Inventors list

Assignees list

Classification tree browser

Top 100 Inventors

Top 100 Assignees


Emulated LAN (LANE/ELAN/VLAN, e.g., Ethernet or token ring legacy LAN over a single ATM network/LAN)

Subclass of:

370 - Multiplex communications

370351000 - PATHFINDING OR ROUTING

370389000 - Switching a message which includes an address header

370395100 - Message transmitted using fixed length packets (e.g., ATM cells)

370395500 - Multiprotocol network

Patent class list (only not empty are listed)

Deeper subclasses:

Entries
DocumentTitleDate
20100150160INTERWORKING OAM BETWEEN ETHERNET AND ATM/FRAME RELAY NETWORKS - The present invention provides a network system that interworks OA&M (Operations, Administration and Maintenance) failure notification data from the ATM Domain to the Ethernet Domain and vice versa. Failure indications or notifications are typically routed from one domain to another within 1-2 seconds; providing service providers and customers the ability to react quickly to network faults. This enhances the overall quality of the Ethernet-to-ATM Interworking service and provides a similar level of reliability across the Ethernet/ATM/FR domains.06-17-2010
20080259934DISTRIBUTED VIRTUAL SYSTEM TO SUPPORT MANAGED, NETWORK-BASED SERVICES - Methods and systems are provided for allocating network resources of a distributed virtual system to support managed, network-based services. According to one embodiment, a VR-based switch having multiple processing elements is configured for operation at an Internet POP. An NOS is provided on each of the processing elements. Resources of the VR-based switch are segmented between a first and second subscriber by mapping VRs assigned to the first and second subscriber onto appropriate processing elements. Then, a first and second set of customized services are configured, each including two or more of firewalling, virtual private networking, encryption, traffic shaping, routing and network address translation (NAT), to be provided by the VR-based switch. Customized services are configured by allocating appropriate service object groups to the VRs, which can be dynamically distributed by the NOS to customized processors of the processing elements to achieve desired computational support.10-23-2008
20110194564Distributing Ethernet Alarm Indication Signal Information to Multiple Virtual Local Area Networks - Ethernet Alarm Indication Signal (ETH-AIS) information for multiple Virtual Local Area Networks (VLANs) is consolidated and distributed to the multiple VLANs in a single Ethernet frame. Note, as used herein, “Alarm Indication Signal (ETH-AIS)” refers to an IEEE 802.x or ITU-T Y.1731 Ethernet Alarm Indication Signal. A device receiving the Ethernet frame with the consolidated ETH-AIS information typically forwards the frame out each port that communicates traffic for one of the VLANs included in the consolidated ETH-AIS information.08-11-2011
20090122801ETHERNET SWITCHING AND FORWARDING METHOD, SYSTEM AND APPARATUS - An Ethernet switching and forwarding method, and at least one Ethernet forwarding mode of standard Ethernet forwarding, multiplex Ethernet forwarding, layer-3 routing and forwarding, across-VLAN multicast forwarding plane, point-to-point VLAN forwarding, or point-to-point double VLAN forwarding. The method includes: an Ethernet message entering a user side port or a network side port; processing, by the port, the message to provide the message with a VLAN tag allocated uniformly by the port; determining, by the port, a forwarding mode for the message and sending the message to a corresponding forwarding plane; determining, by the forwarding plane, an egress port of the message and processing the specific Ethernet control message in accordance with a control message capturing policy table; and forwarding the message to the egress port and encapsulating the message in accordance with an attribute table of the egress port.05-14-2009
20100158019FRAME TRANSFER APPARATUS AND FRAME TRANSFER METHOD - A frame transfer apparatus includes a plurality of ports for transmitting and receiving frames which include transmitting source information and transmitting destination information. The apparatus further includes a processing unit to store information which relates the transmitting source information included in the received frame and port information of a port which receives the received frame, a frame transmitting unit to transmit the received frame via a port that is identified by the port information which corresponds to the transmitting destination information included in the received frame and is extracted from the information stored by the processing unit, and a learning information erasing unit to erase the information stored by the processing unit for every predetermined time.06-24-2010
20100158018METHOD FOR FORWARDING PATH VIRTUALIZATION FOR ROUTER - Provided is a method for forwarding path virtualization for a router, which prevents the processing speed of the router from decreasing due to a plurality of operating systems installed in an upper layer of a hypervisor when the router is virtualized.06-24-2010
20120182998Auto-Provisioning of Network Services Over an Ethernet Access Link - In one embodiment, an apparatus includes an Ethernet port, for connection to an Ethernet access network providing multiple different services. A plurality of local service ports are provided for connection to items of peripheral customer premises equipment (CPE), each item supporting a different, respective service. A bridge is coupled to convey data frames between the Ethernet port and the local service ports. A controller is coupled to receive via the Ethernet port at least one provisioning message indicating associations between the services and respective Virtual Local Area Network (VLAN) identifiers, and to configure the bridge, responsively to the provisioning message, to forward the data frames received via the Ethernet port on each VLAN to a respective service port in accordance with the associations.07-19-2012
20120182997METHOD AND APPARATUS FOR PROVIDING TRANSPORT OF CUSTOMER QOS INFORMATION VIA PBB NETWORKS - A customer Quality-of-Service (QoS) transport capability is depicted and described herein. The customer QoS transport capability enables transparent transport of customer QoS information via a Provider Backbone Bridging (PBB) network. The customer QoS transport capability enables customer QoS information that would normally be terminated at a point of ingress to a PBB network to be transported via the PBB network transparently and recovered at a point of egress from the PBB network.07-19-2012
20100046526TRANSPORT NETWORKS SUPPORTING VIRTUAL PRIVATE NETWORKS, AND CONFIGURING SUCH NETWORKS - A layer 2 transport network, and components thereof, supporting virtual network functionality among customer edge devices. Virtual private network configuration can be accomplished with merely local intervention by preprovisioning extra channel (or circuit) identifiers at each customer edge device and by advertising label base and range information corresponding to a list of channel (or circuit) identifiers.02-25-2010
20100046524METHODS AND ARRANGEMENTS FOR LAN EMULATION COMMUNICATIONS - LAN emulation in a moving network environment is disclosed. An emulated LAN encompassing a number of moving networks is formed by means of a set of layer 2 tunnels that interconnect a home agent with mobile routers in the moving networks. The home agent and the mobile routers are arranged to perform layer 2 forwarding over the layer 2 tunnels in order to form the emulated LAN. The layer 2 tunnels can be established in a number of alternative ways. The moving networks that are part of the emulated LAN may move, i.e. change their points of attachment to the network infrastructure, in a dynamic fashion without disrupting the function of the emulated LAN.02-25-2010
20130136138Interfaces To Manage Direct Network Peerings - Methods and apparatus for interfaces to manage direct network peerings. A system may include a data center, endpoint routers and a connectivity coordinator. The coordinator implements a programmatic interface defining connectivity operations. The coordinator receives a request for dedicated connectivity to data center resources, formatted according to the interface. The coordinator selects a target endpoint router at which to establish a physical link to implement the dedicated connectivity, and transmits a response identifying the target endpoint router and including configuration instructions for setting up a physical link for the dedicated connectivity.05-30-2013
20130044757Proxy FHRP for Anycast Routing Service - Embodiments described herein achieve proxy FHRP for anycast routing services through the coordination of L2MP edge switches to allow load balancing for the use of routing services. Such embodiments may avoid duplicity and coordinate control planes between the edge switches to present a proxy interface to the rest of the network for the routing services. As such, multipathing and load-balancing for efficient use of crucial services may be provided for client nodes inside the network.02-21-2013
20090154470Using Q-in-Q-in-Q to implement ethernet service unit ring - An embodiment of the present invention includes a technique to process a packet in a virtual local area network (VLAN). A second VLAN tag is prepended to a packet prepended with a first VLAN tag when the packet is forwarded from a first port to a second port to result in an Q-in-Q packet. The second port has output connected to input of a third port. A third VLAN tag is prepended to the Q-in-Q packet when the Q-in-Q packet is forwarded from the third port to a fourth port to result in an Q-in-Q-in-Q packet.06-18-2009
20090154469Ethernet switching of PCI express packets - A method for emulating Peripheral Component Interconnect Express (PCIe) behavior over an Ethernet switching fabric which includes encapsulating a PCIe packet within an Ethernet packet to provide an Ethernet encapsulated PCIe packet, and routing the Ethernet encapsulated PCIe packet within the Ethernet switching fabric via information included within the Ethernet packet.06-18-2009
20100040068CONFIGURATION OF A PROCESS CONTROL SYSTEM - Exemplary embodiments of the present disclosure automatically generate Virtual Local Area Network (VLAN) configuration data from a logical data flow between intelligent electronic devices (IEDs) of a process control (PC) system in accordance with a standardized configuration representation of the system. The process IEDs, switches of an Ethernet switch-based communication network to which the IEDs are connected, and connecting cables are made aware of the assigned VLANs. Any performance analysis or diagnosis on these components can show design problems with VLANs and communication architecture already at engineering or communication system design time.02-18-2010
20080291922Method of Preventing Transport Leaks in Hybrid Switching Networks by Extension of the Link Layer Discovery Protocol (LLDP) - An apparatus comprising a processor configured to implement a method comprising receiving a first data structure comprising a first virtual local area network identifier (VID) and a first forwarding type, comparing the first VID and a first forwarding type with a second VID and a second forwarding type in a second data structure, and reporting a misprovisioned data structure if the first VID is the same as the second VID and the first forwarding type is not the same as the second forwarding type. Also disclosed is a method comprising implementing a network protocol to forward provisioning information in a plurality of VID Tables corresponding to a plurality of nodes, and analyzing the provisioning information to detect misprovisioned nodes.11-27-2008
20090304008NETWORK RELAY DEVICE AND NETWORK RELAY METHOD - A network relay device for relaying communication for a regular terminal via a port includes an acquiring module, a regular terminal information storing module, and a determination process module. The acquiring module acquires a regular layer 2 address, a regular layer 3 address, regular VLAN information representing a VLAN assigned to the regular terminal, and regular port information representing a port to which the regular terminal is connected. The regular terminal information storing module stores regular terminal information representing a combination of the acquired regular layer 2 address, the regular layer 3 address, the regular VLAN information, and the regular port information. The determination process module determines whether the combination of source layer 2 address, source layer 3 address, assigned VLAN, and reception port of target frame data received via the port is stored as the regular terminal information.12-10-2009
20090304007Mechanism for determining a congestion metric for a path in a network - A mechanism is disclosed for determining a congestion metric for a path in a network. In one implementation, a congestion metric for a path includes one or more latency values and one or more latency variation values. A latency value for a path may be determined by exchanging latency packets with another component. For example, to determine the latency for a particular path, a first component may send a latency request packet to a second component via the particular path. In response, the second component may send a latency response packet back to the first component. Based upon timestamp information in the latency response packet, the latency on the particular path may be determined. From a plurality of such latencies, a latency variation may be determined. Taken individually or together, the latency value(s) and the latency variation value(s) provide an indication of how congested the particular path currently is.12-10-2009
20090067436NETWORK ASSIGNMENT BASED ON PRIORITY - Systems and methods for network assignment based on priority are described in this application. In one aspect, a technique for network assignment based on priority relates to establishing a connection between a client and a virtual local area network (VLAN), based on an explicit or implicit network priority preference of the client. In an embodiment, multiple VLANs can be combined into one network bundle, the network bundle being a unit network for priority specification. In addition, multiple network bundles may be available for network assignment on a particular network controller (e.g., network switch). For example, the preferred network of a client may be comprised of several individual VLANs. Thus, the client can be assigned to any of the constituent VLANs included in the preferred network bundle.03-12-2009
20120219004GENERALIZED MULTI-HOMING FOR VIRTUAL PRIVATE LAN SERVICES - A generalized multi-homing capability is depicted and described herein. The generalized multi-homing capability supports use of a generalized multi-homed site object and associated generalized multi-homed site identifier for Virtual Private LAN Services (VPLS). For example, a generalized multi-homed site object may be generated using a multi-homed site object by associating an Ethernet endpoint object and a pseudowire endpoint object with the multi-homed site object. For example, a generalized multi-homed site object may be generated using a multi-homed site object by associating an Ethernet endpoint object with the multi-homed site object and associating one or more Ethernet-related objects with the Ethernet endpoint object. The generalized multi-homed site object is configured to support multiple types of endpoints, thereby enabling multi-homing to be supported for various types of devices in various types of networks (e.g., between devices of customer and service provider networks, between devices within a service provider network, between devices of different service provider networks, and the like) and for various types of services.08-30-2012
20110038377 Method and apparatus for providing host node awareness for multiple NAT64 environments - A method implemented in a host node for communicating with a corresponding node through one of a plurality of available networks that includes: receiving a request to initiate a connection with the corresponding node from an application executing on a host node, sending a request to a DNS64 node for an address of the corresponding node, receiving a virtual IPv6 address for the corresponding node with a generic prefix, selecting a connection to one of the plurality of networks through which the data is to be forwarded to the corresponding node, and sending the data to the corresponding node using a virtual IPv6 address for the corresponding node with the prefix of the NAT64 node in the network of the selected connection, whereby the host node is able to maintain connectivity with the corresponding node despite having connections to the plurality of networks that each have NAT64 nodes.02-17-2011
20110013640METHOD AD APPARATUS FOR ETHERNET PROTECTION WITH LOCAL RE-ROUTING - A method is provided for use at a first node of a network. The first node (B) has an input path for receiving Ethernet frames destined for a second node of the network. The first node (B) also has a first output (working) path for forwarding the received Ethernet frames towards the second node. A failure along the first output (working) path is detected at the first node. Following such failure detection, the received Ethernet frames are caused, at the first node, to be re-routed along a second output (backup) path, different to the first output (working) path, towards the second node. The re-routing is performed by using (e.g. referring to and/or changing) respective indications (VLAN01-20-2011
20120224584RELIABILITY PROCESSING METHODS AND SYSTEMS IN THE NETWORKING OF METRO ETHERNET NETWORK PROVIDING MULTI-SERVICE - A reliability processing method in networking of Metro Ethernet Network providing multi-service includes: establishing a Virtual Router Redundancy Protocol (VRRP) group with at least two service control gateways, establishing network connections between an access device (UPE) and the service control gateways in the Virtual Router Redundancy Protocol group by a Virtual Private LAN Service (VPLS); performing Layer 2 service and Layer 3 service processing, after active and standby service control gateways in the Virtual Router Redundancy Protocol group are determined according to a processing result of a Virtual Router Redundancy Protocol message. Therefore, the reliability of the Layer 2 and Layer 3 services of the MAN may be sufficiently guaranteed, and the overhead of the system may be reduced significantly.09-06-2012
20090238190Ethernet Virtualization Using a Network Packet Alteration - A method of Ethernet virtualization using network packet alteration. The method comprises receiving network packets from a host destined for transmission over a network, checking whether the network packets have headers, if the packets do not have headers, forming a first portion of the header using firmware, storing the formed packet and header to a first memory; and forming a second portion of the header using programmable logic.09-24-2009
20090232145INTERNET/INTRANET ACCESS MECHANISM - A method connects one of several customer premises equipment (CPE) via an ATM network to one of several service providers (SP). Each CPE is connected to the ATM network via a corresponding network termination point (NT). There is an access server function (ASF), having a permanent virtual connection (PVC) to each NT and a connection to each SP. A tunneling protocol is established on the permanent virtual connection between each NT and the ASF. The tunneling protocol is able to support an integrated signaling protocol. The CPE or its user select selects an appropriate SP by using the integrated signaling protocol. Routing from the CPE to the selected SP is performed by the ASF. The ASF connects the CPE to the selected SP using the integrated signaling protocol.09-17-2009
20090010265Flexible mapping of virtual local area networks to Ethernet virtual circuits - A method includes configuring multiple Ethernet Virtual Circuits (EVCs) for communicating with respective service gateways that provide respective communication services. A data packet, which belongs to a Virtual Local Area Network (VLAN) and is associated with a communication service from among the communication services, is accepted. The data packet is mapped to an EVC from among the multiple EVCs responsively to the VLAN to which the data packet belongs and to the communication service with which the data packet is associated. The data packet is sent over the EVC to the service gateway, in order to provide the communication service.01-08-2009
20100085975FRAMEWORK FOR OPTIMIZING AND SIMPLIFYING NETWORK COMMUNICATION IN CLOSE PROXIMITY NETWORKS - A framework capable of providing transparent handling of network traffic in close proximity networks such as home networks is provided. A single virtual network interface is exposed to users/applications on connected devices. A virtual network interface manager determines available physical network interfaces and switches to a different physical network interface or a different configuration on the same physical network interface in a transparent manner to the communicating application(s). This enables the framework to optimize network communications for the communicating applications, devices, and users based on predefined criteria, application requirements such as different data throughput, or changing environment conditions such as interference. Network communication operations are also simplified for users since they are no longer required to have the necessary knowledge for configuring physical network interfaces manually in response to changing conditions.04-08-2010
20110019676Extended subnets - There is provided a router for use in a datacenter, the router including a frame receiving module operative to receive a traffic frame and a frame forwarding module operative to forward the traffic frame to a second router in a second datacenter if a Destination Media Access Control (DMAC) address included in the traffic frame is different from all of the following: 01-27-2011
20120236868METHOD FOR FAST SWITCHING TRAFFIC IN H-VPLS - In a method for fast switching traffic in a hierarchical virtual private LAN service for use in a User-facing Provider Edge (UPE) device, a shared logic port number is assigned to each pair of primary pseudo wire and standby pseudo wire. A MAC address associated with a pair of primary pseudo wire and standby pseudo wire is associated with a logic port number shared by the primary pseudo wire and standby pseudo wire. Filling, in a logic port table, for each logic port entries containing: a logic port number, a primary pseudo wire inbound-label, a standby pseudo wire inbound-label, a primary pseudo wire outbound-label, a standby pseudo wire outbound-label and information of leaving a public network. Setting the corresponding information of leaving the public network in the logic port table depending upon whether the primary pseudo wire is active or inactive.09-20-2012
20110032944Method and System for Switching in a Virtualized Platform - A local manager in a local networking domain may configure a plurality of logical switches by combining switching functions available in network devices and/or network switches in the local networking domain. The configuration may utilize vertical and/or horizontal combinations of the switching functions. The switching functions may comprise network switch-based switching functions, and/or hypervisor-level switching functions and/or network adapter-level switching functions available in network devices which may be configured as virtualized platforms. The local manager may provide interfacing services to enable exposing configured logical switches. The interfacing services may comprise an internal interface, which may be utilized, via the local manager, to control the switching functions corresponding to logical switches and/or to route messages sent to and/or from the logical switches. The interfacing services may also comprise an external interface, which may be used by external entities, such as remote management entities, to manage and/or interact with configured logical switches.02-10-2011
20110085555Method For Providing Network Information - Embodiments of the present invention provide a method of providing network information, comprising determining one or more pseudowires between nodes in a network; grouping the pseudowires, according to information associated with each pseudowire and one or more predetermined criteria, into one or more groups each representing a virtual private network (VPN); providing a graphical user interface (GUI) displaying information associated with at least one pseudowire participating in the virtual private network.04-14-2011
20100014526Hardware Switch for Hypervisors and Blade Servers - A hardware switch for use with hypervisors and blade servers is disclosed. The hardware switch enables switching to occur between different guest OSs running in the same server, or between different servers in a multi-root IOV system, or between different guest OSs running in the same server in single-root IOV systems. Whether embedded in a host bus adapter (HBA), converged network adapter (CNA), network interface card (NIC) or other similar device, the hardware switch can provide fast switching with access to and sharing of at least one external network port such as a Fibre Channel (FC) port, 10 Gigabit Ethernet (10 GbE) port, FC over Ethernet (FCOE) port, or other similar port. The hardware switch can be utilized when no hypervisor is present or when one or more servers have hypervisors, because it allows for switching (e.g. Ethernet switching) between the OSs on a single hypervisor.01-21-2010
20090190598ETHERNET ADDRESS MANAGEMENT SYSTEM - A system and method for mapping original Media Access Control (MAC) addresses to unique locally administered virtual MAC addresses in an Ethernet network. A first field of the address may include a domain for the address, and a second field may indicate that the address is a locally administered MAC address. A third field of the address may include an index indicating a number of virtual MAC addresses for each user. Fourth and fifth fields of the address may include a Network Element ID (NE ID) for uniquely identifying a given access node in a given domain, and a Port ID for uniquely identifying an end-user port at the given access node. The system may be implemented in an access node or in a network emulator, which generates unique locally administered MAC addresses for all of the nodes in the Ethernet network for performing emulations of the network.07-30-2009
20100142537PACKET TRANSPORT LAYER APPARATUS - There is provided a packet transport layer apparatus. The packet transport layer apparatus can receive frames having different formats via a single port by dividing a single physical port into a plurality of virtual ports according to each frame format, can increase the number of customer virtual local area networks (C-VLANs) and the number of service VLANs (S-VLANs) being usable at the same time by assigning a different component identifier (ID) to each frame format and using the component ID as a factor used in searching a filtering table, and can translate a frame format to be suited to a frame format allocated to a virtual output port.06-10-2010
20110299539Virtual Fabric Membership Assignments for Fiber Channel Over Ethernet Network Devices - Techniques are provided herein for receiving at a first network device, a virtual local area network (VLAN) discovery frame from a second network device. The second network device is configured to encapsulate Fiber Channel over Ethernet. The hardware media access control (MAC) address or Port World Wide Name (PWWN) of the second network device is extracted from the VLAN discovery frame. A mapping is identified between the second network device and a corresponding virtual storage area network (VSAN) based on the hardware MAC address or PWWN. The mapping identifies a corresponding VLAN for the second network device to use for login in order to communicate with the corresponding VSAN. Information representing the identified VLAN is sent to the second network device.12-08-2011
20090003353Cross-layer approach to virtualized overlay on ad hoc networks - Methods and apparatus to a cross-layer approach to virtualized overlay on ad hoc networks are described. In one embodiment, a virtual address may be used to search for a (key,value) pair in a virtual overlay. Other embodiments are also described.01-01-2009
20080291921Pseudo Wire Label Reflector, an Edge Equipment, a Two-Layer Virtual Network and a Method of Providing Pseudo Wire Service - A pseudo wire label reflector, based on a existing label distribution router, further includes: a mode management unit, for determining the mode for switching and transferring a pseudo wire label message; a first session management unit, for saving the support information that LDP signaling session connection supports the pseudo wire label reflecting capacity; a first pseudo wire label receiving unit, for receiving a pseudo wire label message; a first pseudo wire management unit, for saving the switched pseudo wire state and deciding whether to modify the pseudo wire label message according to the switch and transfer mode determined by the mode management unit; a first pseudo wire label sending unit, for sending the pseudo wire label message. The invention also provides an edge apparatus, a L2 VPN and a method for providing pseudo wire service in PSN. The present invention makes PE equipments participating pseudo wire service to set up PSN tunnel and LDP signaling session connection with the pseudo wire label reflector by introducing the pseudo wire label reflector and extending the capacity that the current edge apparatus supports the pseudo wire label reflector.11-27-2008
20090080438METHOD FOR ACCESSING VIRTUAL PRIVATE NETWORK, VIRTUAL PRIVATE SYSTEM, VIRTUAL PRIVATE NETWORK AND PROVIDER EDGE DEVICE THEREOF - A method for accessing VPN using PW Emulation Edge-to-Edge Virtual Leased Line includes: configuring a first PW ID in a first Provider Edge Device that hosts a VSI, and an IP address of a second Provider Edge Device that hosts a PW Emulation Edge-to-Edge Virtual Leased Line associated with the PW ID; sending a second PW ID of the second Provider Edge Device to the first Provider Edge Device; determining whether the second PW ID of the second Provider Edge Device matches the first PW ID of the first Provider Edge Device, and, if it matches, setting the state of the PW between the first Provider Edge Device and the second Provider Edge Device; delivering a Forwarding Table by the first Provider Edge Device; and establishing a bi-directional connection between the by the PW Emulation Edge-to-Edge Virtual Leased Line and the VSI. A Virtual Private System, a first Provider Edge Device, and a second Provider Edge Device are also provided.03-26-2009
20110026530PSEUDO WIRE LABEL REFLECTOR, AN EDGE EQUIPMENT, AND A TWO-LAYER VIRTUAL NETWORK - A pseudo wire label reflector, based on a existing label distribution router, further includes: a mode management unit, for determining the mode for switching and transferring a pseudo wire label message; a first session management unit, for saving the support information that LDP signaling session connection supports the pseudo wire label reflecting capacity; a first pseudo wire label receiving unit, for receiving a pseudo wire label message; a first pseudo wire management unit, for saving the switched pseudo wire state and deciding whether to modify the pseudo wire label message according to the switch and transfer mode determined by the mode management unit; a first pseudo wire label sending unit, for sending the pseudo wire label message. The invention also provides an edge apparatus and a L2 VPN. The present invention makes PE equipments participating pseudo wire service to set up PSN tunnel and LDP signaling session connection with the pseudo wire label reflector by introducing the pseudo wire label reflector and extending the capacity that the current edge apparatus supports the pseudo wire label reflector.02-03-2011
20120106555LOW LATENCY CARRIER CLASS SWITCH-ROUTER - Systems and techniques for processing and forwarding packets are described. During operation, a system can receive a packet on an input port. Next, the system can identify a set of bits in the packet that represents a route from a source node to a destination node in an n-ary tree. The system can then determine an output port based on a subset of the set of bits. Next, the system can determine whether the output port is free. If the output port is not free, the system can use a contention resolution mechanism to store the packet in an on-chip memory or an off-chip memory based on space availability and the packet's priority. If the output port is free, the system can send the packet through the output port.05-03-2012
20090279551Vertical integration of network management for ethernet and the optical transport - Systems and methods are described that vertically integrate telecommunications network management across multiple transport domains and network layers to support E2E network management. Embodiments vertically integrate telecommunications network management across multiple transport layers such as physical layers (optical), data link layers (Ethernet), and upper layers (VLAN), and establish an inventory database for the plurality of transport layers in a network management OSS to integrate and correlate network alarms and other business applications. Embodiments provide a single platform for an E2E network management solution across and for multiple transport domains.11-12-2009
20090274155TECHNIQUE FOR PROVIDING INTERCONNECTION BETWEEN COMMUNICATION NETWORKS - Technique for interconnecting a first communication network and a second communication network, for example layer 2 Ethernet networks, which uses a fully or partially redundant dual homing configuration. The configuration includes: at least three network elements where at least two of them are peer elements belonging to the second network, and at least two traffic lines respectively associated with the peer elements and connecting the first and the second networks via the three network elements. The technique comprises establishing a bi-directional signaling between the peer elements and, based on the signaling information, deciding which traffic line should forward the traffic.11-05-2009
20090285221COMMUNICATION SYSTEM AND COMMUNICATION APPARATUS - A CPU of an image forming apparatus controls, according to establishment of a sleep change condition, a MAC/PHY in a network unit to change the image forming apparatus from a link-up state to a link-down state. The CPU controls the image forming apparatus to change from a normal mode to a deep sleep mode. A CPU of the network unit controls, according to the change of the image forming apparatus from the normal mode to the deep sleep mode, the MAC/PHY to change the link-down state of the image forming apparatus to the link-up state. The CPU controls the MAC/PHY to transmit a MAC address necessary for causing the image forming apparatus to participate in VLAN to a switching hub.11-19-2009
20100272110Virtual Links in a Routed Ethernet Mesh Network - Virtual links may be used to divert traffic within an Ethernet network without affecting overall traffic patterns on the Ethernet network. In one embodiment, the virtual link may be established on the network via a routing system in use on the network. Nodes on a defined path for the virtual link will install forwarding state for the virtual link so that traffic may follow the defined path through the network. The logical view of the virtual link, from a routing perspective however, has the same cost as the shortest path between the endpoints of the virtual link and, accordingly, does not affect other traffic patterns on the network. Once established, the end nodes on the virtual path will have two equal cost paths through the network—one following the shortest path tree and one along the path for the virtual link. The end nodes may use a tie breaking process in an Equal Cost Multi Path (ECMP) selection process to preferentially select the virtual link over the shortest path.10-28-2010
20090103548Method for transmitting data in a communications network and transmit device and receive device for a communications network - According to the invention, data are transmitted by means of a data frame in a communications network from at least one subscriber connected to a communications network to at least one other subscriber similarly connected to the communications network, wherein the data are prepared for transmission in such a way that information for identifying or distinguishing the respective format of the data within a data frame is written into a field directly at the beginning of a data frame or into a field introducing a data frame.04-23-2009
20090296718Device Virtualization - Methods and apparatus for device virtualization and for communication between network devices are described. In one example, all devices on a first Local Area Network (LAN12-03-2009
20100111091METHOD AND APPARATUS TO PERFORM NETWORK ROUTING - A method and apparatus to route information over a network is described.05-06-2010
20100046525METHOD, SYSTEM AND COMPUTER PROGRAM PRODUCT FOR PROVIDING ETHERNET VLAN CAPACITY REQUIREMENT ESTIMATION - A method, system, and computer program product for providing VLAN capacity requirement estimation is provided. The method includes receiving at a computing system a VLAN configuration file that specifies VLAN access ports, VLAN switches and VLAN trunks in a VLAN. A target access port identifier is received at the computing system from a requestor. A target trunk and target switch corresponding to the target access port are determined at the computing system. A bandwidth contribution of the target access port to the VLAN is calculated at the computing system. The calculating is based on a least contribution algorithm that reflects an impact of provisioning the target access port with respect to trunk capacity, and is responsive to the target bandwidth requirement, the target class of service and placement of the target port in the VLAN. The bandwidth contribution is then transmitted to the requestor.02-25-2010
20100103939DETERMINING THE CONFIGURATION OF AN ETHERNET FABRIC - A Fibre Channel over Ethernet (FCoE) device obtains knowledge of the configuration of an attached Ethernet fabric during a fabric initialization or login (FLOGI) process. FCoE N_Ports obtain similar information during the port initialization or login (PLOGI) process. The FCoE device may provide network management services to attached FCoE devices. Embodiments include a management module or processor within an FCoE N_Port. The management module or processor receives information associated with an Ethernet fabric from the FCoE N_Ports and provides management services based on the information associated with the Ethernet fabric. The FCoE N_Port communicatively couples to at least one additional FCoE N_Port through the Ethernet fabric. The FCoE N_Ports may be implemented within a disc storage drive, a host bus adapter, and/or an FCoE switch. The capability of an N_Port to obtain this information allows a management module or processor at the N_Port to manage the Ethernet fabric.04-29-2010
20120263183METHOD AND APPARATUS FOR SELF-LEARNING OF VPNS FROM COMBINATIONS OF UNIDIRECTIONAL TUNNELS IN MPLS/VPN NETWORKS - In one embodiment, a data packet is received at a network device. A layer-2 identification (L2ID) value is identified for the received data packet based on a destination address and a label stack of the received data packet. The L2ID value is specific to an application associated with the data packet. A 6-tuple is created that includes the L2ID value. The received data packet is classified using the 6-tuple. Deep packet inspection (DPI) services are performed based on the classification of the received data packet. The DPI services apply a set of one or more application-level policies to the received data packet. The received data packet is forwarded from the network device toward a destination.10-18-2012
20110206052DATA TRANSFER SYSTEM ENABLING ACCESS TO MULTIPLE SUBNETS AND METHOD THEREOF - A data transfer system enabling access to multiple subnets and method thereof is disclosed. The data transfer method includes the following steps: executing a virtual private network (VPN) client installed on an electronic system; connecting the VPN client to a VPN router; the VPN client assigning a virtual IP address to a virtual interface; and the VPN client accessing a subnet corresponding to the virtual IP address through the virtual IP address.08-25-2011
20100061378Method and Apparatus for Emulating Network Devices - Methods, apparatuses, data structures, and computer readable media are disclosed that perform emulated processing of packets communicated via a physical port between emulated network devices and real network devices. The emulated processing performs forward equivalence class classification on the packets. The forward equivalence class classification varies with the contents of the packets, and subsequent to the forward equivalence class classification the emulated processing varies with particular successful classifications resulting from the forward equivalence class classification.03-11-2010
20100061379SYSTEM AND METHOD FOR PROVIDING SUPPORT FOR MULTIPOINT L2VPN SERVICES IN DEVICES WITHOUT LOCAL BRIDGING - A network device has a network interface to allow the device to send and receive traffic across a network. The device also has a cable connection to allow the device to exchange data with at least one cable modem and a processor to associate a cable interface and cable service identifier with a cable modem; receive a packet from the cable modem; and insert a layer 2 network identifier, the identifier comprising two service provider VLAN (SP-VLAN) tags, into the packet. The processor in the network device identifies a virtual trunk interface based on the outer SP-VLAN tag and identifies the virtual private network based on the inner SP-VLAN tag.03-11-2010
20080310421Managing Connectivity in a Virtual Network - Embodiments include methods, apparatus, and systems for managing connectivity in a virtual network. One embodiment determines if information received from a device in a virtual land area network (VLAN) matches a configuration of a virtual connect domain (VCD) in order to label links as being either internal or external.12-18-2008
20080310424SYSTEM AND METHOD TO PROVIDE MULTIPLE PRIVATE NETWORKS USING MPLS - A system and method are supplied to provide multiple private networks. The system can include an Multi-Protocol Label Switching (MPLS) interface configured to receive a plurality of data stream types from a packet switched network. A plurality of local area network ports can be configured to communicate data to local area networks. A switching process can be provided between the MPLS interface and the local area network ports. The switching process can be configured to map individual data stream types from the MPLS interface to each of the respective local area network ports. In addition, the switching process can communicate packets between the MPLS interface and the mapped local area network ports.12-18-2008
20080310423Synchronization of Message Stream in a Multi-tier Messaging System - A group communication service is adapted for multi-point to multi-point communication. Identical message streams are received by a tier of processing servers from a tier of sources. The processing servers deliver the message streams to a tier of destinations. The group communication service enables the processing servers to deal with newly added message streams and deleted message streams while preserving total ordering.12-18-2008
20100290473Port grouping for association with virtual interfaces - In one embodiment, an apparatus includes a port channel manager for receiving information identifying switches connected to a group of physical ports at a network device and creating subgroups each comprising the physical ports connected to one of the switches. The apparatus further includes a virtual interface agent for assigning a virtual interface connecting a virtual switch to a virtual machine, to one of the subgroups. Traffic received from the virtual machine on the virtual interface is transmitted to one of the switches on one of the physical ports in the assigned subgroup. A method for grouping ports for association with virtual interfaces is also disclosed.11-18-2010
20090154471METHOD OF AND APPARATUS FOR PROCESSING VIRTUAL LOCAL AREA NETWORK TAG FRAME - Provided are a method of and apparatus for processing a virtual local area network (VLAN) tag frame. The apparatus includes a filtering data base (FDB) for storing a VLAN tag frame which is created by a gigabit passive optical network (GPON) master; an uplink processing unit for removing by referring to the FDB a VLAN tag from the VLAN tag frame which is received from the GPON master, and transmitting a data frame to an Ethernet switch; and a downlink processing unit for inserting by looking up the FDB a VLAN tag into the data frame which is received from the Ethernet switch, and then transmitting the data frame to the GPON master. According to the present invention, port identification (ID) information that is lost in a GPON master may be provided to a switch above the GPON master by using a VLAN tag frame processing technology.06-18-2009
20080240114Data Frame Forwarding Method By Data Relay Entity And Data Relay Entity - The present disclosure discloses a data frame forwarding method for forwarding a data frame via a data relay entity DRE applicable in an Ethernet, including: setting one or more ports of the DRE to be V-Switch enabled, and configuring one or more of the V-Switched DRE ports to operate in the V-Switch function and in an Ethernet function shared mode; configuring decision polices for forwarding a received data frame through the V-Switch function in the shared mode; when the data frame is received though the ports of the DRE configured in the shared mode, if flag information carried in the data frame matches the decision policies, forwarding the data frame through a forwarding process corresponding to the V-Switch function; otherwise forwarding the data frame through a forwarding process corresponding to an Ethernet function.10-02-2008
20080240113SYSTEM AND METHOD OF MODIFYING DATA PACKET TAGS - A system and method of managing data packets for transmission in a virtual network are disclosed. In some implementations, a network switch may generally comprise a packet modifier that modifies a VLAN tag state of a packet to be egressed as a function of an egress interface and a VLAN-ID assignment. The modified VLAN tag state may include one or more VLAN tags that are in a different order, or that have a different content, in comparison to the VLAN tags of the packet at the time of ingress.10-02-2008
20090161679METHOD AND APPARATUS FOR CUSTOMER-CONTROLLED ROUTING MANAGEMENT - In one embodiment, the present invention is a method and apparatus for customer-controlled routing management. In one embodiment, a system for managing routing in a virtual private network includes a configuration management system for receiving settings from a user of the virtual private network, the settings specifying at least one of: virtual private network topology and routing preferences, and for provisioning the virtual private network in accordance with the user settings and a validation management system for validating the provisioned virtual private network.06-25-2009
20080317042EXTENSIBLE FRAMEWORK FOR COMPATIBILITY TESTING - A method of receiving mobile code includes receiving, from a source node, a dependency descriptor describing at least one permitted configuration, each configuration comprising necessary conditions on a destination node to execute mobile code, executing, on the destination node, checker code associated with the conditions described in the dependency descriptor, and, if at least one configuration is compatible, receiving the mobile code at the destination node.12-25-2008
20090052458Flow state attributes for producing media flow statistics at a network node - A method in one embodiment includes allocating, by a node of a network, a flow label attribute identifying a media flow associated with a Session Description Protocol (SDP) media session. The media flow is between a sender and receiver nodes over a media transmission path of the network. The node further specifying a flow state attribute to generate media flow information and communicating the flow label and the flow state attribute to downstream nodes in the media transmission path. It is emphasized that this abstract is provided to comply with the rules requiring an abstract that will allow a searcher or other reader to quickly ascertain the subject matter of the technical disclosure.02-26-2009
20090097490COMMUNICATIONS NETWORK WITH CONVERGED SERVICES - A communications network provides one or more shared services, such as voice or video, to customers over a respective virtual private network (VPN). At the same time, each customer may have its own private data VPN for handling private company data. The shared service VPN permits users from different customers to communicate directly over the shared service VPN. Trust and security are established at the edge of the network, as the information enters from the customer's site. As a result, no additional security measures are required within the shared service VPN for the communications between users. This architecture results in a fast, high quality, shared service.04-16-2009
20110228786SYSTEM AND METHOD FOR REGISTERING AND UN-REGISTERING MEMBERSHIP IN VIRTUAL LOCAL AREA NETWORKS - In one embodiment, a network device in a computer network determines a plurality of attribute events that each represent a virtual local area network (VLAN) registration state of a respective VLAN of a plurality of VLANs in the computer network. The plurality of attribute events are grouped into a plurality of sets of two or more attribute events. For each set of two or more attribute events, an encoded value is computed for the set with an encoding algorithm that encodes the two or more attribute events of the set into a single encoded value. Each of the plurality of encoded values is loaded within an attribute structure of a protocol data unit (PDU) message, such that the plurality of encoded values that encompass the plurality of VLANs are included within the attribute structure of the PDU message. The PDU message is transmitted to one or more other network devices.09-22-2011
20090252170METHOD AND DEVICE OF LINK AGGREGATION AND METHOD AND SYSTEM FOR TRANSCEIVING MAC FRAMES - A method and a device of link aggregation and a method and a system for transceiving MAC frames are provided. The method includes: transmitting, by systems at two ends of a link, information of virtual local area networks (VLANs) of a port in a local end system to an opposite end system through message exchange; and determining, by the systems at the two ends of the link, the VLAN of the link respectively according to the received information of the VLAN of the port in the opposite end system and the information of the VLAN of the port in the local end system, and performing link aggregation according to the VLAN of the link. Thus, the networking flexibility is improved, the convenience of network design and network maintenance and management is improved, and the MAC frames having VLAN identifiers can be distributed to the corresponding VLAN links rapidly, accurately, and conveniently.10-08-2009
20090257437IDENTITY-BASED NETWORKING - A technique for identity based networking is disclosed. A system according to the technique can include a WAN, a first VLAN, a second VLAN, and a network database. The first VLAN and second VLAN can be coupled to the WAN. The network database can include VLAN information. In operation, a client that is authorized on the second VLAN can attempt to connect to the first VLAN. A switch in the WAN can perform a lookup in the network database and determine that the client is authorized on the second VLAN. Based on this information, the client can be connected to the second VLAN using VLAN tunneling.10-15-2009
20100158017METHOD FOR OPERATING MULTI-DOMAIN PROVIDER ETHERNET NETWORKS - A method of enabling extension of a network service of a first domain to a remote customer site hosted by an Access Gateway (AG) in a Provider Ethernet domain. In the first domain, the remote customer site is represented as being hosted by a border gateway (BG) connected to the Provider Ethernet domain, such that subscriber packets associated with the network service are forwarded to or from the remote customer site via the BG. In the Provider Ethernet domain, a trunk connection is instantiated through the Provider Ethernet domain between the host AG and the BG. A trunk cross-connection function is installed in the host AG, for transferring subscriber packets associated with the network service between a respective attachment virtual circuit (AVC) through which the remote customer site is connected to the host AG and an extended AVC tunnelled through the trunk connection. A common service instance identifier (I-SID) is used to identify both the AVC between the host AG and the remote customer site and the extended AVC between the host AG and the BG.06-24-2010
20120033672VIRTUAL IP INTERFACES ON MULTI-CHASSIS LINK AGGREGATES - Aggregation Switches connected via a virtual fabric link (VFL) are each active and each coupled to a multi-chassis link aggregate group (MC-LAG), which is assigned to a multi-chassis link aggregate group virtual local area network (MC-LAG VLAN). A virtual Internet Protocol (IP) interface is allocated to the MC-LAG VLAN and configured on both Aggregation Switches02-09-2012
20100165994METHOD OF SELECTIVELY AND SEAMLESSLY SEGREGATING SAN TRAFFIC IN I/O CONSOLIDATED NETWORKS - Methods and apparatus for segregating traffic are disclosed. In accordance with one embodiment, a traffic splitter identifies a set of links coupled to the traffic splitter, where the set of links includes two or more uplinks, wherein each of the two or more uplinks are implemented in a common physical media. The two or more uplinks include a LAN uplink coupled to a LAN and a SAN uplink coupled to a SAN. The traffic splitter prevents SAN traffic from reaching the LAN via the LAN uplink. In addition, the traffic splitter prevents LAN traffic from reaching the SAN via the SAN uplink.07-01-2010
20100158020Virtual Private Network Based upon Multi-Protocol Label Switching Adapted to Measure the Traffic flowing between single rate zones - Virtual Private Network (VPN) dedicated to a customer using a physical transmission network based upon Multi-Protocol Label Switching (MPLS) technology including a plurality of Provider (P) devices and a plurality of Provider Edge (PE) devices, the customer owning at least two specific Customer Edge (CE) devices amongst a plurality of CE devices, a specific CE device being attached to a specific PE device and enabling the customer to gain access to any other CE device belonging to the same VPN, by the intermediary of PE devices to which are attached the CE devices. The VPN comprises several billing zones (06-24-2010
20100220731METHOD AND SYSTEM FOR SUPPORTING A PLURALITY OF PROVIDERS VIA A SINGLE FEMTOCELL - Aspects of a method and system for supporting a plurality of providers via a single femtocell are provided. In this regard, a femtocell may determine characteristics of one or more VLANs to which it is virtually communicatively coupled via a non-cellular connection and via a cellular connection. Based on the determined characteristics of the one or more VLANs, a cellular transmitter and/or receiver of the femtocell may be controlled to transmit and/or receive packets belonging to the one or more VLANs via the non-cellular connection and/or via the cellular connection. The characteristics of the one or more VLANs may comprise one or more of: cellular standards utilized by the one or more VLANs, cellular frequencies utilized in the one or more VLANs, access technologies utilized by the one or more VLANs, and a duplexing method utilized by the one or more VLANs.09-02-2010
20100226376Method and Apparatus for Transporting Ethernet Services - Frames of customer traffic may be encapsulated by adding Mac-in-Mac (MiM) encapsulation fields for transportation of the frames over a portion of provider network. The MiM encapsulated traffic may be further encapsulated using VPLS by adding VPLS encapsulation fields for transportation of the frames over another portion of the provider network. The MiM encapsulations use provider network MAC addresses which enables VPLS MAC learning to occur using provider network MAC address space. MiM tunnels are mapped to VPLS service instances which are assigned pseudowire tags for transportation over the VPLS portion of provider network. The MiM header is retained when the MiM encapsulated frames are transported over the VPLS portion of the provider network. As VPLS frames exit the core network, the VPLS encapsulation fields are removed to extract the original MiM encapsulated frames for further transportation over the MiM portion of the provider network.09-09-2010
20100226375LAN EMULATION OVER INFINIBAND FABRIC APPARATUS, SYSTEMS, AND METHODS - A method and device for local area network (LAN) emulation over an Infiniband (IB) fabric. An IB LAN driver at a first node on an IB fabric receives the port and associated local identifier (LID) of one or more remote peer nodes on the IB fabric. An IEEE 802.3 Ethernet MAC address with one LID imbedded is generated. The imbedded LID is for one or more remote peer nodes. The IB LAN driver sends the Ethernet MAC address to an Address Resolution Protocol (ARP). A logical address of a remote peer node is generated by a network protocol. The logical address is mapped to an Ethernet MAC address. The IB LAN driver sends the Ethernet MAC address onto the IB fabric to the one or more remote peer nodes. The remote peer nodes appear to reside on an Ethernet network to the network protocol.09-09-2010
20110058560VIRTUAL NETWORK MANAGEMENT SERVER AND NETWORK SYSTEM - A virtual network management server includes ring node information that manages configuration nodes for each of the rings, and ring connection I/F for each of the ring configuration nodes, generates the VLAN configuration information so as to transfer a frame that is transmitted or received by a designated gateway connection port and a designated base station connection port by the designated VLAN, and also so as to transmit or receive a tagged frame of the designated VLAN by the ring connection I/F of all of the ring to which the gateway connection switch belongs and the ring to which the base station connection switch belongs, and updates the VLAN configuration of the switch.03-10-2011
20110058559VLAN DATA FRAMING AND TRANSMISSION - Amethod of framing data for transmission to or from one of a number of users connected to a VLAN data network, comprising dividing the data into frames including a header and a payload, the header comprising a portion of one of two selectable values assigned according to whether the data is to be transmitted from or to a user, wherein the header comprises a VLAN tag including a Tag Protocol ID (TPID) portion and a Tag Control Information (TCI) portion, a first TPID value being assigned to data to be transmitted from the user and a second, different, TPID value being assigned to data to be transmitted to a user.03-10-2011
20090073988SYSTEMS AND METHODS FOR A SELF-HEALING CARRIER ETHERNET TOPOLOGY - Systems and methods for self-healing Ethernet topologies which are compatible with PBT, which use standards-based protocols, which do not self-configure, and which use Ethernet OAM are provided. Interconnected nodes are configured with a primary and secondary path which is determined by VLANs, MPLS label, Provider Backbone Bridge Traffic Engineering (PBB-TE) VLAN ID (VID), Frame Relay (FR), Asynchronous Transfer Mode (ATM) Virtual Circuits (VCs), and the like. One or more head-end nodes are designated for terminating each path and for performing cross-connects between the primary and secondary paths. IEEE 802.1ag Continuity Check Messages (CCM) are transmitted by all nodes on both the primary and secondary routes. Responsive to a loss of a predetermined number of CCM messages, traffic is switched to the secondary route. In non-fault conditions, both the paths for the primary and secondary routes can carry traffic.03-19-2009
20090073989Redundancy at a Virtual Provider Edge Node that faces a Tunneling Protocol Core Network for Virtual Private Local Area Network (LAN) Service (VPLS) - In one embodiment, a method includes receiving configuration data at a particular node of a first set of multiple nodes. The configuration data includes data that indicates a particular zero or more instances for which the particular node is primary among multiple virtual local area network (VLAN) instances to be forwarded. It is determined whether a VLAN indicated in a data packet received at the particular node is included in the particular instances for which the particular node is primary. If so, then the data packet is forwarded. In another embodiment, multiple nodes are configured to perform as a single virtual node, and the single virtual node is configured to forward data packets for the multiple VLAN.03-19-2009
20090245261HIERARCHICAL VIRTUAL PRIVATE LAN SERVICE HUB CONNECTIVITY FAILURE RECOVERY - Techniques for recovering from hierarchical virtual private LAN service (HVPLS) hub connectivity failure are described herein. In one embodiment of the invention, a provider edge network element reuses an HVPLS spoke connectivity failure recovery mechanism in an MTU to protect against a failure of HVPLS hub connectivity. The PE network element monitors hub facing connectivity elements and declares a hub connectivity failure upon a certain amount of those hub facing connectivity elements failing, and fabricates a failure of its spoke facing connectivity elements causing the MTU to detect an HVPLS spoke connectivity failure and switch to a secondary HVPLS spoke connection. Other methods and apparatuses are described.10-01-2009
20100220732SERVICE PROCESSING SWITCH - Methods and systems for providing IP services in an integrated fashion are provided. According to one embodiment, a system includes a switch fabric and a line interface/network module, multiple virtual routing engines (VREs) and a virtual services engine (VSE) coupled with the switch fabric. The line interface/network module receives packets, steers ingress packets to a selected VRE and transmits egress packets according to their relative priority. VREs determines if a packet associated with a packet flow requires processing by the VSE by performing flow-based packet classification on the packet and evaluating forwarding state information associated with previously stored flow learning results. The VSE includes a central processing unit configured to perform firewall processing, Uniform Resource Locator (URL) filtering and anti-virus processing. If the packet is determined to require processing by the VSE, then the packet is steered to the VSE for firewall, URL filtering and/or anti-virus processing.09-02-2010
20100278183Method and Device for Sending a Packet Based on Tunneling Protocol Used in Layer 2 - A method and a device for sending a packet based on Tunneling Protocol used in Layer 2 are provided. Specifically, when a traffic flow needs to be sent from a network side to a client via QinQ termination equipment in which the tunneling protocol used in Layer 2 is used, forwarding address information corresponding to the client is obtained by searching a Dynamic Host Configuration Protocol (DHCP) snooping binding table according to Internet Protocol (IP) address information of the client in a packet of the traffic flow. The packet of the traffic flow can be sent to the client according to the obtained forwarding address information.11-04-2010
20100309920METHODS AND APPARATUS TO SELECTIVELY ASSIGN ROUTING TABLES TO ROUTER LINECARDS - Methods and apparatus to selectively assign routing tables to router linecards are disclosed. A disclosed example method includes computing costs associated with assigning routing information for two or more subsets of virtual private networks (VPNs) to each of two or more subsets of linecards of a router, solving an incapacitated facility location problem defined by the computed costs to determine an assignment of a particular subset of the VPNs to a particular subset of the linecards of the router, and configuring the particular subset of the linecards of the router with routing information for the particular subset of the VPNs.12-09-2010
20100322251Method and System for Virtually Switching Digital Video/Audio and Auxiliary Control Signals for Digital Signage Applications - This invention is to use managed Ethernet switches, such as the 100 Megabit, 1 Gigabit, or 10 Gigabit Ethernet switches, to create virtual video switches for digital signage applications. Video switching is accomplished through dynamically configuring port-based virtual local area networks (VLAN). A dedicated VLAN is created for each video source to broadcast the video. All the digital signage displays joined to the VLAN will display the same content. The connection and removal of displays from the VLAN is controlled by centralized software. A converter at the video source converts the pre-compressed video source into Ethernet frames, or a compressor at the video source compresses the raw video in real time into Ethernet frames to be sent over the Ethernet switches. A decoder at the receiving side decodes the incoming Ethernet frames and outputs uncompressed digital video for display. Auxiliary control signals, such as serial ports, USB mouses, USB keyboards and generic I/O controls normally associated with digital signage applications, can also be switched in parallel with the video/audio. Compared to custom-designed video switches, Ethernet switches are widely available and inexpensive. Ethernet switches of various sizes, like 4, 8, 16, 32, 64 ports, etc., can be used in this way to create virtual video switches of virtually any size. Ethernet switches can be either stacked together at the same location to create a centralized video matrix switch or linked together through high-bandwidth trunks to create a distributed virtual video switch. Furthermore, while specialized video cable, such as coaxial or HDMI cables, can be rare and costly, Ethernet cables are widely available and inexpensive. The Ethernet cable is also the standard communication wiring in modern buildings, and is, in many cases, pre-wired. Overall, this virtual video switch solution increases flexibility and reduces engineering costs for digital signage applications.12-23-2010
20100322254Extended VLAN Classification - A bridge and method are described herein that translate at least a portion of a port VID (VLAN identifier) for an incoming tagged frame to form a relay VID for a corresponding relay tagged frame by using a VID mask table, a VID filter table, and a VID rule table. In an additional embodiment, the bridge and method also implement a port VLAN membership technique to ensure that an ingress port associated with the port VID is a member of the current VLAN.12-23-2010
20100322253Method and Apparatus for Simulating IP Multinetting - IP Multinetting on a local area network is simulated by performing VLAN translation at a port connecting to the local area network. This allows IP addresses from multiple subnets to be associated with a single VLAN on the Local Area Network (LAN), while allowing the core switch to process the packets with a one-to-one correspondence between IP Subnet and VLAN. When a packet is received from the local area network at an IP multinetting port, the VLAN ID will be read to determine if the packet contains the IP Multinetting VLAN ID. The IP Subnet address will also be checked to see if the packet is associated with an IP Subnet that is part of the Multinetting. If so, the multinetting VLAN ID will be changed to an IP Subnet specific VLAN ID before the packet is processed by the core switch. In the reverse direction, IP subnet specific VLAN IDs will be translated to the IP Multinetting VLAN ID.12-23-2010
20110002337NETWORK RELAY APPARATUS - Network relay arrangements including: multiple ports; MAC address storage; flooding indication storage; plane number management storage; table manager; and frame processor. The table manager: utilizes the plane number management storage to specify current identification information being currently used and next identification information to be used next, with regard to a preset element of the key item for identifying a target of deletion of the information of correlating the transmit port to the MAC address from the MAC address storage; sets the requirement of the flooding operation in registry of a certain information group in the flooding indication storage having the preset element and being correlated to the current identification information; and sets the non-requirement of the flooding operation in registry of a certain information group in the flooding indication storage having the preset element and being correlated to the next identification information.01-06-2011
20110110377Employing Overlays for Securing Connections Across Networks - Computerized methods, systems, and computer-storage media for establishing and managing a virtual network overlay (“overlay”) are provided. The overlay spans between a data center and a private enterprise network and includes endpoints, of a service application, that reside in each location. The service-application endpoints residing in the data center and in the enterprise private network are reachable by data packets at physical IP addresses. Virtual presences of the service-application endpoints are instantiated within the overlay by assigning the service-application endpoints respective virtual IP addresses and maintaining an association between the virtual IP addresses and the physical IP addresses. This association facilitates routing the data packets between the service-application endpoints, based on communications exchanged between their virtual presences within the overlay. Also, the association secures a connection between the service-application endpoints within the overlay that blocks communications from other endpoints without a virtual presence in the overlay.05-12-2011
20110026531METHOD TO TUNNEL UDP-BASED DEVICE DISCOVERY - A method, apparatus, and system are described for a central station to allocate virtual IP addresses. A device service manager server (DSM) has a network access module conFigured to cooperate with two or more device service controllers (DSCs). The DSM serves as a central management station for allocating and assigning Virtual IP addresses to network devices to proxy communications for networked devices on a local area network (LAN) where each DSC resides. The DSM is located exterior from the network devices on the LAN where communications associated with the assigned VIP addresses are being routed to. The DSM assigns a Virtual IP Addresses to each DSC and establishes a route from the assigned Virtual IP address to a destination network device on a LAN, based on corresponding DSC and network device information stored in a registry of the DSM.02-03-2011
20110044344A METHOD FOR INTERFACING A FIBRE CHANNEL NETWORK WITH AN ETHERNET BASED NETWORK - A system and method are provided for interfacing a Fibre Channel network to an Ethernet based network. The method includes the operation of establishing a connection between a Fibre Channel device and an NPIV interface in an Ethernet interconnect module (02-24-2011
20110080915AUTOMATED VLAN ASSIGNMENT TO DOMAIN IN RING NETWORK - In general, the disclosure describes network techniques that may automatically assign virtual local area networks (VLANs) to domains in a ring network. In one example, a method includes receiving, by a control node in a ring network, a plurality of data units transmitted by a plurality of transport nodes on the ring network, each data unit comprising profile information, and automatically assigning a VLAN to one of a plurality of domains established on the ring network based on the profile information.04-07-2011
20090103547AUTOMATIC CONFIGURATION OF WIRELESS DEVICE FOR ROUTER - A user of a wireless device connects a cable to a router and is given the option of manually or automatically creating a user profile to configure the wireless device for subsequent wireless communication with the router when the user removes the cable.04-23-2009
20110243140RSTP Tracking - On a first network element to support rapid spanning tree protocol (RSTP) for a plurality of virtual local area networks (VLANs) in a network, receiving a packet from a second network element in the network; identifying a VLAN associated with the packet by checking for a tag in the packet; determining whether the VLAN associated with a packet is a master VLAN or a client VLAN, wherein the master VLAN and client VLAN are in a group of VLANs with identical topologies, such that a spanning tree can be maintained for the group of VLANs that are represented by the master VLAN; deriving forwarding information from the master VLAN associated with the client VLAN, in response to determining that the VLAN is a client VLAN; and forwarding the packet according to the forwarding information derived from the master VLAN, whereby separate spanning trees for each group of VLANs serviced by the first network element are efficiently maintained.10-06-2011
20100054260Method and Apparatus to Switch Packets between Virtual Ports - A method and network switch for switching data units assigns a unique virtual port to each end-node operating on a physical machine connected to a physical port of network switch. A data unit, sent by a given end-node operating on the physical machine, is received at the physical port. The received data unit is switched to the virtual port assigned to the given end-node. Based on the virtual port assigned to the given end-node, the data unit is switched to a second physical port of the network switch for subsequent forwarding of the data unit towards its destination.03-04-2010
20100135307SWITCH - A switch which includes a plurality of ports, each being assigned to any of VLAN groups, and outputs a packet received at any of the ports, the switch include: recording means in which partition information and an address table are recorded, the partition information indicating which of extended VLAN groups into which the ports are further logically partitioned, and the address table containing an entry in which a destination address, an output port, a VLAN group, and an extended VLAN group are associated with each other; acquisition means for acquiring a source address and acquiring group information of a VLAN; identification means for identifying group information of an extended VLAN; and registration means for registering in the address table the source address acquired by the acquisition means as the destination address, the port, the group information of the VLAN, and group information of the extended VLAN group.06-03-2010
20110096784Controlled Propagation of VLAN Declarations - The propagation of virtual local area network (VLAN) declarations is controlled, to minimize or eliminate their propagation to packet switching devices which do not carry traffic for a corresponding VLAN. Initially and in response to a first time receipt of a VLAN declaration for a particular VLAN on a particular interface of a packet switching device, VLAN declarations for the particular VLAN is propagated out every interface of the packet switching device. After a predetermined time frame, if a VLAN declaration has not been received on a particular interface for an active VLAN, propagation of the VLAN declarations for the active VLAN will be suppressed for the particular interface.04-28-2011
20090028162METHOD AND SYSTEM FOR AUTOMATING MEMBERSHIP DISCOVERY IN A DISTRIBUTED COMPUTER NETWORK - Methods for automating membership discovery in a distributed computer network are presented. A particular method includes establishing a Multi-Protocol Label Switching (MPLS) tunnel and Targeted Label Distribution Protocol (LDP) signaling channel between a first Provider Edge (PE) device and a plurality of PE devices. A first Virtual Private LAN Service (VPLS) site is added to a Multi-Tenant Unit (MTU) device associated with the first PE device. A first LDP Label Mapping Message is sent to the first PE device from the MTU device. The first LDP Label Mapping Message is broadcast to the plurality of PE devices from the first PE device. A second LDP Label Mapping Message is sent to the MTU device from the first PE device to establish a virtual circuit label switch path between the MTU device and the first PE device. A second VPLS site is added to the MTU device without sending an associated LDP Label Mapping Message to the first PE device. A respective one VPLS site of the first VPLS site or the second VPLS site is deleted using a configuration command.01-29-2009
20110249677 PAY-AS-YOU-GROW GRADUAL CUTOVER METHOD TO SCALE A PROVIDER BRIDGE NETWORK TO A VPLS OR PROVIDER BACKBONE BRIDGING NETWORK - A method and apparatus that operates two bridging protocols in a hybrid bridging node is described. The operation of the two bridging protocols in the hybrid node allows for an incremental transition of a provider bridging network from operating a legacy bridging protocol that shares MAC addresses to a bridging network that operates VPLS and/or PBB bridging protocols. The hybrid bridging node selectively broadcasts unicast packets with unknown MAC addresses from the nodes operating VPLS and/or PBB to nodes operating a legacy bridging protocol.10-13-2011
20090213859SHARED L2 BRIDGING DOMAINS FOR L3 VIRTUAL NETWORKS - Systems and/or methods that facilitate the segmentation of layer 3 (L3) data to more than one virtual private network (VPN) or virtual network (vNET) are presented. An application classifier component can be used to facilitate the classification of L2 to and from hosts and/or other networking components that are attached to a network based on the type of application with which the network traffic is associated. The innovation associates multiple Virtual Local Area Networks (VLANs) with the same L2 forwarding table ahead of bridging into shadow VLANs (SVLANs) which can be associated with different L3 vNETs. The application classifier component can classify data traffic at the switch port through Switching Virtual Interfaces (SVIs) into SVLANs which can be associated with different L3 vNETs. Each vNET can be optimized and provide services specific to which type of application in which the vNET is associated.08-27-2009
20090213860METHOD AND DEVICE FOR SERVICE BINDING - A method for service binding includes: identifying a service provider identifier of a terminal and binding the terminal into a corresponding tunnel dependent upon the identified service provider identifier. The present invention implements dynamic binding of a terminal with a service through identifying a service provider identifier of the terminal, which offers more flexible selection of a service by a user, a reduced operation and maintenance cost of an operator, good extensibility of a network service and facilitated deployment of the service.08-27-2009
20110069711PROVISIONING SINGLE OR MULTISTAGE NETWORKS USING ETHERNET SERVICE INSTANCES (ESIs) - Techniques for provisioning single or multistage networks using Ethernet Service Instances (ESIs). In one embodiment, an ESI is a logical entity or object that stores information that may be used to provision a network. An ESI may represent a logical entity that identifies a grouping of elements of a network or network device and associated attributes. Hierarchical relationships may be created between ESIs. The hierarchical relationships are used to perform packet-level processing including performing network packet encapsulations.03-24-2011
20120201249LEAKY ETHERNET TREES - A network device may receive an Ethernet frame from a first leaf user-to-network (UNI) interface in a tree. The tree includes the first leaf UNI, a second leaf UNI, and a root UNI. In addition, the network device may look up, in a table, source and destination media access control (MAC) addresses in the Ethernet frame and a field value in a virtual local area network (VLAN) tag in the Ethernet frame. The destination MAC address is associated with the second leaf UNI. In addition, the network device may identify, based on the lookup, an output port via which the Ethernet frame is to be sent from the network device. Furthermore, the network device may send, through the output port, the Ethernet frame toward the second leaf UNI in the tree via a network path that includes the first leaf UNI and the second leaf UNI. The network path does not include the root UNI of the tree.08-09-2012
20100296515COMMUNICATION SYSTEM - The provision of a virtual node ID control unit for controlling a virtual node ID that specifies a plurality of nodes as a single group; a status control unit for controlling node statuses that include information indicating the operating statuses of each individual node belonging to the group, and for selecting an operating mode that is either a priority mode, wherein the local mode operates as an active node, or a standby mode, wherein the local mode operates as a standby node; and a transmission/reception control unit for controlling the operation of the local node in accordance with the operating mode selected by the status control unit.11-25-2010
20100260187VPN OPTIMIZATION BY DEFRAGMENTATION AND DEDUPLICATION APPARATUS AND METHOD - An apparatus for optimizing a virtual private network operates by defragmenting and deduplicating transfer of variable sized blocks. A large data object is converted to a plurality of data paragraphs by a fingerprinting method. Each data paragraph is cached and hashed. The hashes are transmitted between a primary and a satellite apparatus. Only data paragraphs which are not cached at both the primary and satellite are transferred. The data object is integrated from data paragraphs stored in cache and transmitted to its destination IP address.10-14-2010
20100260188METHOD AND DEVICE FOR PROCESSING QINQ PACKET - In the field of network communications, an 802.1Q in 802.1Q (QinQ) packet processing method and a QinQ packet processing device are provided. The processing method includes: generating a keyword according to at least a virtual local area network (VLAN) identification (VLAN ID) of a QinQ packet; matching the keyword with prefix-mask in a QinQ access table to obtain a matching entry in the QinQ access table; and processing the QinQ packet according to control information of the matching entry. Through the QinQ packet processing method and device, VLAN ID ranges requiring to occupy multiple QinQ access table entries in the prior art are aggregated into one QinQ access table entry through aggregation, so as to expand the number of VLAN ID users actually supported by a QinQ access table and save valuable entry resources of the QinQ access table.10-14-2010
20080279196Differential Forwarding in Address-Based Carrier Networks - The invention relates to enabling differential forwarding in address-based carrier networks such as Ethernet networks. There is described a method of and connection controller for establishing connections (11-13-2008
20110255545SYSTEM FOR CONTROLLING VIRTUAL LAN THROUGH NETWORK - A virtual local area network (LAN) control system for controlling at least one virtual LAN through a network accessed by a plurality of terminals includes a terminal, a virtual LAN switch, and a virtual LAN controller. The terminal has a proper identifier address to access the network, or receives a proper identifier address through an external device connected to the virtual LAN switch. The virtual LAN switch sets and provides at least one virtual LAN through the network. When the terminal accesses the virtual LAN controller to request to change the configuration of the virtual LAN, the virtual LAN controller assigns authority to change the virtual LAN to the terminal so as to change from the virtual LAN to which the terminal belongs to another virtual LAN.10-20-2011
20080253380SYSTEM, METHOD AND PROGRAM TO CONTROL ACCESS TO VIRTUAL LAN VIA A SWITCH - System method and program for controlling access to a VLAN via a port of a VLAN switch system. In response to receipt of a message packet at the port, the switch system determines if a MAC address of the packet matches a MAC address for which the port has been programmed to recognize as a MAC address of a device authorized to communicate with the port. The MAC address of the packet does not match a MAC address for which the port has been programmed to recognize as a MAC address of a device authorized to communicate with the port. In response, the switch system blocks the packet if a rate of ill-formed packets and/or packets from an unrecognized MAC address exceeds a threshold pass rate. The threshold pass rate can be adjusted based on the rate of change of receipt of ill-formed packets and/or packets from an unrecognized MAC address.10-16-2008
20080205409METHOD AND SYSTEM OF IMPLEMENTING VIRTUAL LOCAL AREA NETWORKS (VLANS) WITH TEAMED COMMUNICATION PORTS - A method and system of implementing virtual local area networks (VLANs) with teamed communication ports. At least some of the illustrative embodiments are methods comprising teaming a plurality of communication ports to form a single virtual communication port (the single virtual port comprising a first set of ports and a second set of ports), sending messages belonging to a first virtual local area network (VLAN) exclusively over the first set of ports from a first device to a second device, and sending messages belonging to a second VLAN exclusively over the second set of ports from the first device to the second device.08-28-2008
20100284410PACKET RELAY APPARATUS AND PACKET RELAY METHOD - A packet relay apparatus identifies port information for identifying a port, included in a partition corresponding to a reception port having received a packet, from a partition information storing unit which stores a correspondence between port information for identifying ports included in the partition and partition information for identifying the partition configured for the apparatus. The apparatus determines whether the identified port information is included in the port information stored by being corresponded to reception VLAN information which is VLAN information set for a received packet by a VLAN information storing unit which is a storing unit storing a correspondence between port information for identifying a port used for transmission and/or reception of a packet transmitted and VLAN information for identifying the virtual network. The apparatus transmits the packet from a port determined to include the port information in response to the determination that the port information is included.11-11-2010
20100329265Method and Apparatus for implementing L2 VPNs on an IP Network - MP-BGP VPN infrastructure based on IETF RFC 4364/2547 is used to configure a layer 2 VPN on an IP network. VRFs for the VPN are configured on Ethernet switches and service IP addresses are associated with each configured VRF. The service IP addresses are exchanged to enable VPN traffic to be encapsulated for transport over the IP network. To enable a L2 VPN to be established on the network, a VPN-VLAN ID will be configured for the L2 VPN and import/export route targets for the VPN-VLAN will be set in each VRF and UNI-VLAN that is part of the VPN. The VPN-VLAN will be announced to all PEs using MP-iBGP with export route targets set for this VPN-VLAN. The PE's control plane learns the VPN-VLAN on a logical port if the import RT matches the export RT received by the MP-iBGP control plane. Once the VPN-VLAN is learned on a logical port, the PE will perform MAC learning on that logical port and treat the logical port as if it were part of the L2 VLAN.12-30-2010
20110134925Switching Apparatus and Method Based on Virtual Interfaces - A network device comprises a plurality of physical ports, and a packet processing pipeline coupled to the plurality of physical ports. The packet processing pipeline is configured to assign a virtual port from a plurality of virtual ports to a packet received via one of the physical ports, wherein a quantity of the plurality of virtual ports is larger than a quantity of the plurality of physical ports, and wherein, for each of at least some of the physical ports, multiple virtual ports correspond to one physical port. The packet processing pipeline is also configured to assign a virtual domain from a plurality of virtual domains to the packet based on the assigned virtual port, and process the packet based on one or more of i) the assigned virtual port, ii) the assigned virtual domain, and iii) a header field of the packet, including determining zero, one, or more physical ports to which the packet is to be forwarded.06-09-2011
20120147894METHODS AND APPARATUS TO PROVISION CLOUD COMPUTING NETWORK ELEMENTS - Methods and apparatus to provision cloud computing network elements are disclosed. A disclosed example method includes receiving a selection of a cloud networking template from a client, wherein the cloud networking template includes a data center connector type and a wide area network connector type, configuring a virtual machine on a host server based on the cloud networking template, configuring a data center connector based on the data center connector type, configuring a wide area network connector based on the wide area network connector type, and coupling the wide area network connector to the data center connector and coupling the data center connector to the virtual machine within the host server to enable the client to access the virtual machine.06-14-2012
20120147893E-Tree Interoperability Between MPLS Domain Devices and Ethernet Domain Devices - An E-Tree service interoperability mechanism between VPLS domain devices (e.g., MPLS domain devices) and Ethernet domain devices. E-Tree interoperability functionality is provided whereby the E-domain device directly connected to the VPLS device is modified to perform an asymmetric VLAN tag manipulation on traffic forwarded between the VPLS device and itself. The capabilities of VPLS are used to divide between roots and leaves, even if both exist in the same E-domain, so that they do not share VLANs resulting in preventing roots and leaves in the same E-domain from communicating directly, but rather through the VPLS devices to which the E-domain connects. Traffic on the E-domain is segregated into a root VLAN to which roots are connected, a root-to-leaf VLAN for forwarding root-originated traffic from the VPLS-domain to the leafs, and a leaf-to-root VLAN for handling traffic originated by the leafs destined to roots.06-14-2012
20100177778DISTRIBUTED CONNECTION-ORIENTED SERVICES FOR SWITCHED COMMUNICATION NETWORKS - Method and apparatus providing connection-oriented services for packet switched data communications networks. Directory services include distributed discovery of MAC addresses and protocol alias addresses. Topology services include a link state topology exchange among switches, which provides each switch with a complete topology graph of the network. This enables an access switch receiving a data packet to determine a complete path from a source end system to a destination end system. Another service includes resolution of broadcast frames to unicast frames, in order to reduce the amount of broadcast traffic. Policy restrictions may be applied prior to connection setup. Path determination services enable multiple paths from a source to a destination. Connection management includes source routed mapping of connections on the desired path. A distributed call rerouting service is provided wherein if a link on an active path fails, each switch receives a topology change notification and unmaps any connection involving the failed link. A broadcast/unknown service provides restricted flooding of nonresolvable packets. Furthermore, connection-oriented switching is provided based on the source and destination MAC addresses as a connection identifier. Still further, resolution of networks outside the switch domain is enabled by access switches listening for network and server route advertisements and maintaining best routes to said networks and servers. The best route metrics may be combined with best path metrics to determine a path from a first access switch to an egress switch connected to the external network.07-15-2010
20100165993Operator Managed Virtual Home Network - A virtual network and method for providing an operator-managed home LAN service. The access interface enables definition of the virtual network. Each user device in the home LAN is provided with an IP address within the same IP domain space. The access interface enables communication between user devices and external networks via the virtual network by providing external operator-managed service entities such as a Network Address Translator/Firewall (NAT/FW) and service gateways.07-01-2010
20110051732Switching hub and ring network - A switching hub for processing a VLAN frame transmitted through a transmission line of a ring network includes two ring ports connected to the transmission line of the ring network, and a forwarding processing mechanism for, when one of the two ring ports receives the frame and when a VLAN in which the received frame belongs is a VLAN only through both the ring ports, forwarding the frame to the other ring port without performing FDB learning on the frame.03-03-2011
20090175280AUTOMATIC PACKET PROTECTION FORWARDING TO AN MPLS NETWORK BY A DUAL-HOMED ETHERNET BRIDGE - A method and a system for forwarding Ethernet packets by an Ethernet bridge (EB07-09-2009
20110216775System and Method for Multiple Concurrent Virtual Networks - Techniques are provided for establishment of multiple concurrent virtual networks. In one example, there is provided a method operable by a virtual network controller (VNC) or the like. The method may involve establishing communication links with a plurality of virtual network interfaces (VNIs) operatively coupled to a plurality of virtual networks. The method may involve establishing a single port communication link with an operating system. The method may involve allowing the virtual networks to be transported on top of a physical network, and facilitating communication between the operating system and the virtual networks via the single port communication link.09-08-2011
20090274156CARRIER ETHERNET OVER DOCSIS - A network includes a provider edge device with logic to encapsulate Ethernet frames received from customer equipment into Data Over Cable Service Interface Specification (DOCSIS) frames using Layer Two Tunneling Protocol. The provider edge device further includes logic to implement a virtual switch instance (VSI).11-05-2009
20090196298Transportation of IEEE 802.1ah Frames over Multiprotocol Label Switching Pseudowires for Virtual Private LAN Services - Disclosed are, inter alia, methods, apparatus, computer-storage media, mechanisms, and means for transportation of IEEE 802.108-06-2009
20110090911METHOD AND APPARATUS FOR TRANSPARENT CLOUD COMPUTING WITH A VIRTUALIZED NETWORK INFRASTRUCTURE - A capability is provided for providing transparent cloud computing with a virtualized network infrastructure. A method for enabling use of a resource of a data center as an extension of a customer network includes receiving, at a forwarding element (FE), a packet intended for a virtual machine hosted at an edge domain of the data center, determining a VLAN ID of the VLAN for the customer network in the edge domain, updating the packet to include the VLAN ID of the VLAN for the customer network in the edge domain, and propagating the updated packet from the FE toward virtual machine. The edge domain supports a plurality of VLANs for a respective plurality of customer networks. The packet includes an identifier of the customer network and a MAC address of the virtual machine. The VLAN ID of the VLAN for the customer network in the edge domain is determined using the identifier of the customer network and the MAC address of the virtual machine. The FE may be associated with the edge domain at which the virtual machine is hosted, an edge domain of the data center that is different than the edge domain at which the virtual machine is hosted, or the customer network. Depending on the location of the FE at which the packet is received, additional processing may be provided as needed.04-21-2011
20110158241Method and device for transmitting control message based on multi-ring ethernet - A method and device for transmitting a control message based on a multi-ring Ethernet are provided, wherein the method comprises the following steps: control virtual local area networks of a main ring and a sub-ring are configured (S06-30-2011
20100322252SYSTEMS AND METHODS FOR HANDLING A MULTI-CONNECTION PROTOCOL BETWEEN A CLIENT AND SERVER TRAVERSING A MULTI-CORE SYSTEM - The present application is directed towards systems and methods for handling a multi-connection protocol communication between a client and a server traversing a multi-core system. The multi-connection protocol comprises a first connection and a second connection, which may be used respectively for control communications and data communications. Because different cores in the multi-core system may handle the first connection and second connection, the present invention provides systems and methods for efficiently coordinating protocol management between a plurality of cores.12-23-2010
20120044939Method and Apparatus for Transporting Ethernet Services - Frames of customer traffic may be encapsulated by adding Mac-in-Mac (MiM) encapsulation fields for transportation of the frames over a portion of provider network. The MiM encapsulated traffic may be further encapsulated using VPLS by adding VPLS encapsulation fields for transportation of the frames over another portion of the provider network. The MiM encapsulations use provider network MAC addresses which enables VPLS MAC learning to occur using provider network MAC address space. MiM tunnels are mapped to VPLS service instances which are assigned pseudowire tags for transportation over the VPLS portion of provider network. The MiM header is retained when the MiM encapsulated frames are transported over the VPLS portion of the provider network. As VPLS frames exit the core network, the VPLS encapsulation fields are removed to extract the original MiM encapsulated frames for further transportation over the MiM portion of the provider network.02-23-2012
20120207169METHOD OF PROVIDING VIRTUAL ROUTER FUNCTIONALITY - A method of presenting different virtual routers to different end users, classes of service, or packets is provided. An incoming packet is received having a VLAN field and at least one additional field. A key is formed from the VLAN field and at least one other packet field, and mapped into a virtual router identifier (VRID) using an indirection mapping process. The VRID identifies a particular virtual router configuration from a plurality of possible virtual router configurations. A networking device is configured to have the particular virtual router configuration identified by the VRID, and the packet is then forwarded by the configured device.08-16-2012
20120207170VIRTUAL PRIVATE LAN SERVICE PACKET PROCESSING - Embodiments of the invention are directed to processing Virtual Private LAN Service (VPLS) packets. Each VPLS packet is processed in two stages. In a first stage Layer 2 and Layer 3 headers are parsed from the packet to obtain an Ethernet frame and Traffic management characteristics are determined according to the L3 header. In a second stage a type of Ethernet frame is determined, as either one requiring replication or not, and the Ethernet frame is forwarded in accordance with the TM characteristics based on the determined frame type. This approach allows for a modular implementation which provides enables high performance and efficient utilization of processing resources.08-16-2012
20120014387Virtual Layer 2 and Mechanism to Make it Scalable - An apparatus comprising a service network and a plurality of Layer 2 networks at a plurality of different physical locations coupled to the service network via a plurality of edge nodes at the Layer 2 networks, wherein the edge nodes are configured to maintain a plurality of Internet Protocol (IP) addresses of a plurality of hosts across the Layer 2 networks, and wherein the IP addresses of the hosts in each of the Layer 2 networks are mapped by the other Layer 2 networks to a Media Access Control (MAC) address of each of the edge nodes in the same Layer 2 networks of the hosts.01-19-2012
20120057599System and Method for Virtual Private Local Area Network Service to Use the Flow Aware Pseudowire - An apparatus comprising a provider edge (PE) coupled to a second PE and to a customer edge (CE) and configured to establish a Virtual Private Local Area Network (LAN) Service (VPLS) that is interconnected by either a flow aware pseudowire (PW) or a flow unaware PW and exchange a flow label indication with the second PE to enable using a flow label below a PW label on the label stack. Also disclosed is a network component comprising a processor configured to support a signaling protocol that indicates a capability to send, receive, or both a flow label over a PW configured for a Layer Two (Layer 2) Virtual Private Network (VPN), a transmitter configured to send a PW packet with a flow label to a peer network component, and a receiver configured to receive a PW packet either with a flow label or without a flow label.03-08-2012
20090135833Ingress node and egress node with improved packet transfer rate on multi-protocol label switching (MPLS) network, and method of improving packet transfer rate in MPLS network system - Provided are an ingress node and an egress node on a Multi-Protocol Label Switching (MPLS) network, with an improved packet transfer rate, and a packet transfer rate improving method in a MPLS network system. By assigning a MPLS label to a destination MAC address of a packet in order to guarantee Quality of Service (QoS), it is possible to distributively transmit packets through a variety of paths on a MPLS network and thus improve a packet transfer rate.05-28-2009
20110096785VIRTUALIZATION-SUPPORTING PROGRAMMABLE PLATFORM DEVICE AND METHOD OF TRANSFERRING PACKET - Provided are a virtualization-supporting programmable platform device and a method of transferring a packet. The method includes, when a switch receives a packet including a destination sliver identifier (ID) and a virtual interface (VIF) ID, transferring, at the switch, the received packet to a sliver selected on the basis of the destination sliver ID, and transferring, at the sliver receiving the packet, the received packet to one of VIFs of the sliver on the basis of the VIF ID. Accordingly, a programmable platform or router supporting network virtualization can identify IDs of slivers, which are resources allocated to users in the future Internet, and VIFs connected to the respective slivers.04-28-2011
20120207171Method and Apparatus for Interworking VPLS and Ethernet Networks - To allow seamless interworking between an 802.1ah service instance (ISID) and a VPLS service instance, the AGI value used to signal the setup of the pseudowire portion of the VPLS may carry the ISID value of an associated 802.1ah service instance. This allows the service instance to be identified end-to-end across the Ethernet and VPLS networks using the same value without modifying how the MPLS network operates. The VPLS network will use AGI/AII signaling to set up pseudowires on the MPLS network, but instead of using an AGI value assigned by the MPLS network, the AGI value that is assigned will be taken from the ISID value of the Ethernet frame or from ISIDs registered by the Ethernet network.08-16-2012
20120300784METHOD FOR SENDING ETHERNET FRAMES IN ETHERNET TREE SERVICE AND PROVIDER EDGE DEVICE - The present disclosure relates to the field of network communication, and in particular, to a method for sending Ethernet frames in an Ethernet Tree service and a provider edge device. The method includes: receiving, by a VLAN bridge, Ethernet frames sent by a root node or a leaf node; importing, by the VLAN bridge, the Ethernet frames into a root VLAN or a leaf VLAN according to the type of the node sending the Ethernet frames, and sending the Ethernet frames to a same virtual switch instance VSI; and sending, by the VSI, the Ethernet frames to a corresponding remote PE device by a pseudowire. Using the solution provided in the embodiments of the present disclosure, a VLAN is associated with the type of the node sending the Ethernet frames, thereby achieving effective isolation between the E-Tree leaf nodes and ensuring the original scalability of VPLS.11-29-2012
20090323698PURE CONTROL-PLANE APPROACH FOR ON-PATH CONNECTION ADMISSION CONTROL OPERATIONS IN MULTIPROTOCOL LABEL SWITCHING VIRTUAL PRIVATE NETWORKS - The embodiments described herein present methods and apparatuses for on-path CAC operations in a MPLS-VPN environment. In an example embodiment, an ingress PE device receives a quality of service (QoS) resource reservation request; constructs an outgoing message that includes information allowing an egress PE device to identify the virtual private network routing and forwarding table (VRF) associated with a resource reservation resulting from the QoS resource reservation request; and transmits the outgoing message to the egress PE device, where the information allowing VRF identification is echoed back by the egress PE device and used by the ingress PE device to identify the VRF associated with the resource reservation resulting from the QoS resource reservation request. Other embodiments are described.12-31-2009
20100290474Multiple Prefix Connections with Translated Virtual Local Area Network - A system comprising an access node (AN) coupled to a plurality of service providers (SPs) and a host and configured to forward a plurality of services between the SPs and the host using a plurality of first connections between the AN and the host and a plurality of second connections between the AN and the SPs, and a router gateway (RG) positioned between the host and the AN and coupled to the AN via an access line that comprises the first connections, wherein the AN translates a plurality of first identifiers for the first connections to a plurality of second identifiers for the second connections to route the services appropriately between the host and the SPs over the first connections and the corresponding second connections.11-18-2010
20100208738SYSTEM AND METHOD FOR ROUTER VIRTUAL NETWORKING - A host router is logically partitioned into virtual router domains that manage independent processes and routing application copies but share a common operating system. Each v-net manages an independent set of sockets and host router interfaces, each associated with only one v-net at one time, but interchangeably repartitionable Traffic is removed from an interface during repartitioning. Duplicate arrays of global variables copied to each v-net are accessed by macro references. A v-net facility can separate route tables used internally from the externally visible route tables and can avoid conflicts between internal and external IP addresses that share the same identifier. For example a common FreeBSD operating system supports a dynamic routing protocol (DRP) application. Each v-net runs an independent copy of the DRP software and is logically independent. A failure in one DRP copy does not adversely affect other copies.08-19-2010
20120163388SYSTEMS AND METHODS FOR VLAN TAGGING VIA CLOUD BRIDGE - The present disclosure is directed to supporting multiple virtual LANs (VLANs) via a single tunnel between intermediary devices. A first intermediary device of a first data center on a first network receives, from a second intermediary device of a second data center on a second network, an encapsulated packet via a tunnel established between the first intermediary device and the second intermediary device. The first intermediary device comprising a plurality of network interfaces, each corresponding to a virtual LAN (VLAN) network of a plurality of VLAN networks. The first intermediary device detects that the encapsulated packet has been tagged with virtual LAN (VLAN) information by the second intermediary device identifies a VLAN network of the plurality of VLAN networks and transmits a packet of the encapsulated packet via the network interface corresponding to the identified VLAN network.06-28-2012
20090059930SYSTEM AND METHOD FOR MANAGING VIRTUAL LOCAL AREA NETWORKS - A method for identifying VLANs associated with a network includes gathering actual network element configuration data from a plurality of network elements in the network, wherein the actual network element configuration data identifies one or more VLANs that at least some of the plurality of network elements are actually allocated to; correlating the actual network element configuration data with administrative VLAN data; and determining one or more VLANs that are not commonly identified in both the actual network element configuration data and the administrative VLAN data. A system includes a network monitoring system operable to gather actual network element configuration data from a plurality of network elements at one or more logical network sites, wherein the actual network element configuration data identifies one or more VLANs that at least some of the plurality of network elements are actually allocated to; and a VLAN services module operable to correlate the actual network element configuration data with administrative VLAN data, and further operable to determine one or more VLANs that are not commonly identified in both the actual network element configuration data and the administrative VLAN data.03-05-2009
20120250693METHOD, SYSTEM AND COMPUTER PROGRAM PRODUCT FOR PROVIDING ETHERNET VLAN CAPACITY REQUIREMENT ESTIMATION - A method, system, and computer program product for providing VLAN capacity requirement estimation is provided. The method includes receiving at a computing system a VLAN configuration file that specifies VLAN access ports, VLAN switches and VLAN trunks in a VLAN. A target access port identifier is received at the computing system from a requestor. A target trunk and target switch corresponding to the target access port are determined at the computing system. A bandwidth contribution of the target access port to the VLAN is calculated at the computing system. The calculating is based on a least contribution algorithm that reflects an impact of provisioning the target access port with respect to trunk capacity, and is responsive to the target bandwidth requirement, the target class of service and placement of the target port in the VLAN. The bandwidth contribution is then transmitted to the requestor.10-04-2012
20100195658TELECOMMUNICATIONS SYSTEM - Virtual dedicated voice connections between parties to a packet-switched system can be created by reserving capacity for such connections in the packet-switched system. The capacity reservable by any one party is limited to prevent over-subscription of resources in the packet switched. The system incorporates a call admission control processor for controlling access to the packet-switched call routing system such that a voice call attempt is successful only if capacity for such a dedicated connection has previously been reserved. The capacity reserved for the virtual connections is made available for use by other traffic when not required for voice sessions.08-05-2010
20120076150CONTROLLED INTERCONNECTION OF NETWORKS USING VIRTUAL NODES - Methods, apparatuses, and systems for controlling interconnections between nodes using virtual nodes are described. A physical node—such as a router, bridge, switch, etc.—stores a virtual cost associated with a virtual link that links virtual nodes of the physical node. A first physical port and a second physical port of the physical node are designated as belonging to a first virtual node and a third physical port of the physical node is designated as belonging to the second virtual node. The first physical port is associated with a first network partition and the second physical port is associated with a second network partition. The physical node transmits a routing information packet that includes the virtual cost.03-29-2012
20120076149Transmission bandwidth quality of service - A bandwidth limiting circuit provides limiting the bandwidth of a group of virtual channels at a transmitting port to a maximum value. A limiting circuit includes a register that is repeatedly incremented with a threshold value, which threshold value is related to the desired maximum bandwidth for the group. The register is decremented by the frame length, in bytes, of the frame transmitted from one of the virtual channels belonging to the group. A comparator enables frame transmission for the group if the register value is greater than zero. A bandwidth guarantee circuit provides at least the bandwidth specified by the limiting circuit. The guarantee circuit enables one of the groups for frame transmission based on a fairness algorithm when the outputs of comparators of each of the limiting circuit are low.03-29-2012
20120177054Managing Active Edge Devices in VPLS Using BGP Signaling - In one embodiment, a method includes establishing in a Virtual Private Local Area Network (LAN) Service (VPLS) over Multi-Protocol Label Switching (MPLS) network a floating pseudowire between a first provider edge router and a redundancy group having a plurality of provider edge routers each configured to forward data toward a external device. Each provider edge router in the redundancy group is configured to maintain an active link to the external device. A provider edge router that is not a member of the redundancy group sends data directed to the external device through the floating pseudowire. Only one provider edge router in the redundancy group receives and forwards the particular data to the external device.07-12-2012
20100272111Address Resolution Optimization Procedure To Effect A Gradual Cutover From A Provider Bridge Network To A VPLS or Provider Backbone Bridging Network - A method and apparatus that operates two bridging protocols in a hybrid bridging node is described. The operation of the two bridging protocols in the hybrid node allows for an incremental transition of a provider bridging network from operating a legacy bridging protocol that shares MAC addresses to a bridging network that operates VPLS and/or PBB bridging protocols. The hybrid bridging node selectively broadcasts address resolution packets and unicast packets with unknown MAC addresses from the nodes operating VPLS and/or PBB to nodes operating a legacy bridging protocol.10-28-2010
20090316705Quality of Service in Vlan-Based Access Networks - In a broadband access network multiple end users connected to access nodes are linked to multiple service providers connected to an edge node. Packet transmitted across the network contain a quality of service identifier specifying a relative QoS or priority or an absolute QoS, defining minimum quality of service parameters required for handling the packet. The access network is preferably divided into separate virtual local area networks (VLANs) providing separate broadcast domains for the various end users. Each packet transmitted on the access network is VLAN-tagged with QoS identifier contained in this tag. When an access node or edge node receives an incoming data unit that specifies an absolute quality of service, the node determines that there is sufficient bandwidth through the access network to the destination node by querying other nodes in the network directly or indirectly through a bandwidth broker before accepting the service and transmitting the packet.12-24-2009
20090016358METHOD FOR TRANSMITTING DATA IN VIRTUAL WAN AND SYSTEM THEREOF - A system for transmitting data in a virtual WAN comprises a plurality of routers, and each router comprises at least one connection port, a network status receiver and a redirection-processing unit. The network status receiver is configured to obtain bandwidth utilization information of other routers through the connection port. The redirection-processing unit is configured to determine whether the router needs to conduct a redirection and to establish a feasible redirection path based on the bandwidth utilization information of other routers.01-15-2009
20090016357SEPARATE SECURE NETWORKS OVER A NON-SECURE NETWORK - Systems and methods for creating and operating separate secure networks over a non-secure network are described herein. Some illustrative embodiments include a system that includes a router with one or more ports and control logic coupled to the one or more ports (the control logic capable of establishing a plurality of secure data paths with at least one other router across a network), and a plurality of external storage devices (each storage device separate from the router but capable of being detachably coupled to a port of the one or more ports, and each external storage device comprising configuration data defining one or more secure data paths of the plurality of secure data paths). Configuration data stored in a first external storage device of the plurality of external storage devices is different from configuration data stored in a second external storage device of the plurality of external storage devices.01-15-2009
20080310422DATA CENTER VIRTUAL LOCAL AREA NETWORK SYSTEM AND METHOD - A method, system and service for a data center computer network. A core network switches data using a first protocol layer. A first access switch is in electrical communication with the core network. The first access switch communicates the data to the core network using the first protocol layer. A second redundant access switch forms a first access switch pair with the first access switch. The second access switch is in electrical communication with the core network and communicates the data using the first protocol layer. The second access switch is in electrical communication with first access switch and communicates with the first access switch using a second protocol layer. The second protocol layer is at lower OSI level than the first protocol layer. The first access switch and the second access switch are configured to form a first VLAN. A first edge device is in electrical communication with the first access switch and the second access switch. The first edge device is part of the first VLAN.12-18-2008
20080298373Secure VLANs - A VLAN is implemented with a logical hub and spoke topology that obviates local switching. Member devices are connected to a hub device such as a router via intermediate devices such as Layer 2 switches that support individual IP subnets within the VLAN. The Layer 2 switch does not allow bridging, so there is no IP subnet broadcast domain. Further, the Layer 2 switch implements only a single logical broadcast uplink port which is connected to the router. The Layer 2 switch also implements only point-to-point downlink ports, i.e., to individual member devices. Consequently, all traffic is forced to flow through the router, e.g., broadcast traffic, multicast traffic and traffic of unknown destination received by the Layer 2 switch from a member device is only flooded to the router, and the router performs intra-subnet routing in addition to routing between subnets and between VLANs. The router subjects all traffic to security measures and provide services including packet inspection, firewall, policing, metering, accounting, anti-virus, marking, filtering and encryption, and thereby reduce or eliminate the drawbacks associated with local switching.12-04-2008
20110286462SYSTEMS AND METHODS FOR EQUAL-COST MULTI-PATH VIRTUAL PRIVATE LAN SERVICE - A provider edge device, associated with a virtual private local area network service (VPLS) system, includes a memory to store instructions to implement a pseudowire mechanism to receive a first data frame from a source customer edge (CE) device associated with the VPLS system, incorporate the first data frame into a first VPLS packet, determine whether the source CE device is a single-homed CE device or a multi-homed CE device, and incorporate, into the first VPLS packet, a first pseudowire label, if the source CE device is a single-homed CE device, and incorporate, into the first VPLS packet, a second pseudowire label, different from the first pseudowire label, if the source CE device is a multi-homed CE device; and a processor to execute the instructions.11-24-2011
20130010799Efficient Software-Based Private VLAN Solution for Distributed Virtual Switches - Packet processing logic of a host system's virtualization manager detects packets on the ingress or the egress path to/from a virtual port having three bitmap arrays for processing packets within a virtual local area network (VLAN). The logic checks the VLAN identifier (VID) of the packet to determine, based on an offset position within the corresponding bitmap array, whether the port supports the VLAN. Both the ingress array offset position and egress array offset positions correspond to the value of the VID, and are set within the specific bitmap array during configuration of the VLAN on the port. When the VLAN is supported by the port, the logic enables the packet to be processed by the port. Otherwise, the logic discards the packet. A strip bitmap array indicates when a packet's VID should be removed prior to forwarding the packet on the egress of a port (or destination port).01-10-2013
20120243545METHOD AND DEVICE FOR DETERMINING FORWARDING RULE FOR DATA PACKET - A method and corresponding device for determining forwarding rule for data packet in Virtual Private LAN Service with Provider Backbone Bridge (PBB-VPLS) network are disclosed. In the method, a value in a backbone service instance identifier (I-SID) field of the received data packet is firstly examined, then a virtual split horizon group corresponding to the data packets is determined based on the I-SID value, wherein the virtual split horizon group defines a forwarding rule for the data packets between different pseudo wire ports of the PBB-VPLS network. With the dynamic split horizon group, the method dynamically adapts to different forwarding rules for multiple I-VPLS instances with different tree topologies, and is capable of supporting multiple I-VPLS instances with different root sites and tree topologies in one B-VPLS instance, thereby ensuring the stability of the backbone network and reducing the network operation cost.09-27-2012
20120243544USAGE OF MASKED BMAC ADDRESSES IN A PROVIDER BACKBONE BRIDGED (PBB) NETWORK - Techniques disclosed herein include features and methods that extend functionality of provider networks including Provider Backbone Bridges (PBB) networks. Techniques include using a portion of information within Ethernet address encapsulation headers for purposes other than identifying source and destination device addresses. The system limits a number of bits in an address header that should be considered by a provider network node when doing an address lookup in forwarding tables of a provider network node, such as by masking the portion of bits or otherwise disregarding that portion of bits during address lookup. The remaining bits in the address field(s) become free bits that can be used for a variety of application purposes, such as flow path selection. By using information fields that already exist in the Mac-In-Mac (MIM) encapsulation header, such Techniques provide additional information without increasing packet size or requiring new protocols.09-27-2012
20090279552METHOD AND APPARATUS FOR DISTRIBUTING END-TO-END QINQ SERVICE TAGS AUTOMATICALLY - A method for automatically distributing end-to-end 802.1Q in 802.1Q (QinQ) service tags includes: filtering out an applicable Virtual Local Area Network (VLAN) tag operation mode set according to a VLAN tag operation mode of an upstream node; selecting a VLAN tag operation mode; and obtaining a VLAN tag value automatically according to the VLAN tag operation mode of the upstream node and the selected VLAN tag operation mode, and filling the obtained VLAN tag value into service configuration. An apparatus for automatically distributing end-to-end QinQ service tags includes: a VLAN tag operation mode set generating unit, a VLAN tag operation mode selecting unit, and a tag value filling unit.11-12-2009
20110261824VIRTUAL CIRCUIT CONFIGURATION METHOD - A method and apparatus are provided for configuring a virtual circuit set up between a first and a second terminal installation. The virtual circuit is carried by an underlying path including a first link set up between the first terminal installation and an intermediate installation, and a second link set up between the intermediate installation and the second terminal installation. A third link of the underlying path is set up between the intermediate installation and a third terminal installation. The method includes a step of configuring the third terminal installation, on completion of which the latter is able to process in reception a data stream transmitted through the virtual circuit.10-27-2011
20130177022Dynamic Virtual LANs to Segregate Data - Systems, methods, and apparatus for receiving commands and controlling allocation of ports of a communications switch to one or more virtual local area networks (VLANs).07-11-2013
20080232379Configuration Tool for MPLS Virtual Private Network Topologies - Configuration tool for virtual private network (VPN) topologies. In particular implementations, a method includes accessing a network topology configuration set comprising one or more route target groups (RTGs), wherein each RTG comprises a topology type identifier, one or more site identifiers, one or more role identifiers associated with each of the site identifiers, and one or more route target identifiers; generating one or more route target statements, based on the topology type identifier and role identifiers of one or more RTGs, defining the export or import of network layer reachability information between one or more routing nodes in a virtual private network (VPN) topology; and transmitting the one or more route target statements to one or more routing nodes.09-25-2008
20080219270APPARATUS FOR LIMITING VPNv4 PREFIXES PER VPN IN AN INTER-AUTONOMOUS SYSTEM ENVIRONMENT - An apparatus for limiting Virtual Private Network (VPNv4) prefixes per VPN in an inter-autonomous system environment are presented. A limit on the number of VPNv4 routes per VPN for a Route Distributor (RD) or a group of RDs associated with a VPN is defined, at an Autonomous System Border Router (ASBR). When the number of received routes at the ASBR exceeds the limit, then a soft notification is sent to a neighboring ASBR and routes exceeding the limit are discarded at the ASBR.09-11-2008
20130114606MULTIPLE DELIVERY ROUTE PACKET ORDERING - A hybrid network device can implement functionality to indicate the sequence of packets associated with a common packet stream transmitted via a plurality of packet routes and to manage out-of-order packet arrival. In a hybrid communication network, a first network device can determine sequence identifiers associated with a plurality of packets of a packet stream received from a second network device via a plurality of packet routes between the first network device and the second network device. The first network device can detect out-of-order delivery of one or more of the plurality of received packets based, at least in part, on the sequence identifiers associated with the plurality of packets. Consequently, the first network device can re-order at least a subset of the plurality of packets based on the sequence identifiers associated with the plurality of packets.05-09-2013
20130094513RELAY APPARATUS AND CONTROL METHOD - A relay apparatus includes a first data storage unit and a processor. The first data storage unit stores an output port identifier in connection with a combination of a port identifier and a communication type identifier. The processor obtains, when a frame is received, a first output port identifier corresponding to a combination of a port identifier of a port that received the frame and a communication type identifier included in the received frame by use of the first data storage unit to output the received frame to a port identified by the first output port identifier.04-18-2013
20130114608VLAN Numbering In Access Networks - The invention relates to VLAN numbering in access networks.05-09-2013
20130114607Reference Architecture For Improved Scalability Of Virtual Data Center Resources - In an embodiment, a method for operating a data center includes interconnecting a hierarchy of networking devices comprising physical networking devices and virtual networking devices, such that physical networking devices are located at two or more higher levels in the hierarchy, and the virtual networking devices are located in at least one lower levels of the hierarchy. Virtual Local Area Networks (VLANs) are terminated only in physical networking devices located at the lowest of the two or more higher levels in the hierarchy.05-09-2013
20130114609VLAN Numbering In Access Networks - The invention relates to VLAN numbering in access networks.05-09-2013
20110268125VIRTUAL CLUSTER SWITCHING - One embodiment of the present invention provides a switch system. The switch includes one or more ports on the switch configured to transmit packets encapsulated based on a first protocol. The switch further includes a control mechanism. During operation, the control mechanism forms a logical switch based on a second protocol, receives an automatically assigned identifier for the logical switch without requiring manual configuration of the identifier, and joins a virtual cluster switch.11-03-2011
20110235645VIRTUAL SERVICE DOMAINS - In one embodiment, layer-2 (L2) ports of a network device may each be assigned to a particular virtual service domain (VSD). One or more virtual service engines (VSEs) may also be assigned in a particular order to each VSD, where each VSE is configured to apply a particular service to traffic traversing the VSE between ingress and egress service ports. Interconnecting the L2 ports and the ingress and egress service ports is an illustrative virtual Ethernet module (VEM), which directs traffic it receives according to rules as follows: a) into a destination VSD via the one or more correspondingly assigned VSEs in the particular order; b) out of a current VSD via the one or more correspondingly assigned VSEs in a reverse order from the particular order; or c) within a current VSD without redirection through a VSE.09-29-2011
20090067437METHODS, SYSTEMS AND COMPUTER PROGRAM PRODUCTS FOR MANAGING ATM ETHERNET FLOWS - Methods, systems and computer program products are provided for associating multiple Ethernet flows between a transceiver/uplink endpoint and a subscriber endpoint over an underlying ATM VCC including generating an ATM VCC record having a first endpoint identifier corresponding to a subscriber device such as a passive optical network (“PON”) or digital subscriber line (“DSL”) device and a second endpoint identifier corresponding to a transceiver card, such as a GigE card.03-12-2009
20100020809True Ring Networks Using Tag VLAN Filtering - A method in a network device configured in a true ring network where the network device has a first port and a second port connected to the true ring network and a third port connected to a processor including: connecting the network device to transmit data packets in a single direction around the true ring network including an ingress port and an egress port; enabling ingress tag VLAN filtering on the ingress port only; configuring a VLAN table in the network device to terminate an incoming data packet when a VID tag (VLAN identifier tag) of the incoming data packet matches the local VID tag of the network device; and configuring the VLAN table in the network device to accept the incoming data packet when the VID tag of the incoming data packet does not match the local VID tag of the network device.01-28-2010
20120281706SYSTEMS AND METHODS FOR CLOUD BRIDGING BETWEEN INTRANET RESOURCES AND CLOUD RESOURCES - Embodiments of the present solution provide a cloud bridge to bring network transparency between the otherwise disparate networks of the datacenter and cloud service provider. For example, appliances may be deployed in the datacenter and on the edge of the cloud. These appliances may be configured or designed and constructed to communicate with each other and recognize and understand the local IP and/or public IP network information of the on-premise datacenter of the enterprise and the cloud datacenter. These appliances may manage the flow of network traffic between the on-premise and cloud datacenters in a manner to appear and act seamlessly and transparently as a single network spanning both the on-premise and cloud data centers.11-08-2012
20130182712SYSTEM AND METHOD FOR MANAGING SITE-TO-SITE VPNS OF A CLOUD MANAGED NETWORK - A management server includes a configuration and management module processing server configuration information, including a VPN peer list and VLAN/subnet settings. The management server automatically calculates the VPN configuration information, including the VPN peer subnet route information identifying which of the subnets participating in the VPN are behind which of the routers and keys to establish VPN tunnels between those routers participating in the VPN. Each of the routers participating in the VPN includes a VPN tunnel with the other routers participating in the VPN, a set of data structures storing data identifying contact information for each of the subnets participating in the VPN, a combination of an IP address and port to reach one of routers that that subnet is behind, and a forwarding module to forward traffic between the subnets.07-18-2013
20110292946Virtualization Platform - The invention relates to a visualization platform (12-01-2011
20130195111Shortest Path Bridging in a Multi-Area Network - A method that improves multi-area routed Ethernet network design, in which multipath implementation in each of the areas is independent of each other area to allow optimal network design in each area. The network implements a shortest path bridging medium access control (SPBM) protocol. The areas include a Level 2 (L2) routing area coupled to a Level 1 (L1) routing area via multiple area border bridges (ABBs). The L1 routing area including a backbone edge bridge (BEB) coupled to the ABBs via multiple L1 multipath instances identified by respective backbone VLAN identifiers (B-VIDs). The ABBs receive an advertisement from the BEB that indicates a set of BEB identifiers, each of which identifies the BEB and is associated with a respective B-VID. Each of the BEB identifiers is unique. The ABBs also advertise into the L2 routing area, and translate the B-VIDs based on service identifiers for frames transiting the ABBs.08-01-2013
20120300785Method and Device for Realizing Flexible QinQ - A method for realizing flexible QinQ, including: after receiving a message, searching for a Media Access Control (MAC) address entry corresponding to the message in a MAC address table, if the corresponding MAC address entry is searched out, performing flexible QinQ for the received message according to the flexible QinQ information included in the MAC address entry, and forwarding the message after completing the flexible QinQ transformation. The present invention also provides a device for realizing flexible QinQ and a QinQ transformation board. The present invention gets rid of a high-cost network processor, enables storage of the flexible QinQ information and fast forwarding of the messages just on a simple interface board, it overcomes the problem in the prior art that the speed of massively searching the QinQ entry is slow and enlarges the profits of operators and network product users at the same time.11-29-2012
20130094514METHOD AND SWITCH FOR SENDING PACKET - The present disclosure discloses a method and a switch for sending a packet, which belongs to the field of computer network technologies. A layer 3 switch which is configured with an aggregated VLAN containing a plurality of VLANs searches information regarding correspondence between IP addresses and the VLANs to determine if there is a VLAN in the aggregated VLAN that corresponds to a target IP address in a packet; if there is a VLAN that corresponds to the target IP address, sends the packet to only that VLAN. In the technical solutions of the present disclosure, the number of invalid packets that are sent can be effectively reduced, thereby reducing an influence of the invalid packets on the whole virtual local area network.04-18-2013

Patent applications in class Emulated LAN (LANE/ELAN/VLAN, e.g., Ethernet or token ring legacy LAN over a single ATM network/LAN)