公开(公告)号：US11652913B2

公开(公告)日：2023-05-16

申请号：US17836069

申请日：2022-06-09

Applicant: Cisco Technology, Inc.

Inventor： Patrice Brissette ,  Clarence Filsfils ,  Darren Dukes ,  Gaurav Dawra ,  Francois Clad ,  Pablo Camarillo Garvia

IPC: H04L69/22 ,  H04L69/324 ,  H04L45/00 ,  H04L67/10 ,  H04L45/02 ,  H04L45/50 ,  H04L61/5007 ,  H04L67/63 ,  H04L12/46 ,  H04L45/74 ,  H04L49/35 ,  H04L45/741 ,  H04L61/2503 ,  H04L101/659 ,  H04L101/00 ,  H04L43/028 ,  H04L9/40 ,  H04L45/745

CPC classification number: H04L69/22 ,  H04L12/4633 ,  H04L12/4641 ,  H04L45/04 ,  H04L45/14 ,  H04L45/34 ,  H04L45/50 ,  H04L45/74 ,  H04L45/741 ,  H04L49/35 ,  H04L61/5007 ,  H04L67/10 ,  H04L67/63 ,  H04L69/324 ,  H04L43/028 ,  H04L45/745 ,  H04L61/2503 ,  H04L63/0272 ,  H04L2101/00 ,  H04L2101/659 ,  H04L2212/00

Abstract: In one embodiment, Ethernet Virtual Private Network (EVPN) is implemented using Internet Protocol Version 6 (IPv6) Segment Routing (SRv6) underlay network and SRv6-enhanced Border Gateway Protocol (BGP) signaling. A particular route associated with a particular Internet Protocol Version 6 (IPv6) Segment Routing (SRv6) Segment Identifier (SID) is advertised in a particular route advertisement message of a routing protocol (e.g., BGP). The SID includes encoding representing a particular Ethernet Virtual Private Network (EVPN) Layer 2 (L2) flooding Segment Routing end function of the particular router and a particular Ethernet Segment Identifier (ESI), with the particular SID including a routable prefix to the particular router. The particular router receives a particular packet including the particular SID; and in response, the particular router performs the particular EVPN end function on the particular packet.

公开(公告)号：US11627094B2

公开(公告)日：2023-04-11

申请号：US16825168

申请日：2020-03-20

Applicant: Cisco Technology, Inc.

Inventor： Clarence Filsfils ,  Zafar Ali ,  Pablo Camarillo Garvia ,  Francois Clad

IPC: H04L47/6295 ,  H04L43/0888 ,  H04L47/10 ,  H04L47/24 ,  H04L47/70 ,  H04W76/11 ,  H04L41/12

Abstract: The present technology is directed to a system and method for implementing network resource partitioning and Quality of Service (QoS) separation through network slicing. Embodiments of the present invention describe scalable network slicing method based on defining Segment Routing Flexible Algorithm to represent a network slice and assigning a distinct QoS policy queue to each of the Flexible Algorithms configured on a network node. Therefore, scalable network slice based queuing is implemented wherein a single packet processing queue is assigned to each Flex-Algorithm based network slice. QoS policy queue may be implemented in a hierarchical fashion by differentiation between flow packets in a single QoS policy queue based on value of experimental bits in the header.

公开(公告)号：US20220385573A1

公开(公告)日：2022-12-01

申请号：US17865125

申请日：2022-07-14

Applicant: Cisco Technology, Inc.

Inventor： Clarence Filsfils ,  Ahmed Mohamed Ahmed Abdelsalam ,  Francois Clad ,  Pablo Camarillo Garvia ,  Kiran Sasidharan Pillai

IPC: H04L45/741 ,  H04L45/42 ,  H04L45/00

Abstract: The present technology pertains to a group-based network policy using Segment Routing over an IPv6 dataplane (SRv6). After a source application sends a packet, an ingress node can receive the packet, and if the source node is capable, it can identify an application policy and apply it. The ingress node indicates that the policy has been applied by including policy bits in the packet encapsulation. When the packet is received by the egress node, it can determine whether the policy was already applied, and if so, the packet is forward to the destination application. If the egress node determines that the policy has not be applied the destination application can apply the policy. Both the ingress node and egress nodes can learn of source application groups, destination application groups, and applicable policies through communication with aspects of the segment routing fabric.

公开(公告)号：US11483230B2

公开(公告)日：2022-10-25

申请号：US16579578

申请日：2019-09-23

Applicant: Cisco Technology, Inc.

Inventor： Clarence Filsfils ,  Francois Clad ,  Muthurajah Sivabalan ,  Zafar Ali

IPC: H04L45/02 ,  H04L45/00 ,  H04L45/44 ,  H04L45/586 ,  H04L45/64 ,  H04L61/30

Abstract: Aspects described herein include a method for use with a software-defined network controller, as well as an associated computer program product and system. The method comprises assigning a segment identifier to an endpoint node within a destination domain of a plurality of domains. Adjacent domains of the plurality of domains are connected via a respective set of two or more domain border routers. The method further comprises assigning a respective segment identifier to each domain. Each domain border router advertises the segment identifiers of the respective two adjacent domains. The method further comprises, responsive to a request from a headend node within a source domain of the plurality of domains, computing a path from the headend node to the endpoint node. The path includes (i) the segment identifiers of any domains between the headend node and the endpoint node, and (ii) the segment identifier of the endpoint node.

公开(公告)号：US20220294729A1

公开(公告)日：2022-09-15

申请号：US17830560

申请日：2022-06-02

Applicant: Cisco Technology, Inc.

Inventor： Francois Clad ,  David Delano Ward ,  Clarence Filsfils

IPC: H04L45/00 ,  H04L9/40 ,  H04L45/302

Abstract: In one embodiment, a method includes a method includes receiving, by a headend node, network traffic. The method also includes determining, by the headend node, that the network traffic matches a service route. The method further includes steering, by the headend node, the network traffic into an SR-TE policy. The SR-TE policy is associated with the service route and includes a security level constraint.

公开(公告)号：US20220272032A1

公开(公告)日：2022-08-25

申请号：US17685929

申请日：2022-03-03

Applicant: Cisco Technology, Inc.

Inventor： Clarence Filsfils ,  Peter Psenak ,  Francois Clad ,  Jose Antonio Liste

IPC: H04L45/302 ,  H04L45/50 ,  H04L41/0813 ,  H04L45/12 ,  H04L45/44 ,  H04L45/42

Abstract: Various implementations disclosed herein enable malleable routing for data packets. For example, in various implementations, a method of routing a type of data packets is performed by a device. In some implementations, the device includes a non-transitory memory and one or more processors coupled with the non-transitory memory. In some implementations, the method includes determining a routing criterion to transmit a set of data packets across a network. In some implementations, the method includes identifying network nodes and communication links in the network that satisfy the routing criterion. In some implementations, the method includes determining a route for the set of data packets through the network nodes and the communication links that satisfy the routing criterion. In some implementations, the method includes configuring the network nodes that are on the route with configuration information that allows the set of data packets to propagate along the route.

公开(公告)号：US20220174011A1

公开(公告)日：2022-06-02

申请号：US17344477

申请日：2021-06-10

Applicant: Cisco Technology, Inc.

Inventor： Clarence Filsfils ,  Ahmed Mohamed Ahmed Abdelsalam ,  Rakesh Gandhi ,  Pablo Camarillo Garvia ,  Francois Clad

IPC: H04L12/749 ,  H04L12/717 ,  H04L12/721 ,  H04L12/26

Abstract: Techniques for optimizing technologies related to network path tracing and network delay measurements are described herein. Some of the techniques may include using an IPv6 header option and/or segment identifier field of a segment list or a TLV of a segment routing header as a telemetry data carrier. The techniques may also include using an SRv6 micro-segment (uSID) instruction to indicate to a node of a network that the node is to perform one or more path tracing actions and encapsulating the packet and forward. Additionally, the techniques may include using short interface identifiers corresponding to node interfaces to trace a packet path through a network. Further, the techniques may include using short timestamps to determine delay measurements associated with sending a packet through a network. In various examples, the techniques described above and herein may be used with each other to optimize network path tracing and delay measurement techniques.

公开(公告)号：US20220174004A1

公开(公告)日：2022-06-02

申请号：US17538513

申请日：2021-11-30

Applicant: Cisco Technology, Inc.

Inventor： Clarence Filsfils ,  Pablo Camarillo Garvia ,  Ahmed Mohamed Ahmed Abdelsalam ,  Francois Clad

IPC: H04L45/00 ,  H04L45/74 ,  H04L45/30

Abstract: Disclosed are systems, apparatuses, methods, and computer-readable media to encode network functions in a packet header. A method includes receiving a first packet from a source device that is to be delivered to a destination address through a network; determining a route to the destination address; identifying at least one network function for the first packet; encapsulating the first packet in a second packet, wherein a header of the second packet includes the route to the destination address in a destination address field and local processing metadata associated with the at least one network function in a source address field; and forwarding the second packet to a next network node of the network identified in the destination address.

公开(公告)号：US20220166860A1

公开(公告)日：2022-05-26

申请号：US17671188

申请日：2022-02-14

Applicant: Cisco Technology, Inc.

Inventor： Patrice Brissette ,  Clarence Filsfils ,  Darren Dukes ,  Gaurav Dawra ,  Francois Clad ,  Pablo Camarillo Garvia

IPC: H04L69/22 ,  H04L69/324 ,  H04L45/00 ,  H04L67/10 ,  H04L45/50 ,  H04L12/46 ,  H04L45/74 ,  H04L61/5007 ,  H04L49/35 ,  H04L67/63 ,  H04L45/741

Abstract: In one embodiment, Ethernet Virtual Private Network (EVPN) is implemented using Internet Protocol Version 6 (IPv6) Segment Routing (SRv6) underlay network and SRv6-enhanced Border Gateway Protocol (BGP) signaling. A particular route associated with a particular Internet Protocol Version 6 (IPv6) Segment Routing (SRv6) Segment Identifier (SID) is advertised in a particular route advertisement message of a routing protocol (e.g., BGP). The SID includes encoding representing a particular Ethernet Virtual Private Network (EVPN) Layer 2 (L2) flooding Segment Routing end function of the particular router and a particular Ethernet Segment Identifier (ESI), with the particular SID including a routable prefix to the particular router. The particular router receives a particular packet including the particular SID; and in response, the particular router performs the particular EVPN end function on the particular packet.

公开(公告)号：US11019075B2

公开(公告)日：2021-05-25

申请号：US16019125

申请日：2018-06-26

Applicant: Cisco Technology, Inc.

Inventor： Clarence Filsfils ,  Pablo Camarillo Garvia ,  Francois Clad

IPC: H04L29/06 ,  H04L9/06 ,  H04L12/743 ,  H04L12/801

Abstract: In one embodiment, a Segment Routing network node provides processing and network efficiencies in protecting Internet Protocol version 6 (IPv6) Segment Routing (SRv6) packets and functions using Security Segment Identifiers, which are included in Segment Lists of a Segment Routing Header of a SRv6 packet. The Security Segment Identifier provides, inter alia, origin authentication, integrity of information in one or more headers of the packet, and/or anti-replay protection. In one embodiment, a Security Segment Identifier includes a value determined based on a secured portion of the packet. A typically secured portion includes the Source and Destination Addresses, one or more Segment Identifiers in a Segment List and the Segments Left value. In one embodiment, the Destination Address and/or a Segment Identifier in the Segment List includes and an anti-replay value (e.g., sequence number or portion thereof) which is also in the secured portion of the packet.