Brocade Communications Systems, Inc. Patent applications |
Patent application number | Title | Published |
20160134563 | REMOTE PORT MIRRORING - A switch that facilitates remote port mirroring is described. The switch can include an encapsulation mechanism and a forwarding mechanism. The encapsulation mechanism can be configured to encapsulate a copy of a first packet in a second packet, thereby preserving header information (e.g., a VLAN identifier and/or a TRILL header) of the first packet. The forwarding mechanism can be configured to forward the first packet using header information of the first packet, and forward the second packet using header information of the second packet. The second packet can be received at a destination switch which extracts the first packet from the second packet, and sends the first packet on a port which is coupled to a network analyzer. | 05-12-2016 |
20160119220 | MULTIPLE RING IDENTIFICATION AND CONFIGURATION PROTOCOL - A protocol identifies and configures rings in a network topology automatically in order to simplify and quicken the actions that need to be performed in response to addition, deletion and shuffle of network nodes in that topology. Such rings do not need to be identified and configured manually. The protocol involves two separate sequentially performed phases. In the first phase, the protocol can automatically identify all rings that are present within a Virtual Local Area Network (VLAN) topology. In the second phase, the protocol can automatically configure each node of each such ring in conformity with the Ethernet Ring Protection (ERP) protocol. After this ERP configuration has been performed, the failure of a link within the network will not require every network node to re-learn paths through the network; instead, the nodes that are required to re-learn such paths can be limited to those within the particular ring that contained the failed link. | 04-28-2016 |
20160043950 | PROGRESSIVE MAC ADDRESS LEARNING - One embodiment of the present invention provides a switch in a network of interconnected switches. The switch includes a storage device, a hardware management apparatus, and a layer-2 management apparatus. The storage device stores a forwarding table, which includes an entry comprising a MAC address and an egress port for the MAC address. The hardware management apparatus determines whether a destination MAC address of a frame is present in a hardware table in memory of the switch. The layer-2 management apparatus, in response to a determination that the destination MAC address is not present in the hardware table, looks up a first entry comprising the destination MAC address in the forwarding table, and creates a second entry comprising the destination MAC address in the hardware table based on the first entry. | 02-11-2016 |
20160041888 | LINK STATE RELAY FOR PHYSICAL LAYER EMULATION - One embodiment of the present invention provides a fault-management system. During operation, the system identifies a failure at a remote location associated with a communication service. The system then determines a local port used for the communication service, and suspends the local port, thereby allowing the failure to be detected by a device coupled to the local port. | 02-11-2016 |
20160036774 | GLOBAL VLAN SERVICES - One embodiment of the present invention provides a switch in a network of interconnected switches. The switch includes a forwarding domain apparatus and a forwarding apparatus. The forwarding domain apparatus maintains a mapping between a first virtual local area network (VLAN) identifier and a first global VLAN identifier in a local storage device. The global VLAN identifier represents a layer-2 forwarding domain in the network and is distinct from a customer VLAN or a service-provider VLAN. The mapping is independent of a type of the VLAN identifier. During operation, the forwarding apparatus encapsulates a first packet belonging to the first VLAN in a network encapsulation header. The encapsulated packet is forwardable in the network based on the network encapsulation header. The forwarding apparatus includes the first global VLAN identifier in the network encapsulation header of the first packet. | 02-04-2016 |
20160036703 | SCALABLE MAC ADDRESS VIRTUALIZATION - One embodiment of the present invention provides a switch. The switch includes one or more ports, a media access control (MAC) address management apparatus, and a forwarding apparatus. The MAC address management apparatus generates a routable MAC address mapped to an end device's MAC address learned from one of the one or more ports. The routable MAC address includes an endpoint identifier identifying an endpoint for the end device. The forwarding apparatus swaps the learned MAC address with the routable MAC address in a header of a packet. Alternatively, the MAC address management apparatus provides one or more routable MAC addresses to a hypervisor for assigning to virtual machines running on the hypervisor. The forwarding apparatus then determines an egress port from the one or more ports for a packet comprising a routable MAC address based on the endpoint identifier. | 02-04-2016 |
20160028626 | OVERLAY TUNNEL IN A FABRIC SWITCH - One embodiment of the present invention provides a switch. The switch includes a tunnel management module, a packet processor, and a forwarding module. The tunnel management module operates the switch as a tunnel gateway capable of terminating an overlay tunnel. During operation, the packet processor, which is coupled to the tunnel management module, identifies in a data packet a virtual Internet Protocol (IP) address associated with a virtual tunnel gateway. This virtual tunnel gateway is associated with the switch and the data packet is associated with the overlay tunnel. The forwarding module determines an output port for an inner packet in the data packet based on a destination address of the inner packet. | 01-28-2016 |
20150381718 | CONTROLLING THE OPERATION OF SERVER COMPUTERS - A plurality of server computers in a network that includes load balancing processes to enhance performance employs a non-performance related variable, such as power consumption, and modifies the load balancing processes in response to the reading of the non-performance variable. Such variables do not affect the response and performance as perceived by a browsing client but do provide other advantages with in the environment as a whole. The non-performance related variable is employed such that one or more of said server computers are de-activated to reduce power consumption, and the load balancing processes balance load across the remaining active server computers. | 12-31-2015 |
20150373070 | IP MULTICAST OVER MULTI-CHASSIS TRUNK - In embodiments of the present invention, multicast traffic is simultaneously routed via all switches participating in the trunk (can be referred to as partner switches). A respective partner switch synchronizes the local multicast state information with all other partner switches. For a respective multicast group, a plurality of partner switches can be the part of the corresponding multicast distribution tree and obtain multicast traffic from uplink sources. For the multicast group, only one partner switch is elected as the primary forwarder which forwards the multicast traffic via the trunk. Another partner switch can become the primary forwarder for the multicast traffic of another multicast group and provide load sharing of multicast traffic between partner switches. Furthermore, because the partner switches have the multicast traffic and state readily available, in the event of a switch or link failure to the primary forwarder, another partner switch can readily become the primary forwarder. | 12-24-2015 |
20150327112 | METHOD AND SYSTEM FOR SIGNALING REDUCTION ON RADIO ACCESS NETWORKS USING TARGETED INTELLIGENCE FOR COMMUNICATION DEVICES - An intelligent system and an algorithm at a packet network to reduce the amount of signaling in the radio access network and core network is defined. The system collects all the necessary information from the signaling exchange between the radio access network and the core network and takes the subscription characteristics and policy information into consideration to choose the optimal way of reducing the amount of signaling including selecting the optimal bearers for certain types of communications and paging selected area instead of the whole area for each device. The bearer selection algorithm takes several things as input to choose the optimal bearer to perform the task. | 11-12-2015 |
20150281134 | NETWORK DEVICE WITH NETWORK SERVICES PACKET PROCESSING BY SERVICE SOFTWARE INSTANCES - Virtual machine environments are provided in the switches that form a network, with the virtual machines executing network services previously performed by dedicated appliances. The virtual machines can be executed on a single multi-core processor in combination with normal switch functions or on dedicated services processor boards. Packet processors analyze incoming packets and add a services tag containing services entries to any packets. Each switch reviews the services tag and performs any network services resident on that switch. This allows services to be deployed at the optimal locations in the network. The network services may be deployed by use of drag and drop operations. A topology view is presented, along with network services that may be deployed. Services may be selected and dragged to a single switch or multiple switches. The management tool deploys the network services software, with virtual machines being instantiated on the switches as needed. | 10-01-2015 |
20150281133 | Switch With Network Services Packet Processing by Service Software Instances - Virtual machine environments are provided in the switches that form a network, with the virtual machines executing network services previously performed by dedicated appliances. The virtual machines can be executed on a single multi-core processor in combination with normal switch functions or on dedicated services processor boards. Packet processors analyze incoming packets and add a services tag containing services entries to any packets. Each switch reviews the services tag and performs any network services resident on that switch. This allows services to be deployed at the optimal locations in the network. The network services may be deployed by use of drag and drop operations. A topology view is presented, along with network services that may be deployed. Services may be selected and dragged to a single switch or multiple switches. The management tool deploys the network services software, with virtual machines being instantiated on the switches as needed. | 10-01-2015 |
20150281132 | Switch With Network Services Packet Routing - Virtual machine environments are provided in the switches that form a network, with the virtual machines executing network services previously performed by dedicated appliances. The virtual machines can be executed on a single multi-core processor in combination with normal switch functions or on dedicated services processor boards. Packet processors analyze incoming packets and add a services tag containing services entries to any packets. Each switch reviews the services tag and performs any network services resident on that switch. This allows services to be deployed at the optimal locations in the network. The network services may be deployed by use of drag and drop operations. A topology view is presented, along with network services that may be deployed. Services may be selected and dragged to a single switch or multiple switches. The management tool deploys the network services software, with virtual machines being instantiated on the switches as needed. | 10-01-2015 |
20150281080 | NETWORK DEVICE WITH SERVICE SOFTWARE INSTANCES DEPLOYMENT INFORMATION DISTRIBUTION - Virtual machine environments are provided in the switches that form a network, with the virtual machines executing network services previously performed by dedicated appliances. The virtual machines can be executed on a single multi-core processor in combination with normal switch functions or on dedicated services processor boards. Packet processors analyze incoming packets and add a services tag containing services entries to any packets. Each switch reviews the services tag and performs any network services resident on that switch. This allows services to be deployed at the optimal locations in the network. The network services may be deployed by use of drag and drop operations. A topology view is presented, along with network services that may be deployed. Services may be selected and dragged to a single switch or multiple switches. The management tool deploys the network services software, with virtual machines being instantiated on the switches as needed. | 10-01-2015 |
20150280992 | AUTOMATED CONFIGURATION FOR NETWORK DEVICES - Techniques for automatically configuring a network device are provided. In one embodiment, the network device can receive a Layer 2 discovery packet on an uplink port operable for connecting the network device to another network device. The network device can then learn VLAN information from the Layer 2 discovery packet and automatically configure one or more of its ports based on the VLAN information. | 10-01-2015 |
20150163898 | PRINTED CIRCUIT BOARD WITH FLUID FLOW CHANNELS - An embodiment of an electronic system includes a printed circuit board (PCB) including fluid flow channel extending through the PCB. In addition, the electronic system includes an electronic component including a bottom surface and positioned on the PCB over the fluid flow channel to thereby expose the bottom surface of the electronic component to fluid flow through the fluid flow channel. | 06-11-2015 |
20150124405 | ELECTRONIC COMPONENT COOLING SYSTEM AND METHOD - An electronic device includes a fan field replaceable unit (FRU). The fan FRU includes a fan FRU chassis defining an airflow pathway through the fan FRU. A fan within the fan FRU chassis causes air to flow along the airflow pathway. The fan FRU further includes an edge connector located at a front face of the fan FRU out of the way of the airflow pathway. Accordingly, the edge connector does not block airflow through the fan FRU thus maximizing the efficiency of the fan FRU and the cooling of the electronic device. | 05-07-2015 |
20150117263 | TECHNIQUES FOR SIMPLIFYING STACKING TRUNK CREATION AND MANAGEMENT - Techniques for simplifying stacking trunk creation and management are provided. In one embodiment, a switch in a stacking system can receive first and second control packets from one or more other switches in the stacking system, where the first and second control packets are received on first and second stacking ports of the switch respectively. The switch can then determine, based on the first and second control packets, whether the first and second stacking ports can be configured as a single stacking trunk. | 04-30-2015 |
20150102191 | PLUG-IN MODULE BOTTOM RAIL SYSTEM AND METHOD - Bottom mounting rails are used to secure a double wide plug-in module or two full wide plug in-modules into a double wide bay of an electronic device. This allows the size of the electronic device to be minimized. Further, the space adjacent to the sides of plug-in modules is left open facilitating airflow through the electronic device and efficient cooling thereof. The bottom mounting rails allow either a double wide plug-in module or two full wide plug-in modules to be readily installed. | 04-16-2015 |
20150074219 | HIGH AVAILABILITY NETWORKING USING TRANSACTIONAL MEMORY - Techniques for facilitating high availability in a device (e.g., a network device) comprising redundant processing entities (e.g., one or more processors, one or more cores, etc.) and a transactional memory system. The transactional memory system comprises a memory that is shareable between the redundant processing entities and ensures consistency of information stored in the memory at the atomicity of a transaction. A first processing entity may operate in a first mode (e.g., active mode) while a second processing entity operates in a second mode (e.g., standby mode). Operational state information used by the active processing entity for performing a set of functions in the first mode may be stored in the shared memory. Upon a switchover, the second processing entity may start to operate in the first mode and commence performing the set of functions using the operational state information stored by the transactional memory system. | 03-12-2015 |
20150036546 | MULTIPLE RING IDENTIFICATION AND CONFIGURATION PROTOCOL - A protocol identifies and configures rings in a network topology automatically in order to simplify and quicken the actions that need to be performed in response to addition, deletion and shuffle of network nodes in that topology. Such rings do not need to be identified and configured manually. The protocol involves two separate sequentially performed phases. In the first phase, the protocol can automatically identify all rings that are present within a Virtual Local Area Network (VLAN) topology. In the second phase, the protocol can automatically configure each node of each such ring in conformity with the Ethernet Ring Protection (ERP) protocol. After this ERP configuration has been performed, the failure of a link within the network will not require every network node to re-learn paths through the network; instead, the nodes that are required to re-learn such paths can be limited to those within the particular ring that contained the failed link. | 02-05-2015 |
20150036544 | MULTIPLE RING IDENTIFICATION AND CONFIGURATION PROTOCOL - A protocol identifies and configures rings in a network topology automatically in order to simplify and quicken the actions that need to be performed in response to addition, deletion and shuffle of network nodes in that topology. Such rings do not need to be identified and configured manually. The protocol involves two separate sequentially performed phases. In the first phase, the protocol can automatically identify all rings that are present within a Virtual Local Area Network (VLAN) topology. In the second phase, the protocol can automatically configure each node of each such ring in conformity with the Ethernet Ring Protection (ERP) protocol. After this ERP configuration has been performed, the failure of a link within the network will not require every network node to re-learn paths through the network; instead, the nodes that are required to re-learn such paths can be limited to those within the particular ring that contained the failed link. | 02-05-2015 |
20140362854 | INGRESS SWITCH MULTICAST DISTRIBUTION IN A FABRIC SWITCH - One embodiment of the present invention provides a switch. The switch includes an inter-switch multicast module and an edge multicast module. The inter-switch multicast module identifies for a first replication of a multicast packet an egress inter-switch port in a multicast tree rooted at the switch. The multicast tree is identified by an identifier of the switch. The edge multicast module identifies an egress edge port for a second replication of the multicast packet based on a multicast group identifier. The multicast group identifier is local within the switch. | 12-11-2014 |
20140362686 | TECHNIQUES FOR END-TO-END NETWORK BANDWIDTH OPTIMIZATION USING SOFTWARE DEFINED NETWORKING - Techniques for end-to-end network bandwidth optimization using software defined networking are provided. In one embodiment, a computer system can receive information regarding a flow to be admitted to a network, where the flow is associated with a source and a destination. The computer system can further calculate, for each path in a plurality of paths between the source and the destination, a projected utilization of the path in view of the flow. If the projected utilization of the shortest path in the plurality of paths is less than or equal to a target utilization threshold, the computer system can assign the flow to the shortest path. Otherwise, the computer system can select a path in the plurality of paths that comes closest to the target utilization threshold without exceeding the threshold and can assign the flow to that selected path. | 12-11-2014 |
20140348022 | EFFICIENT MULTICAST TOPOLOGY CONSTRUCTION IN A ROUTED NETWORK - One embodiment of the present invention provides a layer-3 forwarding device. The layer-3 forwarding device includes a processor and a computer-readable storage medium. The computer-readable storage medium stores instructions which when executed by the processor cause the processor to perform a method. The method comprises determining whether the layer-3 forwarding device is a leaf layer-3 forwarding device of a multicast distribution tree of a multicast group in a routed network based on a multicast topology discovery message from a root layer-3 forwarding device of the multicast distribution tree. If the layer-3 forwarding device is the leaf layer-3 forwarding device, the method comprises constructing a multicast topology report message. This multicast topology report message includes topology information of the multicast group in the routed network associated with the layer-3 forwarding device. | 11-27-2014 |
20140341218 | DISTRIBUTED METHODOLOGY FOR PEER-TO-PEER TRANSMISSION OF STATEFUL PACKET FLOWS - Techniques for enabling peer-to-peer transmission of stateful packet flows in a virtualized network environment are provided. In certain embodiments, a computer system receives a packet belonging to a stateful flow between a first virtual machine and a second virtual machine, accesses flow associating information (e.g., network address) from the packet, determines a second computer system comprising a state analysis owner for the stateful flow, using the flow associating information, and transmits the first packet to the second computer system. | 11-20-2014 |
20140341080 | BROADCAST AND MULTICAST TRAFFIC REDUCTION IN STACKING SYSTEMS - Techniques for reducing broadcast and multicast traffic in a stacking system are provided. In one embodiment, a master device in the stacking system can automatically determine a minimal set of VLAN associations for stacking links in the stacking system. The minimal set of VLAN associations can avoid unnecessary transmission of broadcast or multicast packets through the system's topology. | 11-20-2014 |
20140341079 | CONFIGURATION VALIDATION IN A MIXED NODE TOPOLOGY - Techniques for validating configuration changes in a mixed node topology are provided. In one embodiment, a device can identify a link to be removed from a topology comprising a plurality of nodes, where the plurality of nodes includes one or more nodes of a first type and one or more nodes of a second type. The device can then determine whether the removal of the link from the topology would require data traffic between two nodes of the first type to pass through a node of the second type. | 11-20-2014 |
20140334494 | HARDWARE HASH TABLE VIRTUALIZATION IN MULTI-PACKET PROCESSOR NETWORKING SYSTEMS - Techniques for virtualizing hardware hash tables in a networking system are provided. In one embodiment, the networking system can maintain a plurality of virtual hash tables corresponding to a plurality of hardware hash tables in the networking system. For each hardware hash table and its corresponding virtual hash table, the networking system can intercept operations directed to the hardware hash table and apply the intercepted operations to the virtual hash table. The networking system can then selectively install and/or uninstall virtual hash table entries to/from the hardware hash table in view of the operations. | 11-13-2014 |
20140328181 | HIERARCHICAL RATE COLOR MARKER - One embodiment provides a system that facilitates bandwidth-profile enforcement. During operation, the system indicates a packet's compliance with a bandwidth profile based at least on available high-compliance tokens and medium-compliance tokens. The system further converts, within different classes of service (CoSs), an overflow high-compliance token to a medium-compliance token, in a top-down or bottom-up fashion with respect to different CoS priorities. | 11-06-2014 |
20140321462 | SCALABLE AND EFFICIENT FLOW-AWARE PACKET DISTRIBUTION - Techniques for efficiently distributing data packets in a network device are provided. In one embodiment, the network device can store a plurality of virtual IP addresses and a plurality of real server IP addresses in an SRAM-based table. The network device can then perform a lookup into the SRAM-based table to determine whether an incoming data packet is part of a first class of data packets destined for a virtual IP address in the plurality of virtual IP addresses, or is part of a second class of data packets originating from a real server IP address in the plurality of real server IP addresses. | 10-30-2014 |
20140301402 | FCoE VN_Port Virtualizer - An FCoE VN_Port virtualizer where VF_Ports are used to connect downstream to host and target VN_Ports and a VN_Port is used to connect upstream to further FCoE VN_Port virtualizers or to an FCF. An alternate embodiment uses an Ethernet Fabric for an additional purpose. The Ethernet Fabric devices all act as FCoE VN_Port virtualizers, so that the Ethernet Fabric itself is considered a virtual FCoE VN_Port virtualizer. | 10-09-2014 |
20140297872 | VIRTUAL MACHINE AND APPLICATION MOVEMENT OVER A WIDE AREA NETWORK - Long distance cloud migration (LDCM) to overcome the limitations faced by the cloud migration techniques over long distance, high speed WAN infrastructures. LDCM overcomes the negative effects of existing TCP/IP mechanisms on the efficient use of available bandwidth. LDCM also acts as an acceleration engine to optimize various hypervisor, storage and security applications. | 10-02-2014 |
20140297844 | Application Traffic Prioritization - Techniques for implementing application traffic prioritization in a network device are provided. In one embodiment, the network device can determine a packet buffer threshold for a received data packet. The network device can further compare the packet buffer threshold with a current usage of a packet buffer memory that stores data for data packets to be forwarded to a processing core of the network device. If the current usage of the packet buffer memory exceeds the packet buffer threshold, the network device can perform an action on the received data packet. | 10-02-2014 |
20140294014 | QUEUE SPEED-UP BY USING MULTIPLE LINKED LISTS - One embodiment of the present invention provides a switch that includes a transmission mechanism configured to transmit frames stored in a queue, and a queue management mechanism configured to store frames associated with the queue in a number of sub-queues which allow frames in different sub-queues to be retrieved independently, thereby facilitating parallel processing of the frames stored in the sub-queues. | 10-02-2014 |
20140286194 | Virtual Port World Wide Names - A network switch allows defining a virtual port worldwide name (VPWWN) and associating the VPWWN with an F_port of the network switch, for use by a host bus adaptor (HBA) connecting to the network switch. Both a default and a user VPWWN may be defined, with the user VPWWN typically taking precedence over the default VPWWN. A database of VPWWN associations may be used to ensure uniqueness of the user VPWWN. Where the HBA allows dynamic assignment of WWNs, the VPWWN may be pushed to the HBA. The VPWWNs may be deleted, and moved to another port as desired. | 09-25-2014 |
20140283370 | SMART HOT PLUG RETAINING MECHANISM AND METHOD - A computer system includes a removable computer module. The computer module includes a retaining mechanism securing the computer module within a computer system chassis of the computer system. The computer module further includes a retaining mechanism protection device preventing access to the retaining mechanism. To remove the computer module from the computer system chassis, a user must move the retaining mechanism protection device. Upon notification of movement of the retaining mechanism protection device, the CPU takes the appropriate operations to disable the functionality of the computer module and allow safe removal thereof without powering down the computer system. | 09-25-2014 |
20140269745 | FCoE VN_Port to FC N_Port Operations in an Ethernet Fabric - Ethernet Fabric devices all act as FCoE to FC gateways, so that the Ethernet Fabric itself is considered a virtual FCoE to FC gateway. Further, the Ethernet Fabric allows direct routing of FCoE packets from one FCoE device coupled to the Ethernet Fabric to another FCoE device coupled to the Ethernet Fabric. | 09-18-2014 |
20140258873 | MINIMIZED DISPLAY OF MONITORED EVENTS WITH LIVE SEVERITY LEVEL AND COUNT INDICATIONS - What is disclosed is network management software which displays a widget for tracking a particular characteristic of a network. The widget title bar contains a first and second indicator. The first indicator represents the severity of the most severe alert for the particular characteristic being tracked by the widget. The second indicator is a numerical value of the characteristic that caused the alert. | 09-11-2014 |
20140258289 | DISPLAY OF PORT TRANSMIT AND RECEIVE PARAMETERS SORTED BY HIGHER OF TRANSMIT OR RECEIVE VALUE - The data ports in a network are displayed in a list in descending order based on either the higher transmit or receive data value of the port. Therefore, the port with the highest of either the transmit or receive data value would be displayed on the top of the list. The port with the second highest of the transmit or receive data value would be displayed second on the list. This process would continue for all data ports that are displayed. The other of the transmit or receive data values of the port would be displayed but would not affect the ordering on the display. | 09-11-2014 |
20140247754 | SPANNING TREE IN FABRIC SWITCHES - One embodiment of the present invention provides a switch. The switch includes a packet processor and a spanning tree management module. The packet processor obtains information associated with a spanning tree from a message. The spanning tree management module, in response to the obtained information being superior to locally available information of the spanning tree, determines the port role of a local port of the switch for the spanning tree to be the root port and the port state of the local port for the spanning tree to be blocking. | 09-04-2014 |
20140241364 | EFFICIENT TRILL FORWARDING - One embodiment of the present invention provides a switch. The switch includes a storage and a lookup mechanism. The storage stores a first table that contains an entry corresponding to a media access control (MAC) address of a device and an identifier of a remote switch associated with the device. The storage also stores a second table that contains an entry indicating a local outgoing interface corresponding to the remote switch. The lookup mechanism identifies the local outgoing interface corresponding to the device based on the first table and the second table. | 08-28-2014 |
20140241357 | TECHNIQUES FOR CUSTOMIZING FORWARDING DECISIONS VIA A HARDWARE LOOKUP RESULT - Techniques for customizing forwarding decisions in a network device via a hardware lookup table result are provided. In one embodiment, a network processor of the network device can perform a lookup into a lookup table based on one or more sections of a received packet. The network processor can then determine, based on the lookup, an entry in the lookup table and retrieve, using a pointer included in the lookup table entry, a mode value from a results table. The mode value can identify an operational flow (e.g., a series of forwarding decisions) to be carried out by the network processor for forwarding the received packet. | 08-28-2014 |
20140233423 | PROVISIONING SINGLE OR MULTISTAGE NETWORKS USING ETHERNET SERVICE INSTANCES (ESIs) - Techniques for provisioning single or multistage networks using Ethernet Service Instances (ESIs). In one embodiment, an ESI is a logical entity or object that stores information that may be used to provision a network. An ESI may represent a logical entity that identifies a grouping of elements of a network or network device and associated attributes. Hierarchical relationships may be created between ESIs. The hierarchical relationships are used to perform packet-level processing including performing network packet encapsulations. | 08-21-2014 |
20140219076 | REDUNDANCY SUPPORT FOR NETWORK ADDRESS TRANSLATION (NAT) - Stateful failover redundancy support is provided for network address translation (NAT). A master NAT device is backed-up with at least one back-up NAT device. Existing sessions are synchronized between the two NAT devices, such as via a dedicated link between them. In the event of a failover where the master NAT device is unable to perform its NAT functions, ownership of Internet protocol (IP) addresses is transferred from the master NAT device to the back-up NAT device. The back-up NAT device, which is now owner of the IP addresses, assumes the NAT functionality associated with these IP addresses and continues the existing sessions, as well as processing new sessions. | 08-07-2014 |
20140212134 | AUTOMATIC ADJUSTMENT OF LOGICAL CHANNELS IN A FIBRE CHANNEL NETWORK - One embodiment of the present invention provides a system that facilitates automatic adjustment of logical channels in a Fibre Channel (FC) network. During operation, the system receives FC data frames. A respective data frame is associated with a logical channel. The bandwidth on an FC link can be allocated into a plurality of logical channels, and a respective logical channel is associated with a dedicated buffer and can transport a plurality of data flows with data frames of variable length. The system then identifies a slow data flow in a first logical channel. Next, the system assigns the slow data flow to a second logical channel, thereby preventing the slow data flow from slowing down other data flows in the first logical channel. The system subsequently forwards the data frames in the slow data flow on the second logical channel onto an outgoing link. | 07-31-2014 |
20140204957 | METHOD AND SYSTEM FOR FACILITATING QUALITY OF SERVICE IN EDGE DEVICES IN A FIBRE CHANNEL NETWORK - One embodiment of the present invention provides a system that facilitates quality of service (QoS) in a Fibre Channel (FC) host bus adaptor (HBA). In this system the bandwidth on an FC link between the HBA and the FC switch can be allocated into a plurality of logical channels, and a respective logical channel can transport data frames of variable length. Furthermore, a respective logical channel is associated with a dedicated buffer. During operation, the HBA communicates to an FC switch the HBA's capability of receiving or sending a data flow over a logical channel that couples the HBA to the FC switch. The HBA further receives logical-channel allocation information from the FC switch. Furthermore, the HBA associates data frames with a logical channel and transmits data frames to the FC switch on the corresponding logical channel. | 07-24-2014 |
20140204761 | OPTIMIZING TRAFFIC FLOWS VIA DYNAMIC ROUTING PROTOCOL MODIFICATIONS WHEN USING SERVER VIRTUALIZATION WITH DYNAMIC ROUTING - Techniques for optimizing traffic flows via dynamic routing protocol (DRP) modifications when server virtualization is used with dynamic routing are provided. In one embodiment, a network device can determine that it is part of a system of network devices acting as a virtual router. The network device can then transmit, to a client device, a DRP control packet that includes an interface IP address of the network device and a virtual IP address of the virtual router. In a further embodiment, the client device can receive the DRP control packet and store the interface IP address and the virtual IP address in a routing database. At the time of computing routing entries based on the routing database (via., e.g., a shortest path first (SPF) algorithm), the client device can replace, in entries that identify the interface IP address as the next hop, the interface IP address with the virtual IP address. | 07-24-2014 |
20140204760 | OPTIMIZING TRAFFIC FLOWS VIA MAC SYNCHRONIZATION WHEN USING SERVER VIRTUALIZATION WITH DYNAMIC ROUTING - Techniques for optimizing traffic flows via MAC synchronization when server virtualization is used with dynamic routing are provided. In one embodiment, a first network device can store an interface MAC address of a second network device in an L2 forwarding table, where the first network device and the second network device are peer nodes in an MC-LAG cluster. Further, the first network device can enable a flag for the interface MAC address in the L2 forwarding table. When the first network device receives a data packet that includes the interface MAC address of the second network device as a destination MAC address, the first network device can determine that the interface MAC address is included in the L2 forwarding table with the flag enabled. The first network device can then perform a lookup into its L3 routing table, identify a next hop destination for the data packet, and route the packet to the destination. | 07-24-2014 |
20140198801 | MAC ADDRESS SYNCHRONIZATION IN A FABRIC SWITCH - One embodiment of the present invention provides a system for facilitating synchronization of MAC addresses in a fabric switch. During operation, the system divides a number of media access control (MAC) addresses associated with devices coupled to an interface of the switch. The system then computes a checksum for a respective chunk of MAC addresses. In addition, the system broadcasts MAC address information of the chunk to facilitate MAC address synchronization in a fabric switch of which the switch is a member, and to manage the chunks and their corresponding checksum, thereby correcting an unsynchronized or race condition in the fabric switch. | 07-17-2014 |
20140198661 | MULTICAST TRAFFIC LOAD BALANCING OVER VIRTUAL LINK AGGREGATION - One embodiment of the present invention provides a switch. The switch comprises one or more ports, a link management module and a load balancing module. The link management module operates a port of the one or more ports of the switch in conjunction with a remote switch to form a virtual link aggregation. The load balancing module generates an index of a weight distribution vector based on address information of a multicast group associated with the virtual link aggregation. A slot of the weight distribution vector corresponds to a respective switch participating in the virtual link aggregation. In response to the index indicating a slot corresponding to the switch, the load balancing module designates the switch as primary switch for the multicast group, which is responsible for forwarding multicast data of the multicast group via the virtual link aggregation. | 07-17-2014 |
20140198636 | PROTECTION SWITCHING OVER A VIRTUAL LINK AGGREGATION - One embodiment of the present invention provides a switch. The switch comprises one or more ports and a link management module. The link management module operates a first aggregate link group as an active aggregate link group of a protected virtual link aggregation. This protected virtual link aggregation operates as a single logical channel. An aggregate link group comprises a plurality of logically aggregated links. The first aggregate link group, which represents the logical channel, comprises at least a first port of the one or more ports of the switch. The link management module also operates a second aggregate link group of the protected virtual link aggregation as a standby for the first aggregate link group. The second aggregate link group comprises at least a second port of the one or more ports of the switch. Forwarding is enabled via the first port and disabled via the second port. | 07-17-2014 |
20140181275 | DEVICE ID ASSIGNMENT IN A SYSTEM OF DEVICES - Techniques for assigning device identifiers in a system of devices are provided. In one embodiment, a master device of the system can maintain a first configuration that specifies a set of links between a first subset of the devices, where the first configuration includes a device identifier for each device in the first subset. The master device can further generate a second configuration that specifies a set of links between a second subset of the devices, where the second configuration is based on a physical topology of the system, and where one or more devices in the second subset are unknown devices that are not associated with a device identifier in the physical topology. The master device can then assign device identifiers to the unknown devices in the second subset by comparing the first configuration with the second configuration. | 06-26-2014 |
20140165062 | Method and Apparatus for Providing Virtual Machine Information to a Network Interface - A hypervisor preferably provides VM identification, priority and LUN/LBA range information to the HBA when a VM is created. Alternatively, the HBA can determine that a LUN/LBA range is new and request VM identity, priority and LUN/LBA range from the hypervisor. The HBA creates a table containing the VM identification, priority and LUN/LBA range. The HBA then detects operations directed to the LUN/LBA range and does a lookup to determine VM identification and priority. VM identification and priority are then mapped into a field in a frame using a unique identifier. The unique identifier can either be placed using reserved bits on the existing Fibre Channel (FC) header or can use bits in an additional header, such as a modified IFR header. | 06-12-2014 |
20140164590 | Determination and Display of LUN Encryption Paths - A management station which manages the encryption devices in a SAN to set up encrypted LUNs. In setting up the encryption, the source and target ports are identified, along with the target LUN. LUN serial numbers used to identify unique LUNs. As paths to a given LUN are defined, the management station compares the path to existing paths and provides an indication if there is a mismatch in the encryption policies or keys being applied to the LUN over the various paths. This allows the administrator to readily identify when there is a problem with the paths to an encrypted LUN and then take steps to cure the problem. By determining the paths and then comparing them, the management station greatly simplifies setting up multipath I/O to an encrypted LUN or access by multiple hosts to an encrypted LUN. | 06-12-2014 |
20140164247 | STORAGE OF KEYID IN CUSTOMER DATA AREA - A key identifier for an encryption key repository is stored with customer data on a logical device. When the customer data is compressible, the key identifier is stored in space freed by compressing the customer data. When the customer data is not compressible, a portion of the customer data is copied to a key record in the key repository identified by the key identifier, and the key identifier overwrites the copied customer data. | 06-12-2014 |
20140160988 | VIRTUAL CLUSTER SWITCHING - One embodiment of the present invention provides a switch system. The switch includes one or more ports on the switch configured to transmit packets encapsulated based on a first protocol. The switch further includes a control mechanism. During operation, the control mechanism forms a logical switch based on a second protocol, receives an automatically assigned identifier for the logical switch without requiring manual configuration of the identifier, and joins a virtual cluster switch. | 06-12-2014 |
20140153385 | REDUNDANT HOST CONNECTION IN A ROUTED NETWORK - One embodiment of the present invention provides a switch. The switch includes a management mechanism and a configuration mechanism. During operation, the management mechanism is configured to operate the switch in conjunction with the partner switch as a single logical switch. The configuration mechanism is configured to assign a virtual switch identifier to the logical switch. | 06-05-2014 |
20140089484 | ROLL BASED MULTICAST MESSAGING INFRASTRUCTURE - Certain embodiments of the present invention provide techniques that enable messages to be sent to a processing entity within a computing device without knowing the network address of the processing entity. In certain embodiments, instead of using the network address of the processing entity, a message can be communicated to the processing entity using information indicative of a role or state or function performed by the processing entity. | 03-27-2014 |
20140089425 | HIGH AVAILABILITY APPLICATION MESSAGING LAYER - Certain embodiments enable application message delivery to be automatically guaranteed for all failover scenarios through use of a novel infrastructure layer that supports high availability (HA) messaging. The High Availability Application Messaging Layer (HAML) can guarantee delivery of application messages whether a failover occurs at one or both of the source and the intended destination of the message. The HAML may transmit messages to one intended destination, as unicast messaging, or to multiple intended destinations, as multicast messaging. In some embodiments, the HAML may be HA aware, which refers to the awareness of the HAML of the redundancy for all processing entities within a network device to ensure hitless failover at the network device. By moving support for HA messaging from individual applications to the HAML, as a common infrastructure layer across the processing entities, the individual applications do not need to implement additional software to explicitly support HA messaging. | 03-27-2014 |
20140085818 | ELECTRONIC COMPONENT ENCLOSURE VISUAL SHIELD AND METHOD - An electronic device includes one or more electronic components and an electronic enclosure enclosing the electronic components. The electronic enclosure includes venting holes and flaps blocking visibility of the electronic components through the venting holes and from outside the electronic device. In addition, air readily flows through the venting holes providing adequate cooling of the electronic device. | 03-27-2014 |
20140064061 | MAC FLUSH OPTIMIZATIONS FOR ETHERNET RINGS - Techniques are identified for optimizing the MAC flush in Ethernet rings for faster traffic restoration. In one embodiment, flushing of MAC addresses is performed only once on receiving a first control message. For example, when a first control message is received, a network device may switch from a first state to a second state, which may indicate that the MAC addresses are not to be flushed if additional control messages are received. In another embodiment, flushing of MAC addresses is performed on one ring port rather than on both ring ports. For example, a flag field of a control message header may be used to determine on which port to flush. In another embodiment, flushing of MAC addresses is performed on only one ring port of an interconnection node. For example, the ring port can be determined using a flag field and possibly labels associated with the ring ports. | 03-06-2014 |
20140064060 | MAC FLUSH OPTIMIZATIONS FOR ETHERNET RINGS - Techniques are identified for optimizing the MAC flush in Ethernet rings for faster traffic restoration. In one embodiment, flushing of MAC addresses is performed only once on receiving a first control message. For example, when a first control message is received, a network device may switch from a first state to a second state, which may indicate that the MAC addresses are not to be flushed if additional control messages are received. In another embodiment, flushing of MAC addresses is performed on one ring port rather than on both ring ports. For example, a flag field of a control message header may be used to determine on which port to flush. In another embodiment, flushing of MAC addresses is performed on only one ring port of an interconnection node. For example, the ring port can be determined using a flag field and possibly labels associated with the ring ports. | 03-06-2014 |
20140056310 | Switch With Network Services Packet Processing - Virtual machine environments are provided in the switches that form a network, with the virtual machines executing network services previously performed by dedicated appliances. The virtual machines can be executed on a single multi-core processor in combination with normal switch functions or on dedicated services processor boards. Packet processors analyze incoming packets and add a services tag containing services entries to any packets. Each switch reviews the services tag and performs any network services resident on that switch. This allows services to be deployed at the optimal locations in the network. The network services may be deployed by use of drag and drop operations. A topology view is presented, along with network services that may be deployed. Services may be selected and dragged to a single switch or multiple switches. The management tool deploys the network services software, with virtual machines being instantiated on the switches as needed. | 02-27-2014 |
20140056174 | PROTOCOLS FOR CONNECTING INTELLIGENT SERVICE MODULES IN A STORAGE AREA NETWORK - Implementations are disclosed that provide protocols for connecting an intelligent service module within a storage area network (SAN). The protocols support physical connections between the intelligent service module and a director-level switch of the SAN. In some variations, the intelligent service module may comprise a director service module (DSM), a domain-sharing leaf switch service module (LSSM), or a non-domain-sharing LSSM. The protocols provide for establishing link parameters and negotiating responsibilities between the intelligent service module and the director-level switch. In one configuration, for example, ELP and ELP_ACCEPT frames may be used to establish the link parameters. In another configuration, ESC and ESC_ACCEPT frames may be used to negotiate responsibilities between the intelligent service module and the director-level switch. Other configurations also provide an ownership status of the intelligent service module that is used to determine whether the switch can initiate management of the intelligent service module. | 02-27-2014 |
20140056147 | MANAGEABILITY TOOLS FOR LOSSLESS NETWORKS - Manageability tools are provided for allowing an administrator to have better control over switches in a lossless network of switches. These tools provide the ability to detect slow drain and congestion bottlenecks, detect stuck virtual channels and loss of credits, while hold times on edge ASICs to be different from hold times on core ASICs, and mitigate severe latency bottlenecks. | 02-27-2014 |
20140050225 | SYSTEM AND METHOD FOR PROVIDING NETWORK ROUTE REDUNDANCY ACROSS LAYER 2 DEVICES - Systems and methods are described for providing network route redundancy through Layer 2 devices, such as a loop free Layer 2 network having a plurality of switching devices. A virtual switch is coupled to the loop free Layer 2 network, the virtual switch having two or more switches configured to transition between master and backup modes to provide redundant support for the loop free Layer 2 network, the switches communicating their status through use of a plurality of redundancy control packets. The system also includes means for allowing the redundancy control packets to be flooded through the Layer 2 network. The means may include time-to-live data attached to the redundancy control packet which is decremented only when the packets are transferred through devices which are configured to recognize the protocol used in redundancy control packets. | 02-20-2014 |
20140044013 | TECHNIQUES FOR EFFICIENTLY UPDATING ROUTING INFORMATION UPON SHORTEST PATH TREE COMPUTATION - Techniques for efficiently updating routing information in a network device such as a router. According to an embodiment of the present invention, information is stored identifying one or more nodes and leaves owned or advertised by the nodes. When a change occurs in a network environment, information is stored identifying one or more nodes and leaves that have changes associated with them. The routing information in the network device is then updated for only those nodes and leaves that have changes associated with them. | 02-13-2014 |
20140036915 | SYNCHRONIZATION OF MULTICAST INFORMATION USING BICASTING - Techniques that enable a network device such as a router to provide multicast routing services without interruption. Techniques are provided for using bicasting to synchronize multicast information maintained by a first processor and multicast information maintained by a second processor. A multicast protocol related event of packet is sent to both a first processor operating in active mode and a second processor operating in standby mode. Each processor then updates its multicast information based upon the bicasted event or packet. | 02-06-2014 |
20140036717 | METHOD AND APPARATUS FOR DETERMINING BANDWIDTH-CONSUMING FRAME FLOWS IN A NETWORK - A port monitor monitors network traffic that passes through a port of a switch. Frame flows routed through the switch are counted by hardware frame counting logic, which includes a content-addressable memory (CAM) and counters corresponding to various frame flows. Port monitor software includes logical containers (“buckets”), which are used to record and sort counts of the frame flows from hardware based on activity of the frame flows. Frame flow sorting is based on confidence building algorithms such that the thrashing of frame flows between buckets is reduced. Storage and sorting of the frame flows in software allows the activity level of any number of frame flows associated with the switch to be counted, regardless of hardware limitations on how many frame flows can be counted. This allows a real-time analysis of frame flows and a determination of frame flows that are major users of Fibre Channel bandwidth. | 02-06-2014 |
20140029466 | MANAGEABILITY TOOLS FOR LOSSLESS NETWORKS - Manageability tools are provided for allowing an administrator to have better control over switches in a lossless network of switches. These tools provide the ability to detect slow drain and congestion bottlenecks, detect stuck virtual channels and loss of credits, configure hold times on edge switches to be different from hold times on core switches, and mitigate severe latency bottlenecks. | 01-30-2014 |
20140025772 | Connection Rate Limiting For Server Load Balancing And Transparent Cache Switching - Each service in a computer network may have a connection rate limit. The number of new connections per time period may be limited by using a series of rules. In a specific embodiment of the present invention, a counter is increased each time a server is selected to handle a connection request. For each service, connections coming in are tracked. Therefore, the source of connection-request packets need not be examined. Only the destination service is important. This saves significant time in the examination of the incoming requests. Each service may have its own set of rules to best handle the new traffic for its particular situation. For server load balancing, a reset may be sent to the source address of the new connection request. For transparent cache switching, the connection request maybe forwarded to the Internet. | 01-23-2014 |
20140022275 | SCALABLE MAP DISPLAYS - A desired node is selected from a tree structure or list and then a number of levels from that node are displayed in a map. For edge nodes, the number of undisplayed links from that node is displayed. When another node is selected on the map, the number of levels is recalculated based on that node or the existing nodes remain and the desired level is additionally displayed from the selected node. Multiple nodes can be selected from the list, which may result in separated islands which join when an common node is displayed in each island. Filters can be applied to limit the number of nodes. The filtering may either remove nodes from the display or provide an indication of the number of undisplayed nodes meeting the filter and any displayed nodes meeting the filter. The technique can be used on most linked networks. | 01-23-2014 |
20140007097 | DYNAMIC RESOURCE ALLOCATION FOR VIRTUAL MACHINES | 01-02-2014 |
20140006871 | NETWORK MONITORING AND DIAGNOSTICS | 01-02-2014 |
20130343186 | MANAGEABILITY TOOLS FOR LOSSLESS NETWORKS - Manageability tools are provided for allowing an administrator to have better control over switches in a lossless network of switches. These tools provide the ability to detect slow drain and congestion bottlenecks, detect stuck virtual channels and loss of credits, while hold times on edge ASICs to be different from hold times encore ASICs, and mitigate severe latency bottlenecks. | 12-26-2013 |
20130332573 | Lossless Connection Failover for Mirrored Devices - The WAN optimization devices delay ACK until the ACK is actually received from the target while opening up the TCP window. When the ACK is received and forwarded, the TCP window is reduced in size. If there are mirrored WAN optimization devices, the original WAN optimization device sends the datagram across the WAN and at the same time sends the datagram to the mirroring WAN optimization device. When the mirroring WAN optimization device ACKs the mirrored datagram, the original WAN optimization device ACKs the host. When the ACK across the WAN is received, the mirroring WAN optimization device gets the ACK forwarded and deletes the mirrored datagram. On a loss of a device, the TCP connection transitions to the mirroring WAN optimization device, which closes the LAN TCP window and transmits all un-ACKed data. Then upon success the mirroring WAN optimization device reopens the LAN TCP window. | 12-12-2013 |
20130326054 | Performance Estimator for Network Devices - Techniques for estimating the performance of a network device. In one set of embodiments, a network device can determine one or more performance metrics associated with a feature of the network device that is customizable by a user. An example of such a feature is a user-defined script that is executed via a scripting engine of the network device. The network device can then generate a performance estimate based on the one or more performance metrics. The performance estimate can indicate the likely performance of the network device with the feature enabled. | 12-05-2013 |
20130318602 | DOMAIN NAME SYSTEM SECURITY EXTENSIONS (DNSSEC) FOR GLOBAL SERVER LOAD BALANCING - Techniques are provided to enable a network device, such as a switch, to perform global server load balancing (GSLB) while operating as a proxy to a domain name system security extensions (DNSSEC)-capable authoritative DNS server. The network device preserves an original signature generated by the DNSSEC-capable authoritative DNS server for a resource record set contained in a DNSSEC reply. | 11-28-2013 |
20130318246 | TCP Connection Relocation - TCP connections are moved between parallel devices and links during either connection setup or during active operation. | 11-28-2013 |
20130318243 | INTEGRATED HETEROGENEOUS SOFTWARE-DEFINED NETWORK - One embodiment of the present invention provides a switch in a software-defined network. The switch includes at least one port, a flow management module, and forwarding circuitry. The port is capable of receiving a frame belonging to a software-defined data flow and a frame belonging to a regular data flow. The flow management module logically partitions the port for the frame belonging to the software-defined data flow from the frame belonging to the regular data flow. The forwarding circuitry forwards the frame belonging to the software-defined data flow based on a flow definition in a local flow table. The flow definition indicates how the software-defined data flow is processed in a software-defined network. | 11-28-2013 |
20130318219 | LAYER-3 OVERLAY GATEWAYS - One embodiment of the present invention provides a computing system. The computing system includes a processor and a computer-readable storage medium for storing instructions. Based on the instructions, the processor operates the computing system as an overlay gateway. The computing system initiates and terminates an overlay tunnel associated with a virtual machine. During operation, the computing system maps a virtual Internet Protocol (IP) address of the virtual machine to a second IP address used to terminate the overlay tunnel based on information received from a configuration system. The computing system then determines an output port for a data packet based on the second IP address. The data packet comprises an inner packet and the destination address of this inner packet corresponds to the virtual IP address. | 11-28-2013 |
20130318051 | SHARED DICTIONARY BETWEEN DEVICES - In one embodiment, a system and method for managing a network deduplication dictionary is disclosed. According to the method, the dictionary is divided between available deduplication engines (DDE) in deduplication devices that support shared dictionaries. The fingerprints are distributed to different DDEs based on a hash function. The hash function takes the fingerprint and hashes it and based on the hash result, it selects one of the DDEs. The hash function could select a few bits from the fingerprint and use those bits to select a DDE. | 11-28-2013 |
20130315586 | TERABIT TOP-OF-RACK SWITCH - One embodiment of the present invention provides a switch. The switch includes a printed circuit board (PCB), a number of multi-channel optical transceivers mounted on the PCB, and a number of switch ports accessible from a front panel of the switch. The switch ports include a number of electrical interfaces that are electrically coupled to a switch chip mounted on the PCB, and a number of optical interfaces that are coupled to the switch chip via the multi-channel optical transceivers. | 11-28-2013 |
20130315260 | Flow-Based TCP - A system and method for sharing a WAN TCP tunnel between multiple flows without having head of the line blocking problem is disclosed. When a complete but out of order PDU is stuck behind an incomplete PDU in a TCP tunnel, the complete but out of order PDU is removed from the tunnel. To do that, first the boundaries of the PDUs of the different flows are preserved and the TCP receive window advertisement is increased. The receive window is opened when initially receiving out-of-order data. As out-of-order complete PDUs are pulled out of the receive queue, to address double counting, place holders are used in the receive queue to indicate data that was in the queue. As out-of-order data PDUs are pulled out of the queue the window advertisement is increased. This keeps the sending side from running out of TX window and stopping transmission of new data. | 11-28-2013 |
20130315256 | USER SELECTABLE MULTIPLE PROTOCOL NETWORK INTERFACE DEVICE - An Ethernet/Fibre Channel network interface device which can be configured by a user to operate on an FC SAN, a CEE network or both. In one embodiment the configuration can be done using jumpers or connections to the pins of a chip, thus allowing a manufacturer to only inventory one device for use with either or both networks. In a second embodiment the configuration can be done in software by setting registers and memory values on the device. This embodiment allows the device to be changed between configurations without removing it from the server or blade. The devices according to the preferred embodiments further reduce power consumption by shutting down portions of the chip not needed based on the configuration of the device. | 11-28-2013 |
20130315253 | Lossless Connection Failover for Single Devices - The WAN optimization devices delay ACK until the ACK is actually received from the target while opening up the TCP window. When the ACK is received and forwarded, the TCP window is reduced in size. If there are mirrored WAN optimization devices, the original WAN optimization device sends the datagram across the WAN and at the same time sends the datagram to the mirroring WAN optimization device. When the mirroring WAN optimization device ACKs the mirrored datagram, the original WAN optimization device ACKs the host. When the ACK across the WAN is received, the mirroring WAN optimization device gets the ACK forwarded and deletes the mirrored datagram. On a loss of a device, the TCP connection transitions to the mirroring WAN optimization device, which closes the LAN TCP window and transmits all un-ACKed data. Then upon success the mirroring WAN optimization device reopens the LAN TCP window. | 11-28-2013 |
20130315097 | CLIENT AUTO-CONFIGURATION IN A MULTI-SWITCH LINK AGGREGATION - One embodiment of the present invention provides a switch capable of auto-configuration of client devices for a link aggregation. The switch includes a packet processor, an auto-configuration module, and a link-aggregation management module. During operation, the packet processor extracts an identifier of a client device from a notification message received via a local port. The auto-configuration module, which is coupled to the packet processor, associates the local port with the identifier of the client device. If the packet processor recognizes the identifier of the client device in a message received from a remote switch, the link-aggregation management module forms a multi-switch link aggregation for the client device in conjunction with the remote switch. | 11-28-2013 |
20130311675 | NETWORK FEEDBACK IN SOFTWARE-DEFINED NETWORKS - One embodiment of the present invention provides a computing system capable of providing feedback to a controller in a software-defined network. The computing system includes a policy management module and a communication module coupled to the policy management module. During operation, the policy management module recognizes a local policy indicating how a data flow is to be processed and identifies a data flow associated with the policy. The communication module constructs a request for a flow definition from a controller in a software-defined network. A flow definition indicates how the data flow is processed in the software-defined network. | 11-21-2013 |
20130308649 | METHOD AND SYSTEM FOR LINK AGGREGATION ACROSS MULTIPLE SWITCHES - One embodiment of the present invention provides a switch. The switch includes a forwarding mechanism and a control mechanism. During operation, the forwarding mechanism forwards frames based on their Ethernet headers. The control mechanism operates the switch in conjunction with a separate physical switch as a single logical switch and assigns a virtual switch identifier to the logical switch, wherein the virtual switch identifier is associated with a link aggregation group. | 11-21-2013 |
20130250951 | OVERLAY TUNNEL IN A FABRIC SWITCH - One embodiment of the present invention provides a switch. The switch includes a tunnel management module, a packet processor, and a forwarding module. The tunnel management module operates the switch as a tunnel gateway capable of terminating an overlay tunnel. During operation, the packet processor, which is coupled to the tunnel management module, identifies in a data packet a virtual Internet Protocol (IP) address associated with a virtual tunnel gateway. This virtual tunnel gateway is associated with the switch and the data packet is associated with the overlay tunnel. The forwarding module determines an output port for an inner packet in the data packet based on a destination address of the inner packet. | 09-26-2013 |
20130250524 | Compact Flash Retainer - A method and apparatus for retaining a removable module (such as a memory card) in engagement with an interface structure of a printed circuit board (PCB). The PCB is coupled to a tray, wherein the module is positioned between the PCB and the tray. The tray includes one or more forms configured to receive the module, and prevent the module from moving out of engagement with the interface structure of the PCB. A first form includes a depressed region formed in the tray, wherein the module is fitted within the depressed region. A slot, which extends through the tray, may be located adjacent to the depressed region, wherein an edge of the slot restricts movement of the module. A second form may include a raised lip, which is located adjacent to the module, and restricts movement of the module. | 09-26-2013 |
20130242759 | Packet Tracing through Control and Data Plane Operations using SNMP Trap Commands - Improved debugging capabilities for network packet path tracing. Embodiments trace both the control and data planes. During control plane operations each switch appends its identity to the payload, providing a full trace of the control plan path. SNMP Trap commands containing the forward path payload are provided back at each hop. The data plane is monitored by setting traps along the control plane path, with SNMP Trap commands at each hop being provided that indicate a given switch has been used. | 09-19-2013 |
20130242758 | Packet Tracing through Control and Data Plane Operations - Improved debugging capabilities for network packet path tracing. Embodiments trace both the control and data planes. During control plane operations each switch appends its identity to the payload, providing a full trace of the control plan path. Responses containing the forward path payload are provided back at each hop, the responses being routing back by tracing back the forward direction control plane. The data plane is monitored by setting traps along the control plane path, with responses at each hop that indicate a given switch has been used being returned along the control plane path. | 09-19-2013 |
20130223449 | DYNAMIC SERVICE INSERTION IN A FABRIC SWITCH - One embodiment of the present invention provides a switch. The switch includes a service management module and a packet processor. During operation, the service management module identifies a service provided by an appliance coupled to the switch via a local port. The packet processor constructs a notification message for a remote switch. The notification message includes information about the service and the appliance. In this way, the switch allows the remote switch to request the service. | 08-29-2013 |
20130219169 | Public Cloud Data at Rest Security - An encryption switch which is used in a cloud environment to secure data on the LUNs used by the clients. A client provides a certificate to the cloud service. The encryption switch develops a cloud crypto domain (CCD) as a secure area, with the data at rest on the LUNs encrypted. The encryption switch develops a master key for client use in the CCD, which is provided to the client encrypted by the client's public key. Data encryption keys (DEKs) are created for each LUN and provided to the client. The DEKs are stored in a key vault by the client for use if needed. The cloud service provisions a client VM to be used with the encrypted LUN and develops a nexus between the LUN and the client VM for the encryption switch to use in data operations. The client communicates through the client VM to access the LUN. | 08-22-2013 |
20130212386 | Storage Access Authentication Mechanism - In embodiments according to the present invention an encryption switch is used to authorize access to LUNs from client VMs present in the cloud provider network. The encryption switch includes responder side software for an authentication protocol and an agent in the client VM includes the requestor side of the authentication protocol. The certificate of the client is securely provided to the encryption switch, which associates the client VM with the LUN. The client private key is securely provided to the client VM, which retains it only non-persistently. The client VM requests LUN access and performs an authentication handshake with the encryption switch. If successful the client VM than has access to the LUN. As the original certificate is linked to the client, if the client is itself a VM, should the client be moved to a different host, the certificate moves with it and LUN accessibility is maintained. | 08-15-2013 |
20130205044 | Virtual Router Redundancy For Server Virtualization - A solution for virtual router redundancy for server virtualization includes, at a network device configured as a backup router of a virtual router, examining a packet stored in a memory of the network device. Responsive to the examining, the network device determines whether to forward the packet via a network towards a destination or to send the packet via the network to a master router of the virtual router for forwarding of the packet, by the master router, towards the destination. | 08-08-2013 |
20130194914 | LINK AGGREGATION IN SOFTWARE-DEFINED NETWORKS - One embodiment of the present invention provides a switch capable of processing software-defined data flows. The switch includes an identifier management module and a flow definition management module. During operation, the identifier management module allocates a logical identifier to a link aggregation port group which includes a plurality of ports associated with different links. The flow definition management module processes a flow definition corresponding to the logical identifier, applies the flow definition to ports in the link aggregation port group, and update lookup information for the link aggregation port group based on the flow definition. | 08-01-2013 |
20130191831 | TRANSPARENT HIGH AVAILABILITY FOR STATEFUL SERVICES - One embodiment of the present invention provides a system. The system includes a high availability module and a data transformation module. During operation, the high availability module identifies a modified object belonging to an application in a second system. A modification to the modified object is associated with a transaction identifier. The high availability module also identifies a local object corresponding to the modified object associated with a standby application corresponding to the application in the second system. The data transformation module automatically transforms the value of the modified object to a value assignable to the local object, including pointer conversion to point to equivalent object of the second system. The high availability module updates the current value of the local object with the transformed value. | 07-25-2013 |
20130188521 | MANAGING A LARGE NETWORK USING A SINGLE POINT OF CONFIGURATION - One embodiment of the present invention provides a computing system. The switch includes a discovery module, a device management module, and a logical group management module. The discovery module constructs a multicast query message for a first multicast group to which the computing system is registered. The device management module extracts information about a remote switch from a query response message from the remote switch and constructs a client database, wherein a first entry in the client database contains the information extracted from the query response message. The logical group management module associates the remote switch with a second multicast group. | 07-25-2013 |
20130188514 | MANAGING A CLUSTER OF SWITCHES USING MULTIPLE CONTROLLERS - One embodiment of the present invention provides a computing system. The computing system includes a discovery module, a high-availability management module, and a controlling module. The discovery module determines local switch-specific information associated with a switch based on a discovery response packet. The high-availability management module determines remote switch-specific information about the same switch with respect to a remote computing system. The controlling module determines whether the computing system is to manage the switch based on a metric derived from the local and remote switch-specific information. | 07-25-2013 |
20130182581 | IP MULTICAST OVER MULTI-CHASSIS TRUNK - In embodiments of the present invention, multicast traffic is simultaneously routed via all switches participating in the trunk (can be referred to as partner switches). A respective partner switch synchronizes the local multicast state information with all other partner switches. For a respective multicast group, a plurality of partner switches can be the part of the corresponding multicast distribution tree and obtain multicast traffic from uplink sources. For the multicast group, only one partner switch is elected as the primary forwarder which forwards the multicast traffic via the trunk. Another partner switch can become the primary forwarder for the multicast traffic of another multicast group and provide load sharing of multicast traffic between partner switches. Furthermore, because the partner switches have the multicast traffic and state readily available, in the event of a switch or link failure to the primary forwarder, another partner switch can readily become the primary forwarder. | 07-18-2013 |
20130176684 | Printed Circuit Board Cover - A sheet metal cover for a printed circuit board (PCB) includes a plurality of legs continuous with a substantially planar elevated section. The legs are attached to the PCB, and electrical connections are provided between the legs and an internal ground plane of the PCB at the attachment locations. The sheet metal cover is thereby grounded, inhibiting the transmission of electromagnetic signals through the sheet metal cover. The elevated section of the sheet metal cover prevents select electronic devices on the PCB from being viewed or probed. Openings through the sheet metal cover allow heat sinks or heat generating electronic devices (e.g., inductors) to be exposed through these openings, thereby facilitating cooling of these elements by airflow. An electrically conductive gasket attached to the underside of the elevated section may contact the heat sinks, further minimizing the radiation of EMI emissions. | 07-11-2013 |
20130161277 | Plenum Kit - A plenum assembly for a shallow chassis in a rack-mount system. The rack mount system includes a first set of posts at a first end of the rack, a second set of posts at a second end of the rack, and guide rails that extend between the first and second sets of posts. A shallow chassis mounted on the guide rails extends from the first end of the rack to an intermediate location, between the first and second ends of the rack. The plenum assembly is also mounted on the guide rails, and extends from the second end of the rack to the intermediate location, providing an airway from the second end of the rack to the shallow chassis. The plenum assembly can include telescoping sections to extend various lengths. Alternately, the plenum assembly can have a two piece construction, which is assembled after routing cables to the shallow chassis. | 06-27-2013 |
20130151744 | Interrupt Moderation - A technique for interrupt moderation allows coalescing interrupts from a device into groups to be processed as a batch by a host processor. Receive and send completions may be processed differently. When the host is interrupted for receive completions, it may check for send completions, reducing the need for interrupts related to send completions. Timers and a counter allow coalescing interrupts into a single interrupt that can be used to signal the host to process multiple completions. The technique is suitable for both dedicated interrupt line and message-signaled interrupts. | 06-13-2013 |
20130148654 | PORT PROFILE ANALYTICS - One embodiment of the present invention provides a computer system. The computer system includes a display mechanism, a storage, and a migration management mechanism. The storage stores a data structure indicating one or more port profiles. The migration management mechanism identifies one or more port profiles associated with a target switch for a migrating virtual machine, wherein the target switch is coupled to a target host machine of the virtual machine and recommends whether the target switch is suitable for the virtual machine by examining an identifier to the virtual machine in the port profiles associated with the target switch using the display mechanism. | 06-13-2013 |
20130148511 | AMPP ACTIVE PROFILE PRESENTATION - One embodiment of the present invention provides a port profile management mechanism. The port profile management mechanism detects an active profile associated with a physical port on a switch and displays configuration of the port based on the identified port profile using the display mechanism. In addition, a port group management mechanism obtains information of a port group associated with a virtual machine, wherein the port group defines network configurations for the virtual machine. The port profile management mechanism detects a port profile associated with the virtual machine coupled to a physical port on a switch and displays an alert using the display mechanism in response to the port group and the port profile being out of synchronization. | 06-13-2013 |
20130148491 | METHOD AND SYSTEM FOR EXTENDING ROUTING DOMAIN TO NON-ROUTING END STATIONS - A system is provided for facilitating assignment of a virtual routing node identifier to a non-routing node. During operation, the system assigns to a non-routing node coupled to a switch a virtual routing node identifier unique to the non-routing node. In addition, the system communicates reachability information corresponding to the virtual routing node identifier to other switches in the network. | 06-13-2013 |
20130124707 | SYSTEM AND METHOD FOR FLOW MANAGEMENT IN SOFTWARE-DEFINED NETWORKS - One embodiment of the present invention provides a system for facilitating flow definition management in a switch. During operation, the system identifies a generic flow definition which specifies a flow that is not specific to any input port of a switch. The system further stores in a flow lookup data structure one or more port-specific flow rules based on the generic flow definition, wherein each port-specific flow rule corresponds to a respective port capable of processing data flows. | 05-16-2013 |
20130114600 | INTEGRATED FIBRE CHANNEL SUPPORT IN AN ETHERNET FABRIC SWITCH - One embodiment of the present invention provides a switch. The switch includes a packet processor and a device management module. During operation, the packet processor constructs a notification message containing a Transparent Interconnection of Lots of Links (TRILL) Routing Bridge (RBridge) identifier associated with a Fibre Channel router. The device management module operates in conjunction with the packet processor and terminates TRILL forwarding for a received TRILL packet with the RBridge identifier as an egress RBridge identifier. | 05-09-2013 |
20130111374 | METHOD FOR BRIDGING MULTIPLE NETWORK VIEWS | 05-02-2013 |
20130111077 | SAN FABRIC ONLINE PATH DIAGNOSTICS | 05-02-2013 |
20130111001 | System And Method For Creating And Communicating Freely Associated Collection To Share Information | 05-02-2013 |
20130103881 | Multi-Processor Architecture Implementing A Serial Switch And Method Of Operating Same - A multi-processor architecture for a network device that includes a plurality of barrel cards, each including: a plurality of processors, a PCIe switch coupled to each of the plurality of processors, and packet processing logic coupled to the PCIe switch. The PCIe switch on each barrel card provides high speed flexible data paths for the transmission of incoming/outgoing packets to/from the processors on the barrel card. An external PCIe switch is commonly coupled to the PCIe switches on the barrel cards, as well as to a management processor, thereby providing high speed connections between processors on separate barrel cards, and between the management processor and the processors on the barrel cards. | 04-25-2013 |
20130100854 | VPLS OVER MULTI-CHASSIS TRUNK - One embodiment of the present invention provides a switch. The switch includes a link aggregation database, an arbitration module, a packet processor, and a logical connection management module. The link aggregation database stores information regarding a plurality of switches participating in a multi-chassis trunk. The plurality of switches includes the switch as well. The arbitration module selects a switch of the plurality of switches as an active switch based on the information in the link aggregation database. The packet processor constructs a packet for a remote switch forwardable via a logical connection. The logical connection management module operates in conjunction with the packet processor and constructs a message containing instructions for creating a second logical connection to a second switch of the plurality of switches. | 04-25-2013 |
20130094361 | INTELLIGENT LAYER-2 FORWARDING - One embodiment of the present invention provides a switch. The switch includes a port management module and a notification module. During operation, the port management module identifies a local port selected to be in a blocking state associated with a spanning tree. The notification module constructs a notification message associated with the blocking state. | 04-18-2013 |
20130070766 | MULTICAST ROUTE CACHE SYSTEM - Techniques for organizing and grouping memory contents related to multicast routing so as to enable more efficient multicast operations. For PIM multicast routing, techniques are provided for organizing and grouping multicast routing information into data structures according to a plurality of dimensions such that multicast routing cache entries are accessible when performing a multicast routing operation by traversing the one or more data structures according to at least two of the dimensions. | 03-21-2013 |
20130044586 | FASTER FAILOVERS FOR FAST REROUTE (FRR) LSPs - Techniques for reducing the latency in performing a failover from a protected connection to its backup connection when a network event is detected affecting the protected connection. In an MPLS network, techniques are provided for failing a protected LSP to a backup LSP in a fast and efficient manner. In one embodiment, the faster failover is facilitated by storing protected LSPs and their backup LSPs information in the data plane, such as locally on a linecard. | 02-21-2013 |
20130036186 | CACHING REMOTE SWITCH INFORMATION IN A FIBRE CHANNEL SWITCH - A network of switches with a distributed name server configuration and caching of remote node device information is disclosed. The network preferably comprises a first switch coupled to a second switch. Each of the switches directly couple to respective node devices. The first switch maintains a name server database about its local node devices, as does the second switch. The second switch further maintains a information cache about remote node devices. The name server preferably notifies other switches of changes to the database, and the cache manager preferably uses the notifications from other switches to maintain the cache. The name server accesses the cache to respond to queries about remote node devices. The cache manager may also aggregate notification messages from other switches when notifying local devices of state changes. Traffic overhead and peak traffic loads may advantageously be reduced. | 02-07-2013 |
20130031077 | Longest Prefix Match Scheme - A LPM search engine includes a plurality of exact match (EXM) engines and a moderately sized TCAM. Each EXM engine uses a prefix bitmap scheme that allows the EXM engine to cover multiple consecutive prefix lengths. Thus, instead of covering one prefix length L per EXM engine, the prefix bitmap scheme enables each EXM engine to cover entries having prefix lengths of L, L+1, L+2 and L+3, for example. As a result, fewer EXM engines are potentially underutilized, which effectively reduces quantization loss. Each EXM engine provides a search result with a determined fixed latency when using the prefix bitmap scheme. The results of multiple EXM engines and the moderately sized TCAM are combined to provide a single search result, representative of the longest prefix match. In one embodiment, the LPM search engine supports 32-bit IPv4 (or 128-bit IPv6) search keys, each having associated 15-bit level 3 VPN identification values. | 01-31-2013 |
20130003747 | EFFICIENT TRILL FORWARDING - One embodiment of the present invention provides a switch. The switch includes a storage and a lookup mechanism. The storage stores a first table that contains an entry corresponding to a media access control (MAC) address of a device and an identifier of a remote switch associated with the device. The storage also stores a second table that contains an entry indicating a local outgoing interface corresponding to the remote switch. The lookup mechanism identifies the local outgoing interface corresponding to the device based on the first table and the second table. | 01-03-2013 |
20130003739 | SCALABLE MAC ADDRESS DISTRIBUTION IN AN ETHERNET FABRIC SWITCH - One embodiment of the present invention provides a switch. The switch includes a notification mechanism. The notification mechanism constructs a single message that contains a locally learned MAC address associated with a local device, a TRILL RBridge identifier associated with the switch, and an identifier of an interface associated with the MAC address. In some embodiments, the switch includes a data structure and an entry management mechanism. The data structure stores device information learned at a remote switch, wherein the device information includes a MAC address of a device, a TRILL RBridge identifier associated with the remote switch, an identifier of an interface coupled to the device, and a type indicator of the MAC address. The entry management mechanism manages an entry in the data structure based on the RBridge identifier and the interface identifier. | 01-03-2013 |
20130003738 | TRILL BASED ROUTER REDUNDANCY - One embodiment of the present invention provides a switching system. The switching system includes a Transparent Interconnection of Lots of Links (TRILL) header processor and an Internet Protocol (IP) header processor. The TRILL header processor is configured to identify a virtual routing bridge (RBridge) identifier in a packet, and the IP header processor is configured to identify a virtual IP address in the packet. The virtual IP address is assigned to a virtual IP router associated with the virtual RBridge identifier. | 01-03-2013 |
20130003733 | MULTICAST IN A TRILL NETWORK - One embodiment of the present invention provides a switch. A switch includes a storage and a multicast management mechanism. The storage is configured to store an entry indicating a multicast group membership learned at a remote switch. The multicast management mechanism is coupled to the storage and is configured to suppress flooding of packets destined for the multicast group. | 01-03-2013 |
20130003732 | ABSTRACTING ACCEPTING INTERFACE TO OPTIMIZE PARENT AND CHILD ENTRY LOOKUP FOR BIDIRECTIONAL PIM - During operation the system identifying a multicast address in a packet. The system then determines a first entry in a first table, wherein the first entry maps a multicast group prefix and an accepting interface to a first logical reference. The system then determines a second entry in a second table, wherein the second entry maps the first logical reference and a multicast group address to forward packets to one or more forwarding interfaces. | 01-03-2013 |
20130003729 | CLEARING FORWARDING ENTRIES DYNAMICALLY AND ENSURING CONSISTENCY OF TABLES ACROSS ETHERNET FABRIC SWITCH - One embodiment of the present invention provides a switch. The switch includes an ownership management mechanism and a notification mechanism. The ownership management mechanism maintains a local ownership association between the switch, and a medium access control (MAC) address learned at the switch and terminates the local ownership association for the MAC address. The notification mechanism generates a first notification indicating the local ownership association and a second notification indicating the termination of the local ownership association. | 01-03-2013 |
20130003608 | SPANNING-TREE BASED LOOP DETECTION FOR AN ETHERNET FABRIC SWITCH - One embodiment of the present invention provides a switch. The switch includes a local database, a packet processor, a data management module, and a tree construction module. The packet processor extracts spanning tree information associated with a remote switch. The data management module stores the extracted spanning tree information in the local database. The tree construction module assigns an interface state associated with a spanning tree to a local interface based on the extracted spanning tree information. | 01-03-2013 |
20130003601 | EXTERNAL LOOP DETECTION FOR AN ETHERNET FABRIC SWITCH - One embodiment of the present invention provides a switch. The switch includes a local identifier associated with the switch, a receiving interface, a loop detection mechanism, and an interface control mechanism. The receiving interface identifies a loop-detection frame which includes an identifier associated with originating switch of the frame. The loop detection mechanism detects a loop based on a match of the identifier associated with the originating switch and the local identifier. The interface control mechanism is coupled to the loop detection mechanism and precludes, in response to detecting a loop, the receiving interface from forwarding frames corresponding to the loop. | 01-03-2013 |
20120327836 | CONVERGED WIRELESS LOCAL AREA NETWORK - One embodiment of the present invention provides a wireless network controller. The wireless network controller includes a data structure, a tunnel management scheme, an encapsulation mechanism, and a forwarding mechanism. The data structure stores a TRILL RBridge identifier associated with a remote wireless network controller. The tunnel management mechanism maintains a tunnel with a local access point, and the encapsulation mechanism encapsulates a packet received from the tunnel with a TRILL header which includes the RBridge identifier of the remote wireless network controller. The forwarding mechanism forwards the encapsulated packet. | 12-27-2012 |
20120324089 | CONFIGURABLE GEOGRAPHIC PREFIXES FOR GLOBAL SERVER LOAD BALANCING - In a load balancing system, user-configurable geographic prefixes are provided. IP address prefix allocations provided by the Internet Assigned Numbers Authority (IANA) and associated geographic locations are stored in a first, static database in a load balancing switch, along with other possible default geographic location settings. A second, non-static database stores user-configured geographic settings. In particular, the second database stores Internet Protocol (IP) address prefixes and user-specified geographic regions for those prefixes. The specified geographic region can be continent, country, state, city, or other user-defined region. The geographic settings in the second database can override the information in the first database. These geographic entries help determine the geographic location of a client and host IP addresses, and aid in directing the client to a host server that is geographically the closest to that client. | 12-20-2012 |
20120320799 | NODE DEVICE COOPERATING WITH SWITCH WHICH IMPLEMENTS ZONES IN A FIBRE CHANNEL SYSTEM - In a system comprising a first fabric and a plurality of devices coupled to the fabric by Fibre Channel connections, the devices are logically grouped to form configurations and zones. A configuration includes at least one zone, and each zone includes at least one device as a member of the zone. Communications between the devices is restricted according to the configuration currently in effect. For example, one device may be permitted to communicate with another device only if they are members of a common zone. | 12-20-2012 |
20120294166 | TECHNIQUES FOR EFFICIENTLY UPDATING ROUTING INFORMATION - Techniques for efficiently updating routing information in a network device such as a router. According to an embodiment of the present invention, the routing information is updated upon creation or deletion of an overlay tunnel without the network device having to regenerate a Shortest Path Tree (SPT) by performing full Shortest Path First (SPF) processing. | 11-22-2012 |
20120284444 | Interrupt Moderation - A technique for interrupt moderation allows coalescing interrupts from a device into groups to be processed as a batch by a host processor. Receive and send completions may be processed differently. When the host is interrupted for receive completions, it may check for send completions, reducing the need for interrupts related to send completions. Timers and a counter allow coalescing interrupts into a single interrupt that can be used to signal the host to process multiple completions. The technique is suitable for both dedicated interrupt line and message-signaled interrupts. | 11-08-2012 |
20120282803 | Double Stack Compact Flash Card Connector - A first housing element is attached to an upper surface of a printed circuit board (PCB), and a second housing element is attached to a lower surface of the PCB. The first housing element receives a first electronic module, and includes a first signal wire that connects the first electronic module to a first trace on the PCB. The second housing element receives a second electronic module, which is vertically aligned with the first electronic module, and includes a second signal wire that connects the second electronic module to the first trace on the PCB. Alternately, a housing element attached to a PCB receives two or more electronic modules, and provides unique connections between the electronic modules and the PCB. | 11-08-2012 |
20120281700 | LAYER-3 SUPPORT IN TRILL NETWORKS - One embodiment of the present invention provides a switch. The switch includes an IP header processor and a forwarding mechanism. The IP header processor identifies a destination IP address in a packet encapsulated with an inner Ethernet header, a TRILL header, and an outer Ethernet header. The forwarding mechanism determines an output port and constructs a new header for the packet based on the destination IP address. The switch also includes a packet processor which determines whether (1) an inner destination media access control (MAC) address corresponds to a local MAC address assigned to the switch; (2) a destination RBridge identifier corresponds to a local RBridge identifier assigned to the switch; and (3) an outer destination MAC address corresponds to the local MAC address. | 11-08-2012 |
20120281695 | CONTROL PACKET BICASTING BETWEEN STACKABLE DEVICES - Techniques that enable a network device such as a switch to bicast control packets to an active controller and a standby controller in a stackable system. Techniques are provided for encapsulating control packets with one or more proprietary headers to bicast encapsulated control packets to an active controller and a standby controller in a stackable system. | 11-08-2012 |
20120278804 | VIRTUAL MACHINE AND APPLICATION MOVEMENT OVER A WIDE AREA NETWORK - Long distance cloud migration (LDCM) to overcome the limitations faced by the cloud migration techniques over long distance, high speed WAN infrastructures. LDCM overcomes the negative effects of existing TCP/IP mechanisms on the efficient use of available bandwidth. LDCM also acts as an acceleration engine to optimize various hypervisor, storage and security applications. | 11-01-2012 |
20120278514 | Systems and Methods for Notification of Quality of Service Violation - A quality of service (QoS) notification module can provide detection and notification of violation of allocated QoS to a transmission queue. The QoS notification module can be located on a network adapter and send notifications to a host computer coupled to the network adapter. QoS notifications can indicate that one or more host transmission queues are being underserved, i.e., the bandwidth guaranteed to the one or more host queues is not being met despite the queues not being empty. Notification module can send notification to the host by writing to a memory location or a notification register in the memory of the host. Alternatively, the notification module can send an interrupt to the host processor, the interrupt including QoS notification information. The notification module can also be located in a switch for generating notifications of QoS violations of bandwidth guarantees for transmission queues associated with transmission ports of the switch. | 11-01-2012 |
20120270492 | SIDE-EXHAUST COOLING SYSTEM WITH EXTENSIBLE DUCT FOR RACK MOUNTED EQUIPMENT - A cooling device for rack mount equipment comprises an extensible side duct, open on its inner and rear-facing sides which redirects warm exhaust air exiting vents in the side of a chassis towards the rear of an enclosure holding the chassis. An apparatus incorporating the cooling device may be installed in a rack with the extensible side duct in a retracted position. The extensible side duct may extend under the influence of air pressure, forming a plenum in fluid communication with the interior of a chassis on which it is mounted such that warm air exiting the chassis is collected in the plenum formed by the extensible side duct and directed out towards the rear of the chassis. Use of the apparatus permits conventional front-to-back cooling airflow patterns to be maintained even with chassis having side exhaust vents. | 10-25-2012 |
20120221849 | Scalable Distributed Web-Based Authentication - Web-based authentication includes receiving a packet in a network switch having at least one associative store configured to forward packet traffic to a first one or more processors of the switch that are dedicated to cryptographic processing if a destination port of the packet indicates a secure transport protocol, and to a second one or more processors of the switch that are not dedicated to cryptographic processing if the destination port does not indicate a secure transport protocol. If a source of the packet is an authenticated user, the packet is forwarded via an output port of the switch, based on the associative store. If the source is an unauthenticated user, the packet is forwarded to the first one or more processors if the destination port indicates a secure transport protocol, and to the second one or more processors if the destination port does not indicate a secure transport protocol. | 08-30-2012 |
20120218990 | Virtual Port World Wide Names - A network switch allows defining a virtual port worldwide name (VPWWN) and associating the VPWWN with an F_port of the network switch, for use by a host bus adaptor (HBA) connecting to the network switch. Both a default and a user VPWWN may be defined, with the user VPWWN typically taking precedence over the default VPWWN. A database of VPWWN associations may be used to ensure uniqueness of the user VPWWN. Where the HBA allows dynamic assignment of WWNs, the VPWWN may be pushed to the HBA. The VPWWNs may be deleted, and moved to another port as desired. | 08-30-2012 |
20120216256 | System, Method And Apparatus For Providing Multiple Access Modes In A Data Communications Network - A system, method and apparatus for providing multiple access modes in a data communications network includes a network access device having a plurality of input ports, a plurality of output ports, and a switching fabric for routing data received on the plurality of input ports to at least one of the plurality of output ports. Control logic within the network access device is adapted to determine whether a user device coupled to one of the plurality of input ports supports a user authentication protocol used by a host network. If the user authentication protocol is not supported, then the input port to which the network access device is coupled is placed in a semi-authorized access state that limits access to a pre-configured network accessible via the host network. | 08-23-2012 |
20120216254 | Scalable Distributed Web-Based Authentication - Web-based authentication includes receiving a packet in a network switch having at least one associative store configured to forward packet traffic to a first one or more processors of the switch that are dedicated to cryptographic processing if a destination port of the packet indicates a secure transport protocol, and to a second one or more processors of the switch that are not dedicated to cryptographic processing if the destination port does not indicate a secure transport protocol. If a source of the packet is an authenticated user, the packet is forwarded via an output port of the switch, based on the associative store. If the source is an unauthenticated user, the packet is forwarded to the first one or more processors if the destination port indicates a secure transport protocol, and to the second one or more processors if the destination port does not indicate a secure transport protocol. | 08-23-2012 |
20120207154 | Port Decommissioning - A management application can automatically coordinate the decommissioning of ports in a switch, ensuring that ports are gracefully taken out of service without unnecessary interruption of service and triggering of automatic recovery functionality that may occur during manual decommissioning of ports. Embodiments may provide for decommissioning of F_ports only, E_ports only, or both F_ports and E_ports. Where link aggregation is provided for in the fabric, decommissioning of a port in a link aggregation group may be performed if there are other operational links in the group. Decommissioning of a non-aggregated port (or the last operational port in a link aggregation group) may be performed if there is a redundant path available. | 08-16-2012 |
20120201138 | QUALITY OF SERVICE IN A HETEROGENEOUS NETWORK - A network device provides priority map storage configured to store one or more mapping data structures for mapping multiple priorities of a first priority scheme to multiple priorities of a second priority scheme. In addition, mapping logic of the network devices is coupled to the priority map storage and configured to translate a first priority of a first frame of the first priority scheme to a second priority of the second priority scheme and to assign the second priority to a second frame carrying payload of the first frame in preparation of transmission of the second frame in accordance with the second priority scheme. | 08-09-2012 |
20120176893 | CONGESTION NOTIFICATION IN PRIVATE VLANS - One embodiment of the present invention provides a switch. During operation, in a network with a private VLAN configuration, the switch allows a congestion notification message with an isolated virtual local area network identifier (VLAN ID) to be forwarded via an isolated VLAN port. | 07-12-2012 |
20120173935 | PLUGGABLE TRANSCEIVER MODULE WITH ENHANCED CIRCUITRY - Pluggable transceiver modules with additional functions and circuitry contained within the module. In a first embodiment, additional circuitry is added to determine bit error rates at the point of the module itself. This allows a much better diagnostic evaluation of location of problem. In an alternate embodiment, various logic is placed in the module. In a first alternate embodiment encryption/decryption units are placed in the converter module so that encryption and decryption operations on the serial bitstream do not need to be performed in a switch. Existing switches can be used but the interconnecting links can still be encrypted. A second alternate embodiment includes compression/decompression units placed in the module to allow effective higher throughput on the selected links. | 07-05-2012 |
20120173859 | TECHNIQUES FOR STOPPING ROLLING REBOOTS - Techniques for detecting rolling reboots and for taking responsive actions to stop rolling reboots. | 07-05-2012 |
20120163396 | QUEUE SPEED-UP BY USING MULTIPLE LINKED LISTS - One embodiment of the present invention provides a switch that includes a transmission mechanism configured to transmit frames stored in a queue, and a queue management mechanism configured to store frames associated with the queue in a number of sub-queues which allow frames in different sub-queues to be retrieved independently, thereby facilitating parallel processing of the frames stored in the sub-queues. | 06-28-2012 |
20120163175 | INGRESS RATE LIMITING - A network device monitors the traffic of individual flows through one of its ingress ports and, if the traffic volume exceeds a predetermined threshold, signals for a reduction in data traffic volume transmitted to that ingress port from one or more source devices. Example signals may include without limitation a unicast congestion message sent to the source of a flow, an Explicit Congestion Notification to one or more source devices, and the dropping of packets by the receiving device. In response to such signals, one or more of the source devices decrease the transmission rate of data traffic to the receiving device. | 06-28-2012 |
20120163164 | METHOD AND SYSTEM FOR REMOTE LOAD BALANCING IN HIGH-AVAILABILITY NETWORKS - A system is provided for facilitating remote load balancing in a high-availability network. During operation, the system receives a plurality of data frames destined for a destination device, wherein the destination device is coupled to a network via a trunk link, the trunk link coupling the destination device to at least two separate egress switching devices. The system then forwards the data frames via at least two data paths, each of which leads to a respective egress switching device. | 06-28-2012 |
20120155458 | Repeated Lost Packet Retransmission in a TCP/IP Network - Periodically retransmitting of multiply lost TCP/IP packets until either an ACK is received or the timeout finally occurs. By retransmitting the packet more than the once as done with prior art SACK approaches, there is a possibility of not having to wait until the timeout period elapses if one of the other retransmissions successfully transits the network. If the packet is successfully received and acknowledged before the timeout period ends, then the more extensive timeout procedures need not be invoked and traffic is much less affected. | 06-21-2012 |
20120147747 | PRIORITY AWARE MAC FLOW CONTROL - Solutions are provided that allow a network device to apply flow control on the MAC layer while taking into account the priority of the frame of traffic. This may be accomplished by generating a frame indicating that traffic flow should be paused, while utilizing a new opcode value, or alternatively by utilizing a new type/length value (possibly combined with a new opcode value). A receiving device may then examine the fields of the frame to determine whether it should use priority-based pausing, and then examine other fields to determine which priority-levels to pause and for how long. This allows for improved efficiency in flow control on the MAC layer. | 06-14-2012 |
20120144103 | Two-Port Memory Implemented With Single-Port Memory Blocks - A two-port memory having a read port, a write port and a plurality of identical single-port RAM banks. The capacity of one of the single-port RAM banks is used to resolve collisions between simultaneous read and write accesses to the same single-port RAM bank. A read mapping memory stores instance information that maps logical banks and a spare bank to the single-port RAM banks for read accesses. Similarly, a write mapping memory stores write instance information that maps logical banks and a spare bank to the single-port RAM banks for write accesses. If simultaneous read and write accesses are not mapped to the same single-port RAM bank, read and write are performed simultaneously. However, if a collision exists, the write access is re-mapped to a spare bank identified by the write instance information, allowing simultaneous read and write. Both read and write mapping memories are updated to reflect any re-mapping. | 06-07-2012 |
20120110411 | Content Addressable Memory (CAM) Parity And Error Correction Code (ECC) Protection - A memory system including a content addressable memory (CAM) array and a non-CAM array. The non-CAM array, which may share word lines with the CAM array, stores one or more error detection bits associated with each row of the CAM array. A state machine reads entries of the CAM array and corresponding error detection bits of the non-CAM array during idle cycles of the CAM array. Error detection logic identifies errors in the entries read from CAM array (using the retrieved error detection bits). If these errors are correctable, the error detection logic corrects the entry, and writes the corrected entry back to the CAM array (an updated set of error detection bits are also written to the non-CAM array). If these errors are not correctable, an interrupt is generated, which causes correct data to be retrieved from a shadow copy of the CAM array. | 05-03-2012 |
20120106957 | Single Virtual Domain Fibre Channel over Ethernet Fabric - The entire FCoE fabric is a single virtual domain, even though there may be multiple FCFs and FDFs. The virtual domain is a different Domain_ID than any of the FCFs. In certain embodiments there are multiple FCFs, of which one is selected as the master or designated FCF. The master FCF performs normal fabric configuration in conjunction with the Fibre Channel fabric. The master FCF assigns the virtual domain FC node IDs and controls development of subdomain IDs. Virtual links are instantiated between the master FCF and other FCFs, between top level FDFs and the FCFs and between the FDFs at each of various levels. FDFs connected to ENodes proxy the master FCF for most FIP operations. FIP FLOGI and FDISC operations are handled by the master FDF, but the FDFs convert the FIP FLOGI requests to VD_FLOGI requests, which include information about the FDF handling the transaction. | 05-03-2012 |
20120106572 | METHOD AND APPARATUS FOR ESTABLISHING METAZONES ACROSS DISSIMILAR NETWORKS - A system and method for creating and enforcing meta-zones that cross the interface between different network protocols are disclosed. In one embodiment, a method of enforcing meta-zones comprises: (a) receiving an Infiniband (IB) packet destined for a Fibre Channel (FC) target device; (b) comparing a partition key in the IB packet to a partition key associated with the FC target device; and (c) converting the IB packet to a FC frame only if the partition keys match. The method may further comprise receiving FC frames destined for an IB target device and converting the FC frame into an IB packet having a partition key associated with the source of the FC frame. Also disclosed are a gateway configured to create and enforce meta-zones, and computer networks having such a gateway. | 05-03-2012 |
20120106365 | NETWORK PACKET LATENCY MEASUREMENT - A solution for network packet latency measurement includes, at a network device having a memory, storing a first time value indicating when an ingress port of the network device received a packet. The solution also includes storing a second time value indicating when an egress port of the network device received the packet for transmission towards another network device. The solution also includes storing a difference between the first time value and the second time value. | 05-03-2012 |
20120106361 | System And Method For Detecting And Isolating A Remote Loop - A system and method are provided for enabling a first network to detect a loop in a second network connected thereto. The first network runs a first instance of a Spanning Tree Protocol and the second network runs either a different instance or no instance. The method includes sending a Remote Loop Detection Packet (“RLDP”) from the ports in bridges of the first network which are connected to the second network. The RLDP includes identifiers such as the source bridge, port and VLAN. The system and method further includes checking for receipt of the RLDP on the same bridge which sent the RLDP. If such a receipt occurs, a loop is detected and one of the ports of the receiving/sending bridge is blocked. | 05-03-2012 |
20120099602 | END-TO-END VIRTUALIZATION - One embodiment of the present invention provides a system that facilitates end-to-end virtualization. During operation, a network interface residing on an end host sets up a tunnel. The network interface then encapsulates a packet destined to a virtual machine based on a tunneling protocol. By establishing a tunnel that allows a source host to address a remote virtual machine, embodiments of the present invention facilitate end-to-end virtualization. | 04-26-2012 |
20120099443 | PATH DIAGNOSIS IN COMMUNICATION NETWORKS - One embodiment of the present invention provides a system for mapping all possible paths between a source node and a destination node. During operation, the system receives a management frame, determines all possible next-hop nodes based on a destination address carried in the payload of the management frame. The system then selects one of the next-hop nodes, and modifies payload of the received management frame to include information associated with the next-hop nodes and the selected next-hop node. The system then forwards the modified data frame to the selected next-hop node. | 04-26-2012 |
20120096310 | REDUNDANCY LOGIC - A network system provides network device having a secondary memory that mirrors the content of a primary memory maintaining data structure parameters entries. The integrity of each data structure parameter entry is tested as the entry is output from the primary memory, such as by using a parity test. If an error is detected in the entry, a corresponding entry from the second memory structure is select for use instead of the entry from the primary memory. The corresponding entries in each memory are then flushed, updated, synchronized, or overwritten from the each memory and processing continues using the new entries or other entries from the primary memory. In the rare instance that corresponding entries from both memories exhibit an error, then an error notification is issued. | 04-19-2012 |
20120096166 | DOMAIN NAME SYSTEM SECURITY EXTENSIONS (DNSSEC) FOR GLOBAL SERVER LOAD BALANCING - Techniques are provided to enable a network device, such as a switch, to perform global server load balancing (GSLB) while operating as a proxy to a domain name system security extensions (DNSSEC)-capable authoritative DNS server. The network device preserves an original signature generated by the DNSSEC-capable authoritative DNS server for a resource record set contained in a DNSSEC reply. | 04-19-2012 |
20120087232 | LINK STATE RELAY FOR PHYSICAL LAYER EMULATION - One embodiment of the present invention provides a fault-management system. During operation, the system identifies a failure at a remote location associated with a communication service. The system then determines a local port used for the communication service, and suspends the local port, thereby allowing the failure to be detected by a device coupled to the local port. | 04-12-2012 |
20120076149 | Transmission bandwidth quality of service - A bandwidth limiting circuit provides limiting the bandwidth of a group of virtual channels at a transmitting port to a maximum value. A limiting circuit includes a register that is repeatedly incremented with a threshold value, which threshold value is related to the desired maximum bandwidth for the group. The register is decremented by the frame length, in bytes, of the frame transmitted from one of the virtual channels belonging to the group. A comparator enables frame transmission for the group if the register value is greater than zero. A bandwidth guarantee circuit provides at least the bandwidth specified by the limiting circuit. The guarantee circuit enables one of the groups for frame transmission based on a fairness algorithm when the outputs of comparators of each of the limiting circuit are low. | 03-29-2012 |
20120075999 | DYNAMIC LATENCY-BASED REROUTING - A switch creates and dynamically updates a latency map of a network to adjust routing of flows. Further, the network is monitored to detect latency issues and trigger a dynamic adjustment of routing based on the latency map. In this manner, a flow can be routed along a route (i.e., a faster route) that provides less latency than other available routes. The latency map can be generated based on latency probe packets that are issued from and returned to the source switch. By evaluating many such latent probe packets that have traveled along many available routes (e.g., corresponding to various ports of the switch), the switch or associated administrative logic can dynamically adjust the latency map to updated latency information of available routes. Therefore, responsive to a trigger, the source switch can dynamically adjust the routing of a flow based on latency issues discerned from the network. | 03-29-2012 |
20120063333 | Manageability Tools for Lossless Networks - Manageability tools are provided for allowing an administrator to have better control over switches in a lossless network of switches. These tools provide the ability to detect slow drain and congestion bottlenecks, detect stuck virtual channels and loss of credits, while hold times on edge ASICs to be different from hold times encore ASICs, and mitigate severe latency bottlenecks. | 03-15-2012 |
20120063329 | Manageability Tools for Lossless Networks - Manageability tools are provided for allowing an administrator to have better control over switches in a lossless network of switches. These tools provide the ability to detect slow drain and congestion bottlenecks, detect stuck virtual channels and loss of credits, while hold times on edge ASICs to be different from hold times encore ASICs, and mitigate severe latency bottlenecks. | 03-15-2012 |
20120063316 | CONGESTION NOTIFICATION ACROSS MULTIPLE LAYER-2 DOMAINS - One embodiment of the present invention provides a congestion notification. During operation, the system receives a congestion notification message with a destination layer-2 address set as the receiving mechanism's layer-2 address. The system modifies a destination layer-2 address, a source layer-2 address, and optionally a VLAN identifier of the congestion notification message, and forwards the modified congestion notification message. | 03-15-2012 |
20120063304 | Manageability Tools for Lossless Networks - Manageability tools are provided for allowing an administrator to have better control over switches in a lossless network of switches. These tools provide the ability to detect slow drain and congestion bottlenecks, detect stuck virtual channels and loss of credits, while hold times on edge ASICs to be different from hold times encore ASICs, and mitigate severe latency bottlenecks. | 03-15-2012 |
20120063303 | Manageability Tools for Lossless Networks - Manageability tools are provided for allowing an administrator to have better control over switches in a lossless network of switches. These tools provide the ability to detect slow drain and congestion bottlenecks, detect stuck virtual channels and loss of credits, while hold times on edge ASICs to be different from hold times encore ASICs, and mitigate severe latency bottlenecks. | 03-15-2012 |
20120060050 | DISASTER RECOVERY - File system disaster recovery techniques provide automated monitoring, failure detection and multi-step failover from a primary designated target to one of a designated group of secondary designated targets. Secondary designated targets may be prioritized so that failover occurs in a prescribed sequence. Replication of information between the primary designated target and the secondary designated targets allows failover in a manner that maximizes continuity of operation. In addition, user-specified actions may be initiated on failure detection and/or on failover operations and/or on failback operations. | 03-08-2012 |
20120044934 | METHOD AND APPARATUS FOR ROUTING BETWEEN FIBRE CHANNEL FABRICS - An interfabric link between two separate Fibre Channel fabrics so that devices in one fabric can communicate with devices in another fabric without requiring the merger of the two fabrics. The interfabric switch performs a conversion or a translation of device addresses in each fabric so that they are accessible to the other fabric. In a first embodiment the external ports of the interfabric switch are configured as E_ports. A series of internal ports in each interfabric switch are joined together forming a series of virtual or logical switches. In a second embodiment the external ports are configured as NL_ports and the connections between the virtual switches are E_ports. The virtual switches in the interfabric switch match domains with their external counterparts so that the virtual switches effectively form their own fabric. | 02-23-2012 |
20120044933 | METHOD AND APPARATUS FOR ROUTING BETWEEN FIBRE CHANNEL FABRICS - An interfabric link between two separate Fibre Channel fabrics so that devices in one fabric can communicate with devices in another fabric without requiring the merger of the two fabrics. The interfabric switch performs a conversion or a translation of device addresses in each fabric so that they are accessible to the other fabric. In a first embodiment the external ports of the interfabric switch are configured as E_ports. A series of internal ports in each interfabric switch are joined together forming a series of virtual or logical switches. In a second embodiment the external ports are configured as NL_ports and the connections between the virtual switches are E_ports. The virtual switches in the interfabric switch match domains with their external counterparts so that the virtual switches effectively form their own fabric. | 02-23-2012 |
20120030321 | NETWORK MERGE TESTING - A method and system for performing network merge testing are disclosed. In one embodiment, the network merge testing method comprises: (i) gathering configuration information from at least two networks; (ii) comparing the configuration information; and (iii) displaying a report that indicates whether an attempted merge of the at least two networks would succeed. The report preferably identifies conflicts between the network configurations, and the method may further include automatic or guided resolution of the conflicts. The configuration information may include: zone names and memberships; domain and port names; security settings; inter-op modes; and long distance modes. A system for implementing the method is also disclosed herein. The system and method may advantageously prevent or diagnose causes of network segmentation. | 02-02-2012 |
20120023319 | PERSISTING DATA ACROSS WARM BOOTS - Techniques for persisting data stored in volatile memory across a warm boot. One or more portions (referred to as “warm memory”) of volatile memory of the system can be reserved and configured such that the data stored by these portions is not affected by a warm boot thereby resulting in the data stored being persisted across a warm boot. | 01-26-2012 |
20120023309 | ACHIEVING ULTRA-HIGH AVAILABILITY USING A SINGLE CPU - Techniques for achieving high-availability using a single processor (CPU). In a system comprising a multi-core processor, at least two partitions may be configured with each partition being allocated one or more cores of the multiple cores. The partitions may be configured such that one partition operates in active mode while another partition operates in standby mode. In this manner, a single processor is able to provide active-standby functionality, thereby enhancing the availability of the system comprising the processor. | 01-26-2012 |
20120023082 | Longest Prefix Match Using Binary Search Tree - Longest Prefix Match (LPM) is implemented using a binary tree based search algorithm. Masked entries are stored in a plurality of binary search engines, wherein each of the binary search engines stores masked entries of a corresponding mask length. A search value is applied to each of the binary search engines in parallel. The search value is masked within each of the binary search engines, thereby creating a plurality of masked search values, each having a masked length equal to the mask length of the corresponding binary search engine. Each of the masked search values is compared with the masked entries of the corresponding binary search engine. An LPM result is selected from the binary search engine that detects a match, and has the longest corresponding mask length. Alternately, each binary search engine stores masked entries of N mask lengths, and N consecutive comparisons are performed to identify the LPM. | 01-26-2012 |
20120016973 | CONFIGURATION ORCHESTRATION - One embodiment of the present invention provides a network device that facilitates configuration orchestration. During operation, the system interprets a configuration command and stores a data structure representing a set of business logic. The business logic can be triggered by the configuration command, a local condition, or both. Furthermore, the system configures the switch according to an outcome of the business logic. | 01-19-2012 |
20120011297 | Isolation Switch for Fibre Channel Fabrics in Storage Area Networks - An isolation switch blade Fibre Channel switch presents F_ports to form a first Fibre Channel fabric and N_ports to a second Fibre Channel fabric to appear as node devices. The isolation switch blade may be used to connect a plurality of blade servers to a Fibre Channel fabric. Fabric events engendered by the insertion or removal of hot-pluggable devices are handled by the isolation switch blade and “event storms” on the Fibre Channel fabric are avoided. The isolation switch blade presents the blade servers to the FC fabric as a virtualized N_port. | 01-12-2012 |
20120011246 | COOKIE INVALIDATION OR EXPIRATION BY A SWITCH - A switch may be used to force the expiration of a cookie on a user's system by inserting an expiration field into the cookie contained in a network response packet. Additionally, a mechanism is provided to delete or damage a cookie contained in a network request packet, so that server software is not disrupted by the receipt of a cookie. Deleting a cookie results in a cleaner request, but damaging a cookie may be more efficient in certain circumstances. By providing these features, an efficient cookie switching design is provided. | 01-12-2012 |
20120008635 | SYSTEM AND METHOD FOR PROVIDING NETWORK ROUTE REDUNDANCY ACROSS LAYER 2 DEVICES - Systems and methods are described for providing network route redundancy through Layer 2 devices, such as a loop free Layer 2 network having a plurality of switching devices. A virtual switch is coupled to the loop free Layer 2 network, the virtual switch having two or more switches configured to transition between master and backup modes to provide redundant support for the loop free Layer 2 network, the switches communicating their status through use of a plurality of redundancy control packets. The system also includes means for allowing the redundancy control packets to be flooded through the Layer 2 network. The means may include time-to-live data attached to the redundancy control packet which is decremented only when the packets are transferred through devices which are configured to recognize the protocol used in redundancy control packets. | 01-12-2012 |
20110307659 | Hardware-Accelerated Lossless Data Compression - Systems for hardware-accelerated lossless data compression are described. At least some embodiments include data compression apparatus that includes a plurality of hash memories each associated with a different lane of a plurality of lanes (each lane including data bytes of a data unit being received by the compression apparatus), an array including array elements each including a plurality of validity bits (each validity bit within an array element corresponding to a different lane of the plurality of lanes), control logic that initiates a read of a hash memory entry if a corresponding validity bit indicates that said entry is valid, and an encoder that compresses at least the data bytes for the lane associated with the hash memory comprising the valid entry if said valid entry comprises data that matches the lane data bytes. | 12-15-2011 |
20110307447 | Inline Wire Speed Deduplication System - Systems for performing inline wire speed data deduplication are described herein. Some embodiments include a device for inline data deduplication that includes one or more input ports for receiving an input data stream containing duplicates, one or more output ports for providing a data deduplicated output data stream, and an inline data deduplication engine coupled to said one or more input ports and said one or more output ports to process input data containing duplicates into output data which is data deduplicated, said inline data deduplication engine having an inline data deduplication bandwidth of at least 4 Gigabytes per second. | 12-15-2011 |
20110303278 | TRANSPARENT CONDUCTING OXIDE FOR PHOTOVOLTAIC DEVICES - One embodiment of the present invention provides a solar cell. The solar cell includes a Si base layer, a passivation layer situated above the Si base layer, a layer of heavily doped amorphous Si (a-Si) situated above the passivation layer, a first transparent-conducting-oxide (TCO) layer situated above the heavily doped a-Si layer, a back-side electrode situated below the Si base layer, and a front-side electrode situated above the first TCO layer. The first TCO layer comprises at least one of: GaInO, GaInSnO, ZnInO, and ZnInSnO. | 12-15-2011 |
20110299536 | METHOD AND SYSTEM FOR LINK AGGREGATION ACROSS MULTIPLE SWITCHES - One embodiment of the present invention provides a switch. The switch includes a forwarding mechanism and a control mechanism. During operation, the forwarding mechanism forwards frames based on their Ethernet headers. The control mechanism operates the switch in conjunction with a separate physical switch as a single logical switch and assigns a virtual switch identifier to the logical switch, wherein the virtual switch identifier is associated with a link aggregation group. | 12-08-2011 |
20110299535 | NAME SERVICES FOR VIRTUAL CLUSTER SWITCHING - One embodiment of the present invention provides a switch that facilitates name services in a virtual cluster switch. The switch includes a name service database indicating at least one media access control (MAC) address learned at a second switch. The switch also includes a control mechanism. During operation, the control mechanism distributes information on a locally learned MAC address to the second switch. In addition, the control mechanism receives information on a MAC address learned at the second switch. | 12-08-2011 |
20110299534 | VIRTUAL PORT GROUPING FOR VIRTUAL CLUSTER SWITCHING - One embodiment of the present invention provides a switch. The switch includes a port that couples to a server hosting a number of virtual machines. The switch also includes a set of virtual port grouping information and a virtual port grouping mechanism. During operation, the virtual port grouping mechanism determines whether a frame is traveling from a virtual port group to the same virtual port group. If the frame is not traveling to the same virtual port group, the virtual port grouping mechanism prevents the frame from being forwarded. | 12-08-2011 |
20110299533 | INTERNAL VIRTUAL NETWORK IDENTIFIER AND INTERNAL POLICY IDENTIFIER - Systems and techniques for processing and forwarding packets are described. Some embodiments provide a system (e.g., a switch) which determines an internal virtual network identifier and/or an internal policy identifier for a packet based on a port on which the packet was received and/or one or more fields in the packet. The system can then process and forward the packet based on the internal virtual network identifier and/or internal policy identifier. In some embodiments, the system encapsulates the packet in a TRILL (Transparent Interconnection of Lots of Links) packet by adding a TRILL header to the packet. In some embodiments, the scope of an internal virtual network identifier and/or an internal policy identifier may not extend beyond a switch or a module within a switch. | 12-08-2011 |
20110299532 | REMOTE PORT MIRRORING - A switch that facilitates remote port mirroring is described. The switch can include an encapsulation mechanism and a forwarding mechanism. The encapsulation mechanism can be configured to encapsulate a copy of a first packet in a second packet, thereby preserving header information (e.g., a VLAN identifier and/or a TRILL header) of the first packet. The forwarding mechanism can be configured to forward the first packet using header information of the first packet, and forward the second packet using header information of the second packet. The second packet can be received at a destination switch which extracts the first packet from the second packet, and sends the first packet on a port which is coupled to a network analyzer. | 12-08-2011 |
20110299531 | FLOODING PACKETS ON A PER-VIRTUAL-NETWORK BASIS - Methods and techniques for flooding packets on a per-virtual-network basis are described. Some embodiments provide a method (e.g., a switch) which determines an internal virtual network identifier based on one or more fields in a packet's header. Next, the method performs a forwarding lookup operation based on the internal virtual network identifier. If the forwarding lookup operation succeeds, the method can process and forward the packet accordingly. However, if the forwarding lookup operation fails, the method can determine a set of egress ports based on the internal virtual network identifier. Next, for each egress port in the set of egress ports, the method can flood the packet if a virtual network identifier in the packet's header is associated with the egress port. Flooding packets on a per-virtual-network basis can substantially reduce the amount of resources required to flood the packet when a forwarding lookup operation fails. | 12-08-2011 |
20110299528 | NETWORK LAYER MULTICASTING IN TRILL NETWORKS - Systems and techniques for performing network layer multicasting in a TRILL network are described. Some embodiments provide a system that receives multicast packet that includes a network-layer multicast-address. The multicast packet can be received on a first multicast tree associated with a first virtual network. Next, the system can determine, based on the network-layer multicast-address, a second multicast tree associated with a second virtual network over which the multicast packet is to be forwarded. The system can then forward the multicast packet on the first multicast tree associated with the first virtual network, and forward a copy of the multicast packet on the second multicast tree associated with the second virtual network. | 12-08-2011 |
20110299527 | SUPPORTING MULTIPLE MULTICAST TREES IN TRILL NETWORKS - Systems and techniques for supporting multiple multicast trees are described. Some embodiments provide a system that determines an internal multicast group identifier based on a source address, a multicast address, and a multicast tree identifier field associated with a multicast packet. The system can then forward the multicast packet based on the internal multicast group identifier. Specifically, the system can determine a first set of bits based on the source address and the multicast address of the multicast packet. The system can determine a second set of bits based on the multicast tree identifier field of the multicast packet. Next, the system can combine the first set of bits and the second set of bits to obtain the internal multicast group identifier. In some embodiments, the scope of an internal virtual network identifier does not extend beyond a switch or a forwarding module within a switch. | 12-08-2011 |
20110299525 | Inter-Fabric Routing - A method and apparatus is shown for communicating Fibre Channel frames between distinct fabrics. A proxy zone is established in each fabric with a physically present local device and a remote fabric device. A router creates a proxy device in each fabric for every device not physically connected to the fabric. The proxy devices appear to be directly attached to the router. The router handles all address translations between proxy and physical addresses. When multiple routers are encountered, the ingress router does all address translation. No routing or encapsulation headers are used except when routing between two routers. The source ID and the originator exchange identifier are stored at the egress router for all link requests that require special handling. When replies pass through that router, the destination ID and originator exchange identifier are compared with the stored information. On a match, the reply is specially handled. | 12-08-2011 |
20110299414 | PRESERVING QUALITY OF SERVICE ACROSS TRILL NETWORKS - Systems and techniques for processing and/or forwarding packets are described. An ingress switch can use a QoS mapping mechanism to map a first set of Quality of Service (QoS) bits in a packet received from a customer to a second set of QoS bits for use in a Transparent Interconnection of Lots of Links (TRILL) packet which encapsulates the packet. The first set of QoS bits can be different from the second set of QoS bits. The TRILL packet can be processed and/or forwarded in the network based on the second set of QoS bits. At the egress switch, the TRILL packet can be decapsulated and the original packet with the original QoS bits (or QoS bits that are different from the original QoS bits) can be forwarded to the customer's network. In this manner, some embodiments of the present invention can preserve the QoS bits across a TRILL network. | 12-08-2011 |
20110299413 | PORT PROFILE MANAGEMENT FOR VIRTUAL CLUSTER SWITCHING - One embodiment of the present invention provides a switch system. The switch includes a port profile which specifies a set of port configuration information. During operation, a control mechanism within the switch detects a source MAC address of an incoming frame and determines that the MAC address is associated with the port profile. The control mechanism then applies the port profile to a switch port on which the frame is received. | 12-08-2011 |
20110299409 | REACHABILITY DETECTION IN TRILL NETWORKS - One embodiment of the present invention provides a system for testing reachability between two nodes within a network. During operation, the system transmits a network-testing request frame from a source node to a destination node, and in response to receiving a network-testing response frame corresponding to the request frame, the system determines reachability of the destination node. The network-testing request or response frame is not processed on an Internet Protocol (IP) layer. | 12-08-2011 |
20110299406 | PATH DETECTION IN TRILL NETWORKS - One embodiment of the present invention provides a system for detecting a path between two nodes. During operation, the system transmits a network-testing request frame, which includes a time-to-live (TTL) field within a Transparent Interconnection of Lots of Links (TRILL) header, from a source node to a destination node. In response to receiving a network-testing response frame sent from an intermediate node, the system increments the TTL value by 1 and re-transmits the network-testing frame to the destination node. In response to receiving a network-testing response frame sent from the destination node, the system determines a path between the source node and the destination node. The network-testing request or response frames is not processed on an Internet Protocol (IP) layer. | 12-08-2011 |
20110299402 | ADVANCED LINK TRACKING FOR VIRTUAL CLUSTER SWITCHING - One embodiment of the present invention provides a switch system. The switch includes a port that couples to a server hosting a number of virtual machines. The switch also includes a link tracking module. During operation, the link tracking module determines that reachability to at least one end host coupled to a virtual cluster switch of which the switch is a member is disrupted. The link tracking module then determines that at least one virtual machine coupled to the port is affected by the disrupted reachability, and communicates to the server hosting the affected virtual machine about the disrupted reachability. | 12-08-2011 |