complete IPv6 address (or “micro SIDs”), and scaling micro SIDs across a multi-domain environment using micro SID-domain-blocks. Segment routing over IPv6 (SRv6) uses 128-bit IPv6 addresses as SIDs for segment routing. According to this disclosure, multiple SRv6 SIDs may be expressed in a compact format such that a 128-bit IPv6 address, such as the destination address field of the IPv6 header, may store multiple micro SIDs. Further, SID-domain-blocks may be assigned to each domain in a multi-domain network such that micro SIDs may be expressed in the context of a given domain, rather than being shared in the global multi-domain network. In this way, lists of domain-specific SIDs may be fully expressed in the IPv6 destination address of the packet to scale micro SID into large, multi-domain networks.

公开(公告)号：US20220400048A1

公开(公告)日：2022-12-15

申请号：US17342899

申请日：2021-06-09

Applicant: Cisco Technology, Inc.

Inventor： Peter Psenak ,  Lester C. Ginsberg ,  Ketan Jivan Talaulikar ,  Clarence Filsfils ,  Francois Clad ,  Stephane Litkowski

IPC: H04L12/24

Abstract: The present technology is directed to signaling unreachability of a network device, more specifically, a prefix of the network device in network that utilizes route summarization. A pulse trigger agent can detect an unreachability of at least one Provider Edge (PE) device in a network domain of a network and determine that a route summarization is being used within the network where the unreachability of the at least one PE device is hidden by the route summarization. A pulse distribution agent can transmit a failure message informing other PE devices of the unreachability of the at least one PE device.

公开(公告)号：US20220303366A1

公开(公告)日：2022-09-22

申请号：US17836069

申请日：2022-06-09

Applicant: Cisco Technology, Inc.

Inventor： Patrice Brissette ,  Clarence Filsfils ,  Darren Dukes ,  Gaurav Dawra ,  Francois Clad ,  Pablo Camarillo Garvia

IPC: H04L69/22 ,  H04L69/324 ,  H04L45/00 ,  H04L67/10 ,  H04L45/02 ,  H04L45/50 ,  H04L61/5007 ,  H04L67/63 ,  H04L12/46 ,  H04L45/74 ,  H04L49/35 ,  H04L45/741

Abstract: In one embodiment, Ethernet Virtual Private Network (EVPN) is implemented using Internet Protocol Version 6 (IPv6) Segment Routing (SRv6) underlay network and SRv6-enhanced Border Gateway Protocol (BGP) signaling. A particular route associated with a particular Internet Protocol Version 6 (IPv6) Segment Routing (SRv6) Segment Identifier (SID) is advertised in a particular route advertisement message of a routing protocol (e.g., BGP). The SID includes encoding representing a particular Ethernet Virtual Private Network (EVPN) Layer 2 (L2) flooding Segment Routing end function of the particular router and a particular Ethernet Segment Identifier (ESI), with the particular SID including a routable prefix to the particular router. The particular router receives a particular packet including the particular SID; and in response, the particular router performs the particular EVPN end function on the particular packet.

公开(公告)号：US11445048B2

公开(公告)日：2022-09-13

申请号：US16990030

申请日：2020-08-11

Applicant: Cisco Technology, Inc.

Inventor： Clarence Filsfils ,  Francois Clad ,  Pablo Camarillo Garvia ,  Siva Sivabalan ,  Syed Kamran Raza

IPC: H04L69/04 ,  H04L45/74

Abstract: In one embodiment, a method includes identifying, by a network component, a first segment identifier (SID) within a SID list. The first SID includes a first SID block and a first micro SID (uSID). The method also includes initializing, by the network component, a packing list of a uSID carrier with the first uSID of the first SID and initializing, by the network component, a packing block of the uSID carrier with the first SID block of the first SID. The method further includes initializing, by the network component, a remaining packing capacity of the packing list with a carrier capacity of the first SID and initializing, by the network component, an empty compressed SID list.

公开(公告)号：US11424986B2

公开(公告)日：2022-08-23

申请号：US16663186

申请日：2019-10-24

Applicant: Cisco Technology, Inc.

Inventor： Clarence Filsfils ,  Francois Clad ,  Pablo Camarillo Garvia ,  Ahmed Mohamed Ahmed Abdelsalam

IPC: H04L1/00 ,  H04L41/0893 ,  H04W76/12 ,  H04L41/0896 ,  H04L47/2441 ,  H04W28/10

Abstract: In one embodiment, a method, by a network apparatus of a first domain network, includes receiving one or more packets from an access network, determining a classification for the packets based on the accounting information, selecting, based on the determined classification, a policy configuration from a plurality of policy configurations for processing the packets, encapsulating the packets with one or more segment identifiers in accordance with the selected policy configuration, and sending the encapsulated packets to a network slice or a second network slice in a second domain network based on the one or more segment identifiers.

公开(公告)号：US11418435B2

公开(公告)日：2022-08-16

申请号：US16860896

申请日：2020-04-28

Applicant: Cisco Technology, Inc.

Inventor： Clarence Filsfils ,  Ahmed Mohamed Ahmed Abdelsalam ,  Francois Clad ,  Pablo Camarillo Garvia ,  Kiran Sasidharan Pillai

IPC: H04L45/50 ,  H04L12/46 ,  H04L45/74 ,  H04L45/28 ,  H04L69/22

Abstract: The present technology pertains to a group-based network policy using Segment Routing over an IPv6 dataplane (SRv6). After a source application sends a packet, an ingress node can receive the packet, and if the source node is capable, it can identify an application policy and apply it. The ingress node indicates that the policy has been applied by including policy bits in the packet encapsulation. When the packet is received by the egress node, it can determine whether the policy was already applied, and if so, the packet is forward to the destination application. If the egress node determines that the policy has not be applied the destination application can apply the policy. Both the ingress node and egress nodes can learn of source application groups, destination application groups, and applicable policies through communication with aspects of the segment routing fabric.

公开(公告)号：US11356361B2

公开(公告)日：2022-06-07

申请号：US16717717

申请日：2019-12-17

Applicant: Cisco Technology, Inc.

Inventor： Francois Clad ,  David Delano Ward ,  Clarence Filsfils

IPC: H04L12/707 ,  H04L12/815 ,  G06F15/173 ,  H04L29/06 ,  H04L45/00 ,  H04L9/40 ,  H04L45/302

Abstract: In one embodiment, a method includes a method includes receiving, by a headend node, network traffic. The method also includes determining, by the headend node, that the network traffic matches a service route. The method further includes steering, by the headend node, the network traffic into an SR-TE policy. The SR-TE policy is associated with the service route and includes a security level constraint.

公开(公告)号：US11283906B2

公开(公告)日：2022-03-22

申请号：US16697134

申请日：2019-11-26

Applicant: Cisco Technology, Inc.

Inventor： Patrice Brissette ,  Clarence Filsfils ,  Darren Dukes ,  Gaurav Dawra ,  Francois Clad ,  Pablo Camarillo Garvia

IPC: H04L29/06 ,  H04L69/22 ,  H04L69/324 ,  H04L45/00 ,  H04L67/10 ,  H04L45/50 ,  H04L12/46 ,  H04L45/74 ,  H04L61/5007 ,  H04L49/35 ,  H04L67/63 ,  H04L45/741 ,  H04L101/659 ,  H04L61/2503 ,  H04L43/028 ,  H04L45/745

Abstract: In one embodiment, Ethernet Virtual Private Network (EVPN) is implemented using Internet Protocol Version 6 (IPv6) Segment Routing (SRv6) underlay network and SRv6-enhanced Border Gateway Protocol (BGP) signaling. A particular route associated with a particular Internet Protocol Version 6 (IPv6) Segment Routing (SRv6) Segment Identifier (SID) is advertised in a particular route advertisement message of a routing protocol (e.g., BGP). The SID includes encoding representing a particular Ethernet Virtual Private Network (EVPN) Layer 2 (L2) flooding Segment Routing end function of the particular router and a particular Ethernet Segment Identifier (ESI), with the particular SID including a routable prefix to the particular router. The particular router receives a particular packet including the particular SID; and in response, the particular router performs the particular EVPN end function on the particular packet.

公开(公告)号：US20200244588A1

公开(公告)日：2020-07-30

申请号：US16825168

申请日：2020-03-20

Applicant: Cisco Technology, Inc.

Inventor： Clarence Filsfils ,  Zafar Ali ,  Pablo Camarillo Garvia ,  Francois Clad

IPC: H04L12/863 ,  H04L12/911 ,  H04L12/851 ,  H04L12/801 ,  H04L12/26

Abstract: The present technology is directed to a system and method for implementing network resource partitioning and Quality of Service (QoS) separation through network slicing. Embodiments of the present invention describe scalable network slicing method based on defining Segment Routing Flexible Algorithm to represent a network slice and assigning a distinct QoS policy queue to each of the Flexible Algorithms configured on a network node. Therefore, scalable network slice based queuing is implemented wherein a single packet processing queue is assigned to each Flex-Algorithm based network slice. QoS policy queue may be implemented in a hierarchical fashion by differentiation between flow packets in a single QoS policy queue based on value of experimental bits in the header.