公开(公告)号：US12021740B2

公开(公告)日：2024-06-25

申请号：US17305117

申请日：2021-06-30

Applicant: Juniper Networks, Inc.

Inventor： Prasad Miriyala ,  Wen Lin ,  Suresh Palguna Krishnan ,  SelvaKumar Sivaraj ,  Kumuthini Ratnasingham

IPC: G06F15/16 ,  H04L12/46 ,  H04L45/00 ,  H04L45/586 ,  H04L45/74

CPC classification number: H04L45/34 ,  H04L12/4641 ,  H04L45/566 ,  H04L45/586 ,  H04L45/74

Abstract: A plurality of switches may be arranged according to a spine and leaf topology in which each spine switch is connected to all leaf switches. A leaf switch includes a memory configured to store a plurality of policies, each of the plurality of policies being associated with a respective source identifier value and a respective destination address; a network interface communicatively coupled to one of the spine switches; and a processor implemented in circuitry and configured to: receive a packet from the spine switch via the network interface, the packet being encapsulated with a Virtual Extensible Local Area Network (VXLAN) header; extract a source identifier value from the VXLAN header; determine a destination address for the packet; determine a policy of the plurality of policies to apply to the packet according to the source identifier value and the destination address; and apply the policy to the packet.

公开(公告)号：US10383027B1

公开(公告)日：2019-08-13

申请号：US15934794

申请日：2018-03-23

Applicant: Juniper Networks, Inc.

Inventor： SelvaKumar Sivaraj ,  Wen Lin ,  Ryan Bickhart ,  Prabakaran Arumugam

IPC: H04L12/46 ,  H04L12/721 ,  H04W40/14 ,  H04L29/08 ,  H04W40/28 ,  H04L12/707 ,  H04W60/00

Abstract: A provider edge device may receive a first MAC/IP route advertisement that identifies a MAC route, or a MAC and IP route, relating to an endpoint device. The provider edge device may generate and provide a MAC/IP route proxy advertisement based on the MAC route or the MAC and IP route, detect a potential decrease in reliability of the MAC route or the MAC and IP route, broadcast a request to verify the reliability of the MAC and IP route, determine whether the reliability of the MAC route, or the MAC and IP route, has decreased, and perform an action to cause withdrawal of the MAC/IP route proxy advertisement, or to cause a second MAC/IP route advertisement that identifies the MAC route, or the MAC and IP route, to be provided, based on determining whether the reliability of the MAC route, or the MAC and IP route, has decreased.

公开(公告)号：US10103902B1

公开(公告)日：2018-10-16

申请号：US14674285

申请日：2015-03-31

Applicant: Juniper Networks, Inc.

Inventor： Prabakaran Thirumali Sampath ,  SelvaKumar Sivaraj ,  Ravi Shekhar

IPC: H04L12/28 ,  H04L12/46 ,  H04L12/721 ,  H04L12/741 ,  H04L12/947 ,  H04L29/06 ,  H04L12/66

Abstract: This disclosure describes techniques for utilizing VXLANs within a network, such as a data center, for transporting L2 customer communications. Moreover, the disclosure describes techniques for auto-discovering, for each VXLAN, a corresponding replication node for replicating and distributing unknown destination, broadcast, and multicast frames to VXLAN Tunnel Endpoints (“VTEPs”) within the data center. Further, the techniques facilitate, by the replication node, discovery and auto-registration of the VTEPs for the respective customer network. As such, the techniques may facilitate configuration of VXLANs without necessarily relying on multicast protocols to provide such functionality. In this way, the techniques described herein may be used to supplement or even replace reliance on multicast protocols, such as the Protocol Independent Multicast (PIM) protocol, when configuring VXLANs within a network.

公开(公告)号：US11546253B2

公开(公告)日：2023-01-03

申请号：US17301351

申请日：2021-03-31

Applicant: Juniper Networks, Inc.

Inventor： Wen Lin ,  Yi Zheng ,  Mukesh Kumar ,  Xichun Hong ,  SelvaKumar Sivaraj ,  Vamshi Krishna Voruganti ,  John E. Drake

IPC: H04L45/28 ,  H04L41/0668 ,  H04L12/46

Abstract: Techniques are described for providing fast reroute for traffic in EVPN-VXLAN. For example, a backup PE device of an Ethernet segment is configured with an additional tunnel endpoint address (“reroute tunnel endpoint address”) for a backup path associated with a second split-horizon group that is different than a tunnel endpoint address and first split-horizon group for another path used for normal traffic forwarding. The backup PE device sends the reroute tunnel endpoint address to a primary PE device of the Ethernet segment, which uses the reroute tunnel endpoint address to configure a backup path to the backup PE device over the core network. For example, the primary PE device may install the reroute tunnel endpoint address within its forwarding plane and one or more operations to cause the primary PE device to encapsulate a VXLAN header including the reroute tunnel endpoint address when rerouting the packet along the backup path.

公开(公告)号：US11477233B2

公开(公告)日：2022-10-18

申请号：US16860828

申请日：2020-04-28

Applicant: Juniper Networks, Inc.

Inventor： Reji Thomas ,  SelvaKumar Sivaraj

IPC: H04L9/40 ,  H04L12/46 ,  H04L12/66 ,  H04L41/12 ,  H04L45/64 ,  H04L101/622 ,  H04L45/00 ,  H04L45/24

Abstract: Techniques are described for providing security extensions to neighbor discovery in Ethernet Virtual Private Network (EVPN). For example, a network device that implements Ethernet Virtual Private Network (EVPN) receives a neighbor discovery response message including a nonce originated by a second network device and not originated by the first network device. The network device processes the neighbor discovery response message including the nonce originated by the second network device and not originated by the first network device.

公开(公告)号：US11057295B1

公开(公告)日：2021-07-06

申请号：US16777526

申请日：2020-01-30

Applicant: Juniper Networks, Inc.

Inventor： Wen Lin ,  Yi Zheng ,  SelvaKumar Sivaraj ,  Vasudevan Venkatraman ,  Prabhu Raj V. K. ,  Channasangamesh S. Hugar

IPC: H04L12/729 ,  H04L12/707 ,  H04L12/723 ,  H04L12/717 ,  H04L12/46 ,  H04L29/06

Abstract: The problem of looping at the egress of a transport network with a CE multihomed to a protected egress PE and a backup/protector egress PE can be avoided by (a) enabling the protector egress PE to distinguish between fast reroute (FRR) traffic coming from the protected egress PE and normal known unicast (KU) traffic coming from a PE of the transport network that is not attached to the same multihomed segment; (b) receiving, by the protector egress PE, known unicast data, to be forwarded to the CE; (c) determining, by the protector egress PE, that a link between it and the CE is unavailable; and (d) responsive to determining that the link between the protector egress PE and the CE is unavailable, (1) determining whether the known unicast traffic received was sent from the protected egress PE or from another PE of the transport network that is not attached to the same multihomed segment, and (2) responsive to a determination that the known unicast traffic received was sent from the protected egress PE, discarding the known unicast traffic received, and otherwise, responsive to a determination that the known unicast (KU) traffic received was sent from another PE of the transport network that is not attached to the same multihomed segment, sending the known unicast traffic, via a backup tunnel, to an egress PE which protects the protector egress PE.

公开(公告)号：US20200287780A1

公开(公告)日：2020-09-10

申请号：US16881507

申请日：2020-05-22

Applicant: Juniper Networks, Inc.

Inventor： Tapraj Singh ,  Wen Lin ,  SelvaKumar Sivaraj ,  Rukesh Dorai ,  Sunesh Rustagi

IPC: H04L12/24 ,  H04L12/723 ,  H04L12/741 ,  H04L12/721 ,  H04L12/703 ,  H04L12/46 ,  H04L12/707 ,  H04L12/26

Abstract: Techniques are described for avoiding traffic black-holing in a multi-homed Ethernet virtual private networks (EVPNs) in which a customer device (CE) is multi-homed to a plurality of multi-homing provider edge devices (PEs) via respective links of an Ethernet segment. An overlay network is created over the Ethernet segment, and the multi-homing PEs of the EVPN are configured with a common anycast IP address for respective virtual network interfaces. Upon election as active designated forwarder (DF) for the EVPN, the DF PE of the multi-homing PEs advertises toward the customer network an IGP metric for the anycast IP address that is lower than the IGP metric(s) advertised by any of the non-DF standby PE routers segment to direct the CE to forward network packets from the customer network to the DF PE over the respective link of the Ethernet segment.

公开(公告)号：US10476956B1

公开(公告)日：2019-11-12

申请号：US14986266

申请日：2015-12-31

Applicant: Juniper Networks, Inc.

Inventor： Debi Prasad Sahoo ,  Ajay V Gaonkar ,  Eswaran Srinivasan ,  Madhu N. Kopalle ,  SelvaKumar Sivaraj ,  Rajagopalan Subbiah ,  MooJin Jeong ,  Ming Qiao

IPC: G06F15/167 ,  H04L29/08 ,  H04L12/721

Abstract: A device may include one or more processors. The device may receive an instruction identifying a set of objects to be generated by a kernel associated with the device. The kernel may generate the set of objects based on receiving information identifying a corresponding set of write operations. The device may provide a first message to cause the kernel to perform first operations corresponding to a first subset of objects of the set of objects. The device may receive one or more notifications indicating whether each operation, of the first operations, was successfully performed. The device may determine, based on whether each operation was successfully performed, a quantity of objects to include in a second subset of objects, of the set of objects. The device may provide a second message to cause the kernel to perform second operations corresponding to the second subset of objects.

公开(公告)号：US11765488B1

公开(公告)日：2023-09-19

申请号：US17649316

申请日：2022-01-28

Applicant: Juniper Networks, Inc.

Inventor： SelvaKumar Sivaraj ,  Prasad Miriyala ,  Biswajit Mandal

IPC: H04Q9/00

CPC classification number: H04Q9/00

Abstract: A method includes receiving, by a network analyzer implemented in circuitry, from a network device of a plurality of network devices, a sensor message for telemetry flow data. The sensor message indicates an interface index for a network interface, a virtual network identifier associated with a virtual network, and an IP address. The method further includes receiving, by the network analyzer, from the network device, a telemetry flow message for the telemetry flow data. The method further includes, in response to determining that the telemetry flow message includes an indication of an interface index that matches the interface index of the sensor message and that the telemetry flow message includes an indication of a virtual network identifier that matches the virtual network identifier of the sensor message, setting, by the network analyzer, the IP address as the source of the telemetry flow data.

公开(公告)号：US11677586B1

公开(公告)日：2023-06-13

申请号：US17443500

申请日：2021-07-27

Applicant: Juniper Networks, Inc.

Inventor： Wen Lin ,  Ravi Shekhar ,  Vamshi Krishna Voruganti ,  Aldrin Isaac ,  SelvaKumar Sivaraj ,  Sean A. Mentzer ,  John E. Drake

IPC: H04L12/46 ,  H04L45/50 ,  H04L12/66 ,  H04L61/5007 ,  H04L101/622

CPC classification number: H04L12/4641 ,  H04L12/66 ,  H04L45/50 ,  H04L61/5007 ,  H04L2101/622

Abstract: A first provider edge device may receive device information from a second provider edge device included in an Ethernet virtual private network (EVPN). The device information may identify a media access control (MAC) address and may indicate that the device is connected to the second provider edge device. The first provider edge device may receive data transmitted by the device and may determine, based on information included in the data, that the device has moved from the second provider edge device to the first provider edge device. The first provider edge device may generate a data packet including mobility information indicating that the device has moved to the first provider edge device. The first provider edge device may transmit, via a data plane of the EVPN, the data packet to the second provider edge device to permit the second provider edge device to update routing information for the device.