-
公开(公告)号:US11336482B2
公开(公告)日:2022-05-17
申请号:US16369330
申请日:2019-03-29
发明人: Sankar Ramamoorthi , Ravi Shekhar , Venkata Rajasekharu Athreyapurapu , Rajeev Gupta , Kaushik Dutta Majumdar , Mohan Kumar A P , Pranav Koushik
IPC分类号: H04L12/28 , H04L12/46 , H04L12/715 , H04L12/707 , H04L45/00 , H04L45/64 , H04L12/64
摘要: Techniques are described for policy driven on-demand tunnel creation and deletion between end points in a software-defined wide area network (SD-WAN) having a hub-and-spoke topology. A software-defined networking (SDN) controller that facilitates cloud-based services of a service provider network that sets up the SD-WAN is configured to determine whether a tunnel between end-points is to be created or deleted based on information indicative of the traffic, such as amount, time, application generating the traffic, and the like, between end-points.
-
公开(公告)号:US20190036813A1
公开(公告)日:2019-01-31
申请号:US15663052
申请日:2017-07-28
IPC分类号: H04L12/721 , H04L12/24 , H04L12/707
CPC分类号: H04L45/34 , H04L12/4633 , H04L12/4641 , H04L41/5003 , H04L41/5019 , H04L45/02 , H04L45/24 , H04L45/28 , H04L45/50 , H04L45/64
摘要: Techniques are described for selecting paths in accordance with service level agreements. For example, spoke and hub routers may advertise routes associated with virtual routing and forwarding (VRF) instances mapped to service level agreements (SLAs). A virtual route reflector of an intermediate router may receive route advertisements and may add respective path communities associated with particular links selected based on link state measurements in accordance with the SLAs. The hub or spoke routers may receive the route advertisements including a respective path community and install the selected path as a next-hop for a given SLA. In this way, spoke and hub routers may forward traffic on links that satisfy particular SLAs such that Quality of Experience (QoE) for an application may be restored or improved.
-
公开(公告)号:US20240195844A1
公开(公告)日:2024-06-13
申请号:US18584531
申请日:2024-02-22
IPC分类号: H04L9/40 , G06F16/245
CPC分类号: H04L63/20 , G06F16/245 , H04L63/0227
摘要: In an example, systems and methods enable automatic implementation of intent-based security policies in a network system, such as a software-defined wide area network system, in which network segment prefixes for network segments at one or more sites are dynamically learned. A service orchestrator controller translates an intent-based security policy input by a user to a security policy for a first site. The security policy for the first site specifies a segment-specific queryable resource associated with a second site. To implement the security policy, a device associated with the first site queries the segment-specific queryable resource associated with the second site, and updates one or more forwarding tables of the device with the network segment prefixes associated with one or more network segments at the second site received in response to the query. The first site forwards network traffic to the second site based on the updated forwarding tables.
-
公开(公告)号:US20220321604A1
公开(公告)日:2022-10-06
申请号:US17301278
申请日:2021-03-30
IPC分类号: H04L29/06 , G06F16/245 , G06N20/00
摘要: In an example, systems and methods enable automatic implementation of intent-based security policies in a network system, such as a software-defined wide area network system, in which network segment prefixes for network segments at one or more sites are dynamically learned. A service orchestrator controller translates an intent-based security policy input by a user to a security policy for a first site. The security policy for the first site specifies a segment-specific queryable resource associated with a second site. To implement the security policy, a device associated with the first site queries the segment-specific queryable resource associated with the second site, and updates one or more forwarding tables of the device with the network segment prefixes associated with one or more network segments at the second site received in response to the query. The first site forwards network traffic to the second site based on the updated forwarding tables.
-
公开(公告)号:US12095817B2
公开(公告)日:2024-09-17
申请号:US17301278
申请日:2021-03-30
IPC分类号: H04L9/40 , G06F16/245
CPC分类号: H04L63/20 , G06F16/245 , H04L63/0227
摘要: In an example, systems and methods enable automatic implementation of intent-based security policies in a network system, such as a software-defined wide area network system, in which network segment prefixes for network segments at one or more sites are dynamically learned. A service orchestrator controller translates an intent-based security policy input by a user to a security policy for a first site. The security policy for the first site specifies a segment-specific queryable resource associated with a second site. To implement the security policy, a device associated with the first site queries the segment-specific queryable resource associated with the second site, and updates one or more forwarding tables of the device with the network segment prefixes associated with one or more network segments at the second site received in response to the query. The first site forwards network traffic to the second site based on the updated forwarding tables.
-
公开(公告)号:US10523560B2
公开(公告)日:2019-12-31
申请号:US15663052
申请日:2017-07-28
IPC分类号: H04L12/721 , H04L12/24 , H04L12/707 , H04L12/46 , H04L12/715 , H04L12/751 , H04L12/703 , H04L12/723
摘要: Techniques are described for selecting paths in accordance with service level agreements. For example, spoke and hub routers may advertise routes associated with virtual routing and forwarding (VRF) instances mapped to service level agreements (SLAs). A virtual route reflector of an intermediate router may receive route advertisements and may add respective path communities associated with particular links selected based on link state measurements in accordance with the SLAs. The hub or spoke routers may receive the route advertisements including a respective path community and install the selected path as a next-hop for a given SLA. In this way, spoke and hub routers may forward traffic on links that satisfy particular SLAs such that Quality of Experience (QoE) for an application may be restored or improved.
-
公开(公告)号:US10454812B2
公开(公告)日:2019-10-22
申请号:US15663075
申请日:2017-07-28
IPC分类号: H04L12/721 , H04L12/24 , H04L12/715 , H04L12/751 , H04L12/703 , H04L12/713 , H04L12/26
摘要: Techniques are described for selecting paths in accordance with service level agreements. For example, spoke and hub routers may advertise routes associated with virtual routing and forwarding (VRF) instances mapped to service level agreements (SLAs). A virtual route reflector of an intermediate router may receive route advertisements and may add respective path communities associated with particular links selected based on link state measurements in accordance with the SLAs. The hub or spoke routers may receive the route advertisements including a respective path community and install the selected path as a next-hop for a given SLA. In this way, spoke and hub routers may forward traffic on links that satisfy particular SLAs such that Quality of Experience (QoE) for an application may be restored or improved.
-
公开(公告)号:US11916963B2
公开(公告)日:2024-02-27
申请号:US17301278
申请日:2021-03-30
IPC分类号: H04L9/40 , G06F16/245
CPC分类号: H04L63/20 , G06F16/245 , H04L63/0227
摘要: In an example, systems and methods enable automatic implementation of intent-based security policies in a network system, such as a software-defined wide area network system, in which network segment prefixes for network segments at one or more sites are dynamically learned. A service orchestrator controller translates an intent-based security policy input by a user to a security policy for a first site. The security policy for the first site specifies a segment-specific queryable resource associated with a second site. To implement the security policy, a device associated with the first site queries the segment-specific queryable resource associated with the second site, and updates one or more forwarding tables of the device with the network segment prefixes associated with one or more network segments at the second site received in response to the query. The first site forwards network traffic to the second site based on the updated forwarding tables.
-
9.发明申请公开(公告)号:US20200252234A1
公开(公告)日:2020-08-06
申请号:US16369330
申请日:2019-03-29
发明人: Sankar Ramamoorthi , Ravi Shekhar , Venkata Rajasekharu Athreyapurapu , Rajeev Gupta , Kaushik Dutta Majumdar , Mohan Kumar A P , Pranav Koushik
IPC分类号: H04L12/28 , H04L12/46 , H04L12/715 , H04L12/707
摘要: Techniques are described for policy driven on-demand tunnel creation and deletion between end points in a software-defined wide area network (SD-WAN) having a hub-and-spoke topology. A software-defined networking (SDN) controller that facilitates cloud-based services of a service provider network that sets up the SD-WAN is configured to determine whether a tunnel between end-points is to be created or deleted based on information indicative of the traffic, such as amount, time, application generating the traffic, and the like, between end-points.
-
公开(公告)号:US20190036808A1
公开(公告)日:2019-01-31
申请号:US15663075
申请日:2017-07-28
IPC分类号: H04L12/721 , H04L12/24
摘要: Techniques are described for selecting paths in accordance with service level agreements. For example, spoke and hub routers may advertise routes associated with virtual routing and forwarding (VRF) instances mapped to service level agreements (SLAs). A virtual route reflector of an intermediate router may receive route advertisements and may add respective path communities associated with particular links selected based on link state measurements in accordance with the SLAs. The hub or spoke routers may receive the route advertisements including a respective path community and install the selected path as a next-hop for a given SLA. In this way, spoke and hub routers may forward traffic on links that satisfy particular SLAs such that Quality of Experience (QoE) for an application may be restored or improved.
-
-
-
-
-
-
-
-
-
搜索结果
10 条记录 (耗时 0.018 秒)
