公开(公告)号：US20250097821A1

公开(公告)日：2025-03-20

申请号：US18965320

申请日：2024-12-02

Applicant: Juniper Networks, Inc.

Inventor： Srinivas Akkipeddi ,  Narendranath Karjala Subramanyam ,  Sachchidanand Vaidya ,  Mahesh Sivakumar ,  Pavan Kumar Kurapati ,  Philip M. Goddard ,  Sivakumar Ganapathy ,  Shailender Sharma ,  Kiran K N ,  Pranavadatta D N ,  Vinay K Nallamothu ,  Yuvaraja Mariappan ,  Ashutosh K. Grewal

IPC: H04W40/24 ,  H04L45/00 ,  H04L45/02 ,  H04L45/586 ,  H04L45/64 ,  H04L45/741

Abstract: In general, this disclosure describes techniques for a containerized router operating within a cloud native orchestration framework. In an example, a virtualized cell site router comprises a computing device configured with a containerized router, the computing device comprising: a containerized virtual router configured to execute on the processing circuitry and configured to implement a data plane for the containerized router; a containerized routing protocol process configured to execute on the processing circuitry and configured to implement a control plane for the containerized router; and a pod comprising a containerized distributed unit, wherein the containerized routing protocol process is configured to advertise routing information comprising reachability information for the containerized distributed unit.

公开(公告)号：US11818647B2

公开(公告)日：2023-11-14

申请号：US17649643

申请日：2022-02-01

Applicant: Juniper Networks, Inc.

Inventor： Mahesh Sivakumar ,  Pranavadatta D N ,  Sangarshan Pillareddy

IPC: H04W40/24 ,  H04L45/586 ,  H04L45/02 ,  H04L45/64 ,  H04L45/741 ,  H04L45/00

CPC classification number: H04W40/248 ,  H04L45/04 ,  H04L45/38 ,  H04L45/586 ,  H04L45/64 ,  H04L45/741

Abstract: In general, this disclosure describes techniques for a containerized router operating within a cloud native orchestration framework. In an example, a computing device comprises a containerized routing protocol process executing on processing circuitry of the computing device and configured to receive routing information; a containerized set of workloads; a data plane development kit (DPDK)-based virtual router executing on the processing circuitry and configured to forward traffic to and from the workloads based on the routing information from the containerized routing protocol; and a virtual router agent for the virtual router, the virtual router agent executing on the processing circuitry and configured to expose a generic data plane interface.

公开(公告)号：US11516179B2

公开(公告)日：2022-11-29

申请号：US16138767

申请日：2018-09-21

Applicant: Juniper Networks, Inc.

Inventor： Jimmy Jose ,  Pranavadatta D N ,  Reji Thomas

IPC: H04L61/5046

Abstract: A network device in a network may determine a tentative network address for a network interface of the network device and may determine whether the tentative network address is duplicative of any one of the network addresses in the network. If the tentative network address is duplicative of a network address assigned to another network interface in the network, the network device may store an indication of the other network interface. In response to receiving an indication that a new network address is assigned to the other network interface, the network device may re-determine whether the tentative network address is duplicative of any one of the network addresses in the network. If the network device determines that the tentative network address is not duplicative of any one of the plurality of network addresses in the network, the network device may assign the tentative network address to the network interface.

公开(公告)号：US20220303246A1

公开(公告)日：2022-09-22

申请号：US16652643

申请日：2020-02-27

Applicant: Juniper Networks, Inc.

Inventor： Prasad Miriyala ,  Aniket G. Daptari ,  Fei Chen ,  Pranavadatta D N ,  Kiran K N ,  Jeffrey S. Marshall ,  Prakash T. Seshadri

IPC: H04L9/40 ,  H04L41/0894 ,  H04L12/46 ,  H04L45/76 ,  G06F9/455

Abstract: Techniques are disclosed for redirecting network traffic of virtualized application workload to a host-based firewall. For example, a system comprises a software defined networking (SDN) controller of a multi-tenant virtualized data center configured to: receive a security policy expressed as one or more tags to redirect traffic of a virtualized application workload to a host-based firewall (HBF) of the multi-tenant virtualized data center; configure network connectivity to the HBF in accordance with the security policy; a security controller that manages the HBF configured to: obtain the one or more tags from the SDN controller; receive one or more firewall policies expressed in terms of the one or more tags, wherein each of the one or more firewall policies specifies a function of the HBF; and configure the function of the HBF in accordance with the one or more firewall policies.

公开(公告)号：US20220279421A1

公开(公告)日：2022-09-01

申请号：US17649643

申请日：2022-02-01

Applicant: Juniper Networks, Inc.

Inventor： Mahesh Sivakumar ,  Pranavadatta D N ,  Sangarshan Pillareddy

IPC: H04W40/24 ,  H04L45/586 ,  H04L45/741 ,  H04L45/00

Abstract: In general, this disclosure describes techniques for a containerized router operating within a cloud native orchestration framework. In an example, a computing device comprises a containerized routing protocol process executing on processing circuitry of the computing device and configured to receive routing information; a containerized set of workloads; a data plane development kit (DPDK)-based virtual router executing on the processing circuitry and configured to forward traffic to and from the workloads based on the routing information from the containerized routing protocol; and a virtual router agent for the virtual router, the virtual router agent executing on the processing circuitry and configured to expose a generic data plane interface.

公开(公告)号：US20220279420A1

公开(公告)日：2022-09-01

申请号：US17649632

申请日：2022-02-01

Applicant: Juniper Networks, Inc.

Inventor： Srinivas Akkipeddi ,  Narendranath Karjala Subramanyam ,  Sachchidanand Vaidya ,  Mahesh Sivakumar ,  Pavan Kumar Kurapati ,  Philip M. Goddard ,  Sivakumar Ganapathy ,  Shailender Sharma ,  Kiran K N ,  Pranavadatta D N ,  Vinay K Nallamothu ,  Yuvaraja Mariappan ,  Ashutosh K. Grewal

IPC: H04W40/24 ,  H04L45/586 ,  H04L45/64 ,  H04L45/00

Abstract: In general, this disclosure describes techniques for a containerized router operating within a cloud native orchestration framework. In an example, a virtualized cell site router comprises a computing device configured with a containerized router, the computing device comprising: a containerized virtual router configured to execute on the processing circuitry and configured to implement a data plane for the containerized router; a containerized routing protocol process configured to execute on the processing circuitry and configured to implement a control plane for the containerized router; and a pod comprising a containerized distributed unit, wherein the containerized routing protocol process is configured to advertise routing information comprising reachability information for the containerized distributed unit.

公开(公告)号：US10063675B2

公开(公告)日：2018-08-28

申请号：US15083800

申请日：2016-03-29

Applicant: Juniper Networks, Inc.

Inventor： Reji Thomas ,  Jithin Girish ,  Pranavadatta D N

IPC: H04L29/08 ,  H04L12/823 ,  H04L29/12 ,  H04L12/741

CPC classification number: H04L69/325 ,  H04L45/74 ,  H04L47/32 ,  H04L61/2007 ,  H04L61/2092 ,  H04L61/6004 ,  H04L61/6022 ,  H04L61/6077 ,  H04L69/324

Abstract: A device may activate a layer 3 interface of the device based on activation of a first layer 2 interface associated with the layer 3 interface. The device may detect activation of a second layer 2 interface, associated with the layer 3 interface, after activating the layer 3 interface. The device may activate a filter to prevent transfer of network traffic via the second layer 2 interface based on detecting activation of the second layer 2 interface. The device may perform duplicate address detection, in association with the second layer 2 interface, for a layer 3 network address assigned to the device. The device may determine whether the layer 3 network address is a duplicate network address based on performing the duplicate address detection. The device may selectively maintain or deactivate the filter based on determining whether the layer 3 network address is a duplicate network address.

公开(公告)号：US20170289094A1

公开(公告)日：2017-10-05

申请号：US15083800

申请日：2016-03-29

Applicant: Juniper Networks, Inc.

Inventor： Reji THOMAS ,  Jithin GIRISH ,  Pranavadatta D N

IPC: H04L29/12 ,  H04L29/08 ,  H04L12/823

CPC classification number: H04L69/325 ,  H04L45/74 ,  H04L47/32 ,  H04L61/2007 ,  H04L61/2092 ,  H04L61/6004 ,  H04L61/6022 ,  H04L61/6077 ,  H04L69/324

Abstract: A device may activate a layer 3 interface of the device based on activation of a first layer 2 interface associated with the layer 3 interface. The device may detect activation of a second layer 2 interface, associated with the layer 3 interface, after activating the layer 3 interface. The device may activate a filter to prevent transfer of network traffic via the second layer 2 interface based on detecting activation of the second layer 2 interface. The device may perform duplicate address detection, in association with the second layer 2 interface, for a layer 3 network address assigned to the device. The device may determine whether the layer 3 network address is a duplicate network address based on performing the duplicate address detection. The device may selectively maintain or deactivate the filter based on determining whether the layer 3 network address is a duplicate network address.

公开(公告)号：US12160811B2

公开(公告)日：2024-12-03

申请号：US17649632

申请日：2022-02-01

Applicant: Juniper Networks, Inc.

Inventor： Srinivas Akkipeddi ,  Narendranath Karjala Subramanyam ,  Sachchidanand Vaidya ,  Mahesh Sivakumar ,  Pavan Kumar Kurapati ,  Philip M. Goddard ,  Sivakumar Ganapathy ,  Shailender Sharma ,  Kiran K N ,  Pranavadatta D N ,  Vinay K Nallamothu ,  Yuvaraja Mariappan ,  Ashutosh K. Grewal

IPC: H04W40/24 ,  H04L45/00 ,  H04L45/02 ,  H04L45/586 ,  H04L45/64 ,  H04L45/741

Abstract: In general, this disclosure describes techniques for a containerized router operating within a cloud native orchestration framework. In an example, a virtualized cell site router comprises a computing device configured with a containerized router, the computing device comprising: a containerized virtual router configured to execute on the processing circuitry and configured to implement a data plane for the containerized router; a containerized routing protocol process configured to execute on the processing circuitry and configured to implement a control plane for the containerized router; and a pod comprising a containerized distributed unit, wherein the containerized routing protocol process is configured to advertise routing information comprising reachability information for the containerized distributed unit.

公开(公告)号：US11929987B1

公开(公告)日：2024-03-12

申请号：US16800816

申请日：2020-02-25

Applicant: Juniper Networks, Inc.

Inventor： Pranavadatta D N ,  Aniket G. Daptari ,  Carlo Contavalli ,  Prasad Miriyala ,  Kiran K N ,  Prasannaa Vengatesan T S ,  Venkatesh Velpula

IPC: H04L9/40 ,  G06F9/455 ,  H04L49/25 ,  H04L61/5007 ,  H04L69/22 ,  H04L69/324 ,  H04L101/622

CPC classification number: H04L63/0272 ,  G06F9/45558 ,  H04L49/25 ,  H04L61/5007 ,  H04L69/22 ,  H04L69/324 ,  G06F2009/45595 ,  H04L2101/622

Abstract: Techniques are disclosed for a network device to preserve packet flow information across bump-in-the-wire (BITW) firewalls. For example, a method comprises receiving, by a network device, a packet. The method also comprises determining, by the network device, that the packet matches a packet flow that is associated with an action to redirect the packet to a firewall configured as a bump-in-the-wire. The method further comprises, in response to the determination: modifying, by the network device, a Media Access Control (MAC) address field of a layer 2 (L2) packet header with a flow identifier of the packet flow; sending, by the network device, the packet to the firewall; receiving, by the network device, the packet from the firewall; and recovering, by the network device, the packet flow by modifying the packet according to the flow identifier in the packet to restore the L2 packet header of the packet.