-
公开(公告)号:US20240348554A1
公开(公告)日:2024-10-17
申请号:US18133975
申请日:2023-04-12
发明人: Balaji Sundararajan , Ganesh Devendrachar , Avinash Shah , Preety Mordani , Satyajit Das , Michael John Moskal
摘要: Techniques are described for avoiding data packet fragmentation in a routing device such as a router or network switch. Path Maximum Transport Unit (PMTU) values are monitored for a plurality of egress links of a networking device. A statistical analysis of fragmentation rates is performed. The statistical analysis can be performed on a per-link basis, per-flow basis or both per-link and per-flow basis. If the packet fragmentation rate of data flows through a particular egress link exceeds a determined threshold value, one or more data flows can be re-routed to a different egress link having a higher PMTU, thereby preventing data packet fragmentation.
-
公开(公告)号:US12081417B2
公开(公告)日:2024-09-03
申请号:US18166765
申请日:2023-02-09
发明人: Balaji Sundararajan , Ankush Verma , Bhavana Malhotra Bodas , Kaushik Pratap Biswas , Chandramouli Balasubramanian , Anirudh Ramnath Ramakrishna , Madhuri Kolli
IPC分类号: G06F9/455 , H04L41/5041 , H04L67/10
CPC分类号: H04L41/5041 , H04L67/10
摘要: Methods, systems, and non-transitory computer-readable media are provided for deploying intent-driving cloud branches. An example method can include obtaining, by one or more controllers in a software-defined network (SDN), a branch network design template for deploying a remote branch in the SDN, wherein the branch network design template defines networking settings for a plurality of services to be provisioned at the remote branch; obtaining, by the one or more controllers, a plurality of software packages for the plurality of services to be provisioned at the remote branch; and based on the branch network design template and the plurality of software packages, provisioning, by the one or more controllers, the plurality of services at the remote branch and a network connectivity of the plurality of services.
-
公开(公告)号:US11962498B1
公开(公告)日:2024-04-16
申请号:US18208000
申请日:2023-06-09
发明人: Balaji Sundararajan , Ramakumara Kariyappa , Nithin Bangalore Raju , Bhairav Dutia , Vivek Agarwal , Satish Kumar Mahadevan , Ankur Bhargava
IPC分类号: H04L45/586 , H04L45/748 , H04L61/5061
CPC分类号: H04L45/586 , H04L45/748 , H04L61/5061
摘要: Symmetric networking techniques disclosed herein can be applied by gateway routers in cloud networks. The techniques can ensure that both outbound traffic received at a cloud from a branch device and return traffic directed from the cloud back to the branch device are processed by a same gateway router. The gateway router can use network address translation to insert IP addresses from an inside pool and an outside pool assigned to the router.
-
公开(公告)号:US20240056498A1
公开(公告)日:2024-02-15
申请号:US18062504
申请日:2022-12-06
IPC分类号: H04L67/1095 , H04L9/40 , H04L45/74 , H04L45/7453
CPC分类号: H04L67/1095 , H04L63/0823 , H04L45/742 , H04L45/7453
摘要: A method of creating a connection between a controller and plurality of edge devices may include reading, by a data plane development kit (DPDK) of the controller, a plurality of packets having a common destination port from the plurality of edge devices, and demuxing, by the DPDK, a number of frames of the plurality of packets based on a hash of the plurality of packets, the hash altering the common destination port of the plurality of packets with a corresponding number of sham destination ports. The method may also include, with a TUNTAP interface, injecting the plurality of packets into a network kernel, and with the network kernel, delivering the plurality of packets to a respective one of a plurality of daemon instances.
-
公开(公告)号:US20230327994A1
公开(公告)日:2023-10-12
申请号:US17718775
申请日:2022-04-12
发明人: Balaji Sundararajan , Srilatha Tangirala , Ajeet Pal Singh Gill , Vivek Agarwal , Nithin Bangalore Raju
摘要: According to certain embodiments, a method by a network device includes receiving a handshake message for a traffic flow from a Software-Defined Wide-Area Network (SDWAN) and determining, from a traffic policy, whether the traffic flow should be symmetrical. In response to determining from the traffic policy that the traffic flow should be symmetrical, the method further includes performing a flow lookup on the traffic flow to determine if the network device originated the traffic flow. In response to determining that the network device did not originate the traffic flow, the method further includes determining a second network device that originated the traffic flow and sending the handshake message for the traffic flow to the second network device in order to maintain symmetry for the traffic flow.
-
6.发明授权公开(公告)号:US11784875B1
公开(公告)日:2023-10-10
申请号:US17816012
申请日:2022-07-29
发明人: Balaji Sundararajan , Giorgio Valentini , Madhuri Kolli , Venkat Venkatapathy , Gokul Krishnan , Pradeep Kanavihalli Subramanyasetty
IPC分类号: H04L41/0895 , H04L41/22 , G06F21/10 , H04L41/0806 , H04L41/0894 , H04L41/085
CPC分类号: H04L41/0806 , G06F21/105 , H04L41/085 , H04L41/0894 , H04L41/0895 , H04L41/22
摘要: According to some embodiments, a method includes receiving, from a graphical user interface, an indication that a user has purchased licenses associated with a CNF. The method further includes sending, to a second computing system of a CNF, first instructions regarding the licenses purchased by the user. The method further includes receiving an indication that the user wishes to deploy a particular router in the CNF with a particular data connection and retrieving, from the second computing system of the CNF, a list of licenses previously purchased by the user. The method further includes automatically determining, from the list of licenses, appropriate licenses for the particular router that the user wishes to deploy in the CNF. The method further includes sending second instructions that are operable to deploy the particular router in the CNF with the particular data connection and apply the determined licenses to the deployed particular router.
-
公开(公告)号:US20230208863A1
公开(公告)日:2023-06-29
申请号:US18171322
申请日:2023-02-17
CPC分类号: H04L63/1416 , G06F9/45558 , H04L63/20 , H04L47/20 , H04L43/08 , H04L49/25 , G06F2009/45595 , G06F2009/45587
摘要: Systems, methods, and computer-readable media for performing threat remediation through a switch fabric of a virtualized network environment. Data traffic passing into a virtualized network environment including a plurality of virtual machines running on a switch fabric is monitored. A network threat introduced through at a least a portion of the data traffic is identified at the switch fabric. One or more remedial measures are performed in the network environment based on the identification of the network threat in the virtualized network environment.
-
公开(公告)号:US20220417332A1
公开(公告)日:2022-12-29
申请号:US17857212
申请日:2022-07-05
发明人: Avinash Ashok Kumar Chiganmi , Venkatraman Venkatapathy , Giorgio Valentini , Madhuri Kolli , Shu-Fen Lee , Balaji Sundararajan
IPC分类号: H04L67/141 , H04L45/02 , H04L12/46
摘要: The present technology is directed to controlling and managing resources both in Software-Defined Cloud Interconnect (SDCI) providers and cloud service providers via a single network controller and further connecting virtual networks in a branch site to virtual networks in the cloud service providers. A network controller can establish a network gateway in an SDCI provider, establish a cross-connectivity between the network gateway in the SDCI provider and one or more clouds, group one or more virtual networks in the one or more clouds and one or more virtual networks in a branch site into a tag, and establish a connection between the one or more virtual networks in the one or more clouds and the one or more virtual networks in the branch site using the tag.
-
公开(公告)号:US11533257B2
公开(公告)日:2022-12-20
申请号:US17164553
申请日:2021-02-01
发明人: Balaji Sundararajan , Khalil A. Jabr , Anand Oswal , Vivek Agarwal , Chandramouli Balasubramanian
摘要: Systems, methods, and computer-readable media for interconnecting SDWANs through segment routing. A first SDWAN and a second SDWAN of a SDWAN fabric can be identified. A segment routing domain that interconnects the first SDWAN and the second SDWAN can be formed across a WAN underlay of the SDWAN fabric. Data transmission between the first SDWAN and the second SDWAN can be controlled by performing segment routing through the segment routing domain formed between the first SDWAN and the second SDWAN.
-
公开(公告)号:US20220377053A1
公开(公告)日:2022-11-24
申请号:US17817479
申请日:2022-08-04
发明人: Balaji Sundararajan , Venkatesh Gota B R , Sireesha Yeruva , Chandramouli Balasubramanian , Anand Oswal
摘要: The present disclosure is directed to systems and methods for dynamic firewall discovery on a service plane. The method includes the steps of identifying a source data packet for transmission from a source machine at a source site to a destination machine at a destination site, wherein the source data packet corresponds to a request for connection between the source machine and the destination machine over a WAN, inspecting the source data packet at a first firewall associated with the source site, marking the source data packet with a marker to indicate inspection by the first firewall, transmitting the marked source data packet to the destination site, determining at the destination site that the source data packet has been inspected based on the marker, and forwarding the source data packet to the destination machine at the destination site, without inspection of the source data packet by a second firewall associated with the destination site.
-
-
-
-
-
-
-
-
-
搜索结果
89 条记录 (耗时 0.032 秒)
