公开(公告)号：US10979339B2

公开(公告)日：2021-04-13

申请号：US16673704

申请日：2019-11-04

Applicant: Juniper Networks, Inc.

Inventor： Swamy Sadashivaiah Renu Kananda ,  Nitin Kumar ,  Scott Mackie ,  Surya Chandra Sekhar Nimmagadda

IPC: H04L12/751 ,  H04L12/721 ,  H04L12/715 ,  H04L29/06

Abstract: In one example, a method comprises receiving, by a forwarding manager for an internal forwarding path executed by at least one packet processor of a forwarding unit of a network device, one or more packet processing operations from a control unit of the network device; generating, by the forwarding manager based on the one or more packet processing operations, a plurality of nodes each comprising a unique token, wherein a first node of the plurality of nodes includes a token reference set to a value for the token of a second node of the plurality of nodes; configuring, by the forwarding manager based on the nodes, the forwarding path to include respective forwarding path elements for the plurality of nodes; and processing, by the packet processor, a packet received by the forwarding unit by executing the forwarding path elements.

公开(公告)号：US10764249B1

公开(公告)日：2020-09-01

申请号：US15827927

申请日：2017-11-30

Applicant: Juniper Networks, Inc.

Inventor： Sunanda L. Kommula ,  Nitin Kumar ,  Dmitry A. Shokarev

IPC: H04L29/06 ,  G06F9/455 ,  H04L12/46

Abstract: A network device is configured to receive an inbound packet from a first server device via a network tunnel, the first inbound packet including an outer header, a virtual private network (VPN) label, an inner header, and a data payload, the inner header including an inner source IP address of a source virtual machine. The processors are also configured to determine a first tunnel identifier, determine, based on the inner source IP address, a second tunnel identifier associated with a second server device hosting the source virtual machine, compare the second tunnel identifier with the first tunnel identifier to determine whether the tunnel on which the first inbound packet was received is the same as a tunnel used for forwarding traffic to the source virtual machine, and drop the inbound packet when the second tunnel identifier does not match the first tunnel identifier.

公开(公告)号：US10511546B2

公开(公告)日：2019-12-17

申请号：US15844338

申请日：2017-12-15

Applicant: Juniper Networks, Inc.

Inventor： Babu Singarayan ,  Nitin Kumar ,  Raghavendra Mallya ,  Jeyananth Minto Jeganathan ,  Kaliraj Vairavakkalai

IPC: H04L12/933 ,  H04L12/947 ,  H04L12/715 ,  H04L12/721 ,  H04L12/751 ,  H04L12/931

Abstract: In one example, a management component executing on a single-chassis network device configures a virtual node with an abstract fabric interface having, as a destination address, identifiers of packet processors (e.g., PTFE-IDs) assigned to the virtual node on the other end of the abstract fabric interface. The management component of the single-chassis network device pre-creates an underlay network by using the fabric links at the packet processor. When the management component creates and connects an abstract fabric interface on the virtual nodes, the management component forms an overlay network and attaches the overlay network to the underlay network, e.g., by programming the forwarding plane packet processor, to connect the virtual nodes. However, users of the network device, external devices, and routing protocols will not view the abstract fabric interface as an overlay interface, but as a regular Ethernet interface (e.g., a Gigabit Ethernet interface).

公开(公告)号：US20190222504A1

公开(公告)日：2019-07-18

申请号：US15870309

申请日：2018-01-12

Applicant: Juniper Networks, Inc.

Inventor： Swamy Sadashivaiah Renu Kananda ,  Nitin Kumar ,  Scott Mackie ,  Surya Chandra Sekhar Nimmagadda

IPC: H04L12/751

CPC classification number: H04L45/02 ,  H04L45/38 ,  H04L45/64 ,  H04L67/42

Abstract: In one example, a method comprises receiving, by a forwarding manager for an internal forwarding path executed by at least one packet processor of a forwarding unit of a network device, one or more packet processing operations from a control unit of the network device; generating, by the forwarding manager based on the one or more packet processing operations, a plurality of nodes each comprising a unique token, wherein a first node of the plurality of nodes includes a token reference set to a value for the token of a second node of the plurality of nodes; configuring, by the forwarding manager based on the nodes, the forwarding path to include respective forwarding path elements for the plurality of nodes; and processing, by the packet processor, a packet received by the forwarding unit by executing the forwarding path elements.

公开(公告)号：US10305795B1

公开(公告)日：2019-05-28

申请号：US15726592

申请日：2017-10-06

Applicant: Juniper Networks, Inc.

Inventor： Jonathan C. Barth ,  Nitin Kumar ,  Sunanda Kommula

IPC: H04L12/24 ,  H04L12/715 ,  H04L29/08 ,  H04L12/813 ,  H04L12/717 ,  H04L29/06

Abstract: The disclosed method may include (1) receiving, at a route server that serves an Internet exchange, a request from an autonomous system to join the Internet exchange, (2) obtaining, from the autonomous system, a policy that defines which routes pertaining to the autonomous system are to be shared with additional autonomous systems that have joined the Internet exchange, (3) obtaining, from the autonomous system, a plurality of routes pertaining to the autonomous system, (4) storing, at the route server, the plurality of routes pertaining to the autonomous system, and then (5) advertising at least a portion of the plurality of routes to at least one of the additional autonomous systems in accordance with the policy obtained from the autonomous system. Various other apparatuses, systems, and methods are also disclosed.

公开(公告)号：US20190104087A1

公开(公告)日：2019-04-04

申请号：US15844338

申请日：2017-12-15

Applicant: Juniper Networks, Inc.

Inventor： Babu Singarayan ,  Nitin Kumar ,  Raghavendra Mallya ,  Jeyananth Minto Jeganathan ,  Kaliraj Vairavakkalai

IPC: H04L12/933 ,  H04L12/947 ,  H04L12/721 ,  H04L12/715

CPC classification number: H04L49/15 ,  H04L45/02 ,  H04L45/64 ,  H04L45/66 ,  H04L49/25 ,  H04L49/70

Abstract: In one example, a management component executing on a single-chassis network device configures a virtual node with an abstract fabric interface having, as a destination address, identifiers of packet processors (e.g., PTFE-IDs) assigned to the virtual node on the other end of the abstract fabric interface. The management component of the single-chassis network device pre-creates an underlay network by using the fabric links at the packet processor. When the management component creates and connects an abstract fabric interface on the virtual nodes, the management component forms an overlay network and attaches the overlay network to the underlay network, e.g., by programming the forwarding plane packet processor, to connect the virtual nodes. However, users of the network device, external devices, and routing protocols will not view the abstract fabric interface as an overlay interface, but as a regular Ethernet interface (e.g., a Gigabit Ethernet interface)

公开(公告)号：US08937865B1

公开(公告)日：2015-01-20

申请号：US13629326

申请日：2012-09-27

Applicant: Juniper Networks, Inc.

Inventor： Nitin Kumar ,  Alex Baban ,  Surya Nimmagadda ,  Alok Khambatkone ,  Saravanan Masilamani ,  Anand S. Athreya ,  Vipul Deokar

IPC: H04L12/26 ,  H04L12/803

CPC classification number: H04L47/125 ,  H04L43/0876 ,  H04L45/7453 ,  H04L47/41 ,  H04L47/76 ,  Y02D50/30

Abstract: In general, techniques are described for scheduling traffic for delivery over an aggregated bundle of links. A network device comprising an interface and a data plane may implement the techniques. The interface receives packets associated with packet flows. The data plane associates each of the packet flows with a different link of an aggregated bundle of links. The data plane monitors transmission of the packets via the links to determine a representation of an amount of data sent per link. The data plane further determines that bandwidth utilization does not conform to a desired bandwidth utilization based on the determined representation of the amount of data sent per link. The data plane then re-associates the packet flows to different links of the aggregated bundle based on the determination that the bandwidth utilization does not conform to the desired bandwidth utilization.

Abstract translation: 一般来说，描述了用于调度流量以在聚合的链路链上传送的技术。 包括接口和数据平面的网络设备可以实现这些技术。 接口接收与数据包流相关的数据包。 数据平面将每个分组流与聚合的链路链路的不同链路相关联。 数据平面通过链路监视分组的传输，以确定每个链路发送的数据量的表示。 数据平面进一步基于所确定的每个链路发送的数据量的表示来确定带宽利用率不符合期望的带宽利用率。 然后，基于带宽利用率不符合期望的带宽利用率的确定，数据平面将分组流重新关联到聚合束的不同链路。

公开(公告)号：US20200067813A1

公开(公告)日：2020-02-27

申请号：US16673704

申请日：2019-11-04

Applicant: Juniper Networks, Inc.

Inventor： Swamy Sadashivaiah Renu Kananda ,  Nitin Kumar ,  Scott Mackie ,  Surya Chandra Sekhar Nimmagadda

IPC: H04L12/751 ,  H04L12/721 ,  H04L12/715

Abstract: In one example, a method comprises receiving, by a forwarding manager for an internal forwarding path executed by at least one packet processor of a forwarding unit of a network device, one or more packet processing operations from a control unit of the network device; generating, by the forwarding manager based on the one or more packet processing operations, a plurality of nodes each comprising a unique token, wherein a first node of the plurality of nodes includes a token reference set to a value for the token of a second node of the plurality of nodes; configuring, by the forwarding manager based on the nodes, the forwarding path to include respective forwarding path elements for the plurality of nodes; and processing, by the packet processor, a packet received by the forwarding unit by executing the forwarding path elements.

公开(公告)号：US11706196B1

公开(公告)日：2023-07-18

申请号：US17007830

申请日：2020-08-31

Applicant: Juniper Networks, Inc.

Inventor： Sunanda L. Kommula ,  Nitin Kumar ,  Dmitry A. Shokarev

IPC: H04L9/40 ,  G06F9/455 ,  H04L12/46

CPC classification number: H04L63/0236 ,  H04L63/0245 ,  H04L63/0272 ,  G06F9/45558 ,  G06F2009/45587 ,  H04L12/4641

Abstract: A network device is configured to receive an inbound packet from a first server device via a network tunnel, the first inbound packet including an outer header, a virtual private network (VPN) label, an inner header, and a data payload, the inner header including an inner source IP address of a source virtual machine. The processors are also configured to determine a first tunnel identifier, determine, based on the inner source IP address, a second tunnel identifier associated with a second server device hosting the source virtual machine, compare the second tunnel identifier with the first tunnel identifier to determine whether the tunnel on which the first inbound packet was received is the same as a tunnel used for forwarding traffic to the source virtual machine, and drop the inbound packet when the second tunnel identifier does not match the first tunnel identifier.

公开(公告)号：US10536375B2

公开(公告)日：2020-01-14

申请号：US15870148

申请日：2018-01-12

Applicant: Juniper Networks, Inc.

Inventor： Surya Chandra Sekhar Nimmagadda ,  Nayan S. Patel ,  Swamy Sadashivaiah Renu Kananda ,  Scott Mackie ,  Nitin Kumar

IPC: H04L12/28 ,  H04L12/741

Abstract: In one example, a method includes detecting, by a forwarding manager for an internal forwarding path executed by at least one packet processor of a forwarding unit of a network device, that the at least one packet processor of a plurality of packet processors has become available for processing packets for forwarding; in response to the detecting, ceasing, by the forwarding manager, execution of control processing operations received from a control unit of the network device; and programming, by the forwarding manager, a plurality of forwarding path elements of the at least one packet processor based on a dependencies data structure, wherein the dependencies data structure comprises one or more dependencies that each indicates, for a node of a plurality of nodes, one or more nodes that reference the node, and wherein each node of the plurality of nodes corresponds to a single forwarding path element of the plurality of forwarding path elements.