| JUNIPER NETWORKS, INC. Patent applications |
| Patent application number | Title | Published |
|---|
| 20120137358 | POINT-TO-MULTI-POINT/NON-BROADCASTING MULTI-ACCESS VPN TUNNELS - A system establishes a virtual private network (VPN) tunnel to a destination and determines a next hop for the VPN tunnel. The system inserts the next hop, and an address associated with the destination, into an entry of a first table. The system inserts the next hop, and a tunnel identifier corresponding to the established VPN tunnel, into an entry of a second table. The system associates one or more security parameters, used to encrypt traffic sent via the VPN tunnel, with the tunnel identifier. | 05-31-2012 |
| 20120129559 | AUTOMATIC ACCESS POINT LOCATION, PLANNING, AND COVERAGE OPTIMIZATION - A device receives distances between an access point, located on a floor of a building, and other access points located on the same floor, and determines, based on the distances, relative location information associated with the access point, where the relative location information provides a location of the access point relative to the other access points. The device also determines, using a triangulation method, an actual location of the access point based on the relative location information. The device further maps the actual location of the access point to a floor plan of the floor, and displays the floor plan with the mapped actual location of the access point. | 05-24-2012 |
| 20120128004 | METHODS AND APPARATUS FOR CENTRALIZED VIRTUAL SWITCH FABRIC CONTROL - In some embodiments, an apparatus comprises a processing module, disposed within a first switch fabric element, configured to detect a second switch fabric element having a routing module when the second switch fabric element is operatively coupled to the first switch fabric element. The processing module is configured to define a virtual processing module configured to be operatively coupled to the second switch fabric element. The virtual processing module is configured to receive a request from the second switch fabric element for forwarding information and the virtual processing module is configured to send the forwarding information to the routing module. | 05-24-2012 |
| 20120113857 | DYNAMIC MONITORING OF NETWORK TRAFFIC - A device, connected to a monitoring appliance, may include a traffic analyzer to receive a data unit and identify a traffic flow associated with the data unit. The device may also include a traffic processor to receive the data unit and information regarding the identified traffic flow from the traffic analyzer, determine that the identified traffic flow is to be monitored by the monitoring appliance, change a port number, associated with the data unit, to a particular port number to create a modified data unit when the identified traffic flow is to be monitored by the monitoring appliance, and send the modified data unit to the monitoring appliance. | 05-10-2012 |
| 20120113808 | CASCADED LOAD BALANCING - A first network device and a second network device for forwarding data units are included in a network. The second network device is configured to receive data units from the first network device via an output interface from the first network device. Each of the network devices is further configured to form a first value derived from information pertaining to a received data unit, perform a function on the first value to provide a second value, wherein the function of the first network device is different from the function of the second network device when forwarding a same data unit, select an output interface based on the second value, and forward a received data unit via an interface. | 05-10-2012 |
| 20120113803 | REDUNDANT PSEUDOWIRES FOR BORDER GATEWAY PATROL-BASED VIRTUAL PRIVATE LOCAL AREA NETWORK SERVICE MULTI-HOMING ENVIRONMENTS - A method performed by a provider edge device includes generating pseudo-wire tables based on virtual private local area network service advertisements from other provider edge devices, where the provider edge device services customer edge devices, and establishing pseudo-wires with respect to the other provider edge devices, based on the pseudo-wire tables, where the pseudo-wires include an active pseudo-wire and at least one standby pseudo-wire with respect to each of the other provider edge devices. The method also includes generating and advertising VPLS advertisement to the other provider edge devices, detecting a communication link failure associated with one of the customer edge devices in which the provider edge device services, and determining whether the at least one standby pseudo-wire needs to be utilized because of the communication link failure. | 05-10-2012 |
| 20120110638 | POLICY-BASED CROSS-DOMAIN ACCESS CONTROL FOR SSL VPN - A method may include generating a request that includes a host domain associated with a multiple-domain-to-one domain mapping, capturing the request before transmission of the request, rewriting the host domain, and transmitting the request. | 05-03-2012 |
| 20120110557 | AUTOMATED PARALLEL SOFTWARE CODE IMPACT ANALYSIS - A server device is configured to receive a request to identify a manner in which changed code propagates within an application; generate a group of blocks that correspond to code associated with a parent function corresponding to the application and which includes the changed code; perform an intra-procedural analysis on the group of blocks to identify a block that is affected by the changed code included within an epicenter block; perform an inter-procedural analysis on functions associated with the block, where, when performing the inter-procedural analysis, the server device is to generate another group of blocks associated with the functions, and identify another block that is affected by the changed code included within the epicenter block; and present, for display, information associated with the block or the other block that enables the application to be tested based on the block or the other block. | 05-03-2012 |
| 20120110206 | AUTOMATIC AGGREGATION OF INTER-DEVICE PORTS/LINKS IN A VIRTUAL DEVICE - A virtual device includes multiple devices connected to operate as a single device. A first one of the devices is configured to determine that the first device connects to a second one of the devices via a first link; identify a second link; determine that the second link connects the first device to the second device; and automatically aggregate the first link and the second link to form a link aggregation with the second device based on determining that the first device connects to the second device via both the first and second links. The first device is further configured to transmit packets to the second device via the first and second links of the link aggregation. | 05-03-2012 |
| 20120106359 | HEALTH PROBING DETECTION AND ENHANCEMENT FOR TRAFFIC ENGINEERING LABEL SWITCHED PATHS - A method performed by a network device may include establishing performance-based Bidirectional Forwarding Detection (BFD) sessions for each link of a primary traffic engineering Label Switched Path (TE-LSP) and establishing performance-based BFD sessions for each link of a secondary TE-LSP. The method may also include, monitoring performance of the primary TE-LSP based on the performance-based BFD sessions for each link of the primary TE-LSP and monitoring performance of the secondary TE-LSP based on the performance-based BFD sessions for each link of the secondary TE-LSP. The method may further include determining that the performance of the primary TE-LSP is degraded based on the monitoring of the performance of the primary TE-LSP and automatically switching a flow of data unit traffic from the primary TE-LSP to the secondary TE-LSP when the performance of the primary TE-LSP is degraded. | 05-03-2012 |
| 20120099284 | RETENTION-EXTRACTION DEVICE FOR REMOVABLE CARDS IN A CHASSIS - A retention-extraction device is provided for a removable card in a chassis. The device includes an actuation rod having a cam slot, the actuation rod configured to provide linear movement along the length of the actuation rod, and an extraction lever operatively connected to a proximal end of the actuation rod and pivotally secured to the chassis. The device also includes a bell crank with a cam follower that is configured to ride in the cam slot and a latch hook that pivots between an open and closed position based on the motion of the bell crank. The linear movement of the actuation rod causes the extraction lever to apply a force to a portion of the card and causes the latch hook to pivot to an open position to allow removal of the card. | 04-26-2012 |
| 20120098338 | SHARING REDUNDANT POWER SUPPLY MODULES AMONG PHYSICAL SYSTEMS - A system may include a switchover element configurable to source or sink power from or to an electronic device electrically coupled to the switchover element and a controller in communication with the switchover element. The controller may be configured to determine if the electronic device is healthy. When the electronic device is healthy, the controller may configure the switchover element to deliver power from the electronic device to the system and configure the switchover element to provide the power to any unhealthy electronic device electrically coupled to the system. | 04-26-2012 |
| 20120096539 | WIRELESS INTRUSION PREVENTION SYSTEM AND METHOD - A wireless intrusion prevention system and method to prevent, detect, and stop malware attacks is presented. The wireless intrusion prevention system monitors network communications for events characteristic of a malware attack, correlates a plurality of events to detect a malware attack, and performs mitigating actions to stop the malware attack. | 04-19-2012 |
| 20120096182 | METHOD AND APPARATUS FOR COMPUTING A BACKUP PATH USING FATE-SHARING INFORMATION - To address shortcomings in the prior art, the invention uses fate sharing information to compute backup paths. Fate sharing information relates groups of nodes or links according to common characteristics, attributes, or shared resources (e.g., a shared power supply, close proximity, same physical link). In one embodiment, fate-sharing information includes costs associated with groups of nodes or links. When a primary path contains a link or node that is in a fate-sharing group, the other links or nodes in the fate-sharing group are assigned the cost associated with that fate-sharing group. The node computing the backup path takes into account the assigned cost together with other node and link costs. Discovering the existence of the relationships and assigning costs to the groups may be done manually or automatically. | 04-19-2012 |
| 20120089742 | PRESERVING AN AUTHENTICATION STATE BY MAINTAINING A VIRTUAL LOCAL AREA NETWORK (VLAN) ASSOCIATION - A method may include detecting a presence of a first server device; communicating, with the first server device, to obtain information associated with the first server device; sending, to a second server device, a request for authentication services, where the request includes the information associated with the first server device; receiving, from the second server device, a notification that the first server device has been authenticated, where the notification includes a session threshold; and establishing, based on the notification, a session with the first server device by associating the first server device with a virtual local area network (VLAN), where the associating permits network traffic to be received from or sent to the first server device via the VLAN, and where the network node uses the session threshold received from the second server device, instead of a threshold associated with the VLAN, to determine a duration permitted for the session. | 04-12-2012 |
| 20120089728 | MONITORING DATAGRAMS IN A DATA NETWORK - A communication session over a network is facilitated. A signaling datagram from a source device having a source identity may be intercepted by a network device, and a response datagram may be generated for instructing the source device to send a subsequent datagram to the network device. The signaling datagram may be forwarded to a SIP server, where the SIP server associates the source identity with the network device acting on behalf of the source device, and where the SIP server operates to connect a destination device with the source device to establish a communication session over the network. The subsequent datagram may be received from the source device, and the subsequent datagram may be made available to the destination device via the network. | 04-12-2012 |
| 20120087374 | CONTEXT-SWITCHED MULTI-STREAM PIPELINED REORDER ENGINE - A pipelined reorder engine reorders data items received over a network on a per-source basis. Context memories correspond to each of the possible sources. The pipeline includes a plurality of pipeline stages that together simultaneously operate on the data items. The context memories are operatively coupled to the pipeline stages and store information relating to a state of reordering for each of the sources. The pipeline stages read from and update the context memories based on the source of the data item being processed. | 04-12-2012 |
| 20120084534 | SYSTEM AND METHOD FOR FAST BRANCHING USING A PROGRAMMABLE BRANCH TABLE - Methods and systems consistent with the present invention provide a programmable table which allows software to define a plurality of branching functions, each of which maps a vector of condition codes to a branch offset. This technique allows for a flexible multi-way branching functionality, using a conditional branch outcome table that can be specified by a programmer. Any instruction can specify the evaluation of arbitrary conditional expressions to compute the values for the condition codes, and can choose a particular branching function. When the processor executes the instruction, the processor's arithmetic/logical functional units evaluate the conditional expressions and then the processor performs the branch operation, according to the specified branching function. | 04-05-2012 |
| 20120084426 | PACKET PROCESSING IN A MULTIPLE PROCESSOR SYSTEM - Packet processing is provided in a multiple processor system including a first processor to processing a packet and to create a tag associated with the packet. The tag includes information about the processing of the packet. A second processor receives the packet subsequent to the first processor and processes the packet using the tag information. | 04-05-2012 |
| 20120084396 | CONTEXT SWITCHED ROUTE LOOK UP KEY ENGINE - A key engine that performs route lookups for a plurality of keys may include a data processing portion configured to process one data item at a time and to request data when needed. A buffer may be configured to store a partial result from the data processing portion. A controller may be configured to load the partial result from the data processing portion into the buffer. The controller also may be configured to input another data item into the data processing portion for processing while requested data is obtained for a prior data item. A number of these key engines may be used by a routing unit to perform a large number of route lookups at the same time. | 04-05-2012 |
| 20120082031 | DISTRIBUTED ADMISSION CONTROL - A first network client requests initiation of a data transfer with a second network client. An admission control facility (ACF) responds to the initiation request by performing admission analysis to determine whether to initiate the data transfer. The ACF sends one or more packets to the second network client. In response, the second network client sends acknowledgment packets back to the ACF. The ACF performs admission analysis based on the packets sent and the acknowledgment packets, and determines whether the data transfer should be initiated based on the analysis. The admission analysis may be based on a variety of factors, such as the average time to receive an acknowledgment for each packet, the variance of the time to receive an acknowledgment for each packet, a combination of these factors, or a combination of these and other factors. | 04-05-2012 |
| 20120072909 | AUTOMATED ORCHESTRATION BETWEEN PHYSICAL AND VIRTUAL COMPUTING SYSTEMS - Changes to a virtual system, such as a set of virtual machines in a data center, may be automatically synchronized with the corresponding physical system. In one implementation, an application may receive information regarding changes made to a virtual system. The application may determine whether the information regarding the changes necessitates a change in the configuration of one or more physical switches, and may reconfigure affected ones of the physical switches for compatibility with the changes made to the virtual system. | 03-22-2012 |
| 20120072764 | SYSTEMS AND METHODS FOR NETWORK INFORMATION COLLECTION - A network device may include logic configured to receive a problem report from a second network device, store and analyze data included in the problem report, filter data in the problem report to determine when the problem report is to be transmitted to a third network device, and transmit the problem report to the third network device when the filtering determines that the problem report is to be transmitted. | 03-22-2012 |
| 20120072459 | DISTRIBUTED DATA STORAGE AND ACCESS SYSTEMS - A distributed system for content storage and access includes a storage platform having at least a first storage component, and an access platform having one or multiple access components. Each access component is associated with at least one access service. The access service may be an administrative service for receiving a service request initiated by a first user, the service request being associated with a first item of content, and for identifying a characteristic of the service request, a content management service for determining, based at least in part on the characteristic of the service request, a specification of a data transfer operation to be executed in association with the first storage component, and a directory service for maintaining information associated with the first item of content. | 03-22-2012 |
| 20120069842 | MULTICASTING WITHIN A DISTRIBUTED CONTROL PLANE OF A SWITCH - In some embodiments, a non-transitory processor-readable medium stores code representing instructions configured to cause a processor to receive, from an access switch, a first signal including forwarding state information associated with a first peripheral processing device from a set of peripheral processing devices. The code can further represent instructions configured to cause the processor to receive, from the first peripheral processing device, a second signal including a data packet. The code can further represent instructions configured to cause the processor to send, to a replication engine associated with the set of peripheral processing devices, a third signal such that the replication engine (1) defines a copy of the data packet, which is included within the third signal, and (2) sends, to a second peripheral processing device from the set of peripheral processing devices, a fourth signal including the copy of the data packet. | 03-22-2012 |
| 20120063467 | HIERARCHICAL PACKET SCHEDULING - A packet scheduler may include logic configured to receive packet information. The packet scheduler may include logic to receive an operating parameter associated with a downstream device that operates with cell-based traffic. The packet scheduler may include logic perform a packet to cell transformation to produce an output based on the operating parameter. The packet scheduler may include logic to use the output to compensate for the downstream device. | 03-15-2012 |
| 20120063318 | DEQUEUING AND CONGESTION CONTROL SYSTEMS AND METHODS FOR SINGLE STREAM MULTICAST - A system that processes single stream multicast data includes multiple queues, a dequeue engine, and/or a queue control engine. The queues temporarily store data. At least one of the queues stores single stream multicast data. A multicast count is associated with the single stream multicast data and corresponds to a number of destinations to which the single stream multicast data is to be sent. The dequeue engine dequeues data from the queues. If the data corresponds to the single stream multicast data, the dequeue engine examines the multicast count associated with the single stream multicast data and dequeues the single stream multicast data based on the multicast count. The queue control engine examines one of the queues to determine whether to drop data from the queue and marks the data based on a result of the determination. | 03-15-2012 |
| 20120063313 | HYBRID WEIGHTED ROUND ROBIN (WRR) TRAFFIC SCHEDULING - A network device receives traffic associated with a network of intermediate network devices and user devices, classifies the received traffic, and allocates the classified traffic to traffic queues. The network device also schedules particular queued traffic, provided in the traffic queues and bound for particular intermediate network devices, using a hybrid weighted round robin (WRR) scheduler where the hybrid WRR scheduler schedules the particular queued traffic according to one of a 1-level WRR schedule, a 1.5 level WRR schedule, or a 2-level WRR schedule. The network device further provides the particular queued traffic to the particular intermediate network devices based on the scheduling of the hybrid WRR scheduler. | 03-15-2012 |
| 20120057601 | ACCURATE MEASUREMENT OF PACKET SIZE IN CUT-THROUGH MODE - A network device operating in a cut-through mode receives a current packet of an unknown length and determines if there is a known length value of a previous packet in a processing cycle associated with the current packet. When there is no known length value of the previous packet, the network device applies, to the current packet, an estimated length value for the current packet. When there is a known length value of the previous packet, the network device applies, to the current packet, the known length value of the previous packet. The network device processes the current packet based on one of the estimated length value or the known length value of the previous packet. | 03-08-2012 |
| 20120057597 | IN-LINE PACKET PROCESSING - A method and apparatus for in-line processing a data packet while routing the packet through a router in a system transmitting data packets between a source and a destination over a network including the router. The method includes receiving the data packet and pre-processing layer header data for the data packet as the data packet is received and prior to transferring any portion of the data packet to packet memory. The data packet is thereafter stored in the packet memory. A routing through the router is determined including a next hop index describing the next connection in the network. The data packet is retrieved from the packet memory and a new layer header for the data packet is constructed from the next hop index while the data packet is being retrieved from memory. The new layer header is coupled to the data packet prior to transfer from the router. | 03-08-2012 |
| 20120057458 | EARLY LOAD DETECTION SYSTEM AND METHODS FOR GGSN PROCESSOR - A device may store a first and second queue of packets, calculate an average queue size based on the number of packets in the first and second queues and discard a packet when the packet is a session creation packet and the calculated average queue size is greater than a threshold value. | 03-08-2012 |
| 20120045206 | MULTI-CHASSIS ROUTER WITH MULTIPLEXED OPTICAL INTERCONNECTS - A multi-chassis network device includes a plurality of nodes that operate as a single device within the network and a switch fabric that forwards data plane packets between the plurality of nodes. The switch fabric includes a set of multiplexed optical interconnects coupling the nodes. For example, a multi-chassis router includes a plurality of routing nodes that operate as a single router within a network and a switch fabric that forwards packets between the plurality of routing nodes. The switch fabric includes at least one multiplexed optical interconnect coupling the routing nodes. The nodes of the multi-chassis router may direct portions of the optical signal over the multiplexed optical interconnect to different each other using wave-division multiplexing. | 02-23-2012 |
| 20120044947 | FLOODING-BASED ROUTING PROTOCOL HAVING DATABASE PRUNING AND RATE-CONTROLLED STATE REFRESH - An enhanced, flooding-based link state routing protocol is described that provides pruning of link state data and, when needed, rate-controlled refresh of the pruned link state data from other routers of the flooding domain. A routing device comprises a network interface to send and receive packets over a layer-two (L2) communication medium. The routing device includes a control unit coupled to the network interface, and a flooding-based link state routing protocol executing on a processor of the control unit. The link-state routing protocol establishes an adjacency with a peer router. A database of the routing device includes entries that store a plurality of link state messages for a flooding domain of the link state routing protocol, wherein at least one of the entries in the database stores a partial link state message having a header portion and a payload having pruned link state data. | 02-23-2012 |
| 20120044940 | FLOODING-BASED ROUTING PROTOCOL HAVING AVERAGE-RATE AND BURST-RATE CONTROL - An enhanced, flooding-based routing protocol is described that provides burst-rate and average-rate flow control. A routing device comprises a network interfaces configured to send and receive packets over a layer-two (L2) communication medium. A flooding-based link state routing protocol executes on a processor of the routing device to maintain network topology information for a network and establish an adjacency with a peer router over the layer-two (L2) communication medium. A database of the routing device stores a minimum packet interval and a credit specified by the peer router for the adjacency. When sufficient credit has been allocated to the L2 communication medium, a scheduler of the router dequeues link state messages from an outbound packet queue and floods each of the link state messages to the L2 communication medium while maintaining at least the specified minimum packet interval between each of the plurality of link state messages. | 02-23-2012 |
| 20120042029 | HIGH-AVAILABILITY REMOTE-AUTHENTICATION DIAL-IN USER SERVICE - A method may include receiving, in a first server from a second server, a request for a service of a network by a device; sending, from the first server to the second server, a response to the request for the service to permit access to the service; and sending state information about the response to a third server for storage in a database. | 02-16-2012 |
| 20120039334 | VIRTUAL LOCAL AREA NETWORK (VLAN)-BASED MEMBERSHIP FOR MULTICAST VLAN REGISTRATION - A network node that includes a memory to store a multicast forwarding table that contains entries that govern how multicast traffic is to be forwarded from a multicast virtual local area network (MVLAN) associated with the network node, to receiver VLANs associated with the network node, where each entry includes a multicast group, that is associated with a group of ports on the multicast VLAN via which the multicast traffic is received, and information associated with the receiver VLANs to which the received multicast traffic is to be sent. The network node also includes a processor to receive multicast traffic associated with a particular multicast group, via a particular port on the multicast VLAN; perform, using the multicast forwarding table, a look up operation, based on the particular multicast group, to determine to which of the receiver VLANs the multicast traffic is to be sent; and transmit the multicast traffic, associated with the particular multicast group, to user devices, via the receiver VLANs, based on a determination that the entry, associated with the particular multicast group, includes information associated with the receiver VLANs. | 02-16-2012 |
| 20120033661 | DISTRIBUTED IP-PBX SIGNAL PROCESSING - Techniques are described by which an IP telephone system leverages the digital signal processing functions of end-user IP telephones by distributing signal processing tasks typically carried out by a centralized IP-PBX. The end-user IP telephones publicize their signal processing capabilities and availabilities to an IP-PBX, which maintains a resource capability mapping of the IP telephones. When the IP-PBX receive a bitstream for a communication session involving IP telephones and/or legacy phones of the IP telephone system, the IP-PBX determines the signal processing requirements for the bitstream, selects an available, capable IP telephone to perform the requirements, and distributes the bitstream to the selected IP telephone. The IP telephone performs the requisite signal processing and returns the processed bitstream to the IP-PBX, which forwards the processed bitstream to the destination endpoint for the communication session. | 02-09-2012 |
| 20120027019 | MAINTAINING PACKET ORDER USING HASH-BASED LINKED-LIST QUEUES - Ordering logic ensures that data items being processed by a number of parallel processing units are unloaded from the processing units in the original per-flow order that the data items were loaded into the parallel processing units. The ordering logic includes a pointer memory, a tail vector, and a head vector. Through these three elements, the ordering logic keeps track of a number of “virtual queues” corresponding to the data flows. A round robin arbiter unloads data items from the processing units only when a data item is at the head of its virtual queue. | 02-02-2012 |
| 20120023546 | DOMAIN-BASED SECURITY POLICIES - An example network system includes a plurality of endpoint computing resources, a business policy graph of a network that includes a set of the plurality of endpoint computing resources configured as a security domain, a set of policy enforcement points (“PEPs”) configured to enforce network policies, and a network management module (“NMM”). The NMM is configured to receive an indication of a set of network policies to apply to the security domain, automatically determine a subset of PEPs of the set of PEPs are required to enforce the set of network policies based on physical network topology information readable by the NMM that includes information about the location of the endpoint computing resources and the set of PEPs within the network, and apply the network policies to the subset of PEPs in order to enforce the network policies against the set of endpoint computing resources of the security domain. | 01-26-2012 |
| 20120015541 | SELF-SECURING POWER CORD - An alternating current (AC) power cord retainer is configured to be incorporated into or connected to a power cord, instead of the electronic device to which the cord may be connected. The power cord retainer is configured to be received within and engage the same receptacle within which the plug of the power cord is received. | 01-19-2012 |
| 20120005746 | DUAL-MODE MULTI-SERVICE VPN NETWORK CLIENT FOR MOBILE DEVICE - An integrated, multi-service network client for cellular mobile devices is described. The multi-service client includes a VPN handler having an interface programmed to exchange the network packets with the security manager for application of the security service, wherein the VPN handler is configurable to operate in one of an enterprise mode and in a non-enterprise mode, wherein in the enterprise mode the VPN handler establishes a VPN connection with a remote VPN security device and provides encryption services to securely tunnel the network packets between the cellular mobile device and the remote VPN security device, and wherein in the non-enterprise mode the VPN handler directs the network packets to the security manager without application of the encryption services and communicates the network packets to a packet-based network without tunneling the packets. | 01-05-2012 |
| 20120005745 | VPN NETWORK CLIENT FOR MOBILE DEVICE HAVING DYNAMICALLY TRANSLATED USER HOME PAGE - A virtual private network (VPN) client for cellular mobile devices is described. The VPN network client processes network packets for securely tunneling the network packets between the cellular mobile device and the remote VPN security device. Upon establishing the VPN connection, the VPN network client receives a web-based home page from the secure VPN device via a secure response, dynamically parses bookmark links from the secure response and renders a bookmark window using input controls native to the cellular mobile device without invoking a web browser on the cellular mobile device. Each of the input controls corresponds to a different one of the bookmarks parsed from the secure response. Upon selection of one of the input controls, the VPN network client formulates and outputs an appropriate request to the secure VPN device as if a corresponding one of the bookmark links were selected by the user. | 01-05-2012 |
| 20120005477 | MULTI-SERVICE VPN NETWORK CLIENT FOR MOBILE DEVICE HAVING DYNAMIC FAILOVER - An integrated, multi-service network client for cellular mobile devices is described. The multi-service network client can be deployed as a single software package on cellular mobile network devices to provide integrated services including secure enterprise virtual private network (VPN) connectivity, acceleration, security management including monitored and enforced endpoint compliance, and collaboration services. Once installed on the cellular mobile device, the multi-service client establishes the VPN connection to concurrently include both a layer three (L3) tunnel that uses a first type of transport layer protocol of the operating system and a layer four (L4) tunnel that uses a second type of transport layer protocol of the operating system. The VPN handler determines whether network ports associated with the L3 tunnel are unblocked by an operating system and, when the network ports are unblocked, automatically transitions from the L4 tunnel to the L3 tunnel without terminating the VPN connection. | 01-05-2012 |
| 20120005476 | MULTI-SERVICE VPN NETWORK CLIENT FOR MOBILE DEVICE HAVING INTEGRATED ACCELERATION - An integrated, multi-service virtual private network (VPN) network client for cellular mobile devices is described. The multi-service network client can be deployed as a single software package on cellular mobile network devices to provide integrated services including secure enterprise VPN connectivity, acceleration, security management including monitored and enforced endpoint compliance, and collaboration services. The multi-service client integrates with an operating system of the device to provide a VPN handler to establish a VPN connection with a remote VPN security device. The VPN network client includes to data acceleration module exchange network packets with the VPN handler and apply at least one acceleration service to the network packets, and a VPN control application that provides a unified user interface that allows a user to configure both the VPN handler and the data acceleration module. | 01-05-2012 |
| 20120005300 | SELF CLOCKING INTERRUPT GENERATION IN A NETWORK INTERFACE CARD - A network interface card may issue interrupts to a host in which the determination of when to issue an interrupt to the host may be based on the incoming packet rate. In one implementation, an interrupt controller of the network interface card may issue interrupts to that informs a host of the arrival of packets. The interrupt controller may issue the interrupts in response to arrival of a predetermined number of packets, where the interrupt controller re-calculates the predetermined number based on an arrival rate of the incoming packets. | 01-05-2012 |
| 20120002815 | VPN NETWORK CLIENT FOR MOBILE DEVICE HAVING FAST RECONNECT - A virtual private network client for cellular mobile devices is described. The VPN network client establishes a secure VPN connection with a remote VPN security device. The VPN network client establishes a secure control channel with the secure VPN gateway and, upon a successful authentication, receives a session cookie with a unique identifier. In the event communication with the secure VPN gateway is subsequently temporarily lost, the VPN network client performs a fast reconnect without requiring re-authentication of the cellular mobile device by communicating the session cookie to the secure VPN gateway. Prior to performing the fast reconnect, the VPN network client identifies a set of transport mechanisms currently available to the cellular mobile device and, when only a cellular network is available and not a wireless packet-based connection, the VPN network client defers the fast reconnect until application-layer data is received from a user application and is ready to be sent to the remote VPN security device via the VPN connection | 01-05-2012 |
| 20120002814 | VPN NETWORK CLIENT FOR MOBILE DEVICE HAVING DYNAMICALLY CONSTRUCTED DISPLAY FOR NATIVE ACCESS TO WEB MAIL - An integrated, multi-service network client for cellular mobile devices is described. The multi-service network client can be deployed as a single software package on cellular mobile network devices to provide integrated services including secure enterprise virtual private network (VPN) connectivity, acceleration, security management including monitored and enforced endpoint compliance, and collaboration services. The VPN network client is programmed to receive a web-based home page from an enterprise VPN appliance, process the web-based home page to identify a bookmark embedded within the response that corresponds to an enterprise webmail for the user and dynamically construct a user interface to have an input control native to the cellular mobile device for launching a native email client of the cellular mobile device to access the email without launching a web browser. | 01-05-2012 |
| 20120002813 | MULTI-SERVICE VPN NETWORK CLIENT FOR MOBILE DEVICE - An integrated, multi-service network client for cellular mobile devices is described. The multi-service network client can be deployed as a single software package on cellular mobile network devices to provide integrated services including secure enterprise virtual private network (VPN) connectivity, acceleration, security management including monitored and enforced endpoint compliance, and collaboration services. Once installed on the cellular mobile device, the multi-service client integrates with an operating system of the device to provide a single entry point for user authentication for secure enterprise connectivity, endpoint security services including endpoint compliance with respect to anti-virus and spyware software, and comprehensive integrity checks. That is, the multi-service client provides a common user interface to the integrated services, and provides a VPN handler that interfaces with the operating system to provide an entry point for network traffic to which the integrated services can be seamlessly applied. | 01-05-2012 |
| 20110317961 | FIXED ATTENUATION AIR GAP INTERFACE FOR A MULTIMODE OPTICAL FIBER INTERCONNECTION - A fiber-to-fiber connector system that includes a first connector for housing a portion of a first fiber, where the first fiber is terminated by a first end-face. The fiber-to-fiber connection system also includes a second connector for housing a portion of a second fiber, where the second fiber is terminated by a second end-face, where the first connector and the second connector permit the first fiber and the second fiber to be interconnected to form an air gap interface between the first end-face and the second end-face; the air gap interface defines a spacing between the first end-face and the second end-face; and the air gap interface enables, based on the defined spacing, an optical signal to be transmitted between the first fiber and the second fiber with a fixed quantity of attenuation. | 12-29-2011 |
| 20110314179 | SESSION-BASED SEQUENCE CHECKING - A device may include logic configured to receive a data unit intended for a destination device and to obtain information from the data unit. The logic may be configured to identify a window using the obtained information, where the window has a range determined by a lower boundary and an upper boundary. The logic may be configured to forward the data unit to the destination device when a portion of the data unit information is within the window. | 12-22-2011 |
| 20110314155 | VIRTUAL MACHINE MOBILITY IN DATA CENTERS - A data center management device determines that a virtual machine should be moved from a first physical system to a second physical system. The data center management device instructs a first service appliance at the first physical system to perform state synchronization with a second service appliance at the second physical system in order to continue providing the services offered prior to the move. The data center management device instructs the virtual machine to be instantiated at the second physical system. | 12-22-2011 |
| 20110310766 | APPARATUS AND METHOD OF COMPENSATING FOR CLOCK FREQUENCY AND PHASE VARIATIONS BY PROCESSING PACKET DELAY VALUES - An apparatus and method are described for compensating for frequency and phase variations of electronic components by processing packet delay values. In one embodiment, a packet delay determination module determines packet delay values based on time values associated with a first and a second electronic component. A packet delay selection module selects a subset of the packet delay values based on the maximum frequency drift of the first electronic component. A statistical parameter determination module evaluates a first and a second parameter based on portions of the subset of packet delay values. A validation module validates the parameters when each portion the subset of packet delay values includes a minimum of at least two packet delay values. An adjustment module compensates for at least one of a frequency variation and a phase variation of the first electronic component based on the parameters if the parameters are both validated. | 12-22-2011 |
| 20110310742 | GUARANTEED BANDWIDTH SHARING IN A TRAFFIC SHAPING SYSTEM - In one aspect the invention provides a method for allocating bandwidth in a network appliance where the network appliance includes a plurality of guaranteed bandwidth buckets used to evaluate when to pass traffic through the network appliance. The method includes providing a shared bandwidth bucket associated with a plurality of the guaranteed bandwidth buckets, allocating bandwidth to the shared bandwidth bucket based on the underutilization of bandwidth in the plurality of guaranteed bandwidth buckets and sharing excess bandwidth developed from the underutilization of the guaranteed bandwidth allocated to the individual guaranteed bandwidth buckets. The step of sharing includes borrowing bandwidth from the shared bandwidth bucket by a respective guaranteed bandwidth bucket to allow traffic to pass immediately through the network appliance. | 12-22-2011 |
| 20110305239 | SELECTION OF MULTICAST ROUTER INTERFACES IN AN L2 SWITCH CONNECTING END HOSTS AND ROUTERS, WHICH IS RUNNING IGMP AND PIM SNOOPING - Multicast traffic received by a subnet that uses IGMP/PIM snooping may be efficiently processed so that only required multicast router interfaces are used. A router may, for example, receive a source-specific PIM join/prune message indicating that a multicast receiver of the multicast traffic is to join/leave a multicast group to receive/stop traffic from a multicast source; determine whether the router is a first hop router relative to a subnet of the multicast source; and forward, when the router is a first hop router relative to the subnet of the multicast source and is a non-designated router, the source-specific PIM join/prune message towards the subnet. | 12-15-2011 |
| 20110302351 | SYSTEMS AND METHODS FOR AUTOMATED SENSOR POLLING - A device may include polling logic configured to store a table of received addresses, sequentially receive sensor data from each address in the table via a serial data bus, store the sensor data in a memory, receive an address from a processor via a high speed data bus, and provide stored sensor data from the memory to the processor via a parallel data bus. | 12-08-2011 |
| 20110299385 | NO SPLIT VIRTUAL CHASSIS BASED ON PASS THROUGH MODE - A method includes operating in a normal mode to receive and transmit packets, where the network device is one of multiple network devices that operate as a virtual chassis, where the virtual chassis corresponds to a single logical network device, and detecting when the network device crashes. The method further includes initiating a resetting process and operating in a pass through mode, during the resetting process, where the pass through mode permits packets to be received and transmitted to the network devices of the virtual chassis. | 12-08-2011 |
| 20110296053 | APPLICATION-LAYER TRAFFIC OPTIMIZATION SERVICE SPANNING MULTIPLE NETWORKS - Using the ALTO Service, networking applications can request through the ALTO protocol information about the underlying network topology from the ISP or Content Provider. The ALTO Service provides information such as preferences of network resources with the goal of modifying network resource consumption patterns while maintaining or improving application performance. This document describes, in one example, an ALTO server that intersects network and cost maps for a first network with network and cost maps for a second network to generate a master cost map that includes one or more master cost entries that each represent a cost to traverse a network from an endpoint in the first network to an endpoint in the second network. Using the master cost map, a redirector may select a preferred node in the first network with which to service a content request received from a host in the second network. | 12-01-2011 |
| 20110295983 | APPLICATION-LAYER TRAFFIC OPTIMIZATION SERVICE ENDPOINT TYPE ATTRIBUTE - Using the ALTO Service, networking applications can request through the ALTO protocol information about the underlying network topology from the ISP or Content Provider. The ALTO Service provides information such as network resource preferences with the goal of modifying network resource consumption patterns while maintaining or improving application performance. This document describes, in one example, an ALTO server that implements enhancements to the ALTO service to assign a PID-type attribute to each of a set of one or more PIDs each associated with a subset of one or more endpoints of a network, wherein a PID-type attribute specifies a type for the subset of endpoints associated with the PID. The ALTO server generates an ALTO network map that includes a PID entry to describe each of the PIDs, wherein each PID entry includes a PID-type field that stores the assigned PID-type attribute for the PID described by the PID entry. | 12-01-2011 |
| 20110295942 | APPLICATION-LAYER TRAFFIC OPTIMIZATION SERVICE MAP UPDATES - Using the ALTO Service, networking applications can request through the ALTO protocol information about the underlying network topology from the ISP or Content Provider. The ALTO Service provides information such as preferences of network resources with the goal of modifying network resource consumption patterns while maintaining or improving application performance. This document describes, in one example, an ALTO server that implements enhancements to the ALTO service to enable initiating incremental updates of network and cost maps to ALTO clients upon receiving status information from a content delivery network (CDN) node. | 12-01-2011 |
| 20110292937 | POINT-TO-MULTIPOINT SERVICE IN A LAYER TWO ETHERNET NETWORK - Techniques are described for providing point-to-multipoint (P2MP) Ethernet service in a L2 network. Routers providing the Ethernet service allow an administrator to classify local attachment circuits as either “leaf” attachment circuits or “root” attachment circuits to define a tree-like architecture for forwarding Ethernet frames within a VPLS domain. Based on the classifications, each of router constructs flood domains, referred to herein as mesh groups, that control switching behavior between attachment circuits and pseudowires that transport the L2 communications through the VPLS domain. The routers utilize the mesh groups when switching L2 communications to enforce the requirements of E-TREE service or other L2 services in which L2 traffic is constrained within the L2 VPN to tree-like connectivity. | 12-01-2011 |
| 20110292795 | SYSTEM AND METHOD FOR FAIR SHARED DE-QUEUE AND DROP ARBITRATION IN A BUFFER - Systems and methods consistent with the present invention provide a mechanism that can efficiently manage multiple queues and maintain fairness among ports while not placing additional performance demands on the memory used to store the queue data structures. Within a port, high priority traffic is dropped only if it is consuming more than its fair share of bandwidth allocated to that port. Queue arbitration is of low performance cost and simple because it arbitrates only across queues per port, rather than across all the queues in parallel. Accordingly, fair arbitration with relatively little hardware cost. | 12-01-2011 |
| 20110286462 | SYSTEMS AND METHODS FOR EQUAL-COST MULTI-PATH VIRTUAL PRIVATE LAN SERVICE - A provider edge device, associated with a virtual private local area network service (VPLS) system, includes a memory to store instructions to implement a pseudowire mechanism to receive a first data frame from a source customer edge (CE) device associated with the VPLS system, incorporate the first data frame into a first VPLS packet, determine whether the source CE device is a single-homed CE device or a multi-homed CE device, and incorporate, into the first VPLS packet, a first pseudowire label, if the source CE device is a single-homed CE device, and incorporate, into the first VPLS packet, a second pseudowire label, different from the first pseudowire label, if the source CE device is a multi-homed CE device; and a processor to execute the instructions. | 11-24-2011 |
| 20110280245 | NEXT HOP CHAINING FOR FORWARDING DATA IN A NETWORK SWITCHING DEVICE - A route for a data unit through a network may be defined based on a number of next hops. Exemplary embodiments described herein may implement a router forwarding table as a chained list of references to next hops. In one implementation, a device includes a forwarding table that includes: a first table configured to store, for each of a plurality of routes for data units in a network, a chain of links to next hops for the routes; and a second table configured to store the next hops. The device also includes a forwarding engine configured to assemble the next hops for the data units based on using the chain of links in the first table to retrieve the next hops in the second table and to forward the data units in the network based on the assembled next hops. | 11-17-2011 |
| 20110280195 | INCREASING THROUGHPUT BY ADAPTIVELY CHANGING PDU SIZE IN WIRELESS NETWORKS UNDER LOW SNR CONDITIONS - Feedback indicates low signal-to-noise ratio (SNR) conditions for a wireless communications link between a transmitter device and a receiver device. After attempting to achieve a target packet error rate (PER) by increasing transmission power for the wireless communications link, the transmitter device receives feedback that indicates a current PER, for data transmitted using an initial automatic repeat request (ARQ) block size, is above the target PER for the receiver device, and changes, based on the feedback, the current ARQ block size to a different ARQ block size for the wireless communications link. The different ARQ block size may be adaptively selected to provide a maximum PDU size that achieves the target PER at the receiver device under the low SNR conditions. | 11-17-2011 |
| 20110280150 | GLOBAL FLOW TRACKING SYSTEM - A device may obtain a flow signature, identify a destination collector to which packets bearing the flow signature are sent, obtain a list of potential source collectors that may have sent the packets bearing the flow signature to the destination collector, and identify a source collector, among the potential source collectors, that sent the packets to the destination collector. In addition, the device may output information related to a path from the source collector the destination collector. | 11-17-2011 |
| 20110276752 | POWER EFFICIENT AND RULE MOVEMENT OPTIMIZED TCAM MANAGEMENT - A network device allocates a number of blocks of memory in a ternary content-addressable memory (TCAM) of the network device to each database of multiple databases, and assigns unused blocks of memory of the TCAM to a free pool. The network device also detects execution of a run mechanism by the TCAM, and allocates, based on the execution of the run mechanism, one of the unused blocks of memory to a filter or rule of one of the multiple databases. | 11-10-2011 |
| 20110271319 | USING ENDPOINT HOST CHECKING TO CLASSIFY UNMANAGED DEVICES IN A NETWORK AND TO IMPROVE NETWORK LOCATION AWARENESS - A device receives, from a managed device, endpoint information associated with an unmanaged device connected to the managed device in a network. The device also receives unmanaged device information that partially identifies the unmanaged device, and completely identifies the unmanaged device based on the endpoint information and the unmanaged device information. | 11-03-2011 |
| 20110271009 | INTERFACE GROUPING FOR MEDIA ACCESS CONTROL ADDRESS PINNING IN A LAYER TWO NETWORK - An example network device includes a set of interfaces, a control unit, and a forwarding engine. The control unit includes an interface group information repository that stores data defining interface groups. Each interface group includes one or more interfaces. The forwarding engine includes a media access control (MAC) address repository that stores a mapping of a first interface to a source MAC address, and a MAC address management module that determines whether an interface group to which the first interface is assigned is the same interface group as the interface group to which a second interface is assigned. The control unit is configured to receive a layer two (L2) communication via the second interface, wherein the L2 communication includes the source MAC address. The forwarding engine dynamically updates the MAC address repository based on the determination of the MAC address management module. | 11-03-2011 |
| 20110268115 | MULTICAST OVER LAG AND IRB IN A ROUTING DEVICE - Techniques for handling multicast over link aggregated (LAG) interfaces and integrated routing and bridging (IRB) interfaces in a network device are described in which interfaces, at which a data unit is to be transmitted, may be represented hierarchically in which the LAG interfaces and IRB interfaces are represented as pointers. In one implementation, a device may determine routes for data units, where a route for a multicast data unit is represented as a set of interfaces of the device at which the data unit is to be output. Entries in the set of interfaces may include physical interfaces of the device and pointers to LAG interfaces or pointers to the IRB interfaces. The device may generate tokens to represent routes for data units and resolve the pointers to the LAG interfaces or the IRB interfaces to obtain physical interfaces of the router corresponding to a LAG or an IRB. | 11-03-2011 |
| 20110267073 | VALIDATING HIGH SPEED LINK PERFORMANCE MARGIN FOR SWITCH FABRIC WITH ANY-TO-ANY CONNECTION ACROSS A MIDPLANE - A system for testing link performance margin in a network device includes one or more daughter cards having a driver to transmit a signal and a receiver to receive the signal, and a midplane including a channel to transmit the signal from the driver to the receiver. The system includes multiple connector assemblies to connect the one or more daughter cards to the midplane, where each of the multiple connector assemblies includes a different known crosstalk margin value. A bit error rate tester is connected to a link between the driver and the receiver, and the multiple connector assemblies are interchangeably included in the link to approximate different signal-to-noise ratio margins for the tested link. | 11-03-2011 |
| 20110264822 | FILTERING AND ROUTE LOOKUP IN A SWITCHING DEVICE - Methods and devices for processing packets are provided. The processing device may Include an input interface for receiving data units containing header information of respective packets; a first module configurable to perform packet filtering based on the received data units; a second module configurable to perform traffic analysis based on the received data units; a third module configurable to perform load balancing based on the received data units; and a fourth module configurable to perform route lookups based on the received data | 10-27-2011 |
| 20110260769 | ERROR-FREE STARTUP OF LOW PHASE NOISE OSCILLATORS - An isolation switch is used to isolate the output of an oscillator, during startup of the oscillator, from the circuitry that uses the periodic signal generated by the oscillator. In one implementation, a device may include an oscillator to generate a periodic signal and a switch connected to receive an output of the oscillator. The switch may include a control input that controls whether the switch is in an open or closed state. Switch control circuit may control the switch so that the switch is in an open state during startup of the oscillator and the switch is in a closed state thereafter. | 10-27-2011 |
| 20110258479 | SERVER-TO-SERVER INTEGRITY CHECKING - A method performed by a primary server includes receiving integrity criteria and sending a health check request to a secondary server based on the received integrity criteria. The method also includes receiving integrity information from the secondary server and checking the integrity information against the integrity criteria. The method further includes initiating a non-compliance action if the integrity information does not comply with the integrity criteria. | 10-20-2011 |
| 20110258335 | IDENTIFICATION FRAGMENT HANDLING - A device stores forwarding information associated with fragments of a first data unit, stores information common to the fragments of the first data unit, receives fragments of a second data unit, and forwards the fragments of the second data unit based on the forwarding information of the first data unit and the information common to the first data unit. | 10-20-2011 |
| 20110255408 | TRAFFIC ANALYSIS OF DATA FLOWS - A device includes a memory, flow table logic, sampling logic, and a processing unit. The memory is configured to store a flow table that stores, as a number of entries, statistics regarding a number of data flows. The flow table logic is configured to generate records corresponding to data flows for which entries are created in the flow table or removed from the flow table. The sampling logic is configured to select one of the data flows for sampling and sample initial data units for the one of the data flows. The processing unit is configured to receive the records generated by the flow table logic, receive the initial data units sampled by the sampling logic, analyze the initial data units to generate analysis results, correlate the records and the analysis results associated with a same one of the data flows, and store the correlated records and analysis results. | 10-20-2011 |
| 20110254590 | MAPPING ADDRESS BITS TO IMPROVE SPREAD OF BANKS - A device may include a group of requestors issuing requests, a memory that includes a set of memory banks, and a control block. The control block may receive a request from one of the requestors, where the request includes a first address. The control block may perform a logic operation on a high order bit and a low order bit of the first address to form a second address, identify one of the memory banks based on the second address, and send the request to the identified memory bank. | 10-20-2011 |
| 20110252284 | OPTIMIZATION OF PACKET BUFFER MEMORY UTILIZATION - A method performed by an I/O unit connected to another I/O unit in a network device. The method includes receiving a packet; segmenting the packet into a group of data blocks; storing the group of data blocks in a data memory; generating data protection information for a data block of the group of data blocks; creating a control block for the data block; storing, in a control memory, a group of data items for the control block, the group of data items including information associated with a location, of the data block, within the data memory and the data protection information for the data block; performing a data integrity check on the data block, using the data protection information, to determine whether the data block contains a data error; and outputting the data block when the data integrity check indicates that the data block does not contain a data error. | 10-13-2011 |
| 20110250050 | SINGLE FAN TRAY IN A MIDPLANE ARCHITECTURE - A chassis may include a front section that contains a first electronic circuit board oriented in a first plane, a rear section that contains a second electronic circuit board oriented in a second plane, where the first plane and the second plane are substantially orthogonal, a midplane dividing the front and the rear sections, and a fan tray assembly including a plurality of fans to cool both the first electronic circuit board of the front section and the second electronic circuit board of the rear section. | 10-13-2011 |
| 20110247048 | TESTING POLICIES IN A NETWORK - A device may include first logic configured to receive a data unit and to receive a network policy. The device may include second logic configured to identify how the data unit will be handled by the network policy and to generate a result that includes information about how the data unit will be handled by the network policy. | 10-06-2011 |
| 20110238907 | WAKE-AHEAD BASED ON PATTERNS - A method may include detecting an event, determining whether the event correlates to a hard disk access, requesting a wake-ahead of a hard disk drive if it is determined that the event correlates to a hard disk access, weighing a performance improvement of the hard disk drive if the wake ahead request is granted against a life of the hard disk drive if the wake ahead request is not granted, and waking ahead the hard disk drive if the performance improvement outweighs the life of the hard disk drive. | 09-29-2011 |
| 20110238816 | METHODS AND APPARATUS FOR AUTOMATICALLY PROVISIONING RESOURCES WITHIN A DISTRIBUTED CONTROL PLANE OF A SWITCH - In some embodiments, a network management module is operatively coupled to a set of edge devices that are coupled to a set of peripheral processing devices. The network management module can receive a signal associated with a broadcast protocol from an edge device from the set of edge devices in response to that edge device being operatively coupled to a switch fabric. The network management module can provision that edge device in response to receiving the signal. The network management module can define multiple network control entities at the set of edge devices such that each network control entity from the multiple network control entities can provide forwarding-state information associated with at least one peripheral processing device from the set of peripheral processing devices to at least one remaining network control entity from the multiple network control entities using a selective protocol. | 09-29-2011 |
| 20110238804 | AGER RING OPTIMIZATION - A device provides an ager ring that ages entries associated with managed resource of a device, and determines whether a particular entry associated with a particular managed resource of the device is to be updated. The device also updates, when the particular entry is to be aged out in a particular time frame, the particular entry in the ager ring based on a bucket offset and a current time bucket associated with the particular entry and based on a current time, a refresh timeout, and a maximum timeout associated with the ager ring. The device further updates, when the particular entry is being aged during processing, the particular entry in the ager ring based on a new bucket, the current time bucket, and the bucket offset associated with the particular entry and based on the maximum timeout associated with the ager ring. | 09-29-2011 |
| 20110238793 | MANAGING DISTRIBUTED ADDRESS POOLS WITHIN NETWORK DEVICES - In general, techniques are described for managing distributed address pools within network devices. A network device that includes a control unit and at least one interface may implement these techniques. The control unit stores data defining a network address pool shared by both the network device and another network device. The control unit includes a shared pool manager module that evaluates the data defining the network address pool to determine a block of addresses of the network address pool that is not in use by the other network device. The at least one interface transmits a request to the other network device requesting the determined block and receives a response from the other network device indicating whether one or more addresses of the requested block are available. The control unit then allocates one or more addresses from the requested block to subscriber devices based on the indication in the response. | 09-29-2011 |
| 20110235653 | WEIGHT-BASED BANDWIDTH ALLOCATION FOR NETWORK TRAFFIC - A network device may implement packet scheduling with administrator-configurable packet scheduling policies. In one implementation, the network device includes a filter component configured to assign priority levels to data units, the priority levels defining traffic classes for the data units. The network device may also include a scheduler component configured to schedule transmission of the traffic classes based on an assignment of weights to the traffic classes using at least one bandwidth allocation policy that exhibits a bandwidth allocation profile that varies based on one or more parameters of the bandwidth allocation policy that are configurable by an administrator. | 09-29-2011 |
| 20110235643 | REDIRECT CHECKING IN A NETWORK DEVICE - A network device for performing redirect checking includes an input device and processing logic. The input device receives a data packet on a first one of a number of interfaces. The data packet includes source and destination addresses. The processing logic assigns an incoming interface to the data packet and generates forwarding information identifying a next hop for the data packet. The processing logic also identifies an outgoing interface based on the next hop and determines whether the incoming interface index is equal to the outgoing interface index. The processing logic also determines whether the data packet originated from a station that is part of the same subnet as the next hop. When both of these conditions are met, the processing logic generates a redirect message. | 09-29-2011 |
| 20110235642 | PRESERVING THE ORDER OF PACKETS THROUGH A DEVICE - A network device includes one or more sprayers, multiple packet processors, and one or more desprayers. The sprayers receive packets on at least one incoming packet stream and distribute the packets according to a load balancing scheme that balances the number of bytes of packet data that is given to each of the packet processors. The packet processors receive the packets from the sprayers and process the packets to determine routing information for the packets. The desprayers receive the processed packets from the packet processors and transmit the packets on at least one outgoing packet stream based on the routing information. | 09-29-2011 |
| 20110235595 | BREAKOUT GATEWAY FOR MOBILE DATA TRAFFIC - In general, the invention is directed to techniques for breaking out mobile data traffic from a mobile service provider network to a packet data network. For example, as described herein, a breakout gateway device (BGW) receives a first service request and data traffic for a data session associated with the requested service from a mobile device in a radio access network, wherein the first service request is addressed to a serving node of a mobile core network of the mobile service provider network, and wherein the data traffic is destined for the PDN. A control packet analysis module forwards the first service request from the breakout gateway device to the serving node. A breakout module of the BGW bypasses the serving node by sending the data traffic from the breakout gateway device to the PDN on a data path from the radio access network to the PDN. | 09-29-2011 |
| 20110235446 | WRITE STROBE GENERATION FOR A MEMORY INTERFACE CONTROLLER - A memory controller includes a circuit to generate a strobe signal for write operations to a DDR SDRAM. The circuit efficiently generates a glitch free strobe signal for a group of data lines. In one implementation, the memory controller includes a write data generation circuits to each transmit a data signal to the memory on a data line, the write data generation circuits being controlled by write enable signals. A write strobe generation circuit generates the strobe signal and the write enable signals, the strobe signal including a preamble window to signal the beginning of the data burst, a data transfer window, and a postamble window to signal the end of the data burst, the write strobe generation circuit generating the write enable signals a half memory cycle early and terminating the write enable signals a half memory cycle late with respect to the data signals generated by the write data generation circuits. | 09-29-2011 |
| 20110231833 | UPGRADING SYSTEM SOFTWARE IN A CHASSIS WITHOUT TRAFFIC LOSS - Rolling software upgrades may be employed for a network device in a modular chassis and/or virtual chassis. The network device may include memory devices to store a software upgrade package and a group of instructions, and a processor. The processors may install the software upgrade package on a backup routing engine; determine subsets of multiple line cards on which to perform a software upgrade, where ports in each of the multiple line cards are part of a link aggregation group (LAG); initiate a reboot process for each of the subsets of multiple line cards, in sequence, where the reboot process for each of the line cards results in a software upgrade without deactivating any LAG. The processors may also switch the backup routing engine and a master routing engine to create a new master routing engine and a new backup routing engine, and install the upgrade package on the new backup routing engine. | 09-22-2011 |
| 20110228795 | MULTI-BANK QUEUING ARCHITECTURE FOR HIGHER BANDWIDTH ON-CHIP MEMORY BUFFER - A network device includes a main storage memory and a queue handling component. The main storage memory includes multiple memory banks which store a plurality of packets for multiple output queues. The queue handling component controls write operations to the multiple memory banks and controls read operations from the multiple memory banks, where the read operations for at least one of the multiple output queues alternates sequentially between the each of the multiple memory banks, and where the read operations and the write operations occur during a same clock period on different ones of the multiple memory banks. | 09-22-2011 |
| 20110228793 | CUSTOMIZED CLASSIFICATION OF HOST BOUND TRAFFIC - A network device component receives traffic, determines whether the traffic is host bound traffic or non-host bound traffic, and classifies, based on a user-defined classification scheme, the traffic when the traffic is host bound traffic. The network device component also assigns, based on the classification, the classified host bound traffic to a queue associated with network device component for forwarding the classified host bound traffic to a host component of the network device. | 09-22-2011 |
| 20110228784 | REORDER ENGINE WITH ERROR RECOVERY - A reorder engine classifies information relating to incoming data items as belonging to either a first, second, or third region. The information relating to the data items may arrive at the reorder engine out of order. The data items each include a sequence number through which the reorder engine may reconstruct the correct order of the data items. Based on the classification, the reorder engine may either process the data items normally or drop certain ones of the data items. The majority of incoming data items will fall in the first region and are processed normally. Data items arriving in the second region indicate that a previous data item is late or delayed. If this previous data item is delayed but does eventually arrive, it will arrive in the third region and is simply ignored. | 09-22-2011 |
| 20110228767 | VIRTUAL LINK AGGREGATION OF NETWORK TRAFFIC IN AN AGGREGATION SWITCH - Access switches in a switching system may use virtual aggregated links. When a link between an aggregation switch and an access switch fails, the link failure may be reflected in the virtual aggregated link and data traffic to another access switch may be switched away from the failed switch. A forwarding table in the access switch stores a number of entries that each define a correspondence between destination addresses and an output identifier for the switch. At least a first output identifier includes an aggregated link that represents a first set of possible output links. At least a second output identifier includes a virtual aggregated link, associated with a second network switch that represents a second set of possible output links. Destination addresses in the forwarding table for the virtual aggregated link correspond to network devices connected to the second network switch. | 09-22-2011 |
| 20110222598 | SYSTEMS AND METHODS FOR COMPRESSING PACKET HEADERS - A system processes data units in a network. The system receives a data unit that includes a group of headers and suppresses one or more of the headers to form a reduced data unit. The system suppresses one or more other headers of the reduced data unit to form a further reduced data unit and transmits the further reduced data unit to one or more destination devices using the program identifier (PID) field in the MPEG header as an index to suppressed headers. | 09-15-2011 |
| 20110222558 | USING DEDICATED UPSTREAM CHANNEL(S) FOR CABLE MODEM INITIALIZATION - A system facilitates initialization of devices in a cable modem network. The system may provide downstream channels for transmitting data to the devices and upstream channels for receiving data from the devices. At least one of the upstream channels may be dedicated to providing initialization opportunities. This dedicated upstream channel(s) includes less than all of the upstream channels. The system may transmit upstream channel identifiers on the downstream channels, where each of the upstream channel identifiers identifies one of the upstream channels. The system receives initialization data on the dedicated upstream channel(s). | 09-15-2011 |
| 20110222425 | CONTROLLING NETWORK TRAFFIC - In an ATM exchange, a cell transmission control section transmits an ATM cell to a transmission path of an ATM network. A traffic monitor monitors traffic of the cell transmissions. A statistical process section performs a temporal statistical process on the result of the traffic monitoring using a clock and a memory. A CAC produces an instruction for traffic control over a transmission terminal based on the result of the statistical process. A UPC controls traffic of a transmission path from the transmission terminal in accordance with the instruction. | 09-15-2011 |
| 20110222413 | COMMUNICATING NETWORK PATH AND STATUS INFORMATION IN MULTI-HOMED NETWORKS - An example network system includes a layer two (L2) device and a layer three (L3) device. The L2 device includes a control unit is configured to determine a preferred network path from a first L2 network in which the L2 device resides to an intermediate L3 network in which the L3 device resides that couples the first L2 network to a second L2 network having a second L2 device. The control unit includes a management endpoint (MEP) module. The MEP module executes an operations, administration, and management (OAM) protocol to monitor the first L2 network and output an L2 frame in accordance with the OAM protocol to the L3 device to notify the L3 device that it is within the preferred network path. A MEP module of the L3 device executes an OAM protocol that outputs L2 frames to the L2 device indicating the status of the L3 network. | 09-15-2011 |
| 20110222412 | OPERATIONS, ADMINISTRATION, AND MANAGEMENT FIELDS FOR PACKET TRANSPORT - A network includes an egress node connected to an ingress node via a network path. The egress node is configured to receive, from the ingress node, a group of packets via the network path, where each packet includes an operations, administration, and management (OAM) field appended to the packet, and where the OAM field stores OAM information. The egress node is further configured to read the OAM information from the packets; analyze the OAM information, associated with one or more of the packets, to determine that a network condition exists on the network path; and notify the ingress node that the network condition exists to permit the ingress node to perform a rerouting operation. | 09-15-2011 |
| 20110216773 | WORK-CONSERVING PACKET SCHEDULING IN NETWORK DEVICES - In general, techniques are described for performing work conserving packet scheduling in network devices. For example, a network device comprising queues that store packets and a control unit may implement these techniques. The control unit stores data defining hierarchically-ordered nodes, which include leaf nodes from which one or more of the queues depend. The control unit executes first and second dequeue operations concurrently to traverse the hierarchically-ordered nodes and schedule processing of packets stored to the queues. During execution, the first dequeue operation masks at least one of the selected ones of the leaf nodes from which one of the queues depends based on scheduling data stored by the control unit. The scheduling data indicates valid child node counts in some instances. The masking occurs to exclude the node from consideration by the second dequeue operation concurrently executing with the first dequeue operation, which may preserve work in certain instances. | 09-08-2011 |
| 20110209203 | PROTECTING CONFIGURATION DATA IN A NETWORK DEVICE - Configuration information for a network device may be associated with a protection state that may restrict the modification of portions of the configuration information that are set to the protected state. The network device may be configured using configuration information defined as a group of hierarchically arranged configuration statements. Permissions may be stored for the network device relating to users permitted to modify the configuration information. The permissions may include permission tags, or other information defining the protection state, associated with the configuration statements. Intended modifications to the configuration information may be processed based on whether the intended modifications affect configuration statements associated with one of the permission tags. | 08-25-2011 |
| 20110209158 | ANALYSIS OF SHORT TERM CPU SPIKES IN AN OPERATING SYSTEM KERNEL - A profiler may analyze processes being run by a processor. The profiler may include logic to periodically sample a value of an instruction pointer that indicates an instruction in the first process that is currently being executed by the processor and logic to update profile data based on the sampled value. The profiler may additionally include logic to determine, in response to a context switch that includes the operating system switching the active process from the first process to another of the plurality of processes, whether the first process executes for greater than a first length of time; logic to stop operation of the profiler when the first process executes for greater than the first length of time; and logic to clear the profile data when the first process fails to execute for greater than the first length of time. | 08-25-2011 |
| 20110209112 | METHOD FOR CLOCK LOAD ALIGNMENT DURING STANDARD CELL OPTIMIZATION - A computing device may include a memory to store instructions and a processor. The processor may execute the instructions to conduct an initial cell optimization for an integrated circuit layout; designate clock loads associated with a first-level clock buffer; receive, after the initial standard-cell optimization, a set of initial placement locations; align the clock loads according to the set of placement locations; conduct, using the aligned clock loads, a re-optimization of the integrated circuit layout; and store, in the memory, a circuit layout based on the re-optimization. | 08-25-2011 |
| 20110209111 | AUTOMATED INTEGRATED CIRCUIT CLOCK INSERTION - A user device receives a request to perform an automatic clock insertion operation for an integrated circuit; retrieves location information regarding a group of components, of the integrated circuit, that use a clock signal; deploys a clock mesh based on the location information regarding the group of components; and inserts drop points into the clock mesh; deploys a particular buffer for a particular drop point; maps a component, of the group of components, to the particular buffer; generates a clock box for the particular buffer, where dimensions of the clock box are based on a location of the component; deploys an H-tree for the clock box, where dimensions of the H-tree are proportional to the clock box dimensions; connects the H-tree to the component; and displays or stores clock mesh information, information regarding the group of buffers, information regarding the H-tree, and the location information regarding the group of components. | 08-25-2011 |
| 20110208926 | LOW LATENCY REQUEST DISPATCHER - A first-in-first-out (FIFO) queue optimized to reduce latency in dequeuing data items from the FIFO. In one implementation, a FIFO queue additionally includes buffers connected to the output of the FIFO queue and bypass logic. The buffers act as the final stages of the FIFO queue. The bypass logic causes input data items to bypass the FIFO and to go straight to the buffers when the buffers are able to receive data items and the FIFO queue is empty. In a second implementation, arbitration logic is coupled to the queue. The arbitration logic controls a multiplexer to output a predetermined number of data items from a number of final stages of the queue. In this second implementation, the arbitration logic gives higher priority to data items in later stages of the queue. | 08-25-2011 |
| 20110208838 | METHOD AND SYSTEM FOR PROVIDING SECURE ACCESS TO PRIVATE NETWORKS WITH CLIENT REDIRECTION - Improved approaches for providing secure access to resources maintained on private networks are disclosed. The secure access can be provided through a public network using client software of client-server software and/or with file system software. Multiple remote users are able to gain restricted and controlled access to at least portions of a private network through a common access point, such as an intermediate server of the remote network. | 08-25-2011 |
| 20110208747 | MEMORY EFFICIENT INDEXING FOR DISK-BASED COMPRESSION - A network optimization device may receive a stream of data and generate a signature for a plurality of fixed length overlapping windows of the stream of data. The device may select a predetermined number of the generated signatures for each L | 08-25-2011 |
| 20110206172 | COARSE TIME SYNCHRONIZATION - A system for determining the burst start timing of a signal includes logic configured to receive the signal, generate correlation moduli and generate a first timing output based on the correlation moduli. The logic may also be configured to receive operating mode information and timing information and generate search controls. The logic may further be configured to identify a maximum of the correlation moduli using the search controls and determine a second timing output associated with the maximum correlation modulus. The second timing output represents a more accurate approximation of a burst start time than the first timing output. | 08-25-2011 |
| 20110206103 | SYSTEMS AND METHODS FOR INCREASING CABLE MODEM SYSTEM BANDWIDTH EFFICIENCY - A cable modem termination system measures signal qualities of upstream transmissions associated with one or more cable modems. The system monitors the measured upstream signal qualities, and selectively commands at least one of the one or more cable modems to switch between upstream channels based on the signal quality monitoring. | 08-25-2011 |
| 20110206050 | PPP TERMINATING EQUIPMENT, NETWORK EQUIPMENT AND METHOD OF RESPONDING TO LCP ECHO REQUIREMENT - In a PPP terminating equipment | 08-25-2011 |
| 20110206049 | TARGETED FLOW SAMPLING - A device may include two or more line interfaces. One of the line interfaces may include a component to buffer a packet that is received at the line interface, perform a lookup of information related to selecting a flow based on a header of the packet, apply a symmetric hash function to addresses in the header to obtain a hash when the information related to selecting the flow indicates the flow is to be selected based on a random method, compare the hash to a particular number using the information related to selecting the flow, the particular number being same for the line interfaces, sample a flow when the hash matches the particular number, create a flow record for the flow, and sample packets based on the flow record. | 08-25-2011 |
| 20110206048 | DATA TRANSFER SYSTEM AND METHOD - A transmission source bridge collects packets sent from nodes connected to a serial bus in accordance the IEEE1394 Standards, into one packet in an order they are to be transmitted and then sends them onto an ATM network, so that a transmission destination bridge receives this packet and divides it into a plurality of smaller packets and transfers them, in the order they were sent, to nodes connected to the serial bus in accordance with the IEEE1394 Standards. | 08-25-2011 |
| 20110202673 | NETWORK CHARACTERISTIC-BASED COMPRESSION OF NETWORK TRAFFIC - A network optimization device may receive a stream of data and identify a selected compression dictionary from among a number of compression dictionaries based on the received stream of data. A receiving network device may be notified regarding the selected compression dictionary. The stream of data may be compressed using the selected compression dictionary and transmitted to the receiving device. | 08-18-2011 |
| 20110202672 | APPLICATION IDENTIFICATION - A method may include receiving a communication from a client device and identifying a port number, a protocol and a destination associated with the communication. The method may also include identifying a first application being executed by the first client device based on the port number, the protocol and the destination associated with the first communication. | 08-18-2011 |
| 20110200094 | VIDEO TRANSCODING USING A PROXY DEVICE - A network device may act as a proxy for a client requesting video from a server and may control the quality of the video requested from the server. The network device may detect a negotiation for a video stream, the negotiation including at least a first message from the client indicating a requested video quality by the client; and determine a maximum allowed video quality for the client. The network device may additionally determine whether the requested video quality by the client is greater than the maximum allowed video quality and modifying, when the requested video quality by the client is greater than the maximum allowed video quality, a first message to change the requested video quality to be equal to the maximum allowed video quality. | 08-18-2011 |
| 20110200055 | ENHANCED CMTS FOR RELIABILITY, AVAILABILITY, AND SERVICEABILITY - A Cable Modem Termination System (CMTS) is partitioned into Line Cards, I/O Cards, and a midplane to provide enhanced Reliability, Availability, and Serviceability. Each I/O Card provides a cabling interface for coupling an assigned Line Card to other portions of a Hybrid-Fiber-Coax Network. A plurality of RF signals is coupled via connectors between each Line Card and a corresponding I/O Card, via the midplane. This permits a Line Card to be removed for servicing without requiring recabling of the corresponding I/O Card. Preferably, a rectangular-multi-pin collinear connector-cascade (Line Card jack, midplane double-plug, and I/O Card jack) is used to couple the plurality of RF signals. The connector-cascade is configured with protective RF ground pins adjacent and surrounding each of a plurality of RF signal pins. This approach permits each Line Card to be removed or inserted in a single action, without attention to individual RF interconnects, yet meets all system RF requirements while using relatively inexpensive connectors. The I/O Cards preferably include a distributed backup bus that permits one of the Line Cards in the CMTS to serve as a designated backup. The backup bus enables assignment of the designated backup Line Card to the I/O Card associated with a failing Line Card, without requiring recabling of any I/O Card. In conjunction with a signal processing architecture that permits dynamically programmable channel assignments, the backup bus facilitates rapid and fully automated failover. The Line Cards are preferably further partitioned into easily replaceable sections, including IF-to-RF and signal processing modules. | 08-18-2011 |
| 20110200042 | NETWORK PROVIDER BRIDGE MMRP REGISTRATION SNOOPING - A provider edge bridge in a service provider network receives multiple media access control (MAC) Registration Protocol (MMRP) registration messages from customer networks via tunnels. The provider edge bridge snoops the MMRP registration messages to obtain multicast MAC addresses from the registration messages, and tunnels the MMRP registration messages toward one or more other bridges. The provider edge bridge constructs multicast forwarding tables based on the multicast addresses obtained from snooping the MMRP registrations, and uses the multicast forwarding tables for forwarding data units from the provider edge bridge towards destinations. | 08-18-2011 |
| 20110200038 | METHODS AND APPARATUS RELATED TO PACKET CLASSIFICATION ASSOCIATED WITH A MULTI-STAGE SWITCH - In one embodiment, an apparatus can include a policy vector module configured to retrieve a compressed policy vector based on a portion of a data packet received at a multi-stage switch. The apparatus can also include a decompression module configured to receive the compressed policy vector and configured to define a decompressed policy vector based on the compressed policy vector. The decompressed policy vector can define a combination of bit values associated with a policy. | 08-18-2011 |
| 20110199928 | FEEDBACK CONTROL OF PROCESSOR USE IN VIRTUAL SYSTEMS - A device may receive packets for a system and obtain a packet drop rate of the system, a processor utilization rate of the system, and a target processor utilization rate of the system. In addition, the device may determine a target packet drop rate based on the packet drop rate, the processor utilization rate, and the target processor utilization rate. The device may drop a portion of the packets in accordance with the packet drop rate. | 08-18-2011 |
| 20110199925 | PACKET SWITCHING EQUIPMENT AND SWITCHING CONTROL METHOD - A packet switching equipment and a switch control system employing the same performs operation of the switch core portion independent of content of decision of an arbiter portion and overall equipment can be constructed with simple control structure. The packet switching equipment includes input buffer portions temporarily storing packets arriving to the input ports and outputting packets with adding labels indicative of destination port numbers, a switch core portion for switching the packets on the basis of labels added to the input buffer portions, and an arbiter portion adjusting input buffer portions to provide output permissions for outputting to the output ports. A sorting network autonomously sorting and concentrating the packets on the basis of the labels added to the packets is employed in the switch core portion. | 08-18-2011 |
| 20110197274 | RATE LIMITING DATA TRAFFIC IN A NETWORK - A network device coordinates with other devices in a network to create a distributed filtering system. The device detects an attack in the network, such as a distributed denial of service attack, and forwards attack information to the other devices. The devices may categorize data into one or more groups and rate limit the amount of data being forwarded based on rate limits for the particular categories. The rate limits may also be updated based on the network conditions. The rate limits may further be used to guarantee bandwidth for certain categories of data. | 08-11-2011 |
| 20110196999 | SYSTEMS AND METHODS FOR ORDER PRESERVING DATA - A data processing system includes an input circuit, a plurality of processing paths and an output circuit. The input circuit receives blocks of data on a plurality of data streams and distributes the blocks of data to the plurality of processing paths. The plurality of processing paths receive and process the distributed blocks of data. The output circuit selectively queues and dequeues the processed blocks of data based on a determined maximum differential delay among each of the processing paths and transmits the processed blocks of data. | 08-11-2011 |
| 20110194561 | SUMMARIZATION AND LONGEST-PREFIX MATCH WITHIN MPLS NETWORKS - In general, techniques are described for summarizing label mappings and thereby enabling longest-prefix match within Multi-Protocol Label Switching (MPLS) networks. More specifically, a first router included within a first area of a network comprises a control unit that maintains a label space defining labels available for mapping to a plurality of addresses assigned to network devices within the network. The control unit reserves a contiguous set of the labels of the label space and maps the contiguous set of labels to first area addresses. The first area addresses include those addresses of the plurality of addresses available for assignment to network devices within the first area. The first router also includes an interface card that transmits, to a second router of a second area of the network, an advertisement that advertises a summarized version of the mapping between the contiguous set of labels and the first area addresses. | 08-11-2011 |
| 20110194557 | DATA STRUCTURE-LESS DISTRIBUTED FABRIC MULTICAST - A network device receives a packet with a multicast nexthop identifier, and creates a mask that includes addresses of egress packet forwarding engines, of the network device, to which to provide the packet. The network device divides the mask into two portions, generates two copies of the packet, provides a first portion of the mask in a first copy of the packet, and provides a second portion of the mask in a second copy of the packet. The network device also forwards the first copy of the packet to an address of a first egress packet forwarding engine provided in the first portion of the mask, and forwards the second copy of the packet to an address of a second egress packet forwarding engine provided in the second portion of the mask. | 08-11-2011 |
| 20110194508 | VIRTUAL UPSTREAM CHANNEL SCHEDULING IN BROADBAND COMMUNICATION SYSTEMS - Scheduling virtual upstream channels within one physical upstream channel is disclosed. The MAP messages of the virtual upstream channels that share the same physical upstream channel are synchronized together such that any one transmission opportunity for a given virtual upstream channel does not overlap with transmission opportunities of any other virtual channel. This includes converting all requests for tranmission opprotunities into a common unit and then scheduling these requests as appropriate. | 08-11-2011 |
| 20110194425 | REMOTE NETWORK DEVICE COMPONENT TESTING - A network device receives, from a remote user device, a requested test that includes test Internet protocol (IP) packets, and converts the test IP packets into hardware test commands. The network device also performs, based on the hardware test commands, the requested test on a component of a network device card to produce hardware test results. The network device further converts the hardware test results into test results in an IP packet format, and provides the tests results in the IP packet format to the remote user device. | 08-11-2011 |
| 20110194409 | OVERSUBSCRIBED PACKET STREAM-BASED INTERCONNECT PROTOCOL - A network device includes a receiver component that generates flow control information. The network device also includes a transmitter component that receives a packet for forwarding to the receiver component, receives flow control data for the packet from the receiver component, and provides the packet and the flow control data for the packet to a fabric component. The fabric component performs a congestion management operation for the packet, and forwards the packet to the receiver component based on the flow control data and results of the congestion management operation. | 08-11-2011 |
| 20110192587 | THERMAL MANAGEMENT OF ELECTRONIC DEVICES - Thermal management is provided for a device. The device may include a substrate having a mounting area on a first surface of the substrate. The device may also include first thermal vias extending from the mounting area to at least an interior of the substrate. The device may also include at least one thermal plane substantially parallel to the first surface of the substrate, the at least one thermal plane being in thermal contact with at least one of the first thermal vias. The device may also include a heat sink attachment area, and second thermal vias extending from the heat sink attachment area to the interior of the substrate, the at least one thermal plane being in thermal contact with the second thermal vias. | 08-11-2011 |
| 20110188401 | ERROR DETECTION FOR DATA FRAMES - A method for detecting data frame mode mismatch errors may include receiving a data frame that includes an overhead byte. It may be determined whether a value associated with the overhead byte indicates that a transmitting device operating mode matches a receiving device operating mode. In an additional implementation, it may be determined whether a value associated with the overhead byte indicates that a transmitting device output port matches a receiving device input port. An alarm may be generated when it is determined that the value associated with the overhead byte indicates that either the transmitting device operating mode does not match the receiving device operating mode or the transmitting device output port does not match the receiving device input port. | 08-04-2011 |
| 20110188387 | DETECTION OF ACTIVE NODES, SAFE NODE REMOVAL CONDITIONS, AND CROSS-CABLING CONDITIONS FOR MAINTENANCE OPERATIONS WITHIN A MULTI-CHASSIS ROUTING MATRIX - A system includes a first device connected to a second device The first device includes a second node connected to a first node and the second device via a link, and includes a backup second node connected to the first node and the second device via another link. The first node is configured to receive, via the link or the other link, a group of packets (i.e., “packets”), from the second device; display a first notification that the second node can be removed when the packets are received via only the other link; display a second notification indicating that the backup second node can be removed when the packets are received via only the link; and display a third notification indicating that neither the second node nor the backup second node can be removed when the packets are not received via only the link and via only the other link. | 08-04-2011 |
| 20110188386 | PACKET-BASED MEMORY TEST OF A NETWORK DEVICE - A router may be tested using a packet-based testing technique in which the test packets are generated by the router. In one implementation, a forwarding plane in a router may include a first component to process header information of packets to determine forwarding information, and a memory component to store payload data for the packets. A control plane of the router may generate test packets, insert the test packets into the forwarding plane, receive a second set of packets from the forwarding plane, analyze the second set of packets to determine whether the second set of packets correspond to the inserted plurality of test packets, and output, based on the analysis, test results, relating to the operation of the routing device. | 08-04-2011 |
| 20110187187 | CONNECTION MODULE FOR PROVIDING N+N AND M+1 REDUNDANT POWER DISTRIBUTION - A device may include an interconnect module that includes a number of ports, where each port is configured to receive both an alternating current (AC) power supply and a direct current (DC) power supply; where the interconnect module provides power from the received power supplies to a plurality of field replaceable units (FRUs). | 08-04-2011 |
| 20110185426 | DETECTION OF NETWORK SECURITY BREACHES BASED ON ANALYSIS OF NETWORK RECORD LOGS - Computer program products and methods of inspecting a log of security records in a computer network are provided. The method includes retrieving a log record, processing the log record including deriving a key to a table, determining a data value from information in the log record and adding the data value to a list of data values associated with the key if the data value is unique. One or more entries of the table are evaluated based on predetermined criteria to detect attempted security breaches. | 07-28-2011 |
| 20110185270 | DYNAMICALLY MANIPULATING CONTENT TO FORCE WEB BROWSERS TO OPEN MORE CONNECTIONS - A system may identify a group of first links in a document, where the first links correspond to a group of objects within the document and are associated with a same identifier. The system may replace the first links in the document with second links that point to a number of different identifiers, and forward the document with the second links to a client. | 07-28-2011 |
| 20110182288 | END-POINT AWARE RESOURCE RESERVATION PROTOCOL PROXY - A method performed by a first network device may include receiving a request for a resource from an end-point device and acknowledging the request for the resource to the end-point device. The method may also include receiving a resource coordination message from a second network device and transmitting a return resource coordination message to the second network device. | 07-28-2011 |
| 20110182219 | BASE STATION MODULATOR/DEMODULATOR AND SEND/RECEIVE METHOD - A base station, in a mobile communication network, includes a receive component to receive, from a higher rank station in the network, a particular data unit that includes multiple data units multiplexed together; a master processor to determine that the first portion of the particular data unit is destined for the base station and that the second portion of the particular data unit is not destined for the base station, and discard the second portion of the particular data unit; and a slave processor to determine that the second portion of the particular data unit is destined for the other base station and that the first portion of the particular data unit is not destined for the other base station, and send the second portion of the particular data unit to the other base station. | 07-28-2011 |
| 20110179484 | MALWARE DETECTION SYSTEM AND METHOD FOR MOBILE PLATFORMS - In one example, a management server is configured to provide malware protection for one or more client mobile platforms in communication with the management server via a mobile network. In the example, the management server includes a processor configured to detect malware in the mobile network, select a client mobile platform having a malware scanning agent, and, manage the malware scanning agent of the client mobile platform using a device independent secure management protocol based at least in part on the malware detected in the mobile network. | 07-21-2011 |
| 20110173520 | SYSTEMS AND METHODS FOR ROUTING DATA IN A NETWORK DEVICE - A system detects an error in a network device that receives data via a group of data streams. The system receives a data unit, where the data unit is associated with at least one of the streams and a sequence number for each of the associated streams. The system determines whether each sequence number associated with the data unit is a next sequence number for the corresponding stream, and detects an error for a particular stream when the sequence number for that stream is not a next sequence number. | 07-14-2011 |
| 20110173490 | HIGH AVAILABILITY FOR NETWORK SECURITY DEVICES - In one example, a backup intrusion detection and prevention (IDP) device includes one or more network interfaces to receive a state update message from a primary IDP device, wherein the state update message indicates a network session being inspected by the primary IDP device and an identified application-layer protocol for the device, to receive an indication that the primary device has switched over or failed over to the backup device, and to receive a plurality of packets of the network session after receiving the indication, each of the plurality of packets comprising a respective payload including application-layer data, a protocol decoder to detect a beginning of a new transaction from the application-layer data of one of the plurality of packets, and a control unit to statefully process only the application-layer data of the network session that include and follow the beginning of the new transaction. | 07-14-2011 |
| 20110173483 | FAST RESOURCE RECOVERY AFTER THREAD CRASH - A resource recovery system may maintain a counter in memory that indicates a number of times one or more threads of execution, which use shared resources, have crashed. The system may associate a first value of the counter with a resource allocated to a thread of the one or more threads, and may set an indicator associated with the thread to indicate whether the thread has crashed. The system may determine whether to re-allocate the resource to the thread based on the first value of the counter associated with the resource and based on the indicator associated with the thread. | 07-14-2011 |
| 20110170546 | LOGICAL SEPARATION AND ACCESSING OF DESCRIPTOR MEMORIES - A packet header processing engine includes a memory having a number of distinct portions for respectively storing different types of descriptor information for a header of a packet. A packet header processing unit includes a number of pointers corresponding to the number of distinct memory portions. The packet header processing unit is configured to retrieve the different types of descriptor information from the number of distinct memory portions and to generate header information from the different types of descriptor information. | 07-14-2011 |
| 20110170426 | LSP PING AND TRACEROUTE FOR BYPASS TUNNELS - A method performed by a network device may include assembling a multiprotocol label switching (MPLS) echo request, the echo request including an instruction for a transit node to forward the echo request via a bypass path associated with the transit node, and an instruction for an egress node to send an echo reply indicating that the echo request was received on the bypass path. The method may also include sending the MPLS echo request over a functioning label switched path (LSP). | 07-14-2011 |
| 20110169331 | ADAPTIVE POWER ARCHITECTURE FOR ELECTRONIC MODULES - A system may include a module that includes a component, a logic device to provide an instruction on behalf of the component, and control logic to generate a desired output voltage signal in response to a constant current, where the desired output voltage signal indicates a determined voltage that the component is configured to operate with when performing an operation. The system may include a board that includes a power supply to produce the determined voltage based on the instruction, and an interface to couple the determined voltage to the component to allow the component to perform the operation on behalf of the board, send the constant current to the control logic, and receive the desired output voltage signal from the control logic. | 07-14-2011 |
| 20110164872 | FAST CONVERGENCE ON CHILD LINK FAILURES AND WEIGHTED LOAD BALANCING OF AGGREGATE ETHERNET/SONET BUNDLES - A network device provides a selector list that includes indices of child nexthops associated with the network device, where each of the child nexthops is associated with a corresponding child link provided in an aggregated bundle of child links. The network device also receives an indication of a failure of a child link in the aggregated bundle of child links, and removes, from the selector list, an index of a child nexthop associated with the failed child link. The network device further receives probabilities associated with the child links of the aggregated bundle of child links. Each of the probabilities indicates a probability of a packet exiting the network device on a child link. The network device also creates a distribution table based on the probabilities associated with the child links, and rearranges values provided in the distribution table. | 07-07-2011 |
| 20110164618 | MEMORY ORGANIZATION IN A SWITCHING DEVICE - A router for switching data packets from a source to a destination in a network in which the router includes a distributed memory. The distributed memory includes two or more memory banks. Each memory bank is used for storing uniform portions of a data packet received from a source and linking information for each data packet to allow for the extraction of the uniform portions of a data packet from distributed locations in memory in proper order after a routing determination has been made by the router. | 07-07-2011 |
| 20110164497 | BAND CONTROL SYSTEM FOR A DIGITAL SUBSCRIBER NETWORK AND BAND CONTROL METHOD THEREFOR - A band control system for a digital subscriber line network in which a first apparatus and a second apparatus situated at a subscriber station and a center, respectively, are interconnected by a cable for interchanging at least a digital data signal with each other. The system may cause one of the first apparatus or the second apparatus to monitor receipt of signals from the other of the first apparatus or the second apparatus; send, based on a result of monitoring, a band variation command to the other apparatus for causing the other apparatus to vary a band by using a frequency band not used for signal transfer; cause the other apparatus to receive the band variation command; and vary the band in accordance with the band variation command. | 07-07-2011 |
| 20110161799 | DYNAMIC TOOLBAR FOR MARKUP LANGUAGE DOCUMENT - A toolbar that is provided or inserted in a markup language document so as to facilitate features or functionality provided by a server is disclosed. The toolbar is able to determine whether the toolbar should be displayed as part of the markup language page being displayed. In one embodiment the server is an intermediary server. | 06-30-2011 |
| 20110161793 | MODULAR DOCUMENTATION USING A PLAYLIST MODEL - A server device receives modular topics, where each of the modular topics includes a machine-readable and machine-storable work product that includes information related to a single, stand-alone topic. The server device stores the modular topics in a content repository as a topic library. The server device receives selection of topics from the topic library to generate one or more customized pathway pages, where each of the customized pathway pages includes a plurality of links to ones of the stored modular topics. The server device enables access to the modular topics stored in the content repository via the generated one or more customized pathway pages. | 06-30-2011 |
| 20110161580 | PROVIDING DYNAMIC DATABASES FOR A TCAM - A network device allocates a particular number of memory blocks in a ternary content-addressable memory (TCAM) of the network device to each database of multiple databases, and creates a list of additional memory blocks in an external TCAM of the network device. The network device also receives, by the external TCAM, a request for an additional memory block to provide one or more rules from one of the multiple databases, and allocates, by the external TCAM and to the requesting database, an additional memory block from the list of additional memory blocks. | 06-30-2011 |
| 20110161544 | LOW LATENCY SERIAL MEMORY INTERFACE - A device applies synchronous clocking across a first component and a second component of the device, and designates a particular serial link, from a group of serial links, as a master serial link. The device also designates the remaining serial links as slave serial links, provides, via the master serial link, an encoded data stream, and provides, via the slave serial links, un-encoded and scrambled data streams. | 06-30-2011 |
| 20110161489 | AUTOMATIC AGGREGATION OF INTER-DEVICE PORTS/LINKS IN A VIRTUAL DEVICE - A virtual device includes multiple devices connected to operate as a single device. A first one of the devices is configured to determine that the first device connects to a second one of the devices via a first link; identify a second link; determine that the second link connects the first device to the second device; and automatically aggregate the first link and the second link to form a link aggregation with the second device based on determining that the first device connects to the second device via both the first and second links. The first device is further configured to transmit packets to the second device via the first and second links of the link aggregation. | 06-30-2011 |
| 20110158601 | USING A WAVEGUIDE TO DISPLAY INFORMATION ON ELECTRONIC DEVICES - An electronic device includes an instrument panel that includes a display opening, where the instrument panel is located in a first plane; a circuit board located inside the electronic device, where the circuit board includes a display device that includes a display area, and where the display area is located in a second plane that is different from the first plane; and a waveguide that couples the display area to the display opening and guides light, and/or an image displayed in the display area, from the display area to the display opening. | 06-30-2011 |
| 20110158248 | DYNAMIC PRIORITIZED FAIR SHARE SCHEDULING SCHEME IN OVER-SUBSCRIBED PORT SCENARIO - A network device receives initial policer limits for a plurality of over-subscribing ingress ports, where the initial policer limits are based on existing bandwidth limits for an over-subscribed egress port associated with the over-subscribing ingress ports. The network device receives a high threshold watermark and a low threshold watermark for bandwidth usage of the over-subscribed egress port, and identifies a queue, associated with the over-subscribed egress port, with values outside the high threshold watermark or the low threshold watermark. The network device reduces the initial policer limits for the plurality of over-subscribing ingress ports when the queue has values above the high threshold watermark, and increases the initial policer limits for the plurality of over-subscribing ingress ports when the queue has values below the low threshold watermark. | 06-30-2011 |
| 20110158239 | METHOD OF COMMUNICATING PACKET MULTIMEDIA TO RESTRICTED ENDPOINTS - A method, performed in a network element, for communicating packet multimedia data between a first endpoint and a second endpoint, the method comprising the machine-implemented steps of receiving an outbound multimedia data packet; determining if the outbound multimedia data packet originated from a first endpoint that is logically behind a security device; determining and storing information identifying a logical pinhole in the security device, wherein the logical pinhole is associated with expected inbound multimedia data packets directed to the first endpoint; performing an action that keeps the logical pinhole open during all of a communication session between the first endpoint and the second endpoint; and forwarding inbound multimedia data packets directed from the second endpoint to the first endpoint via the logical pinhole. | 06-30-2011 |
| 20110158124 | MAINTAINING DATA UNIT ORDER IN A NETWORK SWITCHING DEVICE - Data units received by a network device may be classified into traffic flow classes in which the determined traffic flow class for a data unit may be dynamically refined as the data unit is processed by the network device. A dispatch component of the network device may receive data units associated with traffic flow classes. Parallel processing engines of the network device may receive the data units from the dispatch component and may generate, for a least one of the data units, a plurality of dynamically refined indications of the traffic flow class to which the data unit belongs. Additionally, an ordering component of the network device may include a plurality of re-order queues, where the at least one data unit successively progresses through at least two of the re-order queues in an order defined by the plurality of dynamically refined indications of the traffic flow class. | 06-30-2011 |
| 20110158087 | SYSTEMS AND METHODS FOR REDUCING REFLECTIONS AND FREQUENCY DEPENDENT DISPERSIONS IN REDUNDANT LINKS - A network device includes a group of high speed redundant transmission lines and a switch. The switch is configured to select one of the high speed redundant transmission lines. The switch causes reflections and frequency dependent dispersions in the selected high speed redundant transmission line. The network device further includes a transmitting device that is configured to adjust signals transmitted over the selected high speed redundant transmission line so as to reduce the reflections and frequency dependent dispersions. | 06-30-2011 |
| 20110155434 | BGA FOOTPRINT PATTERN FOR INCREASING NUMBER OF ROUTING CHANNELS PER PCB LAYER - A printed circuit board (PCB) includes a ball grid array (BGA). The PCB further includes a first BGA pad having a circular shape, and a first via having a circular shape, where the circular shape of the first via overlaps a portion of the circular shape of the first BGA pad and is rotated diagonally relative to a center of the first BGA pad. The PCB also includes a second BGA pad having a circular shape, and a second via having a circular shape, where the circular shape of the second via overlaps a portion of the circular shape of the second BGA pad and is rotated diagonally relative to a center of the second pad, and where a center of the second via is located at a first distance from the center of the first via and at a first angle relative to an axis that crosses a center of the first via. | 06-30-2011 |
| 20110154440 | DYNAMIC HOST CONFIGURATION PROTOCOL (DHCP) AUTHENTICATION USING CHALLENGE HANDSHAKE AUTHENTICATION PROTOCOL (CHAP) CHALLENGE - A method performed by a Dynamic Host Configuration Protocol (DHCP) server comprising receiving a DHCP DISCOVER message from a DHCP client; generating a challenge in response to the DHCP DISCOVER message; sending the challenge to an authentication device; receiving a first challenge response from the authentication device; generating a DHCP OFFER message; sending the challenge to the DHCP client in the DHCP OFFER message; receiving a DHCP REQUEST message that includes a second challenge response from the DHCP client; comparing the first challenge response with the second challenge response; and authenticating the DHCP client when the first challenge response and the second challenge response match. | 06-23-2011 |
| 20110153854 | SESSION MIGRATION BETWEEN NETWORK POLICY SERVERS - A policy device grants access to a client device, without authenticating the client device, when the client device provides a session identifier to the policy device that was previously granted to the client device by a second policy device upon authenticating the client device by the second policy device. In one example, a policy device includes a network interface that receives a session identifier from a client device, wherein the policy device comprises an individually administered autonomous policy server, and an authorization module that grants the client device access to a network protected by the policy device based on the session identifier without authenticating the client device by the policy device. In this manner, the client device need not provide authentication information multiple times within a short time span, and the policy device can deallocate resources when a session migrates to a second policy device. | 06-23-2011 |
| 20110149977 | AVOIDING UNFAIR ADVANTAGE IN WEIGHTED ROUND ROBIN (WRR) SCHEDULING - A network device includes multiple queues to store packets to be scheduled, and a weighted round-robin (WRR) scheduler. The WRR scheduler performs a first WRR scheduling iteration including processing of at least one packet from a particular queue of the multiple queues, identifies the particular queue as an empty queue during the performing of the first WRR scheduling iteration, identifies the particular queue as a non-empty queue after the identifying the particular queue as the empty queue, and performs a second WRR scheduling iteration including processing of only one packet of a group of packets from the particular queue of the multiple queues. | 06-23-2011 |
| 20110149784 | CALL ADMISSION CONTROL METHOD AND SYSTEM - A call admission control technique allowing flexible and reliable call admissions at an ATM switch in the case of an ATM network including both QoS-specified and QoS-unspecified virtual connections is disclosed. In the case where a QoS (Quality of Service) specified connection request occurs, an estimated bandwidth is calculated which is to be assigned to an existing QoS-unspecified traffic on the link associated with the QoS-specified connection request. A call control processor of the ATM switch determines whether the QoS-specified connection request is accepted, depending on whether a requested bandwidth is smaller than an available bandwidth that is obtained by subtracting an assigned bandwidth and the estimated bandwidth from a full bandwidth of the link. | 06-23-2011 |
| 20110149743 | Network distribution prevention when virtual chassis system undergoes splits and merges - A method performed by network devices that includes operating in a normal mode, where the network devices form a virtual chassis that corresponds to a single logical network device; detecting when a failure within the virtual chassis occurs; executing a splitting process to form one or more new virtual chassis in correspondence to the failure; determining whether one of the one or more new virtual chassis operates as a functioning virtual chassis based on whether at least one of a set of criteria is satisfied, where the functioning virtual chassis operates according to resources configured for the virtual chassis; and operating as a nonfunctioning virtual chassis when it is determined that the one of the one or more virtual chassis does not satisfy the at least one of the set of criteria, where the nonfunctioning virtual chassis operates in a pass-through mode. | 06-23-2011 |
| 20110145893 | WEB RESOURCE REQUEST PROCESSING - Improved approaches for providing secure remote access to email resources maintained on private networks are disclosed. The secure access can be provided through a public network using a standard network browser. Multiple remote users are able to gain restricted and controlled access to email on a mail server within a private network through a common access point. The solution provided by the improved approaches allow not only native access to email resources but also robust authentication approaches. | 06-16-2011 |
| 20110145209 | ATOMIC DELETION OF DATABASE DATA CATEGORIES - A device may maintain, in a database, a plurality of data items, each data item of the plurality of data items being associated with a respective category and supplemental information relating to deletion of the data item. The device may associate a group of counters with at least one of the categories and receive a deletion request corresponding to one of the group of categories, the deletion request including the supplemental information. The device may identify a counter associated with the category corresponding to the deletion request based on the supplemental information. The device may then increment the identified counters and selectively delete the data items based on values of the counters. | 06-16-2011 |
| 20110145206 | ATOMIC DELETION OF DATABASE DATA CATEGORIES - A device maintains, in a database, a plurality of data items, each data item of the plurality of data items being associated with a respective category. The device associates, in the database, a first counter value with each data item, the first counter value indicating a number of times the respective category has been deleted from the database at a time when the data item was stored in the database. The device associates, in the database or another database, a second counter value with the respective category, the second counter value indicating a current value for a number of times the respective category has been deleted from the database. The device selectively deletes, from the database, one or more data items of the plurality of data items from the database based on the first counter values and the second counter value. | 06-16-2011 |
| 20110142070 | SYSTEMS AND METHODS FOR HANDLING PACKET FRAGMENTATION - A packet header processing engine receives a header of a packet. The received header includes a size of the packet. A maximum transfer unit size of a destination interface of the packet may be determined. The packet header processing engine determines whether the size of the packet exceeds the maximum transfer unit size of the destination interface. If the size of the packet does not exceed the maximum transfer unit size of the destination interface, the packet header processing engine generates a new header from the received header. If the size of the packet exceeds the maximum transfer unit size of the destination interface, the packet header processing engine generates a fragment header from the received header. The packet header processing engine may recycle the fragment header for further processing in addition to forming a first fragment packet from the fragment header. | 06-16-2011 |
| 20110142065 | BANDWIDTH MANAGEMENT SWITCHING CARD - A bandwidth management card includes a switch control unit and multiple ports connected to one or more line cards that are separate from the bandwidth management card. The bandwidth management card further includes at least one switch, and multiple network ports, where each of the multiple network ports is connected to a respective link to at least one external network. A first switch of the at least one switch receives instructions from the switch control unit, switches a first subset of the multiple network ports through to a first port of the multiple ports based on the received instructions, and switches a second subset of the multiple network ports through to a second port of the multiple ports based on the received first instructions. | 06-16-2011 |
| 20110142063 | MULTI-LINK TRANSPORT PROTOCOL TRANSLATION - A device may receive a packet at a network device, and may retrieve from a table, by using information in a header of the packet as keys, records that include communication performance statistics associated with transport protocols. In addition, the device may select, based on the records, a transport protocol with an optimum communication performance statistics among the transport protocols and send the packet in accordance with the selected transport protocol from the network device. | 06-16-2011 |
| 20110141917 | PROTOCOL FREE TESTING OF A FABRIC SWITCH - A switch fabric for a modular router may be tested without connecting the switch fabric portion of the router to the other modular portions of the router. The switch fabric may generate test data units and insert the test data units into one or more elements of the switch fabric. The switch fabric may operate with the inserted test data units. A control component may receive data units from the switch fabric after operation of the switch fabric and analyze the received data units to determine whether the received data units correspond to the inserted test data units. | 06-16-2011 |
| 20110141881 | LIMITING CONTROL TRAFFIC IN A REDUNDANT GATEWAY ARCHITECTURE - Control traffic in a virtual LAN (VLAN) may be reduced. In one implementation, a network device may implement one of a plurality of redundant gateway devices in a virtual router that includes one or more other network devices, where the network device and the one or more other network devices are associated with a first address that corresponds to the virtual router. The network device may filter egress traffic to drop egress traffic that includes a particular destination address and that is at an interface of the device that is not needed to deliver control traffic. | 06-16-2011 |
| 20110134921 | ATM SWITCH WITH OAM FUNCTIONS - An ATM switch allowing simplified OAM processing only on the line incoming side is disclosed. An incoming line circuit has a header conversion table storing information indicating whether the system is an end point of an OAM processing flow for each connection and an OAM table storing an AIS flag and an RDI flag for each connection. As for an OAM cell found by referring to these tables to be forced to go back to its own port, an switch output port number is rewritten in the OAM function section. In addition, in the case of an AIS cell, the function type is rewritten so as to become an RDI cell. In the case of an LB cell, the LB indication is rewritten so as to become a return LB cell, and switching to its own port is conducted in the ATM switch core. | 06-09-2011 |
| 20110134803 | CONFIGURING NETWORKS INCLUDING SPANNING TREES - A method may include receiving a reconfiguration to a first Virtual Local Area Network (VLAN)/spanning tree table, where the first VLAN/spanning tree table has a first identifier and is associated with a region of a network; updating the first VLAN/spanning tree table to generate a second VLAN/spanning tree table based on the reconfiguration; determining a second identifier of the second VLAN/spanning tree table; and generating a list of identifiers associated with the region of the network, the list including the first identifier and the second identifier. | 06-09-2011 |
| 20110134752 | MULTILINK TRAFFIC SHAPING - A method for performing multilink communications may include applying a quality-of-service (QoS) policy to incoming traffic, where the QoS policy operates to identify a first portion and a second portion of the incoming traffic. The method may include fragmenting the first portion of the incoming traffic into a group of fragments. The method may include sequencing the group of fragments and the second portion of the incoming traffic into a sequenced flow, where the sequencing causes the second portion to be interleaved among the group of fragments so that the sequenced flow can be made available to a first link and a second link as multilink traffic, where the first link carries a first portion of the multilink traffic and the second link carries a second portion of the multilink traffic. | 06-09-2011 |
| 20110131478 | METHOD AND SYSTEM FOR MODIFYING SCRIPT PORTIONS OF REQUESTS FOR REMOTE RESOURCES - Techniques for modifying a script portion of markup language documents are described. By modifying the script portion of markup language documents, access to resources residing on remote servers through an intermediate server is facilitated. The script portions can be modified at the intermediate server, client devices, or both. | 06-02-2011 |
| 20110128988 | TEMPERATURE CONTROL OF CONDUCTION-COOLED DEVICES DURING TESTING AT HIGH TEMPERATURES - A high temperature testing system for an electronic device may include a testing chamber in which the temperature of ambient air in the testing chamber may be maintained at a desired testing temperature and the surface temperature of the electronic device may be maintained at a second desired testing temperature, where the ambient air temperature and the surface temperature of the electronic device may be set to be equal to one another. In one implementation, a system may control operation of a fan based on the surface temperature of the electronic device. The system may further include a testing apparatus that includes a heat exchanger connected to an inlet hose such that blown air is passed over the heat exchanger to cool the heat exchanger. A temperature sensor may be attached to the heat exchanger and may generate the temperature signal. | 06-02-2011 |
| 20110128964 | ATM CONNECTION BAND CONTROL METHOD AND CONTROL SYSTEM - An asynchronous transfer mode (ATM) connection band control system, in an ATM network, may include a first memory, a second, different memory, and a connection-setting control portion. The first memory may store, in a buffer control memory, band acquiring data of a connection, the first memory preliminarily acquiring a connection band for the connection, irrespective of the connection being a switched virtual connection (SVC) or a permanent virtual connection (PVC). The second, different memory may store acquired band data of a currently established connection, irrespective of the currently established connection being a PVC or an SVC. The connection-setting control portion may control a setting of the currently established connection, where a band for the currently established connection, irrespective of the currently established connection being a PVC or an SVC, is preliminarily set as the band acquiring data. | 06-02-2011 |
| 20110128957 | MULTICAST TREE STATE REPLICATION - A network device may include a first memory to store a primary multicast tree state table for storing next-hop information for a multicast tree corresponding to a multicast stream; a second memory to store a secondary multicast tree, different than the primary multicast tree, state table for storing the next-hop information for the multicast tree corresponding to the multicast stream; a receiver to receive a data unit from a neighbor network device, the data unit including information regarding a next-hop in the multicast tree; and one or more processors. The one or more processors may update the primary multicast tree state table based on the information regarding the next-hop in the multicast tree, and update the secondary multicast tree state table, in response to the one or more processors updates the primary multicast tree state table, based on the information regarding the next-hop in the multicast tree. | 06-02-2011 |
| 20110128793 | PREAMBLE DETECTION AND POSTAMBLE CLOSURE FOR A MEMORY INTERFACE CONTROLLER - A memory controller, such as a memory controller for reading data received from a DDR SDRAM memory, may detect the beginning and end of a read cycle. The memory controller may include a preamble detection circuit to receive a strobe signal and output a first control signal indicating detection of a preamble window in the strobe signal that indicates a beginning of the read cycle, where the first control signal is delayed based on a selectable delay period applied to the first control signal. The memory controller may further include a first gate to, based on the first control signal, either output the strobe signal for reading of the data lines or block the strobe signal, and the control logic to set an amount of the selectable delay period for the preamble detection circuit. | 06-02-2011 |
| 20110122892 | SCALABLE CENTRAL MEMORY SWITCHING FABRIC - A system receives a set of datagrams and forms frames based on the datagrams, where at least one of the frames includes data associated with multiple ones of the datagrams. The system writes the frames to memory to form superframes in the memory, where each of the superframes includes multiple ones of frames. The system reads the superframes from the memory, recreates the datagrams based on the superframes, and outputs the datagrams. | 05-26-2011 |
| 20110122887 | COORDINATED QUEUING BETWEEN UPSTREAM AND DOWNSTREAM QUEUES IN A NETWORK DEVICE - A system determines a scheduling value based on a current length of a downstream queue in a network device. The system sends the scheduling value from the downstream queue to an upstream queue and schedules dequeuing of one or more data units, destined for the downstream queue, from the upstream queue based on the scheduling value. | 05-26-2011 |
| 20110122876 | SUBSCRIBER NETWORK SYSTEM AND METHOD OF SETTING INFORMATION IN CONCENTRATOR THEREOF - A subscriber network system is provided which is capable of reducing the response time and reducing the device cost. In the subscriber network system, a control cell is received that includes an ID portion, a data portion, and a cyclic redundancy check (CRC) portion. The control cell is processed in cooperation with a virtual path identifier (VPI), where the processing obtains the ID portion and the CRC portion. The ID portion and the CRC portion are processed and the ID portion is compared to a first stored value and the CRC portion is compared to a second stored value to produce information. A cell is produced to include the information and the produced cell is used to facilitate a connection in a network. | 05-26-2011 |
| 20110122875 | STS FRAME-ATM CELL CIRCUIT EMULATION APPARATUS AND FRAME LENGTH COMPENSATION METHOD FOR THE SAME - A circuit simulation apparatus is disclosed by which, even if an STS-N frame of an abnormal length is detected by a reassembly buffer, the frame length can be compensated for while preventing an overflow of the reassembly buffer. When an STS-(N×M) frame formed by multiplexing M STS-N frames formed from different channels is cellularized into ATM cells or M different STS-N frames assembled from ATM cells are multiplexed into an STS-(N×M) frame, an ATM cell sync signal and ATM cell data from a buffer section are outputted as a frame pulse signal and frame data from a reassembly section to a circuit termination section, and frame length compensation of the frame pulse signal and the frame data is performed by the reassembly section. | 05-26-2011 |
| 20110119421 | MULTIPLE CONCURRENT ARBITERS - Plural arbiters arbitrate over a set of queues. The arbiters are constructed as a series of pipelined stages. Conflict detection logic detects conflicts among the arbiters in arbitrating across the queues, and, when a conflict is detected, the conflict detection logic alters processing related to conflicting queues in one arbiter when another arbiter has not passed a predetermined commit point in processing the queue. | 05-19-2011 |
| 20110118889 | INCREASING MEAN TIME BETWEEN FAILURES FOR POWER SUPPLIES - A redundant power supply may obtain a rule for increasing mean time between failures (MTBF) for a first internal power supply and a second internal power supply connected to an electronic device, apply the rule to the first and second power supplies, activate the second internal power supply based on the rule to permit the second internal power supply to provide power to the electronic device, and deactivate the first internal power supply based on the rule. | 05-19-2011 |
| 20110116362 | METHOD AND APPARATUS FOR HITLESS FAILOVER IN NETWORKING SYSTEMS USING SINGLE DATABASE - A device includes a master control card that performs control plane processing, a backup control card, where the backup control card takes over control plane processing if the master control card goes out of service, and a database card that connects to the master control card and the backup control card, where the database control card stores information relating to control plane processing. A method of achieving hitless failover in a network element includes detecting that a master control card of the network element has gone out of service, designating the backup control card as a new master control card of the network element, establishing communication with a database card of the network element, and retrieving protocol states information from the database card. | 05-19-2011 |
| 20110115291 | REDUNDANT POWER SYSTEM SWITCH FOR BACKUP POWER SWITCHING WITHOUT POWER INTERRUPTION - A redundant power system includes a redundant power source, a first switch, a second switch, and a control circuit. The first switch connects between the redundant power source and a low priority remote system, where the first switch has a characteristic of turning off faster than the first switch turns on. The second switch connects between the redundant power source and a high priority remote system, where the second switch has a characteristic of turning off faster than the second switch turns on. The control circuit applies a first control signal to the first switch to cause the redundant power source to connect through the first switch to the low priority remote system via a switched connection, determines if the high priority remote system requires redundant power, applies a second control signal to the first switch to open the switched connection when the high priority remote system requires redundant power, initiates a delay timer, and applies a third control signal to the second switch, upon an expiration of the delay timer, to cause the redundant power source to connect through the second switch to the high priority remote system. | 05-19-2011 |
| 20110110373 | COMPOSITE NEXT HOPS FOR FORWARDING DATA IN A NETWORK SWITCHING DEVICE - A network device includes a memory, a routing engine and a forwarding engine. The memory stores a forwarding table and the routing engine constructs a first composite next hop that includes multiple next hops, where each of the multiple next hops represents an action to be taken on a data unit as it transits the network device or represents another composite next hop, and where the first composite next hop specifies a function to be performed on the plurality of next hops. The routing engine further stores the composite next hop in an entry of the forwarding table. The forwarding engine retrieves the composite next hop from the forwarding table, and forwards a data unit towards one or more network destinations based on the composite next hop. | 05-12-2011 |
| 20110110372 | SYSTEMS AND METHODS TO PERFORM HYBRID SWITCHING AND ROUTING FUNCTIONS - A system aggregates connections to multiple customer devices. The system receives data, performs switching functions on the data when the data is to be transmitted in a first direction, performs routing functions on the data when the data is to be transmitted in a second direction, and transmits the data in the first or second direction. | 05-12-2011 |
| 20110109160 | VOLTAGE MONITORING CIRCUIT FOR REDUNDANT POWER SYSTEMS - A redundant power system determines a rate of decline of a voltage supplied by a remote power source. The redundant power system further supplies power from a redundant power source to the remote power source based on the determined rate of decline of the voltage supplied by the remote power source. | 05-12-2011 |
| 20110107101 | PASSWORD-AUTHENTICATED ASYMMETRIC KEY EXCHANGE - Communicating keys between network devices on a network using asymmetric cryptographic techniques, for which asymmetric keys may be derived from a single (same) password. Knowledge or partial knowledge of the password may be the only information shared between parties prior to execution of a key exchange, and may be the only criteria by which one party will base trust in the other. A first network device may encrypt a key using a password-based key derived from a password, and authenticate a second device based on the second network device's ability to decrypt the encrypted key using a key derived from the same password. Knowledge of the password may be conveyed by the second device to the first device—a session key may be generated as a function of the decrypted key, and a function of this session key may be communicated from the second device to the first device. | 05-05-2011 |
| 20110103228 | OSPF POINT-TO-MULTIPOINT OVER BROADCAST OR NBMA MODE - A network device identifies an Open Shortest Path First (OSPF) link between the network device and a layer 2 network as one of a point-to-multipoint over broadcast interface or a point-to-multipoint over non-broadcast multi access (NBMA) interface, and performs database synchronization and neighbor discovery and maintenance using one of a broadcast model or a NBMA model. The network device also generates a link-state advertisement for the network device, where the link-state advertisement includes a separate link description for each point-to-point link within the layer 2 network; and sends the link-state advertisement to each fully adjacent neighbor in the layer 2 network. | 05-05-2011 |
| 20110103220 | HIGH CAPACITY ROUTER HAVING REDUNDANT COMPONENTS - A router includes multiple routing engines. If the active routing engine fails, a backup one of the routing engines detects the failure and assumes the role of active routing engine. A redundancy controller circuit, connected to the multiple routing engines, facilitates the selection and switching of the routing engines. Portions of the packet forwarding engine, in addition to the routing engine, may be redundantly implemented. The active routing engine controls the selection of the redundant portion of the packet forwarding engine. | 05-05-2011 |
| 20110099409 | DELAYING ONE-SHOT SIGNAL OBJECTS - A device may include a processor to execute a thread. The processor may be further configured to execute a set of wrappers that are called from within the thread to invoke a set of one-shot signal objects to generate delayed signals. Each of the set of wrappers may be configured to detect whether different ones of one-shot signal objects that were invoked from within the thread have generated signals at periodic time intervals, determine a delay to be used for invoking one of the set of one-shot signal objects, and invoke the one of the set of one-shot signal object to generate one of the delayed signals based on the delay when the different ones of one-shot signal objects have generated signals at periodic time intervals. The processor may be further configured to receive the delayed signals generated from the set of one-shot signal objects over a time period. | 04-28-2011 |
| 20110099257 | SYSTEMS AND METHODS FOR INTERFACING WITH NETWORK INFORMATION COLLECTION DEVICES - A network device may include logic configured to receive a problem report from a second network device, where the problem report includes event data, determine at least one of an action to perform or whether reconfiguration information is associated with the event data in the received problem report and add information to the received problem report to provide a reformatted problem report and transmit the reformatted problem report to a third network device when it is determined that reconfiguration information is not associated with the event data in the problem report. | 04-28-2011 |
| 20110096689 | SYSTEMS AND METHODS FOR DETERMINING THE BANDWIDTH USED BY A QUEUE - A system determines bandwidth use by queues in a network device. To do this, the system determines an instantaneous amount of bandwidth used by each of the queues and an average amount of bandwidth used by each of the queues. The system then identifies bandwidth use by each of the queues based on the instantaneous bandwidth used and the average bandwidth used by each of the queues. | 04-28-2011 |
| 20110093603 | VIRTUAL FOLDERS FOR TRACKING HTTP SESSIONS - Requests from a client to a network device are authenticated based on a session ID obtained by the network device. Requests may be authenticated by obtaining a session ID value when a session is initiated and transmitting a document to the client that embeds the session ID in such a manner that additional requests to the network device based on the document include the session ID in the request. The additional requests are authenticated based on a determination of whether the session ID is included in the additional requests. | 04-21-2011 |
| 20110091209 | SELECTOR IN SWITCHING MATRIX, LINE REDUNDANT METHOD, AND LINE REDUNDANT SYSTEM - There is provided a line redundant method for implementation of line switching in a switching matrix, including the bridge step of outputting a data signal to a plurality of redundant lines in the switching matrix, and the selector step of selecting only a data signal, of a plurality of data signals input from another switching matrix other than the switching matrix through the plurality of redundant lines, which is input through a redundant line required in the switching matrix, and not selecting the data signals input to the switching matrix through the lines other than the required redundant line. A line redundant system for implementing this method is also provided. | 04-21-2011 |
| 20110090784 | METHOD AND APPARATUS FOR FAST REROUTE IN A CONNECTION-ORIENTED NETWORK - A method and an apparatus for rapidly resuming, at times of failures, network traffic in a connection-oriented network by using an alternative route pre-computed and stored locally in nodes along an initial route without requiring signaling of upstream nodes or a master server. | 04-21-2011 |
| 20110087930 | SELF-CLEANING MECHANISM FOR ERROR RECOVERY - A system manages a buffer having a group of entries. The system receives information relating to a read request for a memory. The system determines whether an entry in the buffer contains valid information. If the entry is determined to contain valid information, the system transmits the information in the entry in an error message. The system may then store the received information in the entry. In another implementation, the system stores data in one of the entries of the buffer, removes an address corresponding to the one entry from an address list, and starts a timer associated with the one entry. The system also determines whether the timer has exceeded a predetermined value, transferring the data from the one entry when the timer has exceeded the predetermined value, and adds the address back to the address list. | 04-14-2011 |
| 20110082952 | MULTI-READER MULTI-WRITER CIRCULAR BUFFER MEMORY - A system for managing a circular buffer memory includes a number of data writers, a number of data readers, a circular buffer memory; and logic configured to form a number of counters, form a number of temporary variables from the counters, and allow the data writers and the data readers to simultaneously access locations in the circular buffer memory determined by the temporary variables. | 04-07-2011 |
| 20110080922 | DSL TERMINAL-EXCHANGE DEVICE CONNECTING SYSTEM AND METHOD - A network device includes a media gateway to receive and process a voice over digital subscriber line (VoDSL) communication to generate voice data in a predetermined format; a terminating unit to receive another type of voice communication and output voice data in the predetermined format; and a control unit to receive the generated voice data from the media gateway and the outputted voice data from the terminating unit, where the network device exchanges at least one of the VoDSL communication to the other type of voice communication or the other type of voice communication to the VoDSL communication. | 04-07-2011 |
