Entries |
Document | Title | Date |
20080205409 | METHOD AND SYSTEM OF IMPLEMENTING VIRTUAL LOCAL AREA NETWORKS (VLANS) WITH TEAMED COMMUNICATION PORTS - A method and system of implementing virtual local area networks (VLANs) with teamed communication ports. At least some of the illustrative embodiments are methods comprising teaming a plurality of communication ports to form a single virtual communication port (the single virtual port comprising a first set of ports and a second set of ports), sending messages belonging to a first virtual local area network (VLAN) exclusively over the first set of ports from a first device to a second device, and sending messages belonging to a second VLAN exclusively over the second set of ports from the first device to the second device. | 08-28-2008 |
20080219270 | APPARATUS FOR LIMITING VPNv4 PREFIXES PER VPN IN AN INTER-AUTONOMOUS SYSTEM ENVIRONMENT - An apparatus for limiting Virtual Private Network (VPNv4) prefixes per VPN in an inter-autonomous system environment are presented. A limit on the number of VPNv4 routes per VPN for a Route Distributor (RD) or a group of RDs associated with a VPN is defined, at an Autonomous System Border Router (ASBR). When the number of received routes at the ASBR exceeds the limit, then a soft notification is sent to a neighboring ASBR and routes exceeding the limit are discarded at the ASBR. | 09-11-2008 |
20080232379 | Configuration Tool for MPLS Virtual Private Network Topologies - Configuration tool for virtual private network (VPN) topologies. In particular implementations, a method includes accessing a network topology configuration set comprising one or more route target groups (RTGs), wherein each RTG comprises a topology type identifier, one or more site identifiers, one or more role identifiers associated with each of the site identifiers, and one or more route target identifiers; generating one or more route target statements, based on the topology type identifier and role identifiers of one or more RTGs, defining the export or import of network layer reachability information between one or more routing nodes in a virtual private network (VPN) topology; and transmitting the one or more route target statements to one or more routing nodes. | 09-25-2008 |
20080240113 | SYSTEM AND METHOD OF MODIFYING DATA PACKET TAGS - A system and method of managing data packets for transmission in a virtual network are disclosed. In some implementations, a network switch may generally comprise a packet modifier that modifies a VLAN tag state of a packet to be egressed as a function of an egress interface and a VLAN-ID assignment. The modified VLAN tag state may include one or more VLAN tags that are in a different order, or that have a different content, in comparison to the VLAN tags of the packet at the time of ingress. | 10-02-2008 |
20080240114 | Data Frame Forwarding Method By Data Relay Entity And Data Relay Entity - The present disclosure discloses a data frame forwarding method for forwarding a data frame via a data relay entity DRE applicable in an Ethernet, including: setting one or more ports of the DRE to be V-Switch enabled, and configuring one or more of the V-Switched DRE ports to operate in the V-Switch function and in an Ethernet function shared mode; configuring decision polices for forwarding a received data frame through the V-Switch function in the shared mode; when the data frame is received though the ports of the DRE configured in the shared mode, if flag information carried in the data frame matches the decision policies, forwarding the data frame through a forwarding process corresponding to the V-Switch function; otherwise forwarding the data frame through a forwarding process corresponding to an Ethernet function. | 10-02-2008 |
20080253380 | SYSTEM, METHOD AND PROGRAM TO CONTROL ACCESS TO VIRTUAL LAN VIA A SWITCH - System method and program for controlling access to a VLAN via a port of a VLAN switch system. In response to receipt of a message packet at the port, the switch system determines if a MAC address of the packet matches a MAC address for which the port has been programmed to recognize as a MAC address of a device authorized to communicate with the port. The MAC address of the packet does not match a MAC address for which the port has been programmed to recognize as a MAC address of a device authorized to communicate with the port. In response, the switch system blocks the packet if a rate of ill-formed packets and/or packets from an unrecognized MAC address exceeds a threshold pass rate. The threshold pass rate can be adjusted based on the rate of change of receipt of ill-formed packets and/or packets from an unrecognized MAC address. | 10-16-2008 |
20080259934 | DISTRIBUTED VIRTUAL SYSTEM TO SUPPORT MANAGED, NETWORK-BASED SERVICES - Methods and systems are provided for allocating network resources of a distributed virtual system to support managed, network-based services. According to one embodiment, a VR-based switch having multiple processing elements is configured for operation at an Internet POP. An NOS is provided on each of the processing elements. Resources of the VR-based switch are segmented between a first and second subscriber by mapping VRs assigned to the first and second subscriber onto appropriate processing elements. Then, a first and second set of customized services are configured, each including two or more of firewalling, virtual private networking, encryption, traffic shaping, routing and network address translation (NAT), to be provided by the VR-based switch. Customized services are configured by allocating appropriate service object groups to the VRs, which can be dynamically distributed by the NOS to customized processors of the processing elements to achieve desired computational support. | 10-23-2008 |
20080279196 | Differential Forwarding in Address-Based Carrier Networks - The invention relates to enabling differential forwarding in address-based carrier networks such as Ethernet networks. There is described a method of and connection controller for establishing connections ( | 11-13-2008 |
20080291921 | Pseudo Wire Label Reflector, an Edge Equipment, a Two-Layer Virtual Network and a Method of Providing Pseudo Wire Service - A pseudo wire label reflector, based on a existing label distribution router, further includes: a mode management unit, for determining the mode for switching and transferring a pseudo wire label message; a first session management unit, for saving the support information that LDP signaling session connection supports the pseudo wire label reflecting capacity; a first pseudo wire label receiving unit, for receiving a pseudo wire label message; a first pseudo wire management unit, for saving the switched pseudo wire state and deciding whether to modify the pseudo wire label message according to the switch and transfer mode determined by the mode management unit; a first pseudo wire label sending unit, for sending the pseudo wire label message. The invention also provides an edge apparatus, a L2 VPN and a method for providing pseudo wire service in PSN. The present invention makes PE equipments participating pseudo wire service to set up PSN tunnel and LDP signaling session connection with the pseudo wire label reflector by introducing the pseudo wire label reflector and extending the capacity that the current edge apparatus supports the pseudo wire label reflector. | 11-27-2008 |
20080291922 | Method of Preventing Transport Leaks in Hybrid Switching Networks by Extension of the Link Layer Discovery Protocol (LLDP) - An apparatus comprising a processor configured to implement a method comprising receiving a first data structure comprising a first virtual local area network identifier (VID) and a first forwarding type, comparing the first VID and a first forwarding type with a second VID and a second forwarding type in a second data structure, and reporting a misprovisioned data structure if the first VID is the same as the second VID and the first forwarding type is not the same as the second forwarding type. Also disclosed is a method comprising implementing a network protocol to forward provisioning information in a plurality of VID Tables corresponding to a plurality of nodes, and analyzing the provisioning information to detect misprovisioned nodes. | 11-27-2008 |
20080298373 | Secure VLANs - A VLAN is implemented with a logical hub and spoke topology that obviates local switching. Member devices are connected to a hub device such as a router via intermediate devices such as Layer 2 switches that support individual IP subnets within the VLAN. The Layer 2 switch does not allow bridging, so there is no IP subnet broadcast domain. Further, the Layer 2 switch implements only a single logical broadcast uplink port which is connected to the router. The Layer 2 switch also implements only point-to-point downlink ports, i.e., to individual member devices. Consequently, all traffic is forced to flow through the router, e.g., broadcast traffic, multicast traffic and traffic of unknown destination received by the Layer 2 switch from a member device is only flooded to the router, and the router performs intra-subnet routing in addition to routing between subnets and between VLANs. The router subjects all traffic to security measures and provide services including packet inspection, firewall, policing, metering, accounting, anti-virus, marking, filtering and encryption, and thereby reduce or eliminate the drawbacks associated with local switching. | 12-04-2008 |
20080310421 | Managing Connectivity in a Virtual Network - Embodiments include methods, apparatus, and systems for managing connectivity in a virtual network. One embodiment determines if information received from a device in a virtual land area network (VLAN) matches a configuration of a virtual connect domain (VCD) in order to label links as being either internal or external. | 12-18-2008 |
20080310422 | DATA CENTER VIRTUAL LOCAL AREA NETWORK SYSTEM AND METHOD - A method, system and service for a data center computer network. A core network switches data using a first protocol layer. A first access switch is in electrical communication with the core network. The first access switch communicates the data to the core network using the first protocol layer. A second redundant access switch forms a first access switch pair with the first access switch. The second access switch is in electrical communication with the core network and communicates the data using the first protocol layer. The second access switch is in electrical communication with first access switch and communicates with the first access switch using a second protocol layer. The second protocol layer is at lower OSI level than the first protocol layer. The first access switch and the second access switch are configured to form a first VLAN. A first edge device is in electrical communication with the first access switch and the second access switch. The first edge device is part of the first VLAN. | 12-18-2008 |
20080310423 | Synchronization of Message Stream in a Multi-tier Messaging System - A group communication service is adapted for multi-point to multi-point communication. Identical message streams are received by a tier of processing servers from a tier of sources. The processing servers deliver the message streams to a tier of destinations. The group communication service enables the processing servers to deal with newly added message streams and deleted message streams while preserving total ordering. | 12-18-2008 |
20080310424 | SYSTEM AND METHOD TO PROVIDE MULTIPLE PRIVATE NETWORKS USING MPLS - A system and method are supplied to provide multiple private networks. The system can include an Multi-Protocol Label Switching (MPLS) interface configured to receive a plurality of data stream types from a packet switched network. A plurality of local area network ports can be configured to communicate data to local area networks. A switching process can be provided between the MPLS interface and the local area network ports. The switching process can be configured to map individual data stream types from the MPLS interface to each of the respective local area network ports. In addition, the switching process can communicate packets between the MPLS interface and the mapped local area network ports. | 12-18-2008 |
20080317042 | EXTENSIBLE FRAMEWORK FOR COMPATIBILITY TESTING - A method of receiving mobile code includes receiving, from a source node, a dependency descriptor describing at least one permitted configuration, each configuration comprising necessary conditions on a destination node to execute mobile code, executing, on the destination node, checker code associated with the conditions described in the dependency descriptor, and, if at least one configuration is compatible, receiving the mobile code at the destination node. | 12-25-2008 |
20090003353 | Cross-layer approach to virtualized overlay on ad hoc networks - Methods and apparatus to a cross-layer approach to virtualized overlay on ad hoc networks are described. In one embodiment, a virtual address may be used to search for a (key,value) pair in a virtual overlay. Other embodiments are also described. | 01-01-2009 |
20090010265 | Flexible mapping of virtual local area networks to Ethernet virtual circuits - A method includes configuring multiple Ethernet Virtual Circuits (EVCs) for communicating with respective service gateways that provide respective communication services. A data packet, which belongs to a Virtual Local Area Network (VLAN) and is associated with a communication service from among the communication services, is accepted. The data packet is mapped to an EVC from among the multiple EVCs responsively to the VLAN to which the data packet belongs and to the communication service with which the data packet is associated. The data packet is sent over the EVC to the service gateway, in order to provide the communication service. | 01-08-2009 |
20090016357 | SEPARATE SECURE NETWORKS OVER A NON-SECURE NETWORK - Systems and methods for creating and operating separate secure networks over a non-secure network are described herein. Some illustrative embodiments include a system that includes a router with one or more ports and control logic coupled to the one or more ports (the control logic capable of establishing a plurality of secure data paths with at least one other router across a network), and a plurality of external storage devices (each storage device separate from the router but capable of being detachably coupled to a port of the one or more ports, and each external storage device comprising configuration data defining one or more secure data paths of the plurality of secure data paths). Configuration data stored in a first external storage device of the plurality of external storage devices is different from configuration data stored in a second external storage device of the plurality of external storage devices. | 01-15-2009 |
20090016358 | METHOD FOR TRANSMITTING DATA IN VIRTUAL WAN AND SYSTEM THEREOF - A system for transmitting data in a virtual WAN comprises a plurality of routers, and each router comprises at least one connection port, a network status receiver and a redirection-processing unit. The network status receiver is configured to obtain bandwidth utilization information of other routers through the connection port. The redirection-processing unit is configured to determine whether the router needs to conduct a redirection and to establish a feasible redirection path based on the bandwidth utilization information of other routers. | 01-15-2009 |
20090028162 | METHOD AND SYSTEM FOR AUTOMATING MEMBERSHIP DISCOVERY IN A DISTRIBUTED COMPUTER NETWORK - Methods for automating membership discovery in a distributed computer network are presented. A particular method includes establishing a Multi-Protocol Label Switching (MPLS) tunnel and Targeted Label Distribution Protocol (LDP) signaling channel between a first Provider Edge (PE) device and a plurality of PE devices. A first Virtual Private LAN Service (VPLS) site is added to a Multi-Tenant Unit (MTU) device associated with the first PE device. A first LDP Label Mapping Message is sent to the first PE device from the MTU device. The first LDP Label Mapping Message is broadcast to the plurality of PE devices from the first PE device. A second LDP Label Mapping Message is sent to the MTU device from the first PE device to establish a virtual circuit label switch path between the MTU device and the first PE device. A second VPLS site is added to the MTU device without sending an associated LDP Label Mapping Message to the first PE device. A respective one VPLS site of the first VPLS site or the second VPLS site is deleted using a configuration command. | 01-29-2009 |
20090052458 | Flow state attributes for producing media flow statistics at a network node - A method in one embodiment includes allocating, by a node of a network, a flow label attribute identifying a media flow associated with a Session Description Protocol (SDP) media session. The media flow is between a sender and receiver nodes over a media transmission path of the network. The node further specifying a flow state attribute to generate media flow information and communicating the flow label and the flow state attribute to downstream nodes in the media transmission path. It is emphasized that this abstract is provided to comply with the rules requiring an abstract that will allow a searcher or other reader to quickly ascertain the subject matter of the technical disclosure. | 02-26-2009 |
20090059930 | SYSTEM AND METHOD FOR MANAGING VIRTUAL LOCAL AREA NETWORKS - A method for identifying VLANs associated with a network includes gathering actual network element configuration data from a plurality of network elements in the network, wherein the actual network element configuration data identifies one or more VLANs that at least some of the plurality of network elements are actually allocated to; correlating the actual network element configuration data with administrative VLAN data; and determining one or more VLANs that are not commonly identified in both the actual network element configuration data and the administrative VLAN data. A system includes a network monitoring system operable to gather actual network element configuration data from a plurality of network elements at one or more logical network sites, wherein the actual network element configuration data identifies one or more VLANs that at least some of the plurality of network elements are actually allocated to; and a VLAN services module operable to correlate the actual network element configuration data with administrative VLAN data, and further operable to determine one or more VLANs that are not commonly identified in both the actual network element configuration data and the administrative VLAN data. | 03-05-2009 |
20090067436 | NETWORK ASSIGNMENT BASED ON PRIORITY - Systems and methods for network assignment based on priority are described in this application. In one aspect, a technique for network assignment based on priority relates to establishing a connection between a client and a virtual local area network (VLAN), based on an explicit or implicit network priority preference of the client. In an embodiment, multiple VLANs can be combined into one network bundle, the network bundle being a unit network for priority specification. In addition, multiple network bundles may be available for network assignment on a particular network controller (e.g., network switch). For example, the preferred network of a client may be comprised of several individual VLANs. Thus, the client can be assigned to any of the constituent VLANs included in the preferred network bundle. | 03-12-2009 |
20090067437 | METHODS, SYSTEMS AND COMPUTER PROGRAM PRODUCTS FOR MANAGING ATM ETHERNET FLOWS - Methods, systems and computer program products are provided for associating multiple Ethernet flows between a transceiver/uplink endpoint and a subscriber endpoint over an underlying ATM VCC including generating an ATM VCC record having a first endpoint identifier corresponding to a subscriber device such as a passive optical network (“PON”) or digital subscriber line (“DSL”) device and a second endpoint identifier corresponding to a transceiver card, such as a GigE card. | 03-12-2009 |
20090073988 | SYSTEMS AND METHODS FOR A SELF-HEALING CARRIER ETHERNET TOPOLOGY - Systems and methods for self-healing Ethernet topologies which are compatible with PBT, which use standards-based protocols, which do not self-configure, and which use Ethernet OAM are provided. Interconnected nodes are configured with a primary and secondary path which is determined by VLANs, MPLS label, Provider Backbone Bridge Traffic Engineering (PBB-TE) VLAN ID (VID), Frame Relay (FR), Asynchronous Transfer Mode (ATM) Virtual Circuits (VCs), and the like. One or more head-end nodes are designated for terminating each path and for performing cross-connects between the primary and secondary paths. IEEE 802.1ag Continuity Check Messages (CCM) are transmitted by all nodes on both the primary and secondary routes. Responsive to a loss of a predetermined number of CCM messages, traffic is switched to the secondary route. In non-fault conditions, both the paths for the primary and secondary routes can carry traffic. | 03-19-2009 |
20090073989 | Redundancy at a Virtual Provider Edge Node that faces a Tunneling Protocol Core Network for Virtual Private Local Area Network (LAN) Service (VPLS) - In one embodiment, a method includes receiving configuration data at a particular node of a first set of multiple nodes. The configuration data includes data that indicates a particular zero or more instances for which the particular node is primary among multiple virtual local area network (VLAN) instances to be forwarded. It is determined whether a VLAN indicated in a data packet received at the particular node is included in the particular instances for which the particular node is primary. If so, then the data packet is forwarded. In another embodiment, multiple nodes are configured to perform as a single virtual node, and the single virtual node is configured to forward data packets for the multiple VLAN. | 03-19-2009 |
20090080438 | METHOD FOR ACCESSING VIRTUAL PRIVATE NETWORK, VIRTUAL PRIVATE SYSTEM, VIRTUAL PRIVATE NETWORK AND PROVIDER EDGE DEVICE THEREOF - A method for accessing VPN using PW Emulation Edge-to-Edge Virtual Leased Line includes: configuring a first PW ID in a first Provider Edge Device that hosts a VSI, and an IP address of a second Provider Edge Device that hosts a PW Emulation Edge-to-Edge Virtual Leased Line associated with the PW ID; sending a second PW ID of the second Provider Edge Device to the first Provider Edge Device; determining whether the second PW ID of the second Provider Edge Device matches the first PW ID of the first Provider Edge Device, and, if it matches, setting the state of the PW between the first Provider Edge Device and the second Provider Edge Device; delivering a Forwarding Table by the first Provider Edge Device; and establishing a bi-directional connection between the by the PW Emulation Edge-to-Edge Virtual Leased Line and the VSI. A Virtual Private System, a first Provider Edge Device, and a second Provider Edge Device are also provided. | 03-26-2009 |
20090097490 | COMMUNICATIONS NETWORK WITH CONVERGED SERVICES - A communications network provides one or more shared services, such as voice or video, to customers over a respective virtual private network (VPN). At the same time, each customer may have its own private data VPN for handling private company data. The shared service VPN permits users from different customers to communicate directly over the shared service VPN. Trust and security are established at the edge of the network, as the information enters from the customer's site. As a result, no additional security measures are required within the shared service VPN for the communications between users. This architecture results in a fast, high quality, shared service. | 04-16-2009 |
20090103547 | AUTOMATIC CONFIGURATION OF WIRELESS DEVICE FOR ROUTER - A user of a wireless device connects a cable to a router and is given the option of manually or automatically creating a user profile to configure the wireless device for subsequent wireless communication with the router when the user removes the cable. | 04-23-2009 |
20090103548 | Method for transmitting data in a communications network and transmit device and receive device for a communications network - According to the invention, data are transmitted by means of a data frame in a communications network from at least one subscriber connected to a communications network to at least one other subscriber similarly connected to the communications network, wherein the data are prepared for transmission in such a way that information for identifying or distinguishing the respective format of the data within a data frame is written into a field directly at the beginning of a data frame or into a field introducing a data frame. | 04-23-2009 |
20090122801 | ETHERNET SWITCHING AND FORWARDING METHOD, SYSTEM AND APPARATUS - An Ethernet switching and forwarding method, and at least one Ethernet forwarding mode of standard Ethernet forwarding, multiplex Ethernet forwarding, layer-3 routing and forwarding, across-VLAN multicast forwarding plane, point-to-point VLAN forwarding, or point-to-point double VLAN forwarding. The method includes: an Ethernet message entering a user side port or a network side port; processing, by the port, the message to provide the message with a VLAN tag allocated uniformly by the port; determining, by the port, a forwarding mode for the message and sending the message to a corresponding forwarding plane; determining, by the forwarding plane, an egress port of the message and processing the specific Ethernet control message in accordance with a control message capturing policy table; and forwarding the message to the egress port and encapsulating the message in accordance with an attribute table of the egress port. | 05-14-2009 |
20090135833 | Ingress node and egress node with improved packet transfer rate on multi-protocol label switching (MPLS) network, and method of improving packet transfer rate in MPLS network system - Provided are an ingress node and an egress node on a Multi-Protocol Label Switching (MPLS) network, with an improved packet transfer rate, and a packet transfer rate improving method in a MPLS network system. By assigning a MPLS label to a destination MAC address of a packet in order to guarantee Quality of Service (QoS), it is possible to distributively transmit packets through a variety of paths on a MPLS network and thus improve a packet transfer rate. | 05-28-2009 |
20090154469 | Ethernet switching of PCI express packets - A method for emulating Peripheral Component Interconnect Express (PCIe) behavior over an Ethernet switching fabric which includes encapsulating a PCIe packet within an Ethernet packet to provide an Ethernet encapsulated PCIe packet, and routing the Ethernet encapsulated PCIe packet within the Ethernet switching fabric via information included within the Ethernet packet. | 06-18-2009 |
20090154470 | Using Q-in-Q-in-Q to implement ethernet service unit ring - An embodiment of the present invention includes a technique to process a packet in a virtual local area network (VLAN). A second VLAN tag is prepended to a packet prepended with a first VLAN tag when the packet is forwarded from a first port to a second port to result in an Q-in-Q packet. The second port has output connected to input of a third port. A third VLAN tag is prepended to the Q-in-Q packet when the Q-in-Q packet is forwarded from the third port to a fourth port to result in an Q-in-Q-in-Q packet. | 06-18-2009 |
20090154471 | METHOD OF AND APPARATUS FOR PROCESSING VIRTUAL LOCAL AREA NETWORK TAG FRAME - Provided are a method of and apparatus for processing a virtual local area network (VLAN) tag frame. The apparatus includes a filtering data base (FDB) for storing a VLAN tag frame which is created by a gigabit passive optical network (GPON) master; an uplink processing unit for removing by referring to the FDB a VLAN tag from the VLAN tag frame which is received from the GPON master, and transmitting a data frame to an Ethernet switch; and a downlink processing unit for inserting by looking up the FDB a VLAN tag into the data frame which is received from the Ethernet switch, and then transmitting the data frame to the GPON master. According to the present invention, port identification (ID) information that is lost in a GPON master may be provided to a switch above the GPON master by using a VLAN tag frame processing technology. | 06-18-2009 |
20090161679 | METHOD AND APPARATUS FOR CUSTOMER-CONTROLLED ROUTING MANAGEMENT - In one embodiment, the present invention is a method and apparatus for customer-controlled routing management. In one embodiment, a system for managing routing in a virtual private network includes a configuration management system for receiving settings from a user of the virtual private network, the settings specifying at least one of: virtual private network topology and routing preferences, and for provisioning the virtual private network in accordance with the user settings and a validation management system for validating the provisioned virtual private network. | 06-25-2009 |
20090175280 | AUTOMATIC PACKET PROTECTION FORWARDING TO AN MPLS NETWORK BY A DUAL-HOMED ETHERNET BRIDGE - A method and a system for forwarding Ethernet packets by an Ethernet bridge (EB | 07-09-2009 |
20090190598 | ETHERNET ADDRESS MANAGEMENT SYSTEM - A system and method for mapping original Media Access Control (MAC) addresses to unique locally administered virtual MAC addresses in an Ethernet network. A first field of the address may include a domain for the address, and a second field may indicate that the address is a locally administered MAC address. A third field of the address may include an index indicating a number of virtual MAC addresses for each user. Fourth and fifth fields of the address may include a Network Element ID (NE ID) for uniquely identifying a given access node in a given domain, and a Port ID for uniquely identifying an end-user port at the given access node. The system may be implemented in an access node or in a network emulator, which generates unique locally administered MAC addresses for all of the nodes in the Ethernet network for performing emulations of the network. | 07-30-2009 |
20090196298 | Transportation of IEEE 802.1ah Frames over Multiprotocol Label Switching Pseudowires for Virtual Private LAN Services - Disclosed are, inter alia, methods, apparatus, computer-storage media, mechanisms, and means for transportation of IEEE 802.1 | 08-06-2009 |
20090213859 | SHARED L2 BRIDGING DOMAINS FOR L3 VIRTUAL NETWORKS - Systems and/or methods that facilitate the segmentation of layer 3 (L3) data to more than one virtual private network (VPN) or virtual network (vNET) are presented. An application classifier component can be used to facilitate the classification of L2 to and from hosts and/or other networking components that are attached to a network based on the type of application with which the network traffic is associated. The innovation associates multiple Virtual Local Area Networks (VLANs) with the same L2 forwarding table ahead of bridging into shadow VLANs (SVLANs) which can be associated with different L3 vNETs. The application classifier component can classify data traffic at the switch port through Switching Virtual Interfaces (SVIs) into SVLANs which can be associated with different L3 vNETs. Each vNET can be optimized and provide services specific to which type of application in which the vNET is associated. | 08-27-2009 |
20090213860 | METHOD AND DEVICE FOR SERVICE BINDING - A method for service binding includes: identifying a service provider identifier of a terminal and binding the terminal into a corresponding tunnel dependent upon the identified service provider identifier. The present invention implements dynamic binding of a terminal with a service through identifying a service provider identifier of the terminal, which offers more flexible selection of a service by a user, a reduced operation and maintenance cost of an operator, good extensibility of a network service and facilitated deployment of the service. | 08-27-2009 |
20090232145 | INTERNET/INTRANET ACCESS MECHANISM - A method connects one of several customer premises equipment (CPE) via an ATM network to one of several service providers (SP). Each CPE is connected to the ATM network via a corresponding network termination point (NT). There is an access server function (ASF), having a permanent virtual connection (PVC) to each NT and a connection to each SP. A tunneling protocol is established on the permanent virtual connection between each NT and the ASF. The tunneling protocol is able to support an integrated signaling protocol. The CPE or its user select selects an appropriate SP by using the integrated signaling protocol. Routing from the CPE to the selected SP is performed by the ASF. The ASF connects the CPE to the selected SP using the integrated signaling protocol. | 09-17-2009 |
20090238190 | Ethernet Virtualization Using a Network Packet Alteration - A method of Ethernet virtualization using network packet alteration. The method comprises receiving network packets from a host destined for transmission over a network, checking whether the network packets have headers, if the packets do not have headers, forming a first portion of the header using firmware, storing the formed packet and header to a first memory; and forming a second portion of the header using programmable logic. | 09-24-2009 |
20090245261 | HIERARCHICAL VIRTUAL PRIVATE LAN SERVICE HUB CONNECTIVITY FAILURE RECOVERY - Techniques for recovering from hierarchical virtual private LAN service (HVPLS) hub connectivity failure are described herein. In one embodiment of the invention, a provider edge network element reuses an HVPLS spoke connectivity failure recovery mechanism in an MTU to protect against a failure of HVPLS hub connectivity. The PE network element monitors hub facing connectivity elements and declares a hub connectivity failure upon a certain amount of those hub facing connectivity elements failing, and fabricates a failure of its spoke facing connectivity elements causing the MTU to detect an HVPLS spoke connectivity failure and switch to a secondary HVPLS spoke connection. Other methods and apparatuses are described. | 10-01-2009 |
20090252170 | METHOD AND DEVICE OF LINK AGGREGATION AND METHOD AND SYSTEM FOR TRANSCEIVING MAC FRAMES - A method and a device of link aggregation and a method and a system for transceiving MAC frames are provided. The method includes: transmitting, by systems at two ends of a link, information of virtual local area networks (VLANs) of a port in a local end system to an opposite end system through message exchange; and determining, by the systems at the two ends of the link, the VLAN of the link respectively according to the received information of the VLAN of the port in the opposite end system and the information of the VLAN of the port in the local end system, and performing link aggregation according to the VLAN of the link. Thus, the networking flexibility is improved, the convenience of network design and network maintenance and management is improved, and the MAC frames having VLAN identifiers can be distributed to the corresponding VLAN links rapidly, accurately, and conveniently. | 10-08-2009 |
20090257437 | IDENTITY-BASED NETWORKING - A technique for identity based networking is disclosed. A system according to the technique can include a WAN, a first VLAN, a second VLAN, and a network database. The first VLAN and second VLAN can be coupled to the WAN. The network database can include VLAN information. In operation, a client that is authorized on the second VLAN can attempt to connect to the first VLAN. A switch in the WAN can perform a lookup in the network database and determine that the client is authorized on the second VLAN. Based on this information, the client can be connected to the second VLAN using VLAN tunneling. | 10-15-2009 |
20090274155 | TECHNIQUE FOR PROVIDING INTERCONNECTION BETWEEN COMMUNICATION NETWORKS - Technique for interconnecting a first communication network and a second communication network, for example layer 2 Ethernet networks, which uses a fully or partially redundant dual homing configuration. The configuration includes: at least three network elements where at least two of them are peer elements belonging to the second network, and at least two traffic lines respectively associated with the peer elements and connecting the first and the second networks via the three network elements. The technique comprises establishing a bi-directional signaling between the peer elements and, based on the signaling information, deciding which traffic line should forward the traffic. | 11-05-2009 |
20090274156 | CARRIER ETHERNET OVER DOCSIS - A network includes a provider edge device with logic to encapsulate Ethernet frames received from customer equipment into Data Over Cable Service Interface Specification (DOCSIS) frames using Layer Two Tunneling Protocol. The provider edge device further includes logic to implement a virtual switch instance (VSI). | 11-05-2009 |
20090279551 | Vertical integration of network management for ethernet and the optical transport - Systems and methods are described that vertically integrate telecommunications network management across multiple transport domains and network layers to support E2E network management. Embodiments vertically integrate telecommunications network management across multiple transport layers such as physical layers (optical), data link layers (Ethernet), and upper layers (VLAN), and establish an inventory database for the plurality of transport layers in a network management OSS to integrate and correlate network alarms and other business applications. Embodiments provide a single platform for an E2E network management solution across and for multiple transport domains. | 11-12-2009 |
20090279552 | METHOD AND APPARATUS FOR DISTRIBUTING END-TO-END QINQ SERVICE TAGS AUTOMATICALLY - A method for automatically distributing end-to-end 802.1Q in 802.1Q (QinQ) service tags includes: filtering out an applicable Virtual Local Area Network (VLAN) tag operation mode set according to a VLAN tag operation mode of an upstream node; selecting a VLAN tag operation mode; and obtaining a VLAN tag value automatically according to the VLAN tag operation mode of the upstream node and the selected VLAN tag operation mode, and filling the obtained VLAN tag value into service configuration. An apparatus for automatically distributing end-to-end QinQ service tags includes: a VLAN tag operation mode set generating unit, a VLAN tag operation mode selecting unit, and a tag value filling unit. | 11-12-2009 |
20090285221 | COMMUNICATION SYSTEM AND COMMUNICATION APPARATUS - A CPU of an image forming apparatus controls, according to establishment of a sleep change condition, a MAC/PHY in a network unit to change the image forming apparatus from a link-up state to a link-down state. The CPU controls the image forming apparatus to change from a normal mode to a deep sleep mode. A CPU of the network unit controls, according to the change of the image forming apparatus from the normal mode to the deep sleep mode, the MAC/PHY to change the link-down state of the image forming apparatus to the link-up state. The CPU controls the MAC/PHY to transmit a MAC address necessary for causing the image forming apparatus to participate in VLAN to a switching hub. | 11-19-2009 |
20090296718 | Device Virtualization - Methods and apparatus for device virtualization and for communication between network devices are described. In one example, all devices on a first Local Area Network (LAN | 12-03-2009 |
20090304007 | Mechanism for determining a congestion metric for a path in a network - A mechanism is disclosed for determining a congestion metric for a path in a network. In one implementation, a congestion metric for a path includes one or more latency values and one or more latency variation values. A latency value for a path may be determined by exchanging latency packets with another component. For example, to determine the latency for a particular path, a first component may send a latency request packet to a second component via the particular path. In response, the second component may send a latency response packet back to the first component. Based upon timestamp information in the latency response packet, the latency on the particular path may be determined. From a plurality of such latencies, a latency variation may be determined. Taken individually or together, the latency value(s) and the latency variation value(s) provide an indication of how congested the particular path currently is. | 12-10-2009 |
20090304008 | NETWORK RELAY DEVICE AND NETWORK RELAY METHOD - A network relay device for relaying communication for a regular terminal via a port includes an acquiring module, a regular terminal information storing module, and a determination process module. The acquiring module acquires a regular layer 2 address, a regular layer 3 address, regular VLAN information representing a VLAN assigned to the regular terminal, and regular port information representing a port to which the regular terminal is connected. The regular terminal information storing module stores regular terminal information representing a combination of the acquired regular layer 2 address, the regular layer 3 address, the regular VLAN information, and the regular port information. The determination process module determines whether the combination of source layer 2 address, source layer 3 address, assigned VLAN, and reception port of target frame data received via the port is stored as the regular terminal information. | 12-10-2009 |
20090316705 | Quality of Service in Vlan-Based Access Networks - In a broadband access network multiple end users connected to access nodes are linked to multiple service providers connected to an edge node. Packet transmitted across the network contain a quality of service identifier specifying a relative QoS or priority or an absolute QoS, defining minimum quality of service parameters required for handling the packet. The access network is preferably divided into separate virtual local area networks (VLANs) providing separate broadcast domains for the various end users. Each packet transmitted on the access network is VLAN-tagged with QoS identifier contained in this tag. When an access node or edge node receives an incoming data unit that specifies an absolute quality of service, the node determines that there is sufficient bandwidth through the access network to the destination node by querying other nodes in the network directly or indirectly through a bandwidth broker before accepting the service and transmitting the packet. | 12-24-2009 |
20090323698 | PURE CONTROL-PLANE APPROACH FOR ON-PATH CONNECTION ADMISSION CONTROL OPERATIONS IN MULTIPROTOCOL LABEL SWITCHING VIRTUAL PRIVATE NETWORKS - The embodiments described herein present methods and apparatuses for on-path CAC operations in a MPLS-VPN environment. In an example embodiment, an ingress PE device receives a quality of service (QoS) resource reservation request; constructs an outgoing message that includes information allowing an egress PE device to identify the virtual private network routing and forwarding table (VRF) associated with a resource reservation resulting from the QoS resource reservation request; and transmits the outgoing message to the egress PE device, where the information allowing VRF identification is echoed back by the egress PE device and used by the ingress PE device to identify the VRF associated with the resource reservation resulting from the QoS resource reservation request. Other embodiments are described. | 12-31-2009 |
20100014526 | Hardware Switch for Hypervisors and Blade Servers - A hardware switch for use with hypervisors and blade servers is disclosed. The hardware switch enables switching to occur between different guest OSs running in the same server, or between different servers in a multi-root IOV system, or between different guest OSs running in the same server in single-root IOV systems. Whether embedded in a host bus adapter (HBA), converged network adapter (CNA), network interface card (NIC) or other similar device, the hardware switch can provide fast switching with access to and sharing of at least one external network port such as a Fibre Channel (FC) port, 10 Gigabit Ethernet (10 GbE) port, FC over Ethernet (FCOE) port, or other similar port. The hardware switch can be utilized when no hypervisor is present or when one or more servers have hypervisors, because it allows for switching (e.g. Ethernet switching) between the OSs on a single hypervisor. | 01-21-2010 |
20100020809 | True Ring Networks Using Tag VLAN Filtering - A method in a network device configured in a true ring network where the network device has a first port and a second port connected to the true ring network and a third port connected to a processor including: connecting the network device to transmit data packets in a single direction around the true ring network including an ingress port and an egress port; enabling ingress tag VLAN filtering on the ingress port only; configuring a VLAN table in the network device to terminate an incoming data packet when a VID tag (VLAN identifier tag) of the incoming data packet matches the local VID tag of the network device; and configuring the VLAN table in the network device to accept the incoming data packet when the VID tag of the incoming data packet does not match the local VID tag of the network device. | 01-28-2010 |
20100040068 | CONFIGURATION OF A PROCESS CONTROL SYSTEM - Exemplary embodiments of the present disclosure automatically generate Virtual Local Area Network (VLAN) configuration data from a logical data flow between intelligent electronic devices (IEDs) of a process control (PC) system in accordance with a standardized configuration representation of the system. The process IEDs, switches of an Ethernet switch-based communication network to which the IEDs are connected, and connecting cables are made aware of the assigned VLANs. Any performance analysis or diagnosis on these components can show design problems with VLANs and communication architecture already at engineering or communication system design time. | 02-18-2010 |
20100046524 | METHODS AND ARRANGEMENTS FOR LAN EMULATION COMMUNICATIONS - LAN emulation in a moving network environment is disclosed. An emulated LAN encompassing a number of moving networks is formed by means of a set of layer 2 tunnels that interconnect a home agent with mobile routers in the moving networks. The home agent and the mobile routers are arranged to perform layer 2 forwarding over the layer 2 tunnels in order to form the emulated LAN. The layer 2 tunnels can be established in a number of alternative ways. The moving networks that are part of the emulated LAN may move, i.e. change their points of attachment to the network infrastructure, in a dynamic fashion without disrupting the function of the emulated LAN. | 02-25-2010 |
20100046525 | METHOD, SYSTEM AND COMPUTER PROGRAM PRODUCT FOR PROVIDING ETHERNET VLAN CAPACITY REQUIREMENT ESTIMATION - A method, system, and computer program product for providing VLAN capacity requirement estimation is provided. The method includes receiving at a computing system a VLAN configuration file that specifies VLAN access ports, VLAN switches and VLAN trunks in a VLAN. A target access port identifier is received at the computing system from a requestor. A target trunk and target switch corresponding to the target access port are determined at the computing system. A bandwidth contribution of the target access port to the VLAN is calculated at the computing system. The calculating is based on a least contribution algorithm that reflects an impact of provisioning the target access port with respect to trunk capacity, and is responsive to the target bandwidth requirement, the target class of service and placement of the target port in the VLAN. The bandwidth contribution is then transmitted to the requestor. | 02-25-2010 |
20100046526 | TRANSPORT NETWORKS SUPPORTING VIRTUAL PRIVATE NETWORKS, AND CONFIGURING SUCH NETWORKS - A layer 2 transport network, and components thereof, supporting virtual network functionality among customer edge devices. Virtual private network configuration can be accomplished with merely local intervention by preprovisioning extra channel (or circuit) identifiers at each customer edge device and by advertising label base and range information corresponding to a list of channel (or circuit) identifiers. | 02-25-2010 |
20100054260 | Method and Apparatus to Switch Packets between Virtual Ports - A method and network switch for switching data units assigns a unique virtual port to each end-node operating on a physical machine connected to a physical port of network switch. A data unit, sent by a given end-node operating on the physical machine, is received at the physical port. The received data unit is switched to the virtual port assigned to the given end-node. Based on the virtual port assigned to the given end-node, the data unit is switched to a second physical port of the network switch for subsequent forwarding of the data unit towards its destination. | 03-04-2010 |
20100061378 | Method and Apparatus for Emulating Network Devices - Methods, apparatuses, data structures, and computer readable media are disclosed that perform emulated processing of packets communicated via a physical port between emulated network devices and real network devices. The emulated processing performs forward equivalence class classification on the packets. The forward equivalence class classification varies with the contents of the packets, and subsequent to the forward equivalence class classification the emulated processing varies with particular successful classifications resulting from the forward equivalence class classification. | 03-11-2010 |
20100061379 | SYSTEM AND METHOD FOR PROVIDING SUPPORT FOR MULTIPOINT L2VPN SERVICES IN DEVICES WITHOUT LOCAL BRIDGING - A network device has a network interface to allow the device to send and receive traffic across a network. The device also has a cable connection to allow the device to exchange data with at least one cable modem and a processor to associate a cable interface and cable service identifier with a cable modem; receive a packet from the cable modem; and insert a layer 2 network identifier, the identifier comprising two service provider VLAN (SP-VLAN) tags, into the packet. The processor in the network device identifies a virtual trunk interface based on the outer SP-VLAN tag and identifies the virtual private network based on the inner SP-VLAN tag. | 03-11-2010 |
20100085975 | FRAMEWORK FOR OPTIMIZING AND SIMPLIFYING NETWORK COMMUNICATION IN CLOSE PROXIMITY NETWORKS - A framework capable of providing transparent handling of network traffic in close proximity networks such as home networks is provided. A single virtual network interface is exposed to users/applications on connected devices. A virtual network interface manager determines available physical network interfaces and switches to a different physical network interface or a different configuration on the same physical network interface in a transparent manner to the communicating application(s). This enables the framework to optimize network communications for the communicating applications, devices, and users based on predefined criteria, application requirements such as different data throughput, or changing environment conditions such as interference. Network communication operations are also simplified for users since they are no longer required to have the necessary knowledge for configuring physical network interfaces manually in response to changing conditions. | 04-08-2010 |
20100103939 | DETERMINING THE CONFIGURATION OF AN ETHERNET FABRIC - A Fibre Channel over Ethernet (FCoE) device obtains knowledge of the configuration of an attached Ethernet fabric during a fabric initialization or login (FLOGI) process. FCoE N_Ports obtain similar information during the port initialization or login (PLOGI) process. The FCoE device may provide network management services to attached FCoE devices. Embodiments include a management module or processor within an FCoE N_Port. The management module or processor receives information associated with an Ethernet fabric from the FCoE N_Ports and provides management services based on the information associated with the Ethernet fabric. The FCoE N_Port communicatively couples to at least one additional FCoE N_Port through the Ethernet fabric. The FCoE N_Ports may be implemented within a disc storage drive, a host bus adapter, and/or an FCoE switch. The capability of an N_Port to obtain this information allows a management module or processor at the N_Port to manage the Ethernet fabric. | 04-29-2010 |
20100111091 | METHOD AND APPARATUS TO PERFORM NETWORK ROUTING - A method and apparatus to route information over a network is described. | 05-06-2010 |
20100135307 | SWITCH - A switch which includes a plurality of ports, each being assigned to any of VLAN groups, and outputs a packet received at any of the ports, the switch include: recording means in which partition information and an address table are recorded, the partition information indicating which of extended VLAN groups into which the ports are further logically partitioned, and the address table containing an entry in which a destination address, an output port, a VLAN group, and an extended VLAN group are associated with each other; acquisition means for acquiring a source address and acquiring group information of a VLAN; identification means for identifying group information of an extended VLAN; and registration means for registering in the address table the source address acquired by the acquisition means as the destination address, the port, the group information of the VLAN, and group information of the extended VLAN group. | 06-03-2010 |
20100142537 | PACKET TRANSPORT LAYER APPARATUS - There is provided a packet transport layer apparatus. The packet transport layer apparatus can receive frames having different formats via a single port by dividing a single physical port into a plurality of virtual ports according to each frame format, can increase the number of customer virtual local area networks (C-VLANs) and the number of service VLANs (S-VLANs) being usable at the same time by assigning a different component identifier (ID) to each frame format and using the component ID as a factor used in searching a filtering table, and can translate a frame format to be suited to a frame format allocated to a virtual output port. | 06-10-2010 |
20100150160 | INTERWORKING OAM BETWEEN ETHERNET AND ATM/FRAME RELAY NETWORKS - The present invention provides a network system that interworks OA&M (Operations, Administration and Maintenance) failure notification data from the ATM Domain to the Ethernet Domain and vice versa. Failure indications or notifications are typically routed from one domain to another within 1-2 seconds; providing service providers and customers the ability to react quickly to network faults. This enhances the overall quality of the Ethernet-to-ATM Interworking service and provides a similar level of reliability across the Ethernet/ATM/FR domains. | 06-17-2010 |
20100158017 | METHOD FOR OPERATING MULTI-DOMAIN PROVIDER ETHERNET NETWORKS - A method of enabling extension of a network service of a first domain to a remote customer site hosted by an Access Gateway (AG) in a Provider Ethernet domain. In the first domain, the remote customer site is represented as being hosted by a border gateway (BG) connected to the Provider Ethernet domain, such that subscriber packets associated with the network service are forwarded to or from the remote customer site via the BG. In the Provider Ethernet domain, a trunk connection is instantiated through the Provider Ethernet domain between the host AG and the BG. A trunk cross-connection function is installed in the host AG, for transferring subscriber packets associated with the network service between a respective attachment virtual circuit (AVC) through which the remote customer site is connected to the host AG and an extended AVC tunnelled through the trunk connection. A common service instance identifier (I-SID) is used to identify both the AVC between the host AG and the remote customer site and the extended AVC between the host AG and the BG. | 06-24-2010 |
20100158018 | METHOD FOR FORWARDING PATH VIRTUALIZATION FOR ROUTER - Provided is a method for forwarding path virtualization for a router, which prevents the processing speed of the router from decreasing due to a plurality of operating systems installed in an upper layer of a hypervisor when the router is virtualized. | 06-24-2010 |
20100158019 | FRAME TRANSFER APPARATUS AND FRAME TRANSFER METHOD - A frame transfer apparatus includes a plurality of ports for transmitting and receiving frames which include transmitting source information and transmitting destination information. The apparatus further includes a processing unit to store information which relates the transmitting source information included in the received frame and port information of a port which receives the received frame, a frame transmitting unit to transmit the received frame via a port that is identified by the port information which corresponds to the transmitting destination information included in the received frame and is extracted from the information stored by the processing unit, and a learning information erasing unit to erase the information stored by the processing unit for every predetermined time. | 06-24-2010 |
20100158020 | Virtual Private Network Based upon Multi-Protocol Label Switching Adapted to Measure the Traffic flowing between single rate zones - Virtual Private Network (VPN) dedicated to a customer using a physical transmission network based upon Multi-Protocol Label Switching (MPLS) technology including a plurality of Provider (P) devices and a plurality of Provider Edge (PE) devices, the customer owning at least two specific Customer Edge (CE) devices amongst a plurality of CE devices, a specific CE device being attached to a specific PE device and enabling the customer to gain access to any other CE device belonging to the same VPN, by the intermediary of PE devices to which are attached the CE devices. The VPN comprises several billing zones ( | 06-24-2010 |
20100165993 | Operator Managed Virtual Home Network - A virtual network and method for providing an operator-managed home LAN service. The access interface enables definition of the virtual network. Each user device in the home LAN is provided with an IP address within the same IP domain space. The access interface enables communication between user devices and external networks via the virtual network by providing external operator-managed service entities such as a Network Address Translator/Firewall (NAT/FW) and service gateways. | 07-01-2010 |
20100165994 | METHOD OF SELECTIVELY AND SEAMLESSLY SEGREGATING SAN TRAFFIC IN I/O CONSOLIDATED NETWORKS - Methods and apparatus for segregating traffic are disclosed. In accordance with one embodiment, a traffic splitter identifies a set of links coupled to the traffic splitter, where the set of links includes two or more uplinks, wherein each of the two or more uplinks are implemented in a common physical media. The two or more uplinks include a LAN uplink coupled to a LAN and a SAN uplink coupled to a SAN. The traffic splitter prevents SAN traffic from reaching the LAN via the LAN uplink. In addition, the traffic splitter prevents LAN traffic from reaching the SAN via the SAN uplink. | 07-01-2010 |
20100177778 | DISTRIBUTED CONNECTION-ORIENTED SERVICES FOR SWITCHED COMMUNICATION NETWORKS - Method and apparatus providing connection-oriented services for packet switched data communications networks. Directory services include distributed discovery of MAC addresses and protocol alias addresses. Topology services include a link state topology exchange among switches, which provides each switch with a complete topology graph of the network. This enables an access switch receiving a data packet to determine a complete path from a source end system to a destination end system. Another service includes resolution of broadcast frames to unicast frames, in order to reduce the amount of broadcast traffic. Policy restrictions may be applied prior to connection setup. Path determination services enable multiple paths from a source to a destination. Connection management includes source routed mapping of connections on the desired path. A distributed call rerouting service is provided wherein if a link on an active path fails, each switch receives a topology change notification and unmaps any connection involving the failed link. A broadcast/unknown service provides restricted flooding of nonresolvable packets. Furthermore, connection-oriented switching is provided based on the source and destination MAC addresses as a connection identifier. Still further, resolution of networks outside the switch domain is enabled by access switches listening for network and server route advertisements and maintaining best routes to said networks and servers. The best route metrics may be combined with best path metrics to determine a path from a first access switch to an egress switch connected to the external network. | 07-15-2010 |
20100195658 | TELECOMMUNICATIONS SYSTEM - Virtual dedicated voice connections between parties to a packet-switched system can be created by reserving capacity for such connections in the packet-switched system. The capacity reservable by any one party is limited to prevent over-subscription of resources in the packet switched. The system incorporates a call admission control processor for controlling access to the packet-switched call routing system such that a voice call attempt is successful only if capacity for such a dedicated connection has previously been reserved. The capacity reserved for the virtual connections is made available for use by other traffic when not required for voice sessions. | 08-05-2010 |
20100208738 | SYSTEM AND METHOD FOR ROUTER VIRTUAL NETWORKING - A host router is logically partitioned into virtual router domains that manage independent processes and routing application copies but share a common operating system. Each v-net manages an independent set of sockets and host router interfaces, each associated with only one v-net at one time, but interchangeably repartitionable Traffic is removed from an interface during repartitioning. Duplicate arrays of global variables copied to each v-net are accessed by macro references. A v-net facility can separate route tables used internally from the externally visible route tables and can avoid conflicts between internal and external IP addresses that share the same identifier. For example a common FreeBSD operating system supports a dynamic routing protocol (DRP) application. Each v-net runs an independent copy of the DRP software and is logically independent. A failure in one DRP copy does not adversely affect other copies. | 08-19-2010 |
20100220731 | METHOD AND SYSTEM FOR SUPPORTING A PLURALITY OF PROVIDERS VIA A SINGLE FEMTOCELL - Aspects of a method and system for supporting a plurality of providers via a single femtocell are provided. In this regard, a femtocell may determine characteristics of one or more VLANs to which it is virtually communicatively coupled via a non-cellular connection and via a cellular connection. Based on the determined characteristics of the one or more VLANs, a cellular transmitter and/or receiver of the femtocell may be controlled to transmit and/or receive packets belonging to the one or more VLANs via the non-cellular connection and/or via the cellular connection. The characteristics of the one or more VLANs may comprise one or more of: cellular standards utilized by the one or more VLANs, cellular frequencies utilized in the one or more VLANs, access technologies utilized by the one or more VLANs, and a duplexing method utilized by the one or more VLANs. | 09-02-2010 |
20100220732 | SERVICE PROCESSING SWITCH - Methods and systems for providing IP services in an integrated fashion are provided. According to one embodiment, a system includes a switch fabric and a line interface/network module, multiple virtual routing engines (VREs) and a virtual services engine (VSE) coupled with the switch fabric. The line interface/network module receives packets, steers ingress packets to a selected VRE and transmits egress packets according to their relative priority. VREs determines if a packet associated with a packet flow requires processing by the VSE by performing flow-based packet classification on the packet and evaluating forwarding state information associated with previously stored flow learning results. The VSE includes a central processing unit configured to perform firewall processing, Uniform Resource Locator (URL) filtering and anti-virus processing. If the packet is determined to require processing by the VSE, then the packet is steered to the VSE for firewall, URL filtering and/or anti-virus processing. | 09-02-2010 |
20100226375 | LAN EMULATION OVER INFINIBAND FABRIC APPARATUS, SYSTEMS, AND METHODS - A method and device for local area network (LAN) emulation over an Infiniband (IB) fabric. An IB LAN driver at a first node on an IB fabric receives the port and associated local identifier (LID) of one or more remote peer nodes on the IB fabric. An IEEE 802.3 Ethernet MAC address with one LID imbedded is generated. The imbedded LID is for one or more remote peer nodes. The IB LAN driver sends the Ethernet MAC address to an Address Resolution Protocol (ARP). A logical address of a remote peer node is generated by a network protocol. The logical address is mapped to an Ethernet MAC address. The IB LAN driver sends the Ethernet MAC address onto the IB fabric to the one or more remote peer nodes. The remote peer nodes appear to reside on an Ethernet network to the network protocol. | 09-09-2010 |
20100226376 | Method and Apparatus for Transporting Ethernet Services - Frames of customer traffic may be encapsulated by adding Mac-in-Mac (MiM) encapsulation fields for transportation of the frames over a portion of provider network. The MiM encapsulated traffic may be further encapsulated using VPLS by adding VPLS encapsulation fields for transportation of the frames over another portion of the provider network. The MiM encapsulations use provider network MAC addresses which enables VPLS MAC learning to occur using provider network MAC address space. MiM tunnels are mapped to VPLS service instances which are assigned pseudowire tags for transportation over the VPLS portion of provider network. The MiM header is retained when the MiM encapsulated frames are transported over the VPLS portion of the provider network. As VPLS frames exit the core network, the VPLS encapsulation fields are removed to extract the original MiM encapsulated frames for further transportation over the MiM portion of the provider network. | 09-09-2010 |
20100260187 | VPN OPTIMIZATION BY DEFRAGMENTATION AND DEDUPLICATION APPARATUS AND METHOD - An apparatus for optimizing a virtual private network operates by defragmenting and deduplicating transfer of variable sized blocks. A large data object is converted to a plurality of data paragraphs by a fingerprinting method. Each data paragraph is cached and hashed. The hashes are transmitted between a primary and a satellite apparatus. Only data paragraphs which are not cached at both the primary and satellite are transferred. The data object is integrated from data paragraphs stored in cache and transmitted to its destination IP address. | 10-14-2010 |
20100260188 | METHOD AND DEVICE FOR PROCESSING QINQ PACKET - In the field of network communications, an 802.1Q in 802.1Q (QinQ) packet processing method and a QinQ packet processing device are provided. The processing method includes: generating a keyword according to at least a virtual local area network (VLAN) identification (VLAN ID) of a QinQ packet; matching the keyword with prefix-mask in a QinQ access table to obtain a matching entry in the QinQ access table; and processing the QinQ packet according to control information of the matching entry. Through the QinQ packet processing method and device, VLAN ID ranges requiring to occupy multiple QinQ access table entries in the prior art are aggregated into one QinQ access table entry through aggregation, so as to expand the number of VLAN ID users actually supported by a QinQ access table and save valuable entry resources of the QinQ access table. | 10-14-2010 |
20100272110 | Virtual Links in a Routed Ethernet Mesh Network - Virtual links may be used to divert traffic within an Ethernet network without affecting overall traffic patterns on the Ethernet network. In one embodiment, the virtual link may be established on the network via a routing system in use on the network. Nodes on a defined path for the virtual link will install forwarding state for the virtual link so that traffic may follow the defined path through the network. The logical view of the virtual link, from a routing perspective however, has the same cost as the shortest path between the endpoints of the virtual link and, accordingly, does not affect other traffic patterns on the network. Once established, the end nodes on the virtual path will have two equal cost paths through the network—one following the shortest path tree and one along the path for the virtual link. The end nodes may use a tie breaking process in an Equal Cost Multi Path (ECMP) selection process to preferentially select the virtual link over the shortest path. | 10-28-2010 |
20100272111 | Address Resolution Optimization Procedure To Effect A Gradual Cutover From A Provider Bridge Network To A VPLS or Provider Backbone Bridging Network - A method and apparatus that operates two bridging protocols in a hybrid bridging node is described. The operation of the two bridging protocols in the hybrid node allows for an incremental transition of a provider bridging network from operating a legacy bridging protocol that shares MAC addresses to a bridging network that operates VPLS and/or PBB bridging protocols. The hybrid bridging node selectively broadcasts address resolution packets and unicast packets with unknown MAC addresses from the nodes operating VPLS and/or PBB to nodes operating a legacy bridging protocol. | 10-28-2010 |
20100278183 | Method and Device for Sending a Packet Based on Tunneling Protocol Used in Layer 2 - A method and a device for sending a packet based on Tunneling Protocol used in Layer 2 are provided. Specifically, when a traffic flow needs to be sent from a network side to a client via QinQ termination equipment in which the tunneling protocol used in Layer 2 is used, forwarding address information corresponding to the client is obtained by searching a Dynamic Host Configuration Protocol (DHCP) snooping binding table according to Internet Protocol (IP) address information of the client in a packet of the traffic flow. The packet of the traffic flow can be sent to the client according to the obtained forwarding address information. | 11-04-2010 |
20100284410 | PACKET RELAY APPARATUS AND PACKET RELAY METHOD - A packet relay apparatus identifies port information for identifying a port, included in a partition corresponding to a reception port having received a packet, from a partition information storing unit which stores a correspondence between port information for identifying ports included in the partition and partition information for identifying the partition configured for the apparatus. The apparatus determines whether the identified port information is included in the port information stored by being corresponded to reception VLAN information which is VLAN information set for a received packet by a VLAN information storing unit which is a storing unit storing a correspondence between port information for identifying a port used for transmission and/or reception of a packet transmitted and VLAN information for identifying the virtual network. The apparatus transmits the packet from a port determined to include the port information in response to the determination that the port information is included. | 11-11-2010 |
20100290473 | Port grouping for association with virtual interfaces - In one embodiment, an apparatus includes a port channel manager for receiving information identifying switches connected to a group of physical ports at a network device and creating subgroups each comprising the physical ports connected to one of the switches. The apparatus further includes a virtual interface agent for assigning a virtual interface connecting a virtual switch to a virtual machine, to one of the subgroups. Traffic received from the virtual machine on the virtual interface is transmitted to one of the switches on one of the physical ports in the assigned subgroup. A method for grouping ports for association with virtual interfaces is also disclosed. | 11-18-2010 |
20100290474 | Multiple Prefix Connections with Translated Virtual Local Area Network - A system comprising an access node (AN) coupled to a plurality of service providers (SPs) and a host and configured to forward a plurality of services between the SPs and the host using a plurality of first connections between the AN and the host and a plurality of second connections between the AN and the SPs, and a router gateway (RG) positioned between the host and the AN and coupled to the AN via an access line that comprises the first connections, wherein the AN translates a plurality of first identifiers for the first connections to a plurality of second identifiers for the second connections to route the services appropriately between the host and the SPs over the first connections and the corresponding second connections. | 11-18-2010 |
20100296515 | COMMUNICATION SYSTEM - The provision of a virtual node ID control unit for controlling a virtual node ID that specifies a plurality of nodes as a single group; a status control unit for controlling node statuses that include information indicating the operating statuses of each individual node belonging to the group, and for selecting an operating mode that is either a priority mode, wherein the local mode operates as an active node, or a standby mode, wherein the local mode operates as a standby node; and a transmission/reception control unit for controlling the operation of the local node in accordance with the operating mode selected by the status control unit. | 11-25-2010 |
20100309920 | METHODS AND APPARATUS TO SELECTIVELY ASSIGN ROUTING TABLES TO ROUTER LINECARDS - Methods and apparatus to selectively assign routing tables to router linecards are disclosed. A disclosed example method includes computing costs associated with assigning routing information for two or more subsets of virtual private networks (VPNs) to each of two or more subsets of linecards of a router, solving an incapacitated facility location problem defined by the computed costs to determine an assignment of a particular subset of the VPNs to a particular subset of the linecards of the router, and configuring the particular subset of the linecards of the router with routing information for the particular subset of the VPNs. | 12-09-2010 |
20100322251 | Method and System for Virtually Switching Digital Video/Audio and Auxiliary Control Signals for Digital Signage Applications - This invention is to use managed Ethernet switches, such as the 100 Megabit, 1 Gigabit, or 10 Gigabit Ethernet switches, to create virtual video switches for digital signage applications. Video switching is accomplished through dynamically configuring port-based virtual local area networks (VLAN). A dedicated VLAN is created for each video source to broadcast the video. All the digital signage displays joined to the VLAN will display the same content. The connection and removal of displays from the VLAN is controlled by centralized software. A converter at the video source converts the pre-compressed video source into Ethernet frames, or a compressor at the video source compresses the raw video in real time into Ethernet frames to be sent over the Ethernet switches. A decoder at the receiving side decodes the incoming Ethernet frames and outputs uncompressed digital video for display. Auxiliary control signals, such as serial ports, USB mouses, USB keyboards and generic I/O controls normally associated with digital signage applications, can also be switched in parallel with the video/audio. Compared to custom-designed video switches, Ethernet switches are widely available and inexpensive. Ethernet switches of various sizes, like 4, 8, 16, 32, 64 ports, etc., can be used in this way to create virtual video switches of virtually any size. Ethernet switches can be either stacked together at the same location to create a centralized video matrix switch or linked together through high-bandwidth trunks to create a distributed virtual video switch. Furthermore, while specialized video cable, such as coaxial or HDMI cables, can be rare and costly, Ethernet cables are widely available and inexpensive. The Ethernet cable is also the standard communication wiring in modern buildings, and is, in many cases, pre-wired. Overall, this virtual video switch solution increases flexibility and reduces engineering costs for digital signage applications. | 12-23-2010 |
20100322252 | SYSTEMS AND METHODS FOR HANDLING A MULTI-CONNECTION PROTOCOL BETWEEN A CLIENT AND SERVER TRAVERSING A MULTI-CORE SYSTEM - The present application is directed towards systems and methods for handling a multi-connection protocol communication between a client and a server traversing a multi-core system. The multi-connection protocol comprises a first connection and a second connection, which may be used respectively for control communications and data communications. Because different cores in the multi-core system may handle the first connection and second connection, the present invention provides systems and methods for efficiently coordinating protocol management between a plurality of cores. | 12-23-2010 |
20100322253 | Method and Apparatus for Simulating IP Multinetting - IP Multinetting on a local area network is simulated by performing VLAN translation at a port connecting to the local area network. This allows IP addresses from multiple subnets to be associated with a single VLAN on the Local Area Network (LAN), while allowing the core switch to process the packets with a one-to-one correspondence between IP Subnet and VLAN. When a packet is received from the local area network at an IP multinetting port, the VLAN ID will be read to determine if the packet contains the IP Multinetting VLAN ID. The IP Subnet address will also be checked to see if the packet is associated with an IP Subnet that is part of the Multinetting. If so, the multinetting VLAN ID will be changed to an IP Subnet specific VLAN ID before the packet is processed by the core switch. In the reverse direction, IP subnet specific VLAN IDs will be translated to the IP Multinetting VLAN ID. | 12-23-2010 |
20100322254 | Extended VLAN Classification - A bridge and method are described herein that translate at least a portion of a port VID (VLAN identifier) for an incoming tagged frame to form a relay VID for a corresponding relay tagged frame by using a VID mask table, a VID filter table, and a VID rule table. In an additional embodiment, the bridge and method also implement a port VLAN membership technique to ensure that an ingress port associated with the port VID is a member of the current VLAN. | 12-23-2010 |
20100329265 | Method and Apparatus for implementing L2 VPNs on an IP Network - MP-BGP VPN infrastructure based on IETF RFC 4364/2547 is used to configure a layer 2 VPN on an IP network. VRFs for the VPN are configured on Ethernet switches and service IP addresses are associated with each configured VRF. The service IP addresses are exchanged to enable VPN traffic to be encapsulated for transport over the IP network. To enable a L2 VPN to be established on the network, a VPN-VLAN ID will be configured for the L2 VPN and import/export route targets for the VPN-VLAN will be set in each VRF and UNI-VLAN that is part of the VPN. The VPN-VLAN will be announced to all PEs using MP-iBGP with export route targets set for this VPN-VLAN. The PE's control plane learns the VPN-VLAN on a logical port if the import RT matches the export RT received by the MP-iBGP control plane. Once the VPN-VLAN is learned on a logical port, the PE will perform MAC learning on that logical port and treat the logical port as if it were part of the L2 VLAN. | 12-30-2010 |
20110002337 | NETWORK RELAY APPARATUS - Network relay arrangements including: multiple ports; MAC address storage; flooding indication storage; plane number management storage; table manager; and frame processor. The table manager: utilizes the plane number management storage to specify current identification information being currently used and next identification information to be used next, with regard to a preset element of the key item for identifying a target of deletion of the information of correlating the transmit port to the MAC address from the MAC address storage; sets the requirement of the flooding operation in registry of a certain information group in the flooding indication storage having the preset element and being correlated to the current identification information; and sets the non-requirement of the flooding operation in registry of a certain information group in the flooding indication storage having the preset element and being correlated to the next identification information. | 01-06-2011 |
20110013640 | METHOD AD APPARATUS FOR ETHERNET PROTECTION WITH LOCAL RE-ROUTING - A method is provided for use at a first node of a network. The first node (B) has an input path for receiving Ethernet frames destined for a second node of the network. The first node (B) also has a first output (working) path for forwarding the received Ethernet frames towards the second node. A failure along the first output (working) path is detected at the first node. Following such failure detection, the received Ethernet frames are caused, at the first node, to be re-routed along a second output (backup) path, different to the first output (working) path, towards the second node. The re-routing is performed by using (e.g. referring to and/or changing) respective indications (VLAN | 01-20-2011 |
20110019676 | Extended subnets - There is provided a router for use in a datacenter, the router including a frame receiving module operative to receive a traffic frame and a frame forwarding module operative to forward the traffic frame to a second router in a second datacenter if a Destination Media Access Control (DMAC) address included in the traffic frame is different from all of the following:
| 01-27-2011 |
20110026530 | PSEUDO WIRE LABEL REFLECTOR, AN EDGE EQUIPMENT, AND A TWO-LAYER VIRTUAL NETWORK - A pseudo wire label reflector, based on a existing label distribution router, further includes: a mode management unit, for determining the mode for switching and transferring a pseudo wire label message; a first session management unit, for saving the support information that LDP signaling session connection supports the pseudo wire label reflecting capacity; a first pseudo wire label receiving unit, for receiving a pseudo wire label message; a first pseudo wire management unit, for saving the switched pseudo wire state and deciding whether to modify the pseudo wire label message according to the switch and transfer mode determined by the mode management unit; a first pseudo wire label sending unit, for sending the pseudo wire label message. The invention also provides an edge apparatus and a L2 VPN. The present invention makes PE equipments participating pseudo wire service to set up PSN tunnel and LDP signaling session connection with the pseudo wire label reflector by introducing the pseudo wire label reflector and extending the capacity that the current edge apparatus supports the pseudo wire label reflector. | 02-03-2011 |
20110026531 | METHOD TO TUNNEL UDP-BASED DEVICE DISCOVERY - A method, apparatus, and system are described for a central station to allocate virtual IP addresses. A device service manager server (DSM) has a network access module conFigured to cooperate with two or more device service controllers (DSCs). The DSM serves as a central management station for allocating and assigning Virtual IP addresses to network devices to proxy communications for networked devices on a local area network (LAN) where each DSC resides. The DSM is located exterior from the network devices on the LAN where communications associated with the assigned VIP addresses are being routed to. The DSM assigns a Virtual IP Addresses to each DSC and establishes a route from the assigned Virtual IP address to a destination network device on a LAN, based on corresponding DSC and network device information stored in a registry of the DSM. | 02-03-2011 |
20110032944 | Method and System for Switching in a Virtualized Platform - A local manager in a local networking domain may configure a plurality of logical switches by combining switching functions available in network devices and/or network switches in the local networking domain. The configuration may utilize vertical and/or horizontal combinations of the switching functions. The switching functions may comprise network switch-based switching functions, and/or hypervisor-level switching functions and/or network adapter-level switching functions available in network devices which may be configured as virtualized platforms. The local manager may provide interfacing services to enable exposing configured logical switches. The interfacing services may comprise an internal interface, which may be utilized, via the local manager, to control the switching functions corresponding to logical switches and/or to route messages sent to and/or from the logical switches. The interfacing services may also comprise an external interface, which may be used by external entities, such as remote management entities, to manage and/or interact with configured logical switches. | 02-10-2011 |
20110038377 | Method and apparatus for providing host node awareness for multiple NAT64 environments - A method implemented in a host node for communicating with a corresponding node through one of a plurality of available networks that includes: receiving a request to initiate a connection with the corresponding node from an application executing on a host node, sending a request to a DNS64 node for an address of the corresponding node, receiving a virtual IPv6 address for the corresponding node with a generic prefix, selecting a connection to one of the plurality of networks through which the data is to be forwarded to the corresponding node, and sending the data to the corresponding node using a virtual IPv6 address for the corresponding node with the prefix of the NAT64 node in the network of the selected connection, whereby the host node is able to maintain connectivity with the corresponding node despite having connections to the plurality of networks that each have NAT64 nodes. | 02-17-2011 |
20110044344 | A METHOD FOR INTERFACING A FIBRE CHANNEL NETWORK WITH AN ETHERNET BASED NETWORK - A system and method are provided for interfacing a Fibre Channel network to an Ethernet based network. The method includes the operation of establishing a connection between a Fibre Channel device and an NPIV interface in an Ethernet interconnect module ( | 02-24-2011 |
20110051732 | Switching hub and ring network - A switching hub for processing a VLAN frame transmitted through a transmission line of a ring network includes two ring ports connected to the transmission line of the ring network, and a forwarding processing mechanism for, when one of the two ring ports receives the frame and when a VLAN in which the received frame belongs is a VLAN only through both the ring ports, forwarding the frame to the other ring port without performing FDB learning on the frame. | 03-03-2011 |
20110058559 | VLAN DATA FRAMING AND TRANSMISSION - Amethod of framing data for transmission to or from one of a number of users connected to a VLAN data network, comprising dividing the data into frames including a header and a payload, the header comprising a portion of one of two selectable values assigned according to whether the data is to be transmitted from or to a user, wherein the header comprises a VLAN tag including a Tag Protocol ID (TPID) portion and a Tag Control Information (TCI) portion, a first TPID value being assigned to data to be transmitted from the user and a second, different, TPID value being assigned to data to be transmitted to a user. | 03-10-2011 |
20110058560 | VIRTUAL NETWORK MANAGEMENT SERVER AND NETWORK SYSTEM - A virtual network management server includes ring node information that manages configuration nodes for each of the rings, and ring connection I/F for each of the ring configuration nodes, generates the VLAN configuration information so as to transfer a frame that is transmitted or received by a designated gateway connection port and a designated base station connection port by the designated VLAN, and also so as to transmit or receive a tagged frame of the designated VLAN by the ring connection I/F of all of the ring to which the gateway connection switch belongs and the ring to which the base station connection switch belongs, and updates the VLAN configuration of the switch. | 03-10-2011 |
20110069711 | PROVISIONING SINGLE OR MULTISTAGE NETWORKS USING ETHERNET SERVICE INSTANCES (ESIs) - Techniques for provisioning single or multistage networks using Ethernet Service Instances (ESIs). In one embodiment, an ESI is a logical entity or object that stores information that may be used to provision a network. An ESI may represent a logical entity that identifies a grouping of elements of a network or network device and associated attributes. Hierarchical relationships may be created between ESIs. The hierarchical relationships are used to perform packet-level processing including performing network packet encapsulations. | 03-24-2011 |
20110080915 | AUTOMATED VLAN ASSIGNMENT TO DOMAIN IN RING NETWORK - In general, the disclosure describes network techniques that may automatically assign virtual local area networks (VLANs) to domains in a ring network. In one example, a method includes receiving, by a control node in a ring network, a plurality of data units transmitted by a plurality of transport nodes on the ring network, each data unit comprising profile information, and automatically assigning a VLAN to one of a plurality of domains established on the ring network based on the profile information. | 04-07-2011 |
20110085555 | Method For Providing Network Information - Embodiments of the present invention provide a method of providing network information, comprising determining one or more pseudowires between nodes in a network; grouping the pseudowires, according to information associated with each pseudowire and one or more predetermined criteria, into one or more groups each representing a virtual private network (VPN); providing a graphical user interface (GUI) displaying information associated with at least one pseudowire participating in the virtual private network. | 04-14-2011 |
20110090911 | METHOD AND APPARATUS FOR TRANSPARENT CLOUD COMPUTING WITH A VIRTUALIZED NETWORK INFRASTRUCTURE - A capability is provided for providing transparent cloud computing with a virtualized network infrastructure. A method for enabling use of a resource of a data center as an extension of a customer network includes receiving, at a forwarding element (FE), a packet intended for a virtual machine hosted at an edge domain of the data center, determining a VLAN ID of the VLAN for the customer network in the edge domain, updating the packet to include the VLAN ID of the VLAN for the customer network in the edge domain, and propagating the updated packet from the FE toward virtual machine. The edge domain supports a plurality of VLANs for a respective plurality of customer networks. The packet includes an identifier of the customer network and a MAC address of the virtual machine. The VLAN ID of the VLAN for the customer network in the edge domain is determined using the identifier of the customer network and the MAC address of the virtual machine. The FE may be associated with the edge domain at which the virtual machine is hosted, an edge domain of the data center that is different than the edge domain at which the virtual machine is hosted, or the customer network. Depending on the location of the FE at which the packet is received, additional processing may be provided as needed. | 04-21-2011 |
20110096784 | Controlled Propagation of VLAN Declarations - The propagation of virtual local area network (VLAN) declarations is controlled, to minimize or eliminate their propagation to packet switching devices which do not carry traffic for a corresponding VLAN. Initially and in response to a first time receipt of a VLAN declaration for a particular VLAN on a particular interface of a packet switching device, VLAN declarations for the particular VLAN is propagated out every interface of the packet switching device. After a predetermined time frame, if a VLAN declaration has not been received on a particular interface for an active VLAN, propagation of the VLAN declarations for the active VLAN will be suppressed for the particular interface. | 04-28-2011 |
20110096785 | VIRTUALIZATION-SUPPORTING PROGRAMMABLE PLATFORM DEVICE AND METHOD OF TRANSFERRING PACKET - Provided are a virtualization-supporting programmable platform device and a method of transferring a packet. The method includes, when a switch receives a packet including a destination sliver identifier (ID) and a virtual interface (VIF) ID, transferring, at the switch, the received packet to a sliver selected on the basis of the destination sliver ID, and transferring, at the sliver receiving the packet, the received packet to one of VIFs of the sliver on the basis of the VIF ID. Accordingly, a programmable platform or router supporting network virtualization can identify IDs of slivers, which are resources allocated to users in the future Internet, and VIFs connected to the respective slivers. | 04-28-2011 |
20110110377 | Employing Overlays for Securing Connections Across Networks - Computerized methods, systems, and computer-storage media for establishing and managing a virtual network overlay (“overlay”) are provided. The overlay spans between a data center and a private enterprise network and includes endpoints, of a service application, that reside in each location. The service-application endpoints residing in the data center and in the enterprise private network are reachable by data packets at physical IP addresses. Virtual presences of the service-application endpoints are instantiated within the overlay by assigning the service-application endpoints respective virtual IP addresses and maintaining an association between the virtual IP addresses and the physical IP addresses. This association facilitates routing the data packets between the service-application endpoints, based on communications exchanged between their virtual presences within the overlay. Also, the association secures a connection between the service-application endpoints within the overlay that blocks communications from other endpoints without a virtual presence in the overlay. | 05-12-2011 |
20110134925 | Switching Apparatus and Method Based on Virtual Interfaces - A network device comprises a plurality of physical ports, and a packet processing pipeline coupled to the plurality of physical ports. The packet processing pipeline is configured to assign a virtual port from a plurality of virtual ports to a packet received via one of the physical ports, wherein a quantity of the plurality of virtual ports is larger than a quantity of the plurality of physical ports, and wherein, for each of at least some of the physical ports, multiple virtual ports correspond to one physical port. The packet processing pipeline is also configured to assign a virtual domain from a plurality of virtual domains to the packet based on the assigned virtual port, and process the packet based on one or more of i) the assigned virtual port, ii) the assigned virtual domain, and iii) a header field of the packet, including determining zero, one, or more physical ports to which the packet is to be forwarded. | 06-09-2011 |
20110158241 | Method and device for transmitting control message based on multi-ring ethernet - A method and device for transmitting a control message based on a multi-ring Ethernet are provided, wherein the method comprises the following steps: control virtual local area networks of a main ring and a sub-ring are configured (S | 06-30-2011 |
20110194564 | Distributing Ethernet Alarm Indication Signal Information to Multiple Virtual Local Area Networks - Ethernet Alarm Indication Signal (ETH-AIS) information for multiple Virtual Local Area Networks (VLANs) is consolidated and distributed to the multiple VLANs in a single Ethernet frame. Note, as used herein, “Alarm Indication Signal (ETH-AIS)” refers to an IEEE 802.x or ITU-T Y.1731 Ethernet Alarm Indication Signal. A device receiving the Ethernet frame with the consolidated ETH-AIS information typically forwards the frame out each port that communicates traffic for one of the VLANs included in the consolidated ETH-AIS information. | 08-11-2011 |
20110206052 | DATA TRANSFER SYSTEM ENABLING ACCESS TO MULTIPLE SUBNETS AND METHOD THEREOF - A data transfer system enabling access to multiple subnets and method thereof is disclosed. The data transfer method includes the following steps: executing a virtual private network (VPN) client installed on an electronic system; connecting the VPN client to a VPN router; the VPN client assigning a virtual IP address to a virtual interface; and the VPN client accessing a subnet corresponding to the virtual IP address through the virtual IP address. | 08-25-2011 |
20110216775 | System and Method for Multiple Concurrent Virtual Networks - Techniques are provided for establishment of multiple concurrent virtual networks. In one example, there is provided a method operable by a virtual network controller (VNC) or the like. The method may involve establishing communication links with a plurality of virtual network interfaces (VNIs) operatively coupled to a plurality of virtual networks. The method may involve establishing a single port communication link with an operating system. The method may involve allowing the virtual networks to be transported on top of a physical network, and facilitating communication between the operating system and the virtual networks via the single port communication link. | 09-08-2011 |
20110228786 | SYSTEM AND METHOD FOR REGISTERING AND UN-REGISTERING MEMBERSHIP IN VIRTUAL LOCAL AREA NETWORKS - In one embodiment, a network device in a computer network determines a plurality of attribute events that each represent a virtual local area network (VLAN) registration state of a respective VLAN of a plurality of VLANs in the computer network. The plurality of attribute events are grouped into a plurality of sets of two or more attribute events. For each set of two or more attribute events, an encoded value is computed for the set with an encoding algorithm that encodes the two or more attribute events of the set into a single encoded value. Each of the plurality of encoded values is loaded within an attribute structure of a protocol data unit (PDU) message, such that the plurality of encoded values that encompass the plurality of VLANs are included within the attribute structure of the PDU message. The PDU message is transmitted to one or more other network devices. | 09-22-2011 |
20110235645 | VIRTUAL SERVICE DOMAINS - In one embodiment, layer-2 (L2) ports of a network device may each be assigned to a particular virtual service domain (VSD). One or more virtual service engines (VSEs) may also be assigned in a particular order to each VSD, where each VSE is configured to apply a particular service to traffic traversing the VSE between ingress and egress service ports. Interconnecting the L2 ports and the ingress and egress service ports is an illustrative virtual Ethernet module (VEM), which directs traffic it receives according to rules as follows: a) into a destination VSD via the one or more correspondingly assigned VSEs in the particular order; b) out of a current VSD via the one or more correspondingly assigned VSEs in a reverse order from the particular order; or c) within a current VSD without redirection through a VSE. | 09-29-2011 |
20110243140 | RSTP Tracking - On a first network element to support rapid spanning tree protocol (RSTP) for a plurality of virtual local area networks (VLANs) in a network, receiving a packet from a second network element in the network; identifying a VLAN associated with the packet by checking for a tag in the packet; determining whether the VLAN associated with a packet is a master VLAN or a client VLAN, wherein the master VLAN and client VLAN are in a group of VLANs with identical topologies, such that a spanning tree can be maintained for the group of VLANs that are represented by the master VLAN; deriving forwarding information from the master VLAN associated with the client VLAN, in response to determining that the VLAN is a client VLAN; and forwarding the packet according to the forwarding information derived from the master VLAN, whereby separate spanning trees for each group of VLANs serviced by the first network element are efficiently maintained. | 10-06-2011 |
20110249677 | PAY-AS-YOU-GROW GRADUAL CUTOVER METHOD TO SCALE A PROVIDER BRIDGE NETWORK TO A VPLS OR PROVIDER BACKBONE BRIDGING NETWORK - A method and apparatus that operates two bridging protocols in a hybrid bridging node is described. The operation of the two bridging protocols in the hybrid node allows for an incremental transition of a provider bridging network from operating a legacy bridging protocol that shares MAC addresses to a bridging network that operates VPLS and/or PBB bridging protocols. The hybrid bridging node selectively broadcasts unicast packets with unknown MAC addresses from the nodes operating VPLS and/or PBB to nodes operating a legacy bridging protocol. | 10-13-2011 |
20110255545 | SYSTEM FOR CONTROLLING VIRTUAL LAN THROUGH NETWORK - A virtual local area network (LAN) control system for controlling at least one virtual LAN through a network accessed by a plurality of terminals includes a terminal, a virtual LAN switch, and a virtual LAN controller. The terminal has a proper identifier address to access the network, or receives a proper identifier address through an external device connected to the virtual LAN switch. The virtual LAN switch sets and provides at least one virtual LAN through the network. When the terminal accesses the virtual LAN controller to request to change the configuration of the virtual LAN, the virtual LAN controller assigns authority to change the virtual LAN to the terminal so as to change from the virtual LAN to which the terminal belongs to another virtual LAN. | 10-20-2011 |
20110261824 | VIRTUAL CIRCUIT CONFIGURATION METHOD - A method and apparatus are provided for configuring a virtual circuit set up between a first and a second terminal installation. The virtual circuit is carried by an underlying path including a first link set up between the first terminal installation and an intermediate installation, and a second link set up between the intermediate installation and the second terminal installation. A third link of the underlying path is set up between the intermediate installation and a third terminal installation. The method includes a step of configuring the third terminal installation, on completion of which the latter is able to process in reception a data stream transmitted through the virtual circuit. | 10-27-2011 |
20110268125 | VIRTUAL CLUSTER SWITCHING - One embodiment of the present invention provides a switch system. The switch includes one or more ports on the switch configured to transmit packets encapsulated based on a first protocol. The switch further includes a control mechanism. During operation, the control mechanism forms a logical switch based on a second protocol, receives an automatically assigned identifier for the logical switch without requiring manual configuration of the identifier, and joins a virtual cluster switch. | 11-03-2011 |
20110286462 | SYSTEMS AND METHODS FOR EQUAL-COST MULTI-PATH VIRTUAL PRIVATE LAN SERVICE - A provider edge device, associated with a virtual private local area network service (VPLS) system, includes a memory to store instructions to implement a pseudowire mechanism to receive a first data frame from a source customer edge (CE) device associated with the VPLS system, incorporate the first data frame into a first VPLS packet, determine whether the source CE device is a single-homed CE device or a multi-homed CE device, and incorporate, into the first VPLS packet, a first pseudowire label, if the source CE device is a single-homed CE device, and incorporate, into the first VPLS packet, a second pseudowire label, different from the first pseudowire label, if the source CE device is a multi-homed CE device; and a processor to execute the instructions. | 11-24-2011 |
20110292946 | Virtualization Platform - The invention relates to a visualization platform ( | 12-01-2011 |
20110299539 | Virtual Fabric Membership Assignments for Fiber Channel Over Ethernet Network Devices - Techniques are provided herein for receiving at a first network device, a virtual local area network (VLAN) discovery frame from a second network device. The second network device is configured to encapsulate Fiber Channel over Ethernet. The hardware media access control (MAC) address or Port World Wide Name (PWWN) of the second network device is extracted from the VLAN discovery frame. A mapping is identified between the second network device and a corresponding virtual storage area network (VSAN) based on the hardware MAC address or PWWN. The mapping identifies a corresponding VLAN for the second network device to use for login in order to communicate with the corresponding VSAN. Information representing the identified VLAN is sent to the second network device. | 12-08-2011 |
20120014387 | Virtual Layer 2 and Mechanism to Make it Scalable - An apparatus comprising a service network and a plurality of Layer 2 networks at a plurality of different physical locations coupled to the service network via a plurality of edge nodes at the Layer 2 networks, wherein the edge nodes are configured to maintain a plurality of Internet Protocol (IP) addresses of a plurality of hosts across the Layer 2 networks, and wherein the IP addresses of the hosts in each of the Layer 2 networks are mapped by the other Layer 2 networks to a Media Access Control (MAC) address of each of the edge nodes in the same Layer 2 networks of the hosts. | 01-19-2012 |
20120033672 | VIRTUAL IP INTERFACES ON MULTI-CHASSIS LINK AGGREGATES - Aggregation Switches connected via a virtual fabric link (VFL) are each active and each coupled to a multi-chassis link aggregate group (MC-LAG), which is assigned to a multi-chassis link aggregate group virtual local area network (MC-LAG VLAN). A virtual Internet Protocol (IP) interface is allocated to the MC-LAG VLAN and configured on both Aggregation Switches | 02-09-2012 |
20120044939 | Method and Apparatus for Transporting Ethernet Services - Frames of customer traffic may be encapsulated by adding Mac-in-Mac (MiM) encapsulation fields for transportation of the frames over a portion of provider network. The MiM encapsulated traffic may be further encapsulated using VPLS by adding VPLS encapsulation fields for transportation of the frames over another portion of the provider network. The MiM encapsulations use provider network MAC addresses which enables VPLS MAC learning to occur using provider network MAC address space. MiM tunnels are mapped to VPLS service instances which are assigned pseudowire tags for transportation over the VPLS portion of provider network. The MiM header is retained when the MiM encapsulated frames are transported over the VPLS portion of the provider network. As VPLS frames exit the core network, the VPLS encapsulation fields are removed to extract the original MiM encapsulated frames for further transportation over the MiM portion of the provider network. | 02-23-2012 |
20120057599 | System and Method for Virtual Private Local Area Network Service to Use the Flow Aware Pseudowire - An apparatus comprising a provider edge (PE) coupled to a second PE and to a customer edge (CE) and configured to establish a Virtual Private Local Area Network (LAN) Service (VPLS) that is interconnected by either a flow aware pseudowire (PW) or a flow unaware PW and exchange a flow label indication with the second PE to enable using a flow label below a PW label on the label stack. Also disclosed is a network component comprising a processor configured to support a signaling protocol that indicates a capability to send, receive, or both a flow label over a PW configured for a Layer Two (Layer 2) Virtual Private Network (VPN), a transmitter configured to send a PW packet with a flow label to a peer network component, and a receiver configured to receive a PW packet either with a flow label or without a flow label. | 03-08-2012 |
20120076149 | Transmission bandwidth quality of service - A bandwidth limiting circuit provides limiting the bandwidth of a group of virtual channels at a transmitting port to a maximum value. A limiting circuit includes a register that is repeatedly incremented with a threshold value, which threshold value is related to the desired maximum bandwidth for the group. The register is decremented by the frame length, in bytes, of the frame transmitted from one of the virtual channels belonging to the group. A comparator enables frame transmission for the group if the register value is greater than zero. A bandwidth guarantee circuit provides at least the bandwidth specified by the limiting circuit. The guarantee circuit enables one of the groups for frame transmission based on a fairness algorithm when the outputs of comparators of each of the limiting circuit are low. | 03-29-2012 |
20120076150 | CONTROLLED INTERCONNECTION OF NETWORKS USING VIRTUAL NODES - Methods, apparatuses, and systems for controlling interconnections between nodes using virtual nodes are described. A physical node—such as a router, bridge, switch, etc.—stores a virtual cost associated with a virtual link that links virtual nodes of the physical node. A first physical port and a second physical port of the physical node are designated as belonging to a first virtual node and a third physical port of the physical node is designated as belonging to the second virtual node. The first physical port is associated with a first network partition and the second physical port is associated with a second network partition. The physical node transmits a routing information packet that includes the virtual cost. | 03-29-2012 |
20120106555 | LOW LATENCY CARRIER CLASS SWITCH-ROUTER - Systems and techniques for processing and forwarding packets are described. During operation, a system can receive a packet on an input port. Next, the system can identify a set of bits in the packet that represents a route from a source node to a destination node in an n-ary tree. The system can then determine an output port based on a subset of the set of bits. Next, the system can determine whether the output port is free. If the output port is not free, the system can use a contention resolution mechanism to store the packet in an on-chip memory or an off-chip memory based on space availability and the packet's priority. If the output port is free, the system can send the packet through the output port. | 05-03-2012 |
20120147893 | E-Tree Interoperability Between MPLS Domain Devices and Ethernet Domain Devices - An E-Tree service interoperability mechanism between VPLS domain devices (e.g., MPLS domain devices) and Ethernet domain devices. E-Tree interoperability functionality is provided whereby the E-domain device directly connected to the VPLS device is modified to perform an asymmetric VLAN tag manipulation on traffic forwarded between the VPLS device and itself. The capabilities of VPLS are used to divide between roots and leaves, even if both exist in the same E-domain, so that they do not share VLANs resulting in preventing roots and leaves in the same E-domain from communicating directly, but rather through the VPLS devices to which the E-domain connects. Traffic on the E-domain is segregated into a root VLAN to which roots are connected, a root-to-leaf VLAN for forwarding root-originated traffic from the VPLS-domain to the leafs, and a leaf-to-root VLAN for handling traffic originated by the leafs destined to roots. | 06-14-2012 |
20120147894 | METHODS AND APPARATUS TO PROVISION CLOUD COMPUTING NETWORK ELEMENTS - Methods and apparatus to provision cloud computing network elements are disclosed. A disclosed example method includes receiving a selection of a cloud networking template from a client, wherein the cloud networking template includes a data center connector type and a wide area network connector type, configuring a virtual machine on a host server based on the cloud networking template, configuring a data center connector based on the data center connector type, configuring a wide area network connector based on the wide area network connector type, and coupling the wide area network connector to the data center connector and coupling the data center connector to the virtual machine within the host server to enable the client to access the virtual machine. | 06-14-2012 |
20120163388 | SYSTEMS AND METHODS FOR VLAN TAGGING VIA CLOUD BRIDGE - The present disclosure is directed to supporting multiple virtual LANs (VLANs) via a single tunnel between intermediary devices. A first intermediary device of a first data center on a first network receives, from a second intermediary device of a second data center on a second network, an encapsulated packet via a tunnel established between the first intermediary device and the second intermediary device. The first intermediary device comprising a plurality of network interfaces, each corresponding to a virtual LAN (VLAN) network of a plurality of VLAN networks. The first intermediary device detects that the encapsulated packet has been tagged with virtual LAN (VLAN) information by the second intermediary device identifies a VLAN network of the plurality of VLAN networks and transmits a packet of the encapsulated packet via the network interface corresponding to the identified VLAN network. | 06-28-2012 |
20120177054 | Managing Active Edge Devices in VPLS Using BGP Signaling - In one embodiment, a method includes establishing in a Virtual Private Local Area Network (LAN) Service (VPLS) over Multi-Protocol Label Switching (MPLS) network a floating pseudowire between a first provider edge router and a redundancy group having a plurality of provider edge routers each configured to forward data toward a external device. Each provider edge router in the redundancy group is configured to maintain an active link to the external device. A provider edge router that is not a member of the redundancy group sends data directed to the external device through the floating pseudowire. Only one provider edge router in the redundancy group receives and forwards the particular data to the external device. | 07-12-2012 |
20120182997 | METHOD AND APPARATUS FOR PROVIDING TRANSPORT OF CUSTOMER QOS INFORMATION VIA PBB NETWORKS - A customer Quality-of-Service (QoS) transport capability is depicted and described herein. The customer QoS transport capability enables transparent transport of customer QoS information via a Provider Backbone Bridging (PBB) network. The customer QoS transport capability enables customer QoS information that would normally be terminated at a point of ingress to a PBB network to be transported via the PBB network transparently and recovered at a point of egress from the PBB network. | 07-19-2012 |
20120182998 | Auto-Provisioning of Network Services Over an Ethernet Access Link - In one embodiment, an apparatus includes an Ethernet port, for connection to an Ethernet access network providing multiple different services. A plurality of local service ports are provided for connection to items of peripheral customer premises equipment (CPE), each item supporting a different, respective service. A bridge is coupled to convey data frames between the Ethernet port and the local service ports. A controller is coupled to receive via the Ethernet port at least one provisioning message indicating associations between the services and respective Virtual Local Area Network (VLAN) identifiers, and to configure the bridge, responsively to the provisioning message, to forward the data frames received via the Ethernet port on each VLAN to a respective service port in accordance with the associations. | 07-19-2012 |
20120201249 | LEAKY ETHERNET TREES - A network device may receive an Ethernet frame from a first leaf user-to-network (UNI) interface in a tree. The tree includes the first leaf UNI, a second leaf UNI, and a root UNI. In addition, the network device may look up, in a table, source and destination media access control (MAC) addresses in the Ethernet frame and a field value in a virtual local area network (VLAN) tag in the Ethernet frame. The destination MAC address is associated with the second leaf UNI. In addition, the network device may identify, based on the lookup, an output port via which the Ethernet frame is to be sent from the network device. Furthermore, the network device may send, through the output port, the Ethernet frame toward the second leaf UNI in the tree via a network path that includes the first leaf UNI and the second leaf UNI. The network path does not include the root UNI of the tree. | 08-09-2012 |
20120207169 | METHOD OF PROVIDING VIRTUAL ROUTER FUNCTIONALITY - A method of presenting different virtual routers to different end users, classes of service, or packets is provided. An incoming packet is received having a VLAN field and at least one additional field. A key is formed from the VLAN field and at least one other packet field, and mapped into a virtual router identifier (VRID) using an indirection mapping process. The VRID identifies a particular virtual router configuration from a plurality of possible virtual router configurations. A networking device is configured to have the particular virtual router configuration identified by the VRID, and the packet is then forwarded by the configured device. | 08-16-2012 |
20120207170 | VIRTUAL PRIVATE LAN SERVICE PACKET PROCESSING - Embodiments of the invention are directed to processing Virtual Private LAN Service (VPLS) packets. Each VPLS packet is processed in two stages. In a first stage Layer 2 and Layer 3 headers are parsed from the packet to obtain an Ethernet frame and Traffic management characteristics are determined according to the L3 header. In a second stage a type of Ethernet frame is determined, as either one requiring replication or not, and the Ethernet frame is forwarded in accordance with the TM characteristics based on the determined frame type. This approach allows for a modular implementation which provides enables high performance and efficient utilization of processing resources. | 08-16-2012 |
20120207171 | Method and Apparatus for Interworking VPLS and Ethernet Networks - To allow seamless interworking between an 802.1ah service instance (ISID) and a VPLS service instance, the AGI value used to signal the setup of the pseudowire portion of the VPLS may carry the ISID value of an associated 802.1ah service instance. This allows the service instance to be identified end-to-end across the Ethernet and VPLS networks using the same value without modifying how the MPLS network operates. The VPLS network will use AGI/AII signaling to set up pseudowires on the MPLS network, but instead of using an AGI value assigned by the MPLS network, the AGI value that is assigned will be taken from the ISID value of the Ethernet frame or from ISIDs registered by the Ethernet network. | 08-16-2012 |
20120219004 | GENERALIZED MULTI-HOMING FOR VIRTUAL PRIVATE LAN SERVICES - A generalized multi-homing capability is depicted and described herein. The generalized multi-homing capability supports use of a generalized multi-homed site object and associated generalized multi-homed site identifier for Virtual Private LAN Services (VPLS). For example, a generalized multi-homed site object may be generated using a multi-homed site object by associating an Ethernet endpoint object and a pseudowire endpoint object with the multi-homed site object. For example, a generalized multi-homed site object may be generated using a multi-homed site object by associating an Ethernet endpoint object with the multi-homed site object and associating one or more Ethernet-related objects with the Ethernet endpoint object. The generalized multi-homed site object is configured to support multiple types of endpoints, thereby enabling multi-homing to be supported for various types of devices in various types of networks (e.g., between devices of customer and service provider networks, between devices within a service provider network, between devices of different service provider networks, and the like) and for various types of services. | 08-30-2012 |
20120224584 | RELIABILITY PROCESSING METHODS AND SYSTEMS IN THE NETWORKING OF METRO ETHERNET NETWORK PROVIDING MULTI-SERVICE - A reliability processing method in networking of Metro Ethernet Network providing multi-service includes: establishing a Virtual Router Redundancy Protocol (VRRP) group with at least two service control gateways, establishing network connections between an access device (UPE) and the service control gateways in the Virtual Router Redundancy Protocol group by a Virtual Private LAN Service (VPLS); performing Layer 2 service and Layer 3 service processing, after active and standby service control gateways in the Virtual Router Redundancy Protocol group are determined according to a processing result of a Virtual Router Redundancy Protocol message. Therefore, the reliability of the Layer 2 and Layer 3 services of the MAN may be sufficiently guaranteed, and the overhead of the system may be reduced significantly. | 09-06-2012 |
20120236868 | METHOD FOR FAST SWITCHING TRAFFIC IN H-VPLS - In a method for fast switching traffic in a hierarchical virtual private LAN service for use in a User-facing Provider Edge (UPE) device, a shared logic port number is assigned to each pair of primary pseudo wire and standby pseudo wire. A MAC address associated with a pair of primary pseudo wire and standby pseudo wire is associated with a logic port number shared by the primary pseudo wire and standby pseudo wire. Filling, in a logic port table, for each logic port entries containing: a logic port number, a primary pseudo wire inbound-label, a standby pseudo wire inbound-label, a primary pseudo wire outbound-label, a standby pseudo wire outbound-label and information of leaving a public network. Setting the corresponding information of leaving the public network in the logic port table depending upon whether the primary pseudo wire is active or inactive. | 09-20-2012 |
20120243544 | USAGE OF MASKED BMAC ADDRESSES IN A PROVIDER BACKBONE BRIDGED (PBB) NETWORK - Techniques disclosed herein include features and methods that extend functionality of provider networks including Provider Backbone Bridges (PBB) networks. Techniques include using a portion of information within Ethernet address encapsulation headers for purposes other than identifying source and destination device addresses. The system limits a number of bits in an address header that should be considered by a provider network node when doing an address lookup in forwarding tables of a provider network node, such as by masking the portion of bits or otherwise disregarding that portion of bits during address lookup. The remaining bits in the address field(s) become free bits that can be used for a variety of application purposes, such as flow path selection. By using information fields that already exist in the Mac-In-Mac (MIM) encapsulation header, such Techniques provide additional information without increasing packet size or requiring new protocols. | 09-27-2012 |
20120243545 | METHOD AND DEVICE FOR DETERMINING FORWARDING RULE FOR DATA PACKET - A method and corresponding device for determining forwarding rule for data packet in Virtual Private LAN Service with Provider Backbone Bridge (PBB-VPLS) network are disclosed. In the method, a value in a backbone service instance identifier (I-SID) field of the received data packet is firstly examined, then a virtual split horizon group corresponding to the data packets is determined based on the I-SID value, wherein the virtual split horizon group defines a forwarding rule for the data packets between different pseudo wire ports of the PBB-VPLS network. With the dynamic split horizon group, the method dynamically adapts to different forwarding rules for multiple I-VPLS instances with different tree topologies, and is capable of supporting multiple I-VPLS instances with different root sites and tree topologies in one B-VPLS instance, thereby ensuring the stability of the backbone network and reducing the network operation cost. | 09-27-2012 |
20120250693 | METHOD, SYSTEM AND COMPUTER PROGRAM PRODUCT FOR PROVIDING ETHERNET VLAN CAPACITY REQUIREMENT ESTIMATION - A method, system, and computer program product for providing VLAN capacity requirement estimation is provided. The method includes receiving at a computing system a VLAN configuration file that specifies VLAN access ports, VLAN switches and VLAN trunks in a VLAN. A target access port identifier is received at the computing system from a requestor. A target trunk and target switch corresponding to the target access port are determined at the computing system. A bandwidth contribution of the target access port to the VLAN is calculated at the computing system. The calculating is based on a least contribution algorithm that reflects an impact of provisioning the target access port with respect to trunk capacity, and is responsive to the target bandwidth requirement, the target class of service and placement of the target port in the VLAN. The bandwidth contribution is then transmitted to the requestor. | 10-04-2012 |
20120263183 | METHOD AND APPARATUS FOR SELF-LEARNING OF VPNS FROM COMBINATIONS OF UNIDIRECTIONAL TUNNELS IN MPLS/VPN NETWORKS - In one embodiment, a data packet is received at a network device. A layer-2 identification (L2ID) value is identified for the received data packet based on a destination address and a label stack of the received data packet. The L2ID value is specific to an application associated with the data packet. A 6-tuple is created that includes the L2ID value. The received data packet is classified using the 6-tuple. Deep packet inspection (DPI) services are performed based on the classification of the received data packet. The DPI services apply a set of one or more application-level policies to the received data packet. The received data packet is forwarded from the network device toward a destination. | 10-18-2012 |
20120281706 | SYSTEMS AND METHODS FOR CLOUD BRIDGING BETWEEN INTRANET RESOURCES AND CLOUD RESOURCES - Embodiments of the present solution provide a cloud bridge to bring network transparency between the otherwise disparate networks of the datacenter and cloud service provider. For example, appliances may be deployed in the datacenter and on the edge of the cloud. These appliances may be configured or designed and constructed to communicate with each other and recognize and understand the local IP and/or public IP network information of the on-premise datacenter of the enterprise and the cloud datacenter. These appliances may manage the flow of network traffic between the on-premise and cloud datacenters in a manner to appear and act seamlessly and transparently as a single network spanning both the on-premise and cloud data centers. | 11-08-2012 |
20120300784 | METHOD FOR SENDING ETHERNET FRAMES IN ETHERNET TREE SERVICE AND PROVIDER EDGE DEVICE - The present disclosure relates to the field of network communication, and in particular, to a method for sending Ethernet frames in an Ethernet Tree service and a provider edge device. The method includes: receiving, by a VLAN bridge, Ethernet frames sent by a root node or a leaf node; importing, by the VLAN bridge, the Ethernet frames into a root VLAN or a leaf VLAN according to the type of the node sending the Ethernet frames, and sending the Ethernet frames to a same virtual switch instance VSI; and sending, by the VSI, the Ethernet frames to a corresponding remote PE device by a pseudowire. Using the solution provided in the embodiments of the present disclosure, a VLAN is associated with the type of the node sending the Ethernet frames, thereby achieving effective isolation between the E-Tree leaf nodes and ensuring the original scalability of VPLS. | 11-29-2012 |
20120300785 | Method and Device for Realizing Flexible QinQ - A method for realizing flexible QinQ, including: after receiving a message, searching for a Media Access Control (MAC) address entry corresponding to the message in a MAC address table, if the corresponding MAC address entry is searched out, performing flexible QinQ for the received message according to the flexible QinQ information included in the MAC address entry, and forwarding the message after completing the flexible QinQ transformation. The present invention also provides a device for realizing flexible QinQ and a QinQ transformation board. The present invention gets rid of a high-cost network processor, enables storage of the flexible QinQ information and fast forwarding of the messages just on a simple interface board, it overcomes the problem in the prior art that the speed of massively searching the QinQ entry is slow and enlarges the profits of operators and network product users at the same time. | 11-29-2012 |
20130010799 | Efficient Software-Based Private VLAN Solution for Distributed Virtual Switches - Packet processing logic of a host system's virtualization manager detects packets on the ingress or the egress path to/from a virtual port having three bitmap arrays for processing packets within a virtual local area network (VLAN). The logic checks the VLAN identifier (VID) of the packet to determine, based on an offset position within the corresponding bitmap array, whether the port supports the VLAN. Both the ingress array offset position and egress array offset positions correspond to the value of the VID, and are set within the specific bitmap array during configuration of the VLAN on the port. When the VLAN is supported by the port, the logic enables the packet to be processed by the port. Otherwise, the logic discards the packet. A strip bitmap array indicates when a packet's VID should be removed prior to forwarding the packet on the egress of a port (or destination port). | 01-10-2013 |
20130044757 | Proxy FHRP for Anycast Routing Service - Embodiments described herein achieve proxy FHRP for anycast routing services through the coordination of L2MP edge switches to allow load balancing for the use of routing services. Such embodiments may avoid duplicity and coordinate control planes between the edge switches to present a proxy interface to the rest of the network for the routing services. As such, multipathing and load-balancing for efficient use of crucial services may be provided for client nodes inside the network. | 02-21-2013 |
20130094513 | RELAY APPARATUS AND CONTROL METHOD - A relay apparatus includes a first data storage unit and a processor. The first data storage unit stores an output port identifier in connection with a combination of a port identifier and a communication type identifier. The processor obtains, when a frame is received, a first output port identifier corresponding to a combination of a port identifier of a port that received the frame and a communication type identifier included in the received frame by use of the first data storage unit to output the received frame to a port identified by the first output port identifier. | 04-18-2013 |
20130094514 | METHOD AND SWITCH FOR SENDING PACKET - The present disclosure discloses a method and a switch for sending a packet, which belongs to the field of computer network technologies. A layer 3 switch which is configured with an aggregated VLAN containing a plurality of VLANs searches information regarding correspondence between IP addresses and the VLANs to determine if there is a VLAN in the aggregated VLAN that corresponds to a target IP address in a packet; if there is a VLAN that corresponds to the target IP address, sends the packet to only that VLAN. In the technical solutions of the present disclosure, the number of invalid packets that are sent can be effectively reduced, thereby reducing an influence of the invalid packets on the whole virtual local area network. | 04-18-2013 |
20130114606 | MULTIPLE DELIVERY ROUTE PACKET ORDERING - A hybrid network device can implement functionality to indicate the sequence of packets associated with a common packet stream transmitted via a plurality of packet routes and to manage out-of-order packet arrival. In a hybrid communication network, a first network device can determine sequence identifiers associated with a plurality of packets of a packet stream received from a second network device via a plurality of packet routes between the first network device and the second network device. The first network device can detect out-of-order delivery of one or more of the plurality of received packets based, at least in part, on the sequence identifiers associated with the plurality of packets. Consequently, the first network device can re-order at least a subset of the plurality of packets based on the sequence identifiers associated with the plurality of packets. | 05-09-2013 |
20130114607 | Reference Architecture For Improved Scalability Of Virtual Data Center Resources - In an embodiment, a method for operating a data center includes interconnecting a hierarchy of networking devices comprising physical networking devices and virtual networking devices, such that physical networking devices are located at two or more higher levels in the hierarchy, and the virtual networking devices are located in at least one lower levels of the hierarchy. Virtual Local Area Networks (VLANs) are terminated only in physical networking devices located at the lowest of the two or more higher levels in the hierarchy. | 05-09-2013 |
20130114608 | VLAN Numbering In Access Networks - The invention relates to VLAN numbering in access networks. | 05-09-2013 |
20130114609 | VLAN Numbering In Access Networks - The invention relates to VLAN numbering in access networks. | 05-09-2013 |
20130136138 | Interfaces To Manage Direct Network Peerings - Methods and apparatus for interfaces to manage direct network peerings. A system may include a data center, endpoint routers and a connectivity coordinator. The coordinator implements a programmatic interface defining connectivity operations. The coordinator receives a request for dedicated connectivity to data center resources, formatted according to the interface. The coordinator selects a target endpoint router at which to establish a physical link to implement the dedicated connectivity, and transmits a response identifying the target endpoint router and including configuration instructions for setting up a physical link for the dedicated connectivity. | 05-30-2013 |
20130177022 | Dynamic Virtual LANs to Segregate Data - Systems, methods, and apparatus for receiving commands and controlling allocation of ports of a communications switch to one or more virtual local area networks (VLANs). | 07-11-2013 |
20130182712 | SYSTEM AND METHOD FOR MANAGING SITE-TO-SITE VPNS OF A CLOUD MANAGED NETWORK - A management server includes a configuration and management module processing server configuration information, including a VPN peer list and VLAN/subnet settings. The management server automatically calculates the VPN configuration information, including the VPN peer subnet route information identifying which of the subnets participating in the VPN are behind which of the routers and keys to establish VPN tunnels between those routers participating in the VPN. Each of the routers participating in the VPN includes a VPN tunnel with the other routers participating in the VPN, a set of data structures storing data identifying contact information for each of the subnets participating in the VPN, a combination of an IP address and port to reach one of routers that that subnet is behind, and a forwarding module to forward traffic between the subnets. | 07-18-2013 |
20130195111 | Shortest Path Bridging in a Multi-Area Network - A method that improves multi-area routed Ethernet network design, in which multipath implementation in each of the areas is independent of each other area to allow optimal network design in each area. The network implements a shortest path bridging medium access control (SPBM) protocol. The areas include a Level 2 (L2) routing area coupled to a Level 1 (L1) routing area via multiple area border bridges (ABBs). The L1 routing area including a backbone edge bridge (BEB) coupled to the ABBs via multiple L1 multipath instances identified by respective backbone VLAN identifiers (B-VIDs). The ABBs receive an advertisement from the BEB that indicates a set of BEB identifiers, each of which identifies the BEB and is associated with a respective B-VID. Each of the BEB identifiers is unique. The ABBs also advertise into the L2 routing area, and translate the B-VIDs based on service identifiers for frames transiting the ABBs. | 08-01-2013 |
20130235874 | MULTITENANT ACCESS TO MULTIPLE DESKTOPS ON HOST MACHINE PARTITIONS IN A SERVICE PROVIDER NETWORK - Routers and host machines can host desktops for two or more enterprises. A virtual local area network is established for each enterprise. Each virtual local area network is connected to a plurality of host machines for the enterprise, with each host machine supporting desktops for use by the enterprise. The desktops access computer resources on the enterprise network of the enterprise to which it is connected. Resources within a host machine are shared by having a virtual switch for each enterprise the host machine supports. The virtual switch for an enterprise is connected to the virtual local area network of the enterprise. Desktops in the host machine that are allocated to the enterprise are given network addresses that include the tag for that enterprise. Virtual desktops for different enterprises can be hosted on different partitions of the same host machine. | 09-12-2013 |
20130235875 | METHOD AND APPARATUS FOR INTERNETWORKING ETHERNET AND MPLS NETWORKS - MPLS networks offering PW or VPLS services may be interconnected with Ethernet networks implemented according to 802.1ah or 802.1Qay. The MPLS network may be a core and offer services to the Ethernet access networks, or vise-versa. Additionally, a mixture of different types of access networks may be interconnected by an MPLS core or an Ethernet core. Both network interworking and service interworking are provided. OAM fault detection may be implemented via maintenance entities extending across the network or end to end depending on the combination of networks and services offered by the networks. | 09-12-2013 |
20130266019 | L3 Gateway for VXLAN - In an embodiment, the disclosure includes an apparatus comprising a host component which comprises a virtual switch associated with a virtual machine (VM). The host component is in communication with a routing component which is connected to a network and comprises a network address. The VM sends a communication packet to the virtual switch. The communications packet comprises address information comprising a virtual destination address. The virtual switch replaces the virtual destination address of the communications packet with the network address of the routing component. The disclosure also includes a network comprising a plurality of host components each comprising a virtual switch. The host components are connected to a common routing component. A first virtual switch is designated to respond to address requests and all non-designated virtual switches are configured not to respond to address requests. | 10-10-2013 |
20130279510 | ARCHITECTURE FOR ROUTING DATA OF A CUSTOMER NETWORK OVER PROVIDER'S NETWORK IN PROVIDER BACKBONE BRIDGES - Embodiments of the disclosure are related to routing or switching data of a customer network over a provider's network in Provider Backbone Bridge (PBB) to another customer network such that the traffic in the communication channel between the two customer networks is reduced and thus prevents packet loss. The architecture model for routing or switching data of a customer network over a provider's network is a B-component bridge used in backbone networks which performs Σ | 10-24-2013 |
20130287032 | UPDATING VIRTUAL NETWORK MAPS - A switch determines a path, not included in a first set of virtual networks associated with the switch. It is determined if the path can be added to an existing virtual network in the first set of virtual networks. If the path cannot be added, a new virtual network is created to include the path. | 10-31-2013 |
20130287033 | ROUTING DATA PACKETS ON A NETWORK - A plurality of data flows can be routed from a first node of the network to one or more other nodes of the network. A destination of a data packet for each data flow is determined. When the destination node of the data packet of that data flow is not adjacent to the first node, a probabilistic determination is made for a next hop of data packets of that data flow. When the destination node of the data packet of that data flow is adjacent to the first node, a priority designation is made for the next hop of data packets of that data flow as being the destination node. The next hop for data packets of the data flow is determined based on either the probabilistic determination or the priority designation. | 10-31-2013 |
20130287034 | USING PROBABILISTIC VALUES FOR ROUTING DATA PACKETS ON A DATA CENTER NETWORK - A set of virtual local area networks (VLANs) are defined from a set of nodes that comprise a data center network. A set of possible paths are determined for routing data packets from a root node to one or more other nodes of the set of nodes. A set of probabilistic values are identified for determining a path in the set of possible paths that individual data packets are to take as between the root node and a destination node specified by the individual data packet. The data packets are routed to the destination node specified by that data packet, along a path that is determined by use of the set of probabilistic values. The path may be provided by one or more VLANs. | 10-31-2013 |
20130294452 | METHOD, APPARATUS, AND SYSTEM FOR SELECTING NETWORK DEVICE - Embodiments of the present invention disclose a method, an apparatus, and a system for selecting a network device. The method includes: receiving, by a second network device, a network device selection message sent by a first network device, where the network device selection message contains a VLAN mapping capability identifier of the first network device; and selecting, by the second network device, according to the VLAN mapping capability identifier and local VLAN mapping capability, a network device for executing VLAN mapping. By using the technical solutions provided in the embodiments of the present invention, execution of VLAN mapping for a bidirectional pseudo wire (PW) between two network devices on a same network device may be implemented, and there are only two VLAN identifiers on the bidirectional PW, thereby ensuring consistency of VLAN mapping and making it simpler and easier to maintain and detect the PW. | 11-07-2013 |
20130308646 | ENABLING MEDIA ACCESS CONTROL ADDRESS MOBILITY IN AN ETHERNET VIRTUAL PRIVATE NETWORK - In one embodiment, a method includes obtaining an indication that a device is attached to a provider edge. The device has a media access control (MAC) address, wherein the device was previously attached to a first provider edge (PE) of a Multiprotocol Label Switching (MPLS) network. The method also includes issuing a first advertisement that identifies the MAC address. The first advertisement includes a first MAC address mobility attribute arranged to indicate a number of times the MAC address has moved with respect to the MPLS network. | 11-21-2013 |
20130308647 | Virtual Local Area Network State Processing in a Layer 2 Ethernet Switch - A method, apparatus and computer-readable storage media are provided for determining, at a physical switch configured to interface with a plurality of physical servers via a plurality of corresponding physical ports of the physical switch, a number of virtual local area networks (VLANs) serviced by the plurality of physical servers, each of which is configured to service one or more virtual machines in one or more of the VLANs. A plurality of VLAN compression groups are automatically defined such that a port VLAN count of the physical switch is reduced, wherein the port VLAN count identifies a number of VLANs that interface with the physical switch via the plurality of physical ports. The one or more VLANs are automatically assigned to one of the VLAN compression groups. | 11-21-2013 |
20130308648 | EXTENDED PRIORITY FOR ETHERNET PACKETS - A network device includes a packet ingress configured to receive packets from a network, and a packet processor. The packet processor is configured to identify a first packet of the received packets as a double VLAN tagged packet including a first priority field associated with a first VLAN tag and a second priority field associated with a second VLAN tag. The packet processor is also configured to assign an extended priority profile to the first packet based on one or more bits of the first priority field and one or more bits of the second priority field, the extended priority profile being among a group of possible extended priority profiles that is larger than any group of possible priority profiles associated with a single VLAN tag of the first packet. The packet processor is further configured to process the first packet according to the assigned extended priority profile. | 11-21-2013 |
20130315252 | IMPLEMENTING PVLANs IN A LARGE-SCALE DISTRIBUTED VIRTUAL SWITCH - In one embodiment, a list of source identifiers is maintained at a virtual switch. These source identifiers are allowed to send packets through the virtual switch to ports in a private virtual local area network (PVLAN). When a packet is received at the virtual switch from a particular source destined for a particular port in the PVLAN, the virtual switch determines whether a particular identifier associated with the particular source matches one of the source identifiers in the list. If that particular source identifier is not on the list, the packet is prevented from being forwarded to the particular port in the PVLAN. | 11-28-2013 |
20130322453 | ROUTING VLAN TAGGED PACKETS TO FAR END ADDRESSES OF VIRTUAL FORWARDING INSTANCES USING SEPARATE ADMINISTRATIONS - A process is implemented in a network element of a packet data to route packets with embedded virtual local area network information and an IP header to far end addresses of virtual forwarding instances. The method receiving a frame including an embedded virtual network identifier (VNI). The VNI is looked up to identify a virtual forwarding instance (VFI), the VFI having a correlated an I-Component Service Identifier (I-SID) and an internet protocol (IP) to backbone media access control (B-MAC) table that is shared with a set of VFIs each having correlated I-SIDs. The VFI resolves an IP address of the frame to a B-MAC address using the shared IP to B-MAC resolution table and encapsulates the frame with the I-SID and B-MAC; and the frame is then sent to the remote B-MAC address. | 12-05-2013 |
20130329741 | METHODS SYSTEMS AND APPARATUSES FOR DYNAMICALLY TAGGING VLANS - Systems, mechanisms, apparatuses, and methods are disclosed for dynamically tagging VLANs. For example, in one embodiment such means include: means for receiving a packet having identified therein a source Media Access Control (MAC) address and a Virtual Local Area Network (VLAN) Identifier, wherein the VLAN identifier corresponds to a VLAN which is non-existent on a network switch; means for modifying the packet received to include two VLAN tags, a first VLAN tag corresponding to the VLAN identifier identified within the packet received and a second VLAN tag, distinct from the first; means for determining no forwarding database entry exists for the modified packet; and means for creating the VLAN on the network switch to handle received packets tagged with the VLAN identifier. | 12-12-2013 |
20140016647 | NETWORK SYSTEM AND VLAN TAG DATA ACQUIRING METHOD - In the present situation, a switch cannot identify inner tag data (VLAN ID data before QinQed in the input of OF-NW) given to each of packets which flow in an open flow network (OF-NW). Therefore, OF-NW composed only one VLAN cannot handle a plurality of VLANs. Specifically, a controller handles a plurality of VLANs in the OF-NW in which there is only one VLAN, by mapping the inner tag data given to the packets which flow through the OF-NW, and flow cookie data showing the flow entry corresponding to the packets which flow through the OF-NW. Specifically, the flow flowing into the OF-NW is transferred from the switch to the controller, and the controller learns VLAN ID data in the input of the OF-NW, and handles the plurality of VLANs by mapping this VLAN ID and the flow cookie data showing the flow entry corresponding to the packet in the OF-NW. | 01-16-2014 |
20140023080 | System and Method for Scaling IPv6 on a Three-Tier Network Architecture at a Large Data Center - Some implementations provide a method for managing switches in a data center that includes: (1) establishing a connection from one switch to another switch in the data center, the data center providing a plurality of virtual local area networks (VLANs), each VLAN including at least one Virtual Machine and capable of spanning across more than one of the plurality of switches; (2) provisioning device prefixes for IPv6 addresses, a given device prefix corresponding to a particular VLAN on a particular switch in the data center, the given device prefix included in a host address of a particular virtual machine, the particular virtual machine hosted on a server computer, the sever computer connected to the particular switch without additional intervening switches; (3) configuring a hardware memory to include prefix information and address information; and (4) transferring packets by using the prefix information and the address information. | 01-23-2014 |
20140023081 | Method and Apparatus for Transporting Ethernet Services - Frames of customer traffic may be encapsulated by adding Mac-in-Mac (MiM) encapsulation fields for transportation of the frames over a portion of provider network. The MiM encapsulated traffic may be further encapsulated using VPLS by adding VPLS encapsulation fields for transportation of the frames over another portion of the provider network. The MiM encapsulations use provider network_MAC addresses which enables VPLS MAC learning to occur using provider network MAC address space. MiM tunnels are mapped to VPLS service instances which are assigned pseudowire tags for transportation over the VPLS portion of provider network. The MiM header is retained when the MiM encapsulated frames are transported over the VPLS portion of the provider network. As VPLS frames exit the core network, the VPLS encapsulation fields are removed to extract the original MiM encapsulated frames for further transportation over the MiM portion of the provider network. | 01-23-2014 |
20140023082 | SYSTEM AND METHOD FOR INITIALIZING AND MAINTAINING A SERIES OF VIRTUAL LOCAL AREA NETWORKS CONTAINED IN A CLUSTERED COMPUTER SYSTEM - A system and method for sharing network resources; the system comprising at least one network switch, at least one computing device comprising at least one network connection and at least one storage device containing software capable of initializing and maintaining: (i) a management local area network (MLAN) comprising a virtual or physical firewall; and (ii) a plurality of client virtual local area networks (VLANs), wherein each client VLAN comprises a virtual firewall and a plurality of network resources. | 01-23-2014 |
20140029623 | VLAN Advertisement And Automated Configuration - A gratuitous address resolution protocol frame is sent from an information handling system upon detection of VLAN status change the information handling system. A status flag included in the address resolution protocol frame provides a switch that receives the frame with the status change, such as the addition or removal of a VLAN at the information handling system. | 01-30-2014 |
20140036924 | MULTI-CHASSIS LINK AGGREGATION IN A DISTRIBUTED VIRTUAL BRIDGE - Techniques are described for routing data frames using a distributed virtual bridge in a highly integrated networked system. The distributed virtual bridge creates and manages a type of LAG referred to as “unified link aggregation group” (ULAG). Two or more link aggregation groups that span multiple physically-separated switches or chassis (referred to as MLAGs) are unified or aggregated to form a ULAG. Applications view the ULAG as a single logical link, and as long as at least one of the sub links in any of the MLAGs that are part of the ULAG is operational, network connectivity is maintained. | 02-06-2014 |
20140064286 | DETECTING VLAN REGISTRATION PROTOCOL CAPABILITY OF A SWITCH IN A COMPUTER NETWORK - In particular embodiments, a first switch implementing a first virtual local area network (VLAN) registration protocol and connected to a first end of the trunk detects whether a second switch connected to a second end of the trunk implements the first VLAN registration protocol. In an embodiment, the second switch may send an unsolicited message to the first switch indicating the VLAN registration protocol implemented by the second switch. The first switch may then determine the VLAN registration protocol implemented by the second switch. Alternatively, the first switch may send a solicited message to the second switch. By receiving a response to the solicited message, the first switch can determine that the second switch implements the first VLAN registration protocol. In response to determining that the second switch implements the first VLAN registration protocol, the first switch may enable a pruning technique in accordance with the first VLAN registration protocol. | 03-06-2014 |
20140079072 | INDIRECT COMMUNICATION IN SECONDARY VIRTUAL LOCAL ACCESS NETWORKS - A method that may include: Receiving, by a network appliance, a request, from a source host, to resolve a network layer address of a target host into a link layer address of the target host. The source host belongs to a source secondary VLAN, the target host belongs to a target secondary VLAN and both source and secondary VLANs are coupled to a primary VLAN that is coupled to a primary VLAN gateway. Determining whether to facilitate indirect communication between the target and source hosts. If so (YES) then generating, by the network appliance, a response that resolves the network layer address of the target host to a link layer address of the primary VLAN gateway; and sending the response to at least the source host. | 03-20-2014 |
20140086252 | Use Of Backbone Virtual Local Area Network (BVLAN) As Virtual Routing and Forwarding (VRF) Identifier And Shared Backbone Media Access Control (BMAC) Tables To Implement A Shortest Path Bridging (SPB) Layer 3 (L3) Virtual Services Network (VSN) - A method, apparatus and computer program product for using Backbone Virtual Local Area Network (BVLAN) as Virtual Routing and Forwarding (VRF) Identifier and shared Backbone Media Access Control (BMAC) tables to implement a Shortest Path Bridging (SPB) Layer 3 (L3) Virtual Services Network (VSN) is presented. For routed traffic, a Layer 3 (L3) Virtual Services Network (VSN) is associated with a unique Virtual Local Area Network Identifier (VLAN_ID) value in a first Shortest Path Bridging (SPB) network for routed traffic. The routed traffic comprises traffic sent over an SPB network interface, traffic received from an SPB interface, or traffic forwarded from a first SPB Network interface to a second SPB Network interface. | 03-27-2014 |
20140086253 | Overlay Virtual Gateway for Overlay Networks - A method for providing communication over an overlay virtual network (OVN) with multiple data plane encapsulations at a tunnel endpoint comprising receiving a data packet via a first overlay tunnel, wherein the data packet comprises an encapsulation header of a first encapsulation type and an inner destination address, determining an egress tunnel endpoint and a second encapsulation type supported by the egress tunnel end point based on the inner destination address, performing encapsulation translation on the data packet by replacing the encapsulation header of the first encapsulation type with an encapsulation header of the second encapsulation type to form a translated packet, and forwarding the translated packet toward the egress tunnel endpoint via a second overlay tunnel, wherein the first encapsulation type and the second encapsulation type are different encapsulation types, and wherein the data packet is destined to the egress tunnel endpoint. | 03-27-2014 |
20140092910 | Method And Apparatus For Communication Path Selection - A manner of selecting communication traffic paths through a LAN, WAN, or similar communication network. Traffic received at a source bridge is forwarded to a destination bridge along a communication path selected from a plurality of possible, preferably EHEC paths. The paths may be discovered by a breadth first search and stored in a path selection table in association with a sequential index number. The paths are selected, for example by assigning a path to a VLAN by determining V mod N, comparing the result to indices on a path selection table that associates an unique index with each of the plurality of communication paths, and selecting the path associated with an index equal to the result, wherein N is the number of paths in the plurality of paths and V is a group identifier. The selected paths may be stored in the path selection table in association with the respective VLAN, and any received traffic for that VLAN is forwarded along the selected path. | 04-03-2014 |
20140112347 | SYSTEM AND METHOD FOR MULTIPLE CONCURRENT VIRTUAL NETWORKS - Techniques are provided for establishment of multiple concurrent virtual networks. In one example, there is provided a method operable by a message management unit (MMU) or the like. The method may involve establishing communication handles with a plurality of virtual network interfaces (VNIs) operatively coupled to an operating system, and establishing a network communications socket (NCS) operatively connected to a plurality of virtual layered networks. The method may involve establishing data channels that couple the MMU and its components with the respective VNIs of the MMU, and allowing the virtual layered networks to be concurrently transported on top of physical network(s). The method may involve facilitating communication between the operating system and the virtual layered networks via the combination of the established data channels, the established handles and a network software stack of the operating system. | 04-24-2014 |
20140146822 | SYSTEMS AND METHODS FOR LINK BANDWIDTH CONSERVATION IN A LOCAL AREA NETWORK CONNECTED TO A TRILL NETWORK - An information handling system is provided. The information handling system includes systems and methods for providing link bandwidth conservation between a local area network and a TRILL campus network. Such an information handling system includes a plurality of processing modules provided by a computer processor where the plurality of processing modules including a selective packet filter and a control plane unit and memory in communication with the plurality of processing modules. The memory stores a VLAN port bitmap and a snooping table. The information handling system also has a plurality of ports, which includes at least one Ethernet port for connecting the information handling device to a LAN and a plurality of bridging ports for connecting the information handling device to a plurality of routing bridges. | 05-29-2014 |
20140169379 | RELAY APPARATUS AND CONTROL METHOD THEREOF - A disclosed relay apparatus includes: a generator that generates, upon receipt of a first packet that includes a first identifier of a virtual machine that is newly executed in an information processing apparatus connected to the relay apparatus from the information processing apparatus, a second packet that includes a second identifier of the virtual machine, which is different from the first identifier, and requests to set relay for the virtual machine; and a processing unit that sets the relay for the virtual machine by using the second identifier of the virtual machine, which is included in the second packet generated by the generator or received from the information processing apparatus. | 06-19-2014 |
20140204951 | METHODS OF ESTABLISHING VIRTUAL CIRCUITS AND OF PROVIDING A VIRTUAL PRIVATE NETWORK SERVICE THROUGH A SHARED NETWORK, AND PROVIDER EDGE DEVICE FOR SUCH NETWORK - A virtual private network (VPN) service is provided through a shared network infrastructure comprising interconnected provider edge (PE) devices having customer edge (CE) interfaces. Some of the CE interfaces are allocated to a VPN supporting virtual LANs. A correspondence between a CE interface and a virtual LAN is learnt on the basis of tagged frames received at this CE interface and including an identifier of this virtual LAN. The learning process permits the detection of pairs of CE interfaces which correspond to a common virtual LAN. Upon such detection, a virtual circuit is established in the shared network infrastructure between the PE devices having these CE interfaces, and subsequently used for forwarding frames including the identifier of the common virtual VLAN. | 07-24-2014 |
20140269732 | Uniting FDB lookups for encapsulated packets - A method of communications at an encapsulating bridge includes receiving a packet having an unencapsulated-DA (destination address) and an associated encapsulation identifier. The unencapsulated-DA and the associated encapsulation identifier are used to determine a TxPort-unencapsulated network (unencapsulated network side transmit port) or an encapsulated-DA for the packet. This method reduces latency of processing by reducing lookups, thereby also increasing transmission bandwidth of the communications network. The invention also facilitates embodiments with reduced memory and processing requirements, as compared to conventional implementations. This method is particularly useful for MAC-in-MAC encapsulation. | 09-18-2014 |
20140269733 | SCALABLE GATEWAYS FOR A FABRIC SWITCH - One embodiment of the present invention provides a switch. The switch includes a gateway subgroup module, a tunnel management module, and a packet processor. The gateway subgroup module operates the switch in conjunction with a remote switch to form a gateway subgroup. The switch and the remote switch actively operate as tunnel gateways. The tunnel management module maintains a data structure indicating whether a tunnel source subnet is associated with the gateway subgroup. The packet processor decapsulates a tunnel-encapsulated packet in response to a tunnel source subnet of the tunnel-encapsulated packet being associated with the gateway subgroup. | 09-18-2014 |
20140301401 | PROVIDING AGGREGATION LINK GROUPS IN LOGICAL NETWORK DEVICE - A control plane of a logical network device creates a service link aggregation group and adds one port from each member network device to the service link aggregation group. The logical network device includes member network devices and each port connects the logical network device to the same neighbor device. When a port of the logical network device receives a message with an unknown source address, the control plane determines if the receiving port is in any service link aggregation group. After determining the receiving port is in the service link aggregation group, the control plane configures a data plane of the logical network device with mappings between the address and the ports in the service link aggregation group. | 10-09-2014 |
20140321470 | COMMUNICATION DEVICE AND ADDRESS LEARNING METHOD - A processor determines, when a frame is received, whether a total of current learning numbers stored in a second storage unit has reached a total of maximum learning numbers. The processor identifies in the second storage unit, if it is determined that the total of current learning numbers has reached the total of maximum learning numbers, a first group identifier associated with a lower priority than a priority associated with a reception group identifier contained in the frame. The first group identifier is associated with a first current learning number not less than a first minimum learning number associated with the first group identifier. The processor replaces a first correspondence relationship including the first group identifier with a reception correspondence relationship among a port number of a port at which the frame has been received, a source address contained in the frame, and the reception group identifier. | 10-30-2014 |
20140341223 | METHODS AND SYSTEMS FOR SELECTIVELY PROCESSING VIRTUAL LOCAL AREA NETWORK (VLAN) TRAFFIC FROM DIFFERENT NETWORKS WHILE ALLOWING FLEXIBLE VLAN IDENTIFIER ASSIGNMENT - Methods and systems for selectively processing VLAN traffic from different networks while allowing flexible VLAN identifier assignment are disclosed. According to one aspect, a layer 2 switch includes a virtual switch identifier data structure that associates a VLAN identifier extracted from a layer 2 frame and a port identifier corresponding to a port on which a frame is received with a virtual switch identifier. The virtual switch identifier is used to select a per-virtual-switch data structure, such as a forwarding table. The per-virtual-switch data structure is used to control processing of the layer 2 frame on a per-virtual-switch basis. The per-virtual-switch data structure may also be updated separately from the data structures assigned to other virtual switches. | 11-20-2014 |
20140341224 | Systems and Methods for Operating a Network Arrangement - Systems and methods are provided for operating a network arrangement including multiple network devices that are coupled to each other in a ring structure. Each network device includes a control device and a switch device with at least two ports for coupling to a communication path. During operation, at least two VLANs are simultaneously provided in the ring structure, and the sending of a data packet from the control device of a selected network device is performed via a port of the switch device in one of the two VLANs. In order to achieve this, the other port of the switch device of the selected network device is deactivated for the one VLAN. By using two VLANs, a redundant and reliable data transmission may be achieved. A destabilization of the VLANs in the network ring is prevented by the targeted deactivation of specific ports of the sending network device. | 11-20-2014 |
20140376555 | NETWORK FUNCTION VIRTUALIZATION METHOD AND APPARATUS USING THE SAME - A network function virtualization device includes at least one network function virtual machine; and a network function flow switch configured to receive flows and to switch the flows to the at least one network function virtual machine, and a network functions virtualization method for applying the virtualized network function to the flows. | 12-25-2014 |
20150010008 | REGIONAL VIRTUAL VPN - Systems and methods for communication. A network abstraction layer (NAL) is built on a public Internet; and a network virtualization layer (NVL) is built on the NAL. | 01-08-2015 |
20150023357 | COMMUNICATION METHOD, COMMUNICATION APPARATUS AND NON-TRANSITORY READABLE MEDIUM - A communication method includes determining a difference state of identification numbers of communication providers corresponding to a plurality of relay transfer apparatuses on a passing outward path to an opposing communication apparatus and on a passing return path from the opposing apparatus; and switching a first virtual communication channel set between intranets and a second virtual communication channel set between the intranets to dynamically substitute and use a first communication mode of transmitting and receiving encrypted communication data to and from the opposing apparatus through the first virtual communication channel and a second communication mode of transmitting and receiving plain text communication data to and from the opposing apparatus through the second virtual communication channel, according to the determination of the difference state of the identification numbers of the providers. | 01-22-2015 |
20150030031 | FORWARDING PACKETS IN AN EDGE DEVICE - An edge device searches a MAC table to obtain information of a public network egress interface for a packet which is to be sent from a local site to a remote site to access a service, replaces a VLAN ID in the packet with a VLAN ID used for transmission in a public network, and sends the packet in which the VLAN ID has been replaced to a remote site according to the information of the public network egress interface. | 01-29-2015 |
20150030032 | VIRTUALIZATION MAPPING - Systems and methods for the management of virtual machine instances are provided. The hosted virtual machine networks are configured in a manner such that communications within the hosted virtual machine network are facilitated through a communication protocol. Illustrative embodiments of the systems and methods may be implemented on a virtual network overlaid on one or more intermediate physical networks that are used as a substrate network. Through the utilization of one or more virtual network mapping components in communication with the hosted virtual network components, communications to and from the hosted virtual networks can be processed by mapping relationships between the virtual network communication protocol and the router communication protocol. The mapping information can be provided in advance or as requested to the router components and hosted virtual network components to facilitate bi-lateral communications between the components. | 01-29-2015 |
20150078390 | PROVIDER EDGE BRIDGE WITH REMOTE CUSTOMER SERVICE INTERFACE - A method and Provider Edge Bridge for providing a C-tagged service interface or a port-based interface. In one embodiment, the Provider Edge Bridge includes a Customer Virtual Local Area Network (C-VLAN) component having a Customer Edge Port (CEP) and a plurality of Provider Edge Ports (PEPs). A first Service VLAN (S-VLAN) component is connected to the C-VLAN component and to a Metro Ethernet Network (MEN). A second S-VLAN component is connected to the C-VLAN component, to the first S-VLAN component, and to an External Network Network Interface (E-NNI). A plurality of ports on the first S-VLAN component facing the MEN are designated as S-VLAN Remote Customer Ports (RCPs) when the ports are connecting internal services in the MEN to provide the C-tagged service interface or the port-based interface to customers from a far side of the E-NNI. | 03-19-2015 |
20150098474 | SYSTEM AND METHOD FOR MANAGING VLAN ASSOCIATIONS WITH NETWORK PORTS - A system and method of managing virtual local area network (VLAN) associations with network ports includes receiving a first packet on a first port of a network switching device, extracting first VLAN identification information from the first packet, determining one or more first VLANs associated with the first port based on the first VLAN identification information, associating the first port with each of the one or more the first VLANs, and transmitting a second packet on the first port when a second VLAN associated with the second packet is included in the one or more first VLANs. In some embodiments, the first packet is received from an end station. In some embodiments, the first packet includes a VLAN identification field selected from a group consisting of a VLAN list field, a VLAN bitmap field, a Port VLAN ID type-length-value (TLV), and a Port Protocol VLAN ID TLV. | 04-09-2015 |
20150131669 | VIRTUAL NETWORK OVERLAYS - Systems and methods are provided for overlaying a virtual network on a physical network in a data center environment. An overlay system is arranged in an overlay virtual network to include an overlay agent and an overlay helper. The overlay agent is implemented in an access switch. The overlay helper is implemented in an end station that is in communication with the access switch. Overlay parameters in compliance with an in-band protocol are transmitted between the overlay agent and the overlay helper. | 05-14-2015 |
20150319042 | Virtual Local Area Network Mismatch Detection in Networks - The present disclosure discloses a method and network device for providing VLAN mismatch detection in networks. Specifically, a network device monitors a plurality of packets received by a first device from a second device to identify a first set of VLAN identifiers indicated by at least one of the plurality of packets. The network device receives from a third device at least one packet tagged with a particular VLAN identifier, whereas the at least one packet to be forwarded by the first device to the second device. The network device then determines whether the particular VLAN identifier is included in the first set of VLAN identifiers indicated by at least one of the plurality of packets received by the first device from the second device. If the particular VLAN identifier is not included in the first set of VLAN identifiers, the network device presents a notification. | 11-05-2015 |
20160028557 | DYNAMIC INSTANTIATION OF REMOTE VIRTUAL EXTENSIBLE LOCAL AREA NETWORK TUNNEL END POINTS ACQUIRED THROUGH A CONTROL PROTOCOL - A method is provided in one example embodiment and includes acquiring at a local network element information regarding a remote network element via a control protocol distribution method and refraining from instantiating the remote VTEP for the remote network element on the local network element until unicast traffic from the local network element to the remote network element via an overlay network has begun. The method may further include detecting unicast traffic from the local network element to the remote network element and subsequent to the detecting, instantiating the remote VTEP for the remote network element on the local network element. Some embodiments may include detecting cessation of the unicast traffic from the local network element to the remote network element and subsequent to the detecting cessation, uninstantiating the remote VTEP for the remote network element from the local network element. | 01-28-2016 |
20160072733 | USING A NETWORK SWITCH TO CONTROL A VIRTUAL LOCAL NETWORK IDENTITY ASSOCIATION - A technique includes providing a communication path in a network switch for communication of data between a first device coupled to the switch and a second device coupled to the network switch. The technique includes using the network switch to regulate tagging of the data to control a virtual local area network identity association of the data based at least in part on a network over which the communication occurs. | 03-10-2016 |
20160149808 | VxLAN Security Implemented using VxLAN Membership Information at VTEPs - A network device stores a Virtual Extensible Local Area Network (VxLAN) Tunnel Endpoint (VTEP) membership information that associates VxLANs each with a corresponding set of VTEPs authorized to originate VxLAN packets on that VxLAN. The network device receives from a communication network a VxLAN packet that identifies a VxLAN and an originating VTEP. The VTEP compares the originating VTEP to the set of VTEPs associated with the VxLAN in the VTEP membership information that matches the identified VxLAN. If the comparison indicates that the originating VTEP is not included in the set of VTEPs authorized to originate VxLAN packets, the VTEP discards the received VxLAN packet. Otherwise the VTEP further processes the VxLAN packet. | 05-26-2016 |
20160204959 | MEMBER DEVICE OF STACKED SWITCHES SYSTEM | 07-14-2016 |