公开(公告)号：US12267240B2

公开(公告)日：2025-04-01

申请号：US18656479

申请日：2024-05-06

Applicant: Cisco Technology, Inc.

Inventor： Rajagopalan Janakiraman ,  Suresh Pasupula ,  Manju Ramesh ,  Christophe Paggen ,  Huyen Trung Duong ,  Lukas Krattiger

IPC: H04L45/745 ,  H04L45/24 ,  H04L45/42 ,  H04L61/5007

Abstract: Techniques for using more-specific routing to perform scalable Layer-2 (L2) stretching of subnets across hybrid-cloud environments. Routing tables in a public cloud may allow for routes that are more specific than the default local route, and the more-specific routes may be used to send all traffic to a dedicated, cloud router. The more-specific routes are set up for a VPC where a subnet resides such that the more specific-routes cover at least a portion of subnet range. The next hop for the more-specific routes point to the cloud router which is capable of doing host routing and segmentation extension. Thus, traffic originating from endpoints in a VPC is routed to the cloud router, and the cloud router determines whether the traffic is to be re-routed back to a destination endpoint in the VPC (or another cloud location), or sent to a destination endpoint residing in the on-premises site.

公开(公告)号：US20250071044A1

公开(公告)日：2025-02-27

申请号：US18454704

申请日：2023-08-23

Applicant: Cisco Technology, Inc.

Inventor： Vijay Kumar Devendran ,  Rajagopalan Janakiraman ,  Sathiskumar Segamalai Murugesan ,  Kirankumar Meda

IPC: H04L43/20 ,  H04L43/0852 ,  H04L43/0876 ,  H04L45/12

Abstract: This disclosure describes techniques for enabling distributed path computation and centralized path enforcement in a computer network used to implement a software application. In some cases, the disclosed techniques include using a central controller that initializes and coordinates monitoring agents deployed to network regions. The monitoring agents may collect monitoring data associated with application segments in their respective regions and share this data with each other. Using the aggregated data, the agents can compute optimal paths between application segment pairs spanning multiple regions. The optimal inter-region paths may be sent to the controller, which can program the paths into the routing application programming interfaces (APIs) of the various network environments like public cloud and on-premises networks.

公开(公告)号：US12021750B2

公开(公告)日：2024-06-25

申请号：US17882163

申请日：2022-08-05

Applicant: Cisco Technology, Inc.

Inventor： Rajagopalan Janakiraman ,  Suresh Pasupula ,  Manju Ramesh ,  Christophe Paggen ,  Huyen Trung Duong ,  Lukas Krattiger

IPC: H04L45/745 ,  H04L45/24 ,  H04L45/42 ,  H04L61/5007

CPC classification number: H04L45/745 ,  H04L45/24 ,  H04L45/42 ,  H04L61/5007

Abstract: Techniques for using more-specific routing to perform scalable Layer-2 (L2) stretching of subnets across hybrid-cloud environments. Routing tables in a public cloud may allow for routes that are more specific than the default local route, and the more-specific routes may be used to send all traffic to a dedicated, cloud router. The more-specific routes are set up for a VPC where a subnet resides such that the more specific-routes cover at least a portion of subnet range. The next hop for the more-specific routes point to the cloud router which is capable of doing host routing and segmentation extension. Thus, traffic originating from endpoints in a VPC is routed to the cloud router, and the cloud router determines whether the traffic is to be re-routed back to a destination endpoint in the VPC (or another cloud location), or sent to a destination endpoint residing in the on-premises site.

公开(公告)号：US20230379210A1

公开(公告)日：2023-11-23

申请号：US17751205

申请日：2022-05-23

Applicant: Cisco Technology, Inc.

Inventor： Rajagopalan Janakiraman ,  Sai Vemuri ,  Sonia Gulrajani ,  Sree Balaji Varadharajan ,  Jose Carlos Recuero Arias

IPC: H04L41/0806 ,  H04L41/082 ,  H04L41/084

CPC classification number: H04L41/0806 ,  H04L41/082 ,  H04L41/0846

Abstract: This disclosure describes techniques for integrating an existing cloud network into a new cloud network. The techniques may include inventorying network resources of an existing cloud network in a multi-cloud network environment. The techniques may also include creating logical resources to represent the network resources of the existing cloud network in a cloud-agnostic network configuration model. In some examples, a target cloud network may be provisioned using the cloud-agnostic network configuration model.

公开(公告)号：US11809292B2

公开(公告)日：2023-11-07

申请号：US17547778

申请日：2021-12-10

Applicant: Cisco Technology, Inc.

Inventor： Javed Asghar ,  Rajagopalan Janakiraman ,  Raghu Rajendra Arur

IPC: G06F11/07 ,  G06F11/30 ,  G06F11/20 ,  H04L67/00

CPC classification number: G06F11/203 ,  G06F11/3051 ,  H04L67/34

Abstract: This disclosure describes techniques for adaptive disaster recovery of applications running on network devices. The techniques include generating an application template and an application template clone that include application attributes usable to deploy an application stack at an application site. The techniques also include sending the application template clone to a disaster recovery site group to await deployment instructions. In some examples, an observer may determine that a health metric of the application site indicates that a disaster recovery process be triggered. A disaster recovery site of the disaster recovery site group may be selected based at least in part on a performance metric. The application stack may be deployed at the disaster recovery site utilizing the application template clone.

公开(公告)号：US20230031921A1

公开(公告)日：2023-02-02

申请号：US17390511

申请日：2021-07-30

Applicant: Cisco Technology, Inc.

Inventor： Vijay Kumar Devendran ,  Kiran Kumar Meda ,  Rajagopalan Janakiraman ,  Shyam N. Kapadia ,  Javed Asghar

IPC: H04L12/707 ,  H04L12/26

Abstract: In one embodiment, a method includes identifying a problematic event between a first interest point and a second interest point of a network and activating, in response to identifying the problematic event between the first interest point and the second interest point, a first endpoint associated with the first interest point and a second endpoint associated with the second interest point. The method also includes receiving, from the first endpoint and the second endpoint, telemetry data associated with a problematic path between the first interest point and the second interest point. The method further includes determining the problematic path between the first interest point and the second interest point using the telemetry data received from the first endpoint and the second endpoint.

公开(公告)号：US11171992B2

公开(公告)日：2021-11-09

申请号：US16525362

申请日：2019-07-29

Applicant: Cisco Technology, Inc.

Inventor： Azeem M. Suleman ,  Rajagopalan Janakiraman ,  Pramila Deshraj Singh ,  Sree Balaji Varadharajan ,  Javed Asghar ,  Sachin Gupta

IPC: H04L29/06 ,  H04L12/46

Abstract: The present disclosure provides for system resource management in self-healing networks by grouping End Point Groups (EPGs) into a plurality of policy groups based on shared security policies; identifying a first policy group with a highest resource demand; assigning a first security policy corresponding to the first policy group to a first switch of a plurality of switches; identifying a second plurality of EPGs from the remaining EPGs that were not included in the first policy group; grouping the second plurality of EPGs into a second plurality of policy groups based on shared security policies; identifying a second policy group with a highest resource demand of the second plurality of policy groups; and assigning a second security policy corresponding to the second policy group to a second switch of the plurality of switches.

公开(公告)号：US11165828B2

公开(公告)日：2021-11-02

申请号：US16289647

申请日：2019-02-28

Applicant: Cisco Technology, Inc.

Inventor： Rajagopalan Janakiraman ,  Ronak K. Desai ,  Sivakumar Ganapathy ,  Mohammed Javed Asghar ,  Azeem Suleman ,  Patel Amitkumar Valjibhai

IPC: H04L12/24 ,  H04L29/06

Abstract: Systems, methods, and computer-readable media for policy splitting in multi-cloud fabrics. In some examples, a method can include discovering a path from a first endpoint in a first cloud to a second endpoint in a second cloud; determining runtime policy table capacities associated with nodes in the path; determining policy distribution and enforcement for traffic from the first endpoint to the second endpoint based on the runtime policy table capacities; based on the policy distribution and enforcement, installing a set of policies for traffic from the first endpoint to the second endpoint across a set of nodes in the path; and applying the set of policies to traffic from the first endpoint in the first cloud to the second endpoint in the second cloud.

公开(公告)号：US11159569B2

公开(公告)日：2021-10-26

申请号：US16105822

申请日：2018-08-20

Applicant: Cisco Technology, Inc.

Inventor： Rajagopalan Janakiraman ,  Sivakumar Ganapathy ,  Prashanth Matety ,  Patel Amitkumar Valjibhai

IPC: H04L29/06 ,  H04L12/46 ,  H04L12/66 ,  H04L12/24 ,  H04L29/08

Abstract: Systems, methods, and computer-readable media for elastic policy scaling in multi-cloud fabrics. A method can involve deploying a cluster of policy agents on a hub virtual private cloud (VPC) that interconnects spoke VPCs in a cloud associated with a multi-cloud fabric, and mapping endpoints in the spoke VPCs to the policy agents. The method can involve distributing groups of policies for the endpoints across the policy agents based on the mapping of endpoints to policy agents, and advertising, by each policy agent to a respective first set of virtual gateways in the spoke VPCs, routes associated with endpoints mapped to the policy agent and preventing the policy agent from advertising routes associated with a second set of virtual gateways in the spoke VPCs. The method can involve applying, via the policy agent, a group of policies on the policy agent to traffic received by the policy agent.

公开(公告)号：US20210320817A1

公开(公告)日：2021-10-14

申请号：US16848647

申请日：2020-04-14

Applicant: Cisco Technology, Inc.

Inventor： Rajagopalan Janakiraman ,  Sivakumar Ganapathy ,  Shashank Chaturvedi ,  Suresh Pasupula ,  Prashanth Matety ,  Sachin Gupta

IPC: H04L12/46 ,  H04L29/08 ,  H04L29/12

Abstract: Techniques and architecture for routing data packets through networks that include TGWs. A data packet may be received from a TGW at an infra VPC. A TGW attachment on which the data packet was received is determined. Based at least in part on the TGW attachment, the data packet is routed to a CSR at the infra VPC. Load balancing may be achieved by defining VRF groups that include VPCs and the TGWs. Each VRF group may be assigned to an interface of one or more CSRs. Also, the VRF groups allow for supporting overlapping subnets.