会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 34. 发明授权
    • Authentication and encryption of routing protocol traffic
    • 路由协议流量的认证和加密
    • US08954601B1
    • 2015-02-10
    • US11774872
    • 2007-07-09
    • Sunil PatroNischal ShethRavi Gadde
    • Sunil PatroNischal ShethRavi Gadde
    • G06F15/173H04L12/751
    • H04L45/02H04L45/38H04L63/08H04L63/164
    • Techniques are described for providing encryption and authentication for different types of routing protocol communications based on a variety of factors. A method comprises configuring, on a network router, a set of logical interfaces for communicating routing protocol messages with one or more peer routing devices, maintaining a set of security associations that define corresponding authentication information and encryption information for the routing protocol messages, and maintaining one or more descriptor sets that each specify a set of criteria, wherein, for at least one of the descriptor sets, the set of criteria specifies one of the logical interfaces of the network router. The method further comprises selecting one of the descriptor sets having criteria that match an individual flow, selecting one of the security associations based on the selected descriptor set, and applying the selected security association to secure the outbound flow of the routing protocol messages.
    • 描述了基于各种因素为不同类型的路由协议通信提供加密和认证的技术。 一种方法包括在网络路由器上配置一组用于与一个或多个对等路由设备通信路由协议消息的逻辑接口,维护定义相应认证信息的一组安全关联以及用于路由协议消息的加密信息,以及维护 每个指定一组标准的一个或多个描述符集合,其中,对于所述描述符集合中的至少一个,所述标准集合指定所述网络路由器的逻辑接口之一。 该方法还包括选择具有与单个流匹配的标准的描述符集合之一,基于所选择的描述符集合选择安全关联之一,以及应用所选择的安全关联以保护路由协议消息的出站流。
    • 35. 发明授权
    • Egress protection for label switched paths
    • 出口保护标签交换路径
    • US08259564B1
    • 2012-09-04
    • US12425503
    • 2009-04-17
    • Hannes GredlerJohn Galen ScudderNischal ShethYakov Rekhter
    • Hannes GredlerJohn Galen ScudderNischal ShethYakov Rekhter
    • G06F11/00
    • G06F11/2005H04L45/507
    • This disclosure describes techniques for protecting an endpoint of a label switched path. In one embodiment, a system includes an ingress router, a primary egress router, backup router, and a point of local repair (PLR) router. The ingress router, the PLR router, and the first egress router form a first label switched path. The backup router provides protection for the primary egress router such that the backup router provides routing services for the first egress router when the first egress router is not available. The primary egress router and the backup router share an anycast IP address. The backup router advertises a route to reach the primary egress router, but upon receiving a packet intended for the primary egress router, the backup router identifies the destination of the packet and forwards the packet to the destination instead of the primary egress router along a different route.
    • 本公开描述了用于保护标签交换路径的端点的技术。 在一个实施例中,系统包括入口路由器,主出口路由器,备用路由器和本地修复(PLR)路由器的点。 入口路由器,PLR路由器和第一出口路由器形成第一标签交换路径。 备用路由器为主出口路由器提供保护,使得当第一出口路由器不可用时,备用路由器为第一出口路由器提供路由服务。 主出口路由器和备份路由器共享一个任播IP地址。 备用路由器通告路由到达主要出口路由器,但是在接收到主出口路由器的数据包后,备份路由器会识别报文的目的地,并将数据包转发到目的地而不是主出口路由器 路线。
    • 36. 发明授权
    • Performing non-revertive failover with network devices
    • 使用网络设备执行非恢复故障切换
    • US07940646B1
    • 2011-05-10
    • US12788115
    • 2010-05-26
    • Rahul AggarwalNischal Sheth
    • Rahul AggarwalNischal Sheth
    • G01R31/08
    • H04L45/04H04L45/02H04L45/026H04L45/28
    • Techniques are described for performing non-revertive failover with network devices. A network device comprising a control unit and interface cards receives routing information protocol (RIP) updates each having a metric value. The control unit signals bidirectional forwarding detection (BFD) sessions based on the metric values of each of the RIP updates with, for example, a media gateway. The control unit also selectively installs a RIP route based on the metric values. The media gateway monitors the BFD sessions, and upon failure of an active BFD session, indicates the network device to perform non-revertive failover by sending a revised plurality of RIP updates. The network device performs non-revertive failover according to the revised plurality of RIP updates. Because of the flexibility of BFD, the network device need not revert back to a previous RIP route, therefore curtailing excessive failover.
    • 描述了使用网络设备执行非可逆故障转移的技术。 包括控制单元和接口卡的网络设备接收每个具有度量值的路由信息​​协议(RIP)更新。 控制单元基于例如媒体网关的每个RIP更新的度量值来发送双向转发检测(BFD)会话。 控制单元还根据度量值选择性地安装RIP路由。 媒体网关监控BFD会话,并且在活动BFD会话失败时,表示网络设备通过发送修订的多个RIP更新来执行非恢复故障切换。 网络设备根据修订的多个RIP更新执行非恢复故障切换。 由于BFD的灵活性,网络设备无需恢复到以前的RIP路由,从而减少了过度的故障转移。
    • 37. 发明授权
    • Distribution of label switched packets
    • 标签交换包的分发
    • US07277386B1
    • 2007-10-02
    • US10293785
    • 2002-11-12
    • Dennis C FergusonNischal ShethKen Kuwabara
    • Dennis C FergusonNischal ShethKen Kuwabara
    • H04J1/16H04J3/16H04L12/66H04L12/56H04L12/28
    • H04L45/50H04L45/04H04L45/745
    • Techniques are described for distribution of label switched packets, such as multiprotocol label switched (MPLS) packets, across multiple physical data paths. The techniques may, for example, be used to load balance the label switched packets across an aggregated link having two or more logically associated physical interconnects. A network device, for example, includes an interface card to receive packets associated with a common label switched path (LSP), and a control unit to distribute the packets across multiple paths. The network device may include label data that maps ranges of labels, such as MPLS labels, to types of payloads carried by the label switched packets. In accordance with the label data, the control unit extracts flow information from the label switched packets and distributes the label switched packets across the paths based on the flow information. The control unit may generate hash values from the flow information, the labels, or combinations thereof, to control distribution of the label switched packets.
    • 描述了用于在多个物理数据路径上分发标签交换分组(例​​如多协议标签交换(MPLS)分组)的技术。 例如,这些技术可以用于跨越具有两个或多个逻辑关联的物理互连的聚合链路对标签交换分组进行负载平衡。 例如,网络设备包括用于接收与公共标签交换路径(LSP)相关联的分组的接口卡,以及用于跨多个路径分发分组的控制单元。 网络设备可以包括将诸如MPLS标签的标签的范围映射到由标签交换分组携带的有效载荷的类型的标签数据。 根据标签数据,控制单元从标签交换的分组中提取流信息,并且基于流信息在路径上分发标签交换分组。 控制单元可以从流信息,标签或其组合生成哈希值,以控制标签交换分组的分配。
    • 39. 发明授权
    • Fast reroute between redundant multicast streams
    • 在冗余组播流之间快速重路由
    • US08837479B1
    • 2014-09-16
    • US13533967
    • 2012-06-27
    • Nitin KumarNischal ShethSatish RamachandranRobert KeblerMaciek Konstantynowicz
    • Nitin KumarNischal ShethSatish RamachandranRobert KeblerMaciek Konstantynowicz
    • H04L12/24H04L12/28
    • H04L45/28H04L12/1877H04L45/24
    • A packet-forwarding integrated circuit includes a control logic module and a selector block configured to produce a value indicating an incoming interface associated with a multicast data stream that meets stream health requirements, wherein the multicast data stream is one of a plurality of redundant multicast data streams each received on different incoming interfaces, wherein based on the value produced by the selector block the control logic module outputs data packets of the multicast data stream that meets stream health requirements received on the incoming interface, and discards data packets of other multicast data streams received on other incoming interfaces not indicated by the selector block. In response to detecting that a quality of one of the redundant multicast data streams has fallen below a configured threshold, the control logic automatically rewrites the selector block to forward a different one of the redundant multicast data streams.
    • 分组转发集成电路包括控制逻辑模块和选择器块,其被配置为产生指示与满足流健康要求的多播数据流相关联的输入接口的值,其中多播数据流是多个冗余多播数据之一 每个在不同输入接口上接收的流,其中,基于由选择器块产生的值,控制逻辑模块输出满足在入接口上接收的流健康要求的多播数据流的数据分组,并丢弃其他多播数据流的数据分组 在未由选择器块指示的其他输入接口上接收。 响应于检测到冗余多播数据流中的一个的质量已经低于配置的阈值,则控制逻辑自动重写该选择器块以转发不同的冗余多播数据流。
    • 40. 发明授权
    • Network tunneling using a label stack delimiter
    • 使用标签栈分隔符进行网络隧道
    • US08804736B1
    • 2014-08-12
    • US13243450
    • 2011-09-23
    • John E. DrakeRahul AggarwalNitin BahadurNischal Sheth
    • John E. DrakeRahul AggarwalNitin BahadurNischal Sheth
    • H04L12/28
    • H04L12/4633H04L12/462H04L12/465
    • An ingress router of a provider network receives a packet from a customer network, determines that the packet includes a customer network label and that the packet is to be tunneled through the provider network, based on the determination, adds a delimiter label to the packet indicative of a bottom of a provider network label stack and one or more provider network labels to the packet, and forwards the packet to a next routing device along the provider network tunnel. An egress routing device of the provider network receives a packet comprising a provider network label stack, removes the provider network label stack from the packet, determines whether the packet comprises a delimiter label following the provider network label stack, and, when the packet comprises the delimiter label, forwards the packet to a customer network interface device.
    • 供应商网络的入口路由器从客户网络接收分组,基于该确定,确定分组包括客户网络标签并且分组将被穿过提供商网络,将分隔符标签添加到分组指示 提供商网络标签堆叠的底部和一个或多个提供商网络标签,并且将分组沿着提供商网络隧道转发到下一个路由设备。 提供商网络的出口路由设备接收包括提供商网络标签堆栈的分组,从分组中移除提供商网络标签栈,确定分组是否包括在提供商网络标签栈之后的分隔符标签,并且当分组包括 分隔符标签,将数据包转发到客户网络接口设备。