| Calix Networks, Inc. Patent applications |
| Patent application number | Title | Published |
|---|
| 20110167269 | NETWORK DEVICE AUTHENTICATION - In general, this disclosure relates to maintaining security between an optical network terminal (ONT) and an optical network aggregation device in an Active Ethernet network. An optical network aggregation device includes one or more optical Ethernet switches that can be adaptively configured to support authentication of one or more ONTs. For example, the optical network aggregation device may include a controller with an authentication unit for managing ONT authentication and an optical Ethernet interface for transmitting and receiving data over the optical network. The authentication unit may exchange authentication request messages via the optical Ethernet interface with an ONT and grant the ONT access to the provider network based on the exchange, thereby preventing rogue devices from gaining access to the provider network. | 07-07-2011 |
| 20110167268 | NETWORK DEVICE AUTHENTICATION - In general, this disclosure relates to maintaining security between an optical network terminal (ONT) and an optical network aggregation device in an Active Ethernet network. An optical network aggregation device includes one or more optical Ethernet switches that can be adaptively configured to support authentication of one or more ONTs. For example, the optical network aggregation device may include a controller with an authentication unit for managing ONT authentication and an optical Ethernet interface for transmitting and receiving data over the optical network. The authentication unit may exchange authentication request messages via the optical Ethernet interface with an ONT and grant the ONT access to the provider network based on the exchange, thereby preventing rogue devices from gaining access to the provider network. | 07-07-2011 |
| 20110080915 | AUTOMATED VLAN ASSIGNMENT TO DOMAIN IN RING NETWORK - In general, the disclosure describes network techniques that may automatically assign virtual local area networks (VLANs) to domains in a ring network. In one example, a method includes receiving, by a control node in a ring network, a plurality of data units transmitted by a plurality of transport nodes on the ring network, each data unit comprising profile information, and automatically assigning a VLAN to one of a plurality of domains established on the ring network based on the profile information. | 04-07-2011 |
| 20110069956 | OPTICAL NETWORK DEVICE WITH MULTI-TRANSPORT SUPPORT - In general, this disclosure relates to optical network devices with support for multiple physical layer transport standards. An optical network device may include an optical receiver that can be adaptively configured to support different physical layer transport standards. For example, the optical receiver may include a photodiode and a control unit to adjust a characteristic of the photodiode to support different optical physical layer transport standards on an adaptive basis. For example, the control unit may adjust the photodiode characteristic to prevent an overload condition when an optical signal is received according to the physical layer access standard. | 03-24-2011 |
| 20110033189 | RETURN PATH COMPLIANCE IN NETWORKS - This disclosure is directed to techniques for facilitating return path compliance in networks. A device, such as an optical network terminal (ONT), may, for example, buffer a digital representation of an upstream analog signal to facilitate return path compliance specified by a Data Over Cable Service Interface Specification (DOCSIS) 3.0 standard. The ONT may comprise a first conversion module that converts an upstream analog signal into a corresponding digital signal and a signal detection module that determines whether the upstream analog signal represents a valid upstream communication. The device may further comprise a buffer that buffers the corresponding digital signal while the signal detection module makes the determination, a second conversion module that converts the buffered digital signal into a reconverted upstream analog signal upon the determination that the upstream analog signal is valid and a laser that transmits the reconverted upstream analog signal via a fiber optical cable. | 02-10-2011 |
| 20110030032 | SECURE DHCP PROCESSING FOR LAYER TWO ACCESS NETWORKS - In general, this disclosure describes network security techniques that may accommodate legitimate movement of a subscriber device while preventing MAC collisions that may result from configuration errors or MAC spoofing attempts. MAC spoofing may result in packets directed to one subscriber device being sent instead to another subscriber device. By modifying an access node or a Dynamic Host Configuration Protocol (DHCP) server to allow only authorized subscriber devices on the access network, layer two collisions (“MAC collisions”) may be prevented. | 02-03-2011 |
| 20110029645 | SECURE DHCP PROCESSING FOR LAYER TWO ACCESS NETWORKS - In general, this disclosure describes network security techniques that may accommodate legitimate movement of a subscriber device while preventing MAC collisions that may result from configuration errors or MAC spoofing attempts. MAC spoofing may result in packets directed to one subscriber device being sent instead to another subscriber device. By modifying an access node or a Dynamic Host Configuration Protocol (DHCP) server to allow only authorized subscriber devices on the access network, layer two collisions (“MAC collisions”) may be prevented. | 02-03-2011 |
| 20110026439 | AUTOMATIC CONTROL NODE SELECTION IN RING NETWORKS - In general, this disclosure describes techniques that may allow detection of a missing control node on a ring network and selection of a single node on ring network to act as the control node. In one example, a method includes receiving, at a first node in a ring network, a data unit transmitted by a second node in the ring network, the data unit including an identifier that identifies the second node. The method further includes comparing the identifier of the second node to an identifier that identifies the first node, and automatically selecting one of the first node and the second node as a control node for the ring network based on the comparison. | 02-03-2011 |
| 20100316050 | APPLYING ADAPTIVE THRESHOLDS TO MULTCAST STREAMS WITHIN COMPUTER NETWORKS - In general, techniques are described for applying adaptive thresholds to multicast streams within computer networks. For example, an access node may implement the techniques to facilitate efficient delivery of multicast streams. The access node comprises an interface that couples to a subscriber network having a subscriber device. The access node also includes a control unit that determines a multicast stream count reflecting current delivery of multicast streams to the subscriber network and a threshold value based on historical multicast stream counts delivered to the subscriber. The interface receives a message requesting to join a multicast group in accordance with a multicast management protocol. In response to this message, the control unit determines a projected stream count based on the above current multicast count. The control unit then compares the projected stream count to the threshold value, and admits the subscriber device to the multicast group based on the comparison. | 12-16-2010 |
| 20100183298 | PASSIVE OPTICAL NETWORK PROTECTION SWITCHING - This disclosure relates to detection of optical fiber failure and implementation of protection switching in a passive optical network (PON). A protection switch determines whether there is an optical fiber failure in a fiber link between an OLT and a group of ONTs. In the case of an optical fiber failure, an optical fiber may be physically cut or damaged, causing the optical fiber link to be disabled. A protection switch may detect an optical fiber failure by determining a peak optical power of at least a portion of an upstream optical signal transmitted from one or more ONTs via the optical fiber link. If the peak optical power is less than a threshold value, the protection switch may detect a fiber failure. In response to a detected fiber failure, the protection switch may switch upstream and downstream PON transmissions from a primary optical fiber to a secondary optical fiber. | 07-22-2010 |
| 20100135657 | AUTOMATICALLY SELECTING A CLOCK RECOVERY MODE WITHIN OPTICAL NETWORK TERMINALS - This disclosure is directed to techniques for facilitating clock recovery in optical networks. An optical network terminal (ONT) that terminates a fiber link of an optical network includes a clock mode selection module that automatically selects a clock recovery mode based on a type of optical network to which the ONT connects and a type of service provided to one or more subscriber devices coupled to the ONT. By automatically selecting the clock recovery module, an administrator or other user need not provision this aspect of the optical network, thereby reducing administrative tasks and facilitating the provisioning of the optical network. In addition, the techniques enable selection of the most optimal clock recovery mode based on the current state of the optical network. | 06-03-2010 |
| 20100104287 | RETURN PATH FOR USPSTREAM COMMUNICATIONS ORIGINATING FROM OPTICAL NODE - This disclosure describes techniques for providing a communication path for upstream communications originating from a node of an optical network. In particular, methods and devices are described for combining upstream communications originating from the node of the optical network with upstream communications originating from subscriber devices coupled to the node. The upstream communication originating from the node may, for example, include status information about the node. The upstream communication, which may include status information about the node, essentially piggy-backs onto upstream communication originating from the subscriber devices coupled to the node. | 04-29-2010 |
