公开(公告)号：US20250062988A1

公开(公告)日：2025-02-20

申请号：US18938015

申请日：2024-11-05

Applicant: Cisco Technology, Inc.

Inventor： Prakash C. Jain ,  Sanjay Kumar Hooda ,  Vinay Saini ,  Victor Manuel Moreno

IPC: H04L45/586 ,  H04L12/46 ,  H04L45/00 ,  H04L45/02 ,  H04L45/302

Abstract: Techniques are described herein for service chaining in fabric networks such that hardware resources can be preserved without service nodes needing additional capabilities. The techniques may include storing a first configuration associated with a first VRF instance of a service forwarding node that is connected to a first service of a service chain sequence. The first configuration may indicate an identifier and a type associated with a second service of the service chain sequence where traffic is to be sent after the first service. Additionally, the techniques may also include storing a second configuration associated with a second VRF instance of the service forwarding node that is connected to the second service. The second configuration may indicate that the second service is a last service of the service chain sequence. When traffic is received at the service forwarding node, the service forwarding node can determine whether the traffic is pre-service traffic or post-service traffic.

公开(公告)号：US12224931B2

公开(公告)日：2025-02-11

申请号：US17897634

申请日：2022-08-29

Applicant: Cisco Technology, Inc.

Inventor： Prakash C. Jain ,  Vinay Saini ,  Sanjay Kumar Hooda

IPC: H04L45/00 ,  H04L45/12

Abstract: Techniques for a Software-Defined Networking (SDN) controller associated with a multisite network to implement jurisdictional data sovereignty polices in a multisite network, route network traffic flows between user sites and destination services over one or more provider sites, and/or perform a routing operation on the network traffic flow(s) based on the jurisdictional data sovereignty policies. The jurisdictional data sovereignty polices may be implemented using destination group tags (DGTs) and/or source group tags (SGTs). A secure access service edge (SASE) associated with the network controller may generate, store, and distribute the DGTs to provider sites and/or the SGTs to user sites. Based on the SGT and/or DGT associated with a network traffic flow, one or more services may be applied to the network traffic flow, and the network traffic flow may be routed through a particular region of a software-defined access (SDA) transit.

公开(公告)号：US20250023807A1

公开(公告)日：2025-01-16

申请号：US18349799

申请日：2023-07-10

Applicant: Cisco Technology, Inc.

Inventor： Prakash C. Jain ,  Sanjay K. Hooda ,  Kabiraj Sethi ,  Vinay Saini

IPC: H04L43/0876

Abstract: Described herein are systems and methods for optimizing energy efficiency in a network utilizing a control plane or other network administration device or software suite. The control plane continuously monitors end-to-end network paths and collects real-time data about network topology, traffic patterns, and connected devices. By analyzing the collected network data, the control plane identifies power needs for network nodes and generates energy saving recommendations or instructions tailored to each node's specific capabilities. Network nodes can subscribe to the energy efficiency service provided by the control plane, receive network usage data, and execute energy saving operations based on the recommendations. The control plane dynamically updates the energy saving recommendations in response to changes in network conditions, enabling network nodes to optimize their energy efficiency without compromising network performance and availability. These updates can be based on current network conditions but can be generated from historical data and/or machine learning processes.

公开(公告)号：US12192057B2

公开(公告)日：2025-01-07

申请号：US18677720

申请日：2024-05-29

Applicant: Cisco Technology, Inc.

Inventor： Sanjay Kumar Hooda ,  Muninder Singh Sambi ,  Victor Moreno ,  Prakash C. Jain ,  Tarunesh Ahuja ,  Satish Kondalam

IPC: H04L41/0893 ,  G06F9/455 ,  H04L12/46

Abstract: Systems, methods, and computer-readable storage media are provided for provisioning a common subnet across a number of subscribers and their respective virtual networks using dynamically generated network policies that provide isolation between the subscribers. The dynamic generation of the network policies is performed when a host (e.g. client) is detected (via a switch) as the host joins the computing network via virtual networks. This ability to configure a common subnet for all the subscriber virtual networks allows these subscribers to more easily access external shared services coming from a headquarter site while keeping the separation and segmentation of multiple subscriber virtual networks within a single subnet. This allows the Enterprise fabric to be more simple and convenient to deploy without making security compromises.

公开(公告)号：US20240348681A1

公开(公告)日：2024-10-17

申请号：US18754465

申请日：2024-06-26

Applicant: Cisco Technology, Inc.

Inventor： Prakash C. Jain ,  Sanjay Kumar Hooda ,  Marc Portoles Comeras ,  Vinay Saini ,  Victor Manuel Moreno

IPC: H04L67/1001 ,  H04L41/0893 ,  H04L41/122 ,  H04L45/76 ,  H04L67/51

CPC classification number: H04L67/10015 ,  H04L41/0893 ,  H04L41/122 ,  H04L45/76 ,  H04L67/51

Abstract: This disclosure describes techniques and mechanisms for providing hybrid cloud services for enterprise fabric. The techniques include enhancing an on-demand protocol (e.g., such as LISP) and allowing simplified security and/or firewall service insertion for datacenter servers providing those services. Accordingly, the techniques described herein provide hybrid cloud services that work in disaggregated, distributed, and consistent way, while avoiding complex datacenter network devices (e.g., such running overlay on TOR), replacing and moving the functionality to on demand protocol enabled servers, which intelligently receive the required mappings as well as registers and publishes the service information to intelligently interact with the network.

公开(公告)号：US12107734B2

公开(公告)日：2024-10-01

申请号：US18360451

申请日：2023-07-27

Applicant: Cisco Technology, Inc.

Inventor： Sanjay Kumar Hooda ,  Muninder Singh Sambi ,  Victor Moreno ,  Prakash C. Jain ,  Tarunesh Ahuja ,  Satish Kondalam

IPC: H04L41/0893 ,  G06F9/455 ,  H04L12/46

CPC classification number: H04L41/0893 ,  G06F9/45558 ,  H04L12/4633 ,  H04L12/4641 ,  G06F2009/45587 ,  G06F2009/45595

Abstract: Systems, methods, and computer-readable storage media are provided for provisioning a common subnet across a number of subscribers and their respective virtual networks using dynamically generated network policies that provide isolation between the subscribers. The dynamic generation of the network policies is performed when a host (e.g. client) is detected (via a switch) as the host joins the computing network via virtual networks. This ability to configure a common subnet for all the subscriber virtual networks allows these subscribers to more easily access external shared services coming from a headquarter site while keeping the separation and segmentation of multiple subscriber virtual networks within a single subnet. This allows the Enterprise fabric to be more simple and convenient to deploy without making security compromises.

公开(公告)号：US20240235991A9

公开(公告)日：2024-07-11

申请号：US17972119

申请日：2022-10-24

Applicant: Cisco Technology, Inc.

Inventor： Prakash C. Jain ,  Vinay Saini ,  Sanjay Kumar Hooda

IPC: H04L45/30 ,  H04L45/302

CPC classification number: H04L45/30 ,  H04L45/302

Abstract: This disclosure describes techniques for employing an adaptive mechanism in communications among network devices. Adaptive mechanism techniques may include adapting network operations relative to characteristics of devices and/or network access technologies or mechanisms used in the network. Adaptation may help to accommodate a wider variety of types of devices. For instance, adaptive mechanism techniques may include determining, based on characteristics of a device in the network, a forwarding mechanism to be used at an access device to forward data traffic from the device to another device via the network. As such, adaptive mechanism techniques may provide more efficient integration of devices within a complex network, thereby improving network operations.

公开(公告)号：US20240137314A1

公开(公告)日：2024-04-25

申请号：US18545931

申请日：2023-12-19

Applicant: Cisco Technology, Inc.

Inventor： Prakash C. Jain ,  Sanjay Kumar Hooda ,  Vinay Saini ,  Victor Manuel Moreno

IPC: H04L45/586 ,  H04L45/00 ,  H04L45/02 ,  H04L45/302

CPC classification number: H04L45/586 ,  H04L45/04 ,  H04L45/306 ,  H04L45/54 ,  H04L12/4633

Abstract: Techniques are described herein for service chaining in fabric networks such that hardware resources can be preserved without service nodes needing additional capabilities. The techniques may include storing a first configuration associated with a first VRF instance of a service forwarding node that is connected to a first service of a service chain sequence. The first configuration may indicate an identifier and a type associated with a second service of the service chain sequence where traffic is to be sent after the first service. Additionally, the techniques may also include storing a second configuration associated with a second VRF instance of the service forwarding node that is connected to the second service. The second configuration may indicate that the second service is a last service of the service chain sequence. When traffic is received at the service forwarding node, the service forwarding node can determine whether the traffic is pre-service traffic or post-service traffic.

公开(公告)号：US11924119B2

公开(公告)日：2024-03-05

申请号：US17749930

申请日：2022-05-20

Applicant: Cisco Technology, Inc.

Inventor： Sanjay Kumar Hooda ,  Victor Manuel Moreno ,  Prakash C. Jain

IPC: H04L49/253 ,  H04L47/31 ,  H04L49/25 ,  H04L49/35 ,  H04L67/2885

CPC classification number: H04L49/252 ,  H04L47/31 ,  H04L67/2885

Abstract: Techniques and architecture are described that utilize switchport protected flags to provide switchport protected functionality across network devices, e.g., switches, routers, etc., in fabric networks. For example, a first port of a first network device of a fabric network receives a packet from a first host destined for a second host. The second host is onboarded to the fabric network via a second port of a second network device. It is determined (i) if a first protected flag associated with the first port of the first network device is set as true and (ii) if a second protected flag associated with the second host is set as true. Based at least in part on (i) the first protected flag associated with the first port being set as true and (ii) the second protected flag being set as true, the first network device drops the packet.

公开(公告)号：US11799767B2

公开(公告)日：2023-10-24

申请号：US17684376

申请日：2022-03-01

Applicant: Cisco Technology, Inc.

Inventor： Satish Kondalam ,  Sanjay Kumar Hooda ,  Prakash C. Jain ,  Vikram Vikas Pendharkar

IPC: H04L45/00 ,  H04L12/18 ,  H04L45/02

CPC classification number: H04L45/32 ,  H04L12/18 ,  H04L45/02

Abstract: Systems, methods, and computer-readable media for discovering silent hosts in a software-defined network and directing traffic to the silent hosts in a scalable and targeted manner include determining interfaces of a fabric device that are connected to respective one or more endpoints, where the fabric device is configured to connect the endpoints to a network fabric of the software-defined network. At least a first interface is identified, where an address of a first endpoint connected to the first interface is not available at the fabric device. A first notification is transmitted to a control plane of the software-defined network based on identifying the first interface, where the control plane may create a flood list which includes the fabric device. Traffic intended for the first endpoint from the network fabric is received by the fabric device can be based on the flood list.