公开(公告)号：US12088431B2

公开(公告)日：2024-09-10

申请号：US18341922

申请日：2023-06-27

Applicant: Juniper Networks, Inc.

Inventor： Vijay Sai Ram Paruchuri ,  Goutham Kondapavuluru

IPC: H04L12/46 ,  H04L9/40 ,  H04L47/2441 ,  H04L47/2483 ,  H04L69/22

CPC classification number: H04L12/4633 ,  H04L47/2441 ,  H04L47/2483 ,  H04L63/0428 ,  H04L63/164 ,  H04L69/22 ,  H04L2212/00

Abstract: A first network device may communicate, in association with a tunnel establishment network protocol, with a second network device to cause a network tunnel between the first network device and the second network device to be established. The first network device may determine, based on communicating with the second network device to cause the network tunnel to be established, that the network tunnel is to support network micro-tunnel functionality within the network tunnel. The first network device may communicate, based on determining that the network tunnel is to support network micro-tunnel functionality, with the second network device to identify a traffic class, of one or more traffic classes, to which network micro-tunnel functionality within the network tunnel is to be applied. The first network device may cause a network micro-tunnel to be established within the network tunnel for traffic associated with the traffic class.

公开(公告)号：US11770309B2

公开(公告)日：2023-09-26

申请号：US17107356

申请日：2020-11-30

Applicant: Juniper Networks, Inc.

Inventor： Vijay Sai Ram Paruchuri ,  Rajneesh Kumar ,  Ravi Kumar G V Subrahmanya ,  Unni Dilip ,  Sanjay Kumar Gupta ,  Bhaskar Jain ,  Sai Sundar Ramamurthy

IPC: H04L43/10 ,  H04L41/5009 ,  H04L41/5025 ,  H04L43/0829 ,  H04L45/24 ,  H04L45/302 ,  H04L47/2475 ,  H04L47/62

CPC classification number: H04L41/5009 ,  H04L41/5025 ,  H04L43/0835 ,  H04L43/10 ,  H04L45/24 ,  H04L45/306 ,  H04L47/2475 ,  H04L47/6215

Abstract: In general, the disclosure describes techniques for evaluating application quality of experience metrics over a software-defined wide area network. For instance, a network device may receive an application data packet of a data flow for an application. In response to receiving the application data packet, the network device may assign the data flow to a first link of a plurality of links and initiate a probing process for the data flow on the first link to determine one or more quality of experience (QoE) metrics for the first link. The network device may, at a later time, detect that the data flow is no longer being received. In response to detecting that the data flow is no longer being received, the network device may cease the probing process for the data flow on the first link.

公开(公告)号：US11575653B2

公开(公告)日：2023-02-07

申请号：US16902458

申请日：2020-06-16

Applicant: Juniper Networks, Inc.

Inventor： Goutham Kondapavuluru ,  Sarvesh K. Batta ,  Vijay Sai Ram Paruchuri ,  Ramesh Biradar ,  Sharanagoud B. Devaraddi

IPC: H04L9/40 ,  H04L9/08 ,  H04L69/22

Abstract: A network device may create an encrypted packet and may duplicate the encrypted packet to create a plurality of encrypted packets that includes a first set of encrypted packets that is associated with a first receiving network device and a second set of encrypted packets that is to be associated with a second receiving network device. The network device may modify the second set of encrypted packets by replacing a first virtual destination address in the second set of the plurality of encrypted packets with a second virtual destination address that identifies a virtual tunnel endpoint of the second receiving network device. The network device may encapsulate and may send, based on the first virtual destination address and the second virtual destination address, individual encapsulated encrypted packets to the first receiving network device or the second receiving network device.

公开(公告)号：US11032107B2

公开(公告)日：2021-06-08

申请号：US16457233

申请日：2019-06-28

Applicant: Juniper Networks, Inc.

Inventor： Goutham Kondapavuluru ,  Vijay Sai Ram Paruchuri

IPC: H04L29/06 ,  H04L12/46

Abstract: A network node may receive a packet having an inner internet protocol (IP) header and an outer IP header. The inner IP header may be encrypted. The network node may generate a copy of the packet to obtain a copied packet. The network node may perform decryption on one of the packet or the copied packet to identify a recipient address of the inner IP header. The network node may update the outer IP header of the other of the packet or the copied packet to obtain an updated packet with an updated outer IP header. A destination address of the updated outer IP header may be updated to a tunnel endpoint of a receiving network node that is associated with the recipient address. The network node may route the updated packet according to the updated outer IP header.

公开(公告)号：US11005729B2

公开(公告)日：2021-05-11

申请号：US16354027

申请日：2019-03-14

Applicant: Juniper Networks, Inc.

Inventor： Bhaskar Jain ,  Rajneesh Kumar ,  Ravi Kumar G V Subrahmanya ,  Sai Sundar Ramamurthy ,  Unni Dilip ,  Vijay Sai Ram Paruchuri ,  Sanjay Kumar Gupta

IPC: H04L12/24 ,  H04L12/26

Abstract: In general, the disclosure describes techniques for assigning traffic originating from an unknown application to a link based on known application quality of experience metrics. For instance, a network device may receive an application data packet of a data flow for an application and determine an application signature of the application data packet. The network device may determine whether the application signature matches an entry in an application signature database, and if the application signature does not match, the network device may identify a class of the application based on one or more characteristics of the application data packet. The network device may then assign the application data packet of the data flow to a first link of a plurality of links based on the class of the application and quality of experience (QoE) metrics for each link.

公开(公告)号：US11706216B2

公开(公告)日：2023-07-18

申请号：US17581125

申请日：2022-01-21

Applicant: Juniper Networks, Inc.

Inventor： Vijay Sai Ram Paruchuri

IPC: H04L9/40 ,  H04L45/00

CPC classification number: H04L63/0876 ,  H04L45/38 ,  H04L63/0485 ,  H04L63/164

Abstract: A network device may receive, from an application on a user device, a first network packet associated with a packet flow. The network device may identify an application identifier of the first network packet, wherein the application identifier identifies the application on the user device. The network device may select, based on the application identifier, a security protocol, wherein the security protocol is associated with at least one of an authentication header (AH) or an encryption algorithm. The network device may selectively apply, to a second network packet associated with the packet flow, at least one of the AH or the encryption algorithm, associated with the security protocol, to generate a protected network packet. The network device may transmit the protected network packet.

公开(公告)号：US11323290B2

公开(公告)日：2022-05-03

申请号：US16829700

申请日：2020-03-25

Applicant: Juniper Networks, Inc.

Inventor： Vijay Sai Ram Paruchuri ,  Goutham Kondapavuluru

IPC: H04L12/46 ,  H04L47/2441 ,  H04L47/2483 ,  H04L29/06 ,  H04L69/22

Abstract: A first network device may communicate, in association with a tunnel establishment network protocol, with a second network device to cause a network tunnel between the first network device and the second network device to be established. The first network device may determine, based on communicating with the second network device to cause the network tunnel to be established, that the network tunnel is to support network micro-tunnel functionality within the network tunnel. The first network device may communicate, based on determining that the network tunnel is to support network micro-tunnel functionality, with the second network device to identify a traffic class, of one or more traffic classes, to which network micro-tunnel functionality within the network tunnel is to be applied. The first network device may cause a network micro-tunnel to be established within the network tunnel for traffic associated with the traffic class.

公开(公告)号：US20200296023A1

公开(公告)日：2020-09-17

申请号：US16354428

申请日：2019-03-15

Applicant: Juniper Networks, Inc.

Inventor： Rajneesh Kumar ,  Sai Sundar Ramamurthy ,  Vijay Sai Ram Paruchuri ,  Unni Dilip ,  Ravi Kumar G V Subrahmanya ,  Bhaskar Jain ,  Sanjay Kumar Gupta

IPC: H04L12/26

Abstract: In general, the disclosure describes techniques for evaluating application quality of experience metrics over a software-defined wide area network. For instance, a network device may receive an application data packet of a data flow for an application and send a first set of probe packets, configured according to an initial probing profile, over each of one or more links, The network device may monitor the data flow to determine one or more characteristics of the data flow and generate an updated probing profile based on the one or more characteristics of the data flow. The network device may then send a second set of one or more probe packets, configured according to the updated probing profile, over each of the one or more links.

公开(公告)号：US20200296012A1

公开(公告)日：2020-09-17

申请号：US16298996

申请日：2019-03-11

Applicant: Juniper Networks, Inc.

Inventor： Vijay Sai Ram Paruchuri ,  Rajneesh Kumar ,  Ravi Kumar G V Subrahmanya ,  Unni Dilip ,  Sanjay Kumar Gupta ,  Bhaskar Jain ,  Sai Sundar Ramamurthy

IPC: H04L12/24 ,  H04L12/26 ,  H04L12/859 ,  H04L12/707 ,  H04L12/863 ,  H04L12/725

Abstract: In general, the disclosure describes techniques for evaluating application quality of experience metrics over a software-defined wide area network. For instance, a network device may receive an application data packet of a data flow for an application. In response to receiving the application data packet, the network device may assign the data flow to a first link of a plurality of links and initiate a probing process for the data flow on the first link to determine one or more quality of experience (QoE) metrics for the first link. The network device may, at a later time, detect that the data flow is no longer being received. In response to detecting that the data flow is no longer being received, the network device may cease the probing process for the data flow on the first link.

公开(公告)号：US20200267114A1

公开(公告)日：2020-08-20

申请号：US16277714

申请日：2019-02-15

Applicant: Juniper Networks, Inc.

Inventor： Sai Sundar Ramamurthy ,  Rajneesh Kumar ,  Bhaskar Jain ,  Ravi Kumar G V Subrahmanya ,  Sanjay Kumar Gupta ,  Unni Dilip ,  Vijay Sai Ram Paruchuri

IPC: H04L29/12 ,  H04L12/26 ,  H04L29/08 ,  H04L12/24

Abstract: Techniques are described for selecting, with an intermediate device, a preferred remote endpoint from a plurality of remote endpoints accessible to a client computing device via a network and indicating the preferred remote endpoint to the client computing device. For example, an intermediate device may intercept a DNS response from a DNS load balancer that load balances service requests across multiple remote endpoints that provide the requested service. Based on values for one or more network performance metrics for network traffic from each of the multiple endpoints to the intermediate device, the intermediate device may modify the priority of IP addresses included in the DNS response. The intermediate device may, for instance, replace an original primary IP address in the DNS response with an IP address for another one of the remote endpoints for which the intermediate device measured better network performance metrics.