公开(公告)号：US10944672B2

公开(公告)日：2021-03-09

申请号：US16725146

申请日：2019-12-23

Applicant: Cisco Technology, Inc.

Inventor： Sanjay K. Hooda ,  Victor M. Moreno ,  Satish Kumar Kondalam

IPC: H04L12/741 ,  H04L12/933 ,  H04L12/715

Abstract: In one embodiment, a method generally includes a first edge (E) node in a network receiving an encapsulated data packet, wherein the encapsulated data packet comprises an outer header and a data packet, wherein the outer header comprises a first router locator (RLOC) corresponding to the first E node, wherein the data packet comprises an internet protocol (IP) header, and wherein the IP header comprises a destination endpoint identification (EID) corresponding to a host H. The first E node determines whether the host H is attached to the first E node. And in response to the first E node determining the host is attached to the first E node, the first E node forwards the data packet to the host H. The first E node receives a message from another node after the host H detaches from the first E node and reattaches to another E node, wherein the message comprises the destination EID.

公开(公告)号：US10917343B2

公开(公告)日：2021-02-09

申请号：US16709310

申请日：2019-12-10

Applicant: Cisco Technology, Inc.

Inventor： Sanjay K. Hooda ,  Satish K. Kondalam ,  Fabio R. Maino ,  Victor M. Moreno ,  Reshad Rahman

IPC: H04L12/56 ,  H04L12/747 ,  H04L12/715 ,  H04L12/24 ,  H04L29/06 ,  H04L29/08 ,  H04L12/931

Abstract: A first map request message is sent from a source network device to a mapping network device to determine a destination network device associated with a destination endpoint device and a security association between the source network device and the destination network device. A first response message is received at the source network device that includes data indicating a mapping between the destination network device and the destination endpoint device and data indicating a security association between the source network device and the destination network device. The data is stored at the source network device. A second map request message is sent from the source network device to the mapping network device to update the data indicative of the mapping or the security association. A second response message is received at the source network device from the mapping network device.

公开(公告)号：US10791004B2

公开(公告)日：2020-09-29

申请号：US16173487

申请日：2018-10-29

Applicant: Cisco Technology, Inc.

Inventor： Prakash Chand Jain ,  Sanjay Kumar Hooda ,  Victor M. Moreno ,  Satish Kumar Kondalam

IPC: G06F15/177 ,  H04L12/46 ,  H04L12/741 ,  H04L12/713 ,  H04L12/715

Abstract: In one example, a router is configured to process communications according to a tunneling protocol to provide network overlay tunnels to facilitate virtual private networks (VPNs) for hosts, and to process communications associated with an external network with use of a provider virtualization routing and forwarding (VRF) instance. With use of a subscription function, the router receives an initial set of extranet VPN prefixes associated with the network overlays for storage in association with the provider VRF, as well as regularly receive publications of updates to extranet VPN prefixes associated with the network overlays. With use of a route obtaining function, the router, in response to receiving a communication associated with one of the stored extranet VPN prefixes at the provider VRF, sends to a communications management server a message indicating request for a host-to-router mapping and receive from the communications management server a reply including the host-to-router mapping.

公开(公告)号：US10484281B1

公开(公告)日：2019-11-19

申请号：US16017554

申请日：2018-06-25

Applicant: Cisco Technology, Inc.

Inventor： Brent P. Mucci ,  Marc Portoles Comeras ,  Vrushali Ashtaputre ,  Victor M. Moreno ,  Hatem Mohammad R.A. Abouzeid

IPC: H04L12/741 ,  H04L12/747 ,  H04L29/06 ,  H04L12/715 ,  H04L12/761 ,  H04L12/751

Abstract: In one illustrative example, a router may be configured to provide a plurality of virtual private network (VPN) instances for a plurality of VPNs associated with a plurality of IDs. Each VPN instance may comprise a forwarding table instance for storing a plurality of host-to-router mappings for the VPN. The router may be further configured to provide a virtual VPN instance for a virtual VPN associated with an ID of a remote extranet VPN. The virtual VPN instance may comprise a map-cache for storing a host-to-router mapping for the remote extranet VPN. The virtual VPN instance has no corresponding forwarding table instance for user plane traffic associated with the remote extranet VPN, but rather serves as part of a control plane interface for control signaling associated with the remote extranet VPN. Accordingly, the router may provide multiple updates to host-to-router mappings in forwarding table instances of the VPNs in accordance with a change in the host-to-router mapping in the virtual VPN instance.

公开(公告)号：US10798195B2

公开(公告)日：2020-10-06

申请号：US15834341

申请日：2017-12-07

Applicant: Cisco Technology, Inc.

Inventor： Sanjay K. Hooda ,  Prakash Jain ,  Marc P. Comeras ,  Victor M. Moreno ,  Atri Indiresan

IPC: H04L29/08 ,  H04L29/12

Abstract: The embodiments herein push notifications to network devices used by a shared service to which a roaming host in a network fabric is subscribed. For example, a network fabric controller can access a VN policy table which stores the relationships between the virtual networks in the network fabric. Using this table, the controller can identify what shared service VNs (i.e., extranets) can communicate with the host's VN. The controller can push out notifications to the network devices used by the shared service VNs to store the new location of the host. That is, the network devices that locally store a location of the host can update their routing caches to point to the new location of the host. In this manner, the network fabric can reduce the time needed to reconverge on the new location of the host by updating the network devices used by the shared service VNs.

公开(公告)号：US10069762B1

公开(公告)日：2018-09-04

申请号：US15446802

申请日：2017-03-01

Applicant: Cisco Technology, Inc.

Inventor： Sanjay Kumar Hooda ,  Kaushik Kumar Dam ,  Sandesh Kumar Narappa Bheemanakone ,  Victor M. Moreno ,  Shivangi Sharma

IPC: H04H20/71 ,  H04L12/931 ,  H04W72/12 ,  H04W74/00

Abstract: Group based multicasts may be provided. First, a request may be received. The request may comprise a receiver tag, a request source identifier, and a request multicast group identifier. Next, a source tag corresponding to the request source identifier may be obtained and then it may be determined that a group corresponding to the receiver tag is allowed to access content from a source corresponding to the obtained source tag. In response to determining that the group corresponding to the receiver tag is allowed to access content from the source corresponding to the obtained source tag, content may be received from the source at a multicast group corresponding to the request multicast group identifier. The content may then be forwarded to a receiver corresponding to the request.

公开(公告)号：US20150254149A1

公开(公告)日：2015-09-10

申请号：US14721135

申请日：2015-05-26

Applicant: Cisco Technology, Inc.

Inventor： Dhananjaya Rao ,  Victor M. Moreno ,  Hasmit Grover ,  Gaurav Badoni

IPC: G06F11/20 ,  H04L12/751 ,  H04L29/08

CPC classification number: G06F11/2033 ,  G06F2201/86 ,  H04L12/4641 ,  H04L45/02 ,  H04L47/746 ,  H04L67/141

Abstract: Devices, methods and instructions encoded on computer readable medium for implementation of a dual-adjacency between edge devices of a network site. A first edge device comprises one or more local interfaces configured for communication, via a local network, with one or more network devices co-located in a first network site. The first edge device also comprises one or more overlay interfaces configured for communication, via a core network, with one or more network devices located in one or more other network sites connected to the core network. The first edge device comprises a processor configured to establish, via at least one of the local interfaces, a site communication channel with a second edge device co-located in the first network site. The processor is further configured to establish an overlay communication channel, via at least one of the overlay interfaces, with the second edge device.

Abstract translation: 编码在计算机可读介质上的设备，方法和指令，用于实现网络站点的边缘设备之间的双邻接。 第一边缘设备包括一个或多个本地接口，其被配置用于经由本地网络与共同位于第一网络站点中的一个或多个网络设备进行通信。 第一边缘设备还包括被配置为经由核心网络与位于连接到核心网络的一个或多个其他网络站点中的一个或多个网络设备进行通信的一个或多个覆盖接口。 第一边缘设备包括处理器，其被配置为经由本地接口中的至少一个建立与第一网络站点中共址的第二边缘设备的站点通信信道。 处理器还被配置为经由至少一个覆盖接口与第二边缘设备建立覆盖通信信道。

公开(公告)号：US20210176173A1

公开(公告)日：2021-06-10

申请号：US17180090

申请日：2021-02-19

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Sanjay K. Hooda ,  Victor M. Moreno ,  Satish Kumar Kondalam

IPC: H04L12/741 ,  H04L12/715 ,  H04L12/933

Abstract: In one embodiment, a method generally includes a first edge (E) node in a network receiving an encapsulated data packet, wherein the encapsulated data packet comprises an outer header and a data packet, wherein the outer header comprises a first router locator (RLOC) corresponding to the first E node, wherein the data packet comprises an internet protocol (IP) header, and wherein the IP header comprises a destination endpoint identification (EID) corresponding to a host H. The first E node determines whether the host H is attached to the first E node. And in response to the first E node determining the host is attached to the first E node, the first E node forwards the data packet to the host H. The first E node receives a message from another node after the host H detaches from the first E node and reattaches to another E node, wherein the message comprises the destination EID.

公开(公告)号：US10652047B2

公开(公告)日：2020-05-12

申请号：US16010444

申请日：2018-06-16

Applicant: Cisco Technology, Inc.

Inventor： Prakash Chand Jain ,  Sanjay Kumar Hooda ,  Victor M. Moreno ,  Satish Kumar Kondalam

IPC: H04L12/46 ,  H04L12/741

Abstract: In one embodiment, a method is performed at a first node. The method may include receiving, at a first node, a request from a source host associated with a network to communicate with a destination host. The first node may determine whether the destination host is associated with the network. If the destination host is not associated with the network, the first node may determine an instance identifier (IID) and a proxy egress tunnel router (PETR) locator address used to communicate with the destination host. The first node may send an indicator to an ingress tunnel router (ITR) to encapsulate a packet with the IID and the PETR locator address before sending the packet from the source host to the destination host.

公开(公告)号：US10523563B2

公开(公告)日：2019-12-31

申请号：US15949398

申请日：2018-04-10

Applicant: Cisco Technology, Inc.

Inventor： Sanjay K. Hooda ,  Victor M. Moreno ,  Satish Kumar Kondalam

IPC: H04L12/741 ,  H04L12/933 ,  H04L12/715

Abstract: In one embodiment, a method generally includes a first edge (E) node in a network receiving an encapsulated data packet, wherein the encapsulated data packet comprises an outer header and a data packet, wherein the outer header comprises a first router locator (RLOC) corresponding to the first E node, wherein the data packet comprises an internet protocol (IP) header, and wherein the IP header comprises a destination endpoint identification (EID) corresponding to a host H. The first E node determines whether the host H is attached to the first E node. And in response to the first E node determining the host is attached to the first E node, the first E node forwards the data packet to the host H. The first E node receives a message from another node after the host H detaches from the first E node and reattaches to another E node, wherein the message comprises the destination EID.