公开(公告)号：US11223559B2

公开(公告)日：2022-01-11

申请号：US16566680

申请日：2019-09-10

Applicant: Cisco Technology, Inc.

Inventor： Reshad Rahman ,  Carlos M. Pignataro ,  Nagendra Kumar Nainar ,  Eric Vyncke

IPC: H04L12/721 ,  H04L12/46 ,  H04L12/733 ,  H04L12/707 ,  H04L12/703 ,  H04L12/749

Abstract: Techniques and mechanisms to enable a Bidirectional Forwarding Detection (BFD) Echo function to be used for IP multi-hop paths using IP encapsulation. A source device may encapsulate one or more BFD Echo packets as payloads in IP packets. The resulting IP packets may then be sent from a source device to a destination device over a multi-hop path such that one or more intermediary devices forward the IP packets onto the destination device. Upon receiving the IP packets, the destination device may echo back the one or more BFD Echo packets in the forwarding plane to indicate connectivity of the forwarding path between the devices. However, if the BFD Echo packets are not echoed back to the source device, the source device may determine that the multi-hop path has experienced a fault, and that traffic is to be rerouted through other paths.

公开(公告)号：US20210359932A1

公开(公告)日：2021-11-18

申请号：US15930803

申请日：2020-05-13

Applicant: Cisco Technology, Inc.

Inventor： Nagendra Kumar Nainar ,  Carlos M. Pignataro ,  Reshad Rahman ,  Pascal Thubert

IPC: H04L12/707 ,  H04L12/26

Abstract: In one example, a responder obtains an Operations, Administration, and Management/Maintenance (OAM) probe packet from a network entity operating as an initiator in a network, provides, to the initiator, a first response to the OAM probe packet over a first network path in the network, and further provides, to the initiator, a second response to the OAM probe packet over a second network path in the network that is different from the first network path. In another example, an initiator provides an OAM probe packet to a network entity operating as responder in a network, obtains, from the responder, a first response to the OAM probe packet over a first network path in the network, and further obtains, from the responder, a second response to the OAM probe packet over a second network path in the network that is different from the first network path.

公开(公告)号：US20200322391A1

公开(公告)日：2020-10-08

申请号：US16579906

申请日：2019-09-24

Applicant: Cisco Technology, Inc.

Inventor： Clarence Filsfils ,  David Delano Ward ,  Reshad Rahman ,  Subhasri Dhesikan ,  Eric Albin Voit

IPC: H04L29/06 ,  H04L12/913 ,  H04L29/08 ,  H04L12/16 ,  H04L12/723 ,  H04L12/707

Abstract: In one embodiment, an apparatus includes one or more processors and one or more computer-readable non-transitory storage media coupled to the one or more processors. The one or more computer-readable non-transitory storage media include instructions that, when executed by the one or more processors, cause the apparatus to perform operations including determining a path through a plurality of provider nodes within a provider network and determining that the path through the plurality of provider nodes within the provider network is secure. The operations also include receiving, from a customer node, a Resource Reservation Protocol (RSVP) path message comprising an attribute for a security request. The operations further include routing the RSVP path message along the path of the plurality of provider nodes.

公开(公告)号：US11496399B2

公开(公告)日：2022-11-08

申请号：US16172547

申请日：2018-10-26

Applicant: Cisco Technology, Inc.

Inventor： Reshad Rahman ,  Victor M. Moreno

IPC: H04L47/125 ,  H04L43/0829 ,  H04L45/02 ,  H04L45/48 ,  H04L45/745 ,  H04L47/26 ,  H04L49/25 ,  H04L43/0852 ,  H04L45/121 ,  H04L45/00 ,  H04W40/12 ,  G06N20/00 ,  G06N3/08

Abstract: Techniques for improved routing based on network traffic are provided. Telemetry data relating to a first network node of a plurality of network nodes in a locator ID separation protocol (LISP) fabric is received. A first portion of the telemetry data that relates to a first destination of a plurality of destinations is identified. Further, a first routing weight associated with a first interface of the first network node is revised based on the first portion of the telemetry data, where the first interface is associated with the first destination. The revised first routing weight is published to a second plurality of network nodes in the LISP fabric, wherein the second plurality of network nodes route packets to the first network node based in part on the revised first routing weight.

公开(公告)号：US20200322383A1

公开(公告)日：2020-10-08

申请号：US16700838

申请日：2019-12-02

Applicant: Cisco Technology, Inc.

Inventor： Clarence Filsfils ,  Reshad Rahman ,  Eric Albin Voit

IPC: H04L29/06 ,  H04L12/24 ,  H04L12/721 ,  H04L12/707

Abstract: In one embodiment, a method includes determining a secure path through a first plurality of network nodes within a network and determining an alternate secure path through a second plurality of network nodes within the network. The method also includes routing network traffic through the first plurality of network nodes of the secure path and detecting a failure in the secure path using single-hop BFD authentication. The method further includes rerouting the network traffic through the second plurality of network nodes of the alternate secure path.

公开(公告)号：US11531660B2

公开(公告)日：2022-12-20

申请号：US17235247

申请日：2021-04-20

Applicant: Cisco Technology, Inc.

Inventor： Robert George Wilton ,  Reshad Rahman ,  Joseph Michael Clarke ,  Paul Henry Merlo

IPC: G06F16/00 ,  G06F16/21

Abstract: A method includes determining whether the first version is an alias with respect to the second version, the alias being defined as an equivalent version of the YANG module. Based at least in part on a determination that the first version is the alias with respect to the second version, a version alias extension is inserted into a revision label of the first and/or second version. Based on a determination that the second version is backwards compatible with respect to the first version, a version backwards compatible extension is inserted into the revision label of the second version. Based at least in part on a determination that the second version is not backwards compatible with respect to the first version, a version non-backwards compatible extension is inserted into the revision label of the second version.

公开(公告)号：US20220335024A1

公开(公告)日：2022-10-20

申请号：US17235247

申请日：2021-04-20

Applicant: Cisco Technology, Inc.

Inventor： Robert George Wilton ,  Reshad Rahman ,  Joseph Michael Clarke ,  Paul Henry Merlo

IPC: G06F16/21

Abstract: A method includes determining whether the first version is an alias with respect to the second version, the alias being defined as an equivalent version of the YANG module. Based at least in part on a determination that the first version is the alias with respect to the second version, a version alias extension is inserted into a revision label of the first and/or second version. Based on a determination that the second version is backwards compatible with respect to the first version, a version backwards compatible extension is inserted into the revision label of the second version. Based at least in part on a determination that the second version is not backwards compatible with respect to the first version, a version non-backwards compatible extension is inserted into the revision label of the second version.

公开(公告)号：US10541919B1

公开(公告)日：2020-01-21

申请号：US16141123

申请日：2018-09-25

Applicant: Cisco Technology, Inc.

Inventor： Sanjay K. Hooda ,  Satish K. Kondalam ,  Fabio R. Maino ,  Victor M. Moreno ,  Reshad Rahman

IPC: H04L12/56 ,  H04L12/747 ,  H04L12/715 ,  H04L12/24 ,  H04L29/06 ,  H04L29/08 ,  H04L12/931

Abstract: A first map request message is sent from a source network device to a mapping network device to determine a destination network device associated with a destination endpoint device and a security association between the source network device and the destination network device. A first response message is received at the source network device that includes data indicating a mapping between the destination network device and the destination endpoint device and data indicating a security association between the source network device and the destination network device. The data is stored at the source network device. A second map request message is sent from the source network device to the mapping network device to update the data indicative of the mapping or the security association. A second response message is received at the source network device from the mapping network device.

公开(公告)号：US20190296988A1

公开(公告)日：2019-09-26

申请号：US15926264

申请日：2018-03-20

Applicant: Cisco Technology, Inc.

Inventor： Shwetha Subray Bhandari ,  Nagendra Kumar Nainar ,  Carlos M. Pignataro ,  Frank Brockners ,  Reshad Rahman

IPC: H04L12/24 ,  H04L12/26 ,  H04L12/803 ,  H04L12/707

Abstract: A reactive mechanism for in-situ operation, administration, and maintenance (IOAM) traffic is provided. In one embodiment, a method is provided that includes assigning a plurality of discriminator identifiers associated with a plurality of discriminators. Each discriminator is mapped to a specified action. The method includes receiving a data packet that includes an IOAM header comprising telemetry data associated with the data packet and a bidirectional forwarding detection (BFD) field that includes a specified discriminator identifier. The method further includes determining whether the specified discriminator identifier matches one of the plurality of discriminator identifiers, and, upon determining that the specified discriminator identifier matches a first discriminator identifier of the plurality of discriminator identifiers, the method includes initiating a seamless bidirectional forwarding detection (S-BFD) reflector session to transmit a response packet according to a first action mapped to a first discriminator associated with the first discriminator identifier.

公开(公告)号：US11785053B2

公开(公告)日：2023-10-10

申请号：US16579906

申请日：2019-09-24

Applicant: Cisco Technology, Inc.

Inventor： Clarence Filsfils ,  David Delano Ward ,  Reshad Rahman ,  Subhasri Dhesikan ,  Eric Albin Voit

IPC: H04L29/06 ,  H04L9/40 ,  H04L12/16 ,  H04L45/00 ,  H04L45/50 ,  H04L47/724 ,  H04L69/326

CPC classification number: H04L63/205 ,  H04L12/16 ,  H04L45/22 ,  H04L45/50 ,  H04L47/724 ,  H04L63/1433 ,  H04L69/326

Abstract: In one embodiment, an apparatus includes one or more processors and one or more computer-readable non-transitory storage media coupled to the one or more processors. The one or more computer-readable non-transitory storage media include instructions that, when executed by the one or more processors, cause the apparatus to perform operations including determining a path through a plurality of provider nodes within a provider network and determining that the path through the plurality of provider nodes within the provider network is secure. The operations also include receiving, from a customer node, a Resource Reservation Protocol (RSVP) path message comprising an attribute for a security request. The operations further include routing the RSVP path message along the path of the plurality of provider nodes.