公开(公告)号：US09374270B2

公开(公告)日：2016-06-21

申请号：US13843365

申请日：2013-03-15

Applicant: Juniper Networks, Inc.

Inventor： Harshad Bhaskar Nakil ,  Pedro R. Marques ,  Hampapur Ajay ,  Ashish Ranjan ,  Ankur Singla

IPC: H04L12/28 ,  H04L12/24 ,  H04L12/931 ,  H04L12/751 ,  H04L29/08 ,  H04L12/703

CPC classification number: H04L41/0668 ,  H04L41/0659 ,  H04L41/12 ,  H04L45/02 ,  H04L45/28 ,  H04L49/70 ,  H04L67/32

Abstract: Techniques are described to provide multicast service within a virtual network using a virtual network controller and endpoint replication without requiring multicast support in the underlying network. The virtual network controller is configured to create a multicast tree for endpoint devices of a multicast group in the virtual network at a centralized location instead of in a distributed fashion. The virtual network controller communicates the multicast tree to one or more of the endpoint devices of the multicast group to instruct the endpoint devices to replicate and forward multicast packets to other endpoint devices according to the multicast tree. The replication and forwarding of multicast packets is performed by virtual switches executed on the endpoint devices in the virtual network. No replication is performed within the underlying network. The techniques enable multicast service within a virtual network without requiring multicast support in the underlying network.

Abstract translation: 描述技术来使用虚拟网络控制器和端点复制在虚拟网络内提供多播服务，而不需要在底层网络中进行组播支持。 虚拟网络控制器被配置为在集中位置而不是以分布式方式为虚拟网络中的多播组的端点设备创建多播树。 虚拟网络控制器将多播树通信给组播组的一个或多个端点设备，以指示端点设备根据多播树复制和转发组播数据包到其他端点设备。 组播数据包的复制和转发由在虚拟网络中的端点设备上执行的虚拟交换机执行。 底层网络中不执行复制。 这些技术使得虚拟网络内的多播服务能够在底层网络中不需要组播支持。

公开(公告)号：US10855588B2

公开(公告)日：2020-12-01

申请号：US16230668

申请日：2018-12-21

Applicant: Juniper Networks, Inc.

Inventor： Sreelakshmi Sarva ,  Harshad Bhaskar Nakil

IPC: H04L12/28 ,  H04L12/741 ,  G06F8/61 ,  H04L12/24 ,  H04L12/725 ,  H04L12/721 ,  H04L12/713 ,  H04L12/803 ,  H04L29/06 ,  H04L29/08

Abstract: Techniques are described for facilitating flow symmetry using a scalable service platform that anchors the service chain. The scalable service platform may facilitate flow symmetry and, at least in some cases, flow stickiness for a first packet flow (a “forward packet flow” and a second, related packet flow (a “reverse packet flow”) both traversing the service chain in the forward and reverse directions, respectively. For example, a virtualized computing infrastructure may deploy a scalable service platform to perform load balancing of multiple forward packet flows, received from the gateway, among multiple parallel service instances for an ingress service in a service chain. For each corresponding reverse packet flows for the multiple forward packet flows, the scalable service platform load balances the reverse packet flow to the service instance for the egress service in the service chain that is applied to the corresponding forward packet flow.

公开(公告)号：US09596159B2

公开(公告)日：2017-03-14

申请号：US14788398

申请日：2015-06-30

Applicant: Juniper Networks, Inc.

Inventor： Tirthankar Ghose ,  Harshad Bhaskar Nakil ,  ND Ramesh

IPC: H04L12/26 ,  H04L12/931 ,  H04L12/24 ,  H04L12/713 ,  H04L12/937 ,  H04L29/06

CPC classification number: H04L43/0852 ,  H04L41/12 ,  H04L43/028 ,  H04L43/106 ,  H04L45/586 ,  H04L49/254 ,  H04L49/356 ,  H04L49/70 ,  H04L69/22

Abstract: Techniques are described for determining latency in a physical network that includes a number of network devices over which packets travel. A virtual network controller receives a plurality of messages from a plurality of network devices in a network, each of the messages including a packet signature comprising a hash of an invariant portion of an original packet that uniquely identifies the original packet, an identifier of one of the plurality of network devices from which the respective message was received, and a timestamp indicating a time an original packet was processed by the network device from which the respective message was received. The virtual network controller determines a latency of a physical network path in the network based on analysis of contents of the identified messages having a common packet signature.

Abstract translation: 描述了用于确定物理网络中的延迟的技术，其包括数据包在其上行进的多个网络设备。 虚拟网络控制器从网络中的多个网络设备接收多个消息，每个消息包括包含唯一标识原始分组的原始分组的不变部分的散列的分组签名， 接收相应消息的多个网络设备，以及指示从其接收相应消息的网络设备处理原始分组的时间的时间戳。 虚拟网络控制器基于对具有公共分组签名的所识别的消息的内容的分析来确定网络中的物理网络路径的等待时间。

公开(公告)号：US09094308B2

公开(公告)日：2015-07-28

申请号：US13840657

申请日：2013-03-15

Applicant: Juniper Networks, Inc.

Inventor： Tirthankar Ghose ,  Harshad Bhaskar Nakil ,  N D Ramesh

IPC: H04L12/26 ,  H04L12/931 ,  H04L12/24

CPC classification number: H04L43/0852 ,  H04L41/12 ,  H04L43/028 ,  H04L43/106 ,  H04L45/586 ,  H04L49/254 ,  H04L49/356 ,  H04L49/70 ,  H04L69/22

Abstract: Techniques are described for determining latency in a physical network that includes a number of network devices over which packets travel. A virtual network controller receives a plurality of messages from a plurality of network devices in a network, each of the messages including a packet signature comprising a hash of an invariant portion of an original packet that uniquely identifies the original packet, an identifier of one of the plurality of network devices from which the respective message was received, and a timestamp indicating a time an original packet was processed by the network device from which the respective message was received. The virtual network controller determines a latency of a physical network path in the network based on analysis of contents of the identified messages having a common packet signature.

Abstract translation: 描述了用于确定物理网络中的延迟的技术，其包括数据包在其上行进的多个网络设备。 虚拟网络控制器从网络中的多个网络设备接收多个消息，每个消息包括包含唯一标识原始分组的原始分组的不变部分的散列的分组签名， 接收相应消息的多个网络设备，以及指示从其接收相应消息的网络设备处理原始分组的时间的时间戳。 虚拟网络控制器基于对具有公共分组签名的所识别的消息的内容的分析来确定网络中的物理网络路径的等待时间。

公开(公告)号：US20130332602A1

公开(公告)日：2013-12-12

申请号：US13843500

申请日：2013-03-15

Applicant: Juniper Networks, Inc.

Inventor： Harshad Bhaskar Nakil ,  Ankur Singla ,  Rajashekar Reddy

IPC: H04L12/26

CPC classification number: G06N99/005 ,  G06F11/008 ,  H04L41/0631 ,  H04L41/147 ,  H04L43/04 ,  H04L43/0852 ,  H04L43/10 ,  H04L45/16 ,  H04L45/38 ,  H04L45/42 ,  H04L45/48 ,  H04L45/586 ,  H04L61/103 ,  H04L69/40

Abstract: In general, techniques are described for determining a physical network path taken by packets of a network packet flow. The techniques may be applied to determine, or “trace,” a physical network path in the virtualized network domain. In some examples, a network device includes one or more processors and a switch executed by the processors to forward packets of a packet flow to a physical network path. The network device also includes a flow trace module to generate one or more flow trace packets having incrementally increasing respective time-to-live (TTL) values, wherein the switch module forwards the flow trace packets on an outbound interface of the network device for the physical network path, and wherein the flow trace module receives corresponding time exceeded messages for the flow trace packets, wherein each of the time exceeded message includes a source network address of a network element on the physical network path.

Abstract translation: 通常，描述了用于确定网络分组流的分组采取的物理网络路径的技术。 可以应用这些技术来确定或追踪虚拟网络域中的物理网络路径。 在一些示例中，网络设备包括一个或多个处理器和由处理器执行的交换机将分组流的分组转发到物理网络路径。 网络设备还包括流跟踪模块，用于生成具有递增增加的相应生存时间（TTL）值的一个或多个流跟踪分组，其中交换模块在网络设备的出站接口上转发流跟踪分组，用于 物理网络路径，并且其中所述流跟踪模块接收所述流跟踪分组的对应的超时间消息，其中每个所述超时消息包括所述物理网络路径上的网元的源网络地址。

公开(公告)号：US10757006B1

公开(公告)日：2020-08-25

申请号：US16266416

申请日：2019-02-04

Applicant: Juniper Networks, Inc.

Inventor： Anantharamu Suryanarayana ,  Harshad Bhaskar Nakil ,  Nischal Kumar N. Sheth

IPC: H04L12/28 ,  H04L12/751 ,  H04L12/931

Abstract: In one example, a method includes by a Software Defined Networking (SDN) controller, receiving one or more virtual routes to virtual interfaces from a first virtual router agent managed by the SDN controller, the one or more virtual routes received via a messaging protocol session between the SDN controller and the first virtual router agent; storing, by the SDN controller, the one or more virtual routes to a data structure; in response to determining the messaging protocol session has closed, marking, by the SDN controller, the one or more virtual routes in the data structure as stale without deleting the one or more virtual routes from the data structure and without withdrawing the virtual routes from routing protocol peers of the SDN controller; and subsequent to marking the one or more virtual routes as stale, sending, by the SDN controller, the one or more virtual routes to a second virtual router agent.

公开(公告)号：US09898317B2

公开(公告)日：2018-02-20

申请号：US14406107

申请日：2013-06-05

Applicant: Juniper Networks, Inc.

Inventor： Harshad Bhaskar Nakil ,  Ankur Singla

IPC: G06F9/455 ,  H04L12/26 ,  H04L12/24 ,  G06F11/07 ,  H04L29/14 ,  H04L12/931 ,  H04L29/12

CPC classification number: G06F9/45558 ,  G06F9/455 ,  G06F11/07 ,  G06F2009/45595 ,  H04L41/0631 ,  H04L41/0856 ,  H04L41/0893 ,  H04L43/0852 ,  H04L43/10 ,  H04L49/70 ,  H04L61/103 ,  H04L69/40

Abstract: In general, techniques are described for configuring and managing virtual networks. For example, a distributed virtual network controller is described that configures and manages an overlay network within a physical network formed by plurality of switches. A plurality of servers are interconnected by the switch fabric, each of the servers comprising an operating environment executing one or more virtual machines in communication via the overlay networks. The servers comprises a set of virtual switches that extends the overlay network as a virtual network to the operating environment of the virtual machines. The controller may instruct the servers and the virtual switches to perform various operations, such as determining a physical network path taken by packets of a network packet flow, determining latency through the network, re-routing traffic in the virtual network due to network events, replicating traffic for multicasting, providing multi-tenant services to support multiple virtual networks, monitoring and logging traffic characteristics within the virtual networks and other operations.

公开(公告)号：US08953441B2

公开(公告)日：2015-02-10

申请号：US13840902

申请日：2013-03-15

Applicant: Juniper Networks, Inc.

Inventor： Harshad Bhaskar Nakil ,  Pedro R. Marques ,  Hampapur Ajay ,  Ashish Ranjan ,  Ankur Singla

IPC: H04L12/26 ,  H04L12/24 ,  H04L12/751 ,  H04L29/08

CPC classification number: H04L41/0668 ,  H04L41/0659 ,  H04L41/12 ,  H04L45/02 ,  H04L45/28 ,  H04L49/70 ,  H04L67/32

Abstract: In one example, a network device includes a virtual network agent, and a network interface to send network packets to the virtual network controller using a default route for a physical network prior to establishing a communication session between a virtual network controller and the virtual network agent, wherein, after establishing the communication session between the virtual network controller device and the virtual network agent, the virtual network agent receives from the virtual network controller a command to install a new route at the network device, wherein the new route specifies encapsulation information to use for encapsulating network packets for sending the network packets to the virtual network controller over an overlay network, and wherein, responsive to detecting a failed link in the physical network, the virtual network agent sends packets to the virtual network controller on an alternate route in the overlay network.

Abstract translation: 在一个示例中，网络设备包括虚拟网络代理和网络接口，用于在虚拟网络控制器和虚拟网络代理之间建立通信会话之前，使用物理网络的默认路由向虚拟网络控制器发送网络分组 其中，在虚拟网络控制器设备和虚拟网络代理建立通信会话之后，虚拟网络代理从虚拟网络控制器接收在网络设备上安装新路由的命令，其中新路由指定封装信息 用于封装网络分组以通过覆盖网络将网络分组发送到虚拟网络控制器，并且其中响应于检测物理网络中的故障链路，虚拟网络代理在备用路由上向虚拟网络控制器发送分组 覆盖网络。

公开(公告)号：US20130332577A1

公开(公告)日：2013-12-12

申请号：US13835017

申请日：2013-03-15

Applicant: JUNIPER NETWORKS, INC.

Inventor： Harshad Bhaskar Nakil ,  Pedro R. Marques ,  Hampapur Ajay ,  Ashish Ranjan ,  Ankur Singla

IPC: H04L29/08

CPC classification number: H04L41/0668 ,  H04L41/0659 ,  H04L41/12 ,  H04L45/02 ,  H04L45/28 ,  H04L49/70 ,  H04L67/32

Abstract: In general, techniques are described for facilitating multi-tenancy of a server accessed by virtual networks of a data center. A device included within a data center comprising one or more processors may perform the techniques. The processors may be configured to execute a virtual switch that supports a number of virtual networks executing within the data center. The virtual switch may be configured to receive a request regarding data associated with an identifier that is unique within one of the virtual networks that originated the request. The virtual switch may then translate the identifier included within the request to generate a globally unique identifier that is unique within the plurality of virtual networks, update the request to replace the identifier included within the request with the globally unique identifier, and transmit the updated request to a server of the data center.

Abstract translation: 通常，描述了用于促进由数据中心的虚拟网络访问的服务器的多租户的技术。 包括在包括一个或多个处理器的数据中心内的设备可以执行该技术。 处理器可以被配置为执行支持在数据中心内执行的多个虚拟网络的虚拟交换机。 虚拟交换机可以被配置为接收关于与发起请求的虚拟网络之一内的唯一的标识符相关联的数据的请求。 虚拟交换机然后可以转换包括在请求内的标识符，以生成在多个虚拟网络中是唯一的全局唯一标识符，更新请求以用全局唯一标识符替换请求中包含的标识符，并且发送更新的请求 到数据中心的服务器。

公开(公告)号：US20130332399A1

公开(公告)日：2013-12-12

申请号：US13842909

申请日：2013-03-15

Applicant: Juniper Networks, Inc.

Inventor： Rajashekar Reddy ,  Harshad Bhaskar Nakil

IPC: G06N99/00

CPC classification number: G06N99/005 ,  G06F11/008 ,  H04L41/0631 ,  H04L41/147 ,  H04L43/04 ,  H04L43/0852 ,  H04L43/10 ,  H04L45/16 ,  H04L45/38 ,  H04L45/42 ,  H04L45/48 ,  H04L45/586 ,  H04L61/103 ,  H04L69/40

Abstract: In general, techniques are described for automatically identifying likely faulty components in massively distributed complex systems. In some examples, snapshots of component parameters are automatically repeatedly fed to a pre-trained classifier and the classifier indicates whether each received snapshot is likely to belong to a fault and failure class or to a non-fault/failure class. Components whose snapshots indicate a high likelihood of fault or failure are investigated, restarted or taken off line as a pre-emptive measure. The techniques may be applied in a massively distributed complex system such as a data center.

Abstract translation: 通常，描述了用于自动识别大规模分布式复杂系统中可能的故障组件的技术。 在一些示例中，组件参数的快照自动重复馈送到预训练的分类器，分类器指示每个接收到的快照是否可能属于故障类和故障类或非故障/故障类。 快照指示故障或故障的可能性高的组件将作为先发制人的措施进行调查，重新启动或脱机。 这些技术可以应用在诸如数据中心的大规模分布式复杂系统中。