Patent application number | Description | Published |
20080212579 | Packet tunneling - Network devices, systems, and methods are provided for packet processing. One network device includes a network chip having a number of network ports for the device. The network chip includes logic to select original data packets, based on a set of criteria, received from or destined to a particular port on the device and to tunnel the selected data packets to a second network device having a different destination address to that of the selected data packets. | 09-04-2008 |
20080247380 | Locating original port information - A network, network devices, and methods are described for locating original port information. A network device includes a network chip having a number of network ports for the device for receiving and transmitting packets. The network chip includes logic to locate original port information for a packet returned from a checking functionality. | 10-09-2008 |
20080259924 | Marked packet forwarding - A network, network devices, and methods are described for marked packet forwarding. A network device includes a network chip having a number of network ports for receiving and transmitting packets. The network chip includes logic to decapsulate a packet received from a tunnel, mark the packet with a handle associated with an originating network device of the packet using information from an encapsulation header, and forward the marked packet to a checking functionality having a destination address different from an original destination address of the packet. | 10-23-2008 |
20080267179 | Packet processing - Network devices, systems, and methods are provided for packet processing. One network device includes a network chip including logic and a number of network ports for the device for receiving and transmitting packets therefrom. The logic is operable to group a number of ports into a membership group based on a criteria, and define a filter index in association with a network packet to indicate the membership group. | 10-30-2008 |
20080270606 | Remote client remediation - Embodiments of the invention may include network devices, systems, and methods, including executable instructions and/or logic, for remote client remediation. One method includes identifying a client needing remediation, tunnel-encapsulating packets originating from the client during remediation, and forwarding the tunnel-encapsulated packets to a remote remediation functionality different from an original destination address of the packets and having membership in a remediation VLAN different from the original VLAN. | 10-30-2008 |
20080298392 | Packet processing - Network devices, systems, and methods are provided for packet processing. One method includes receiving a checking functionality rule set as an input to a distribution algorithm. The method includes bifurcating and providing configuration instructions, as an output from the distribution algorithm, to a first logic plane associated with a first logical entity and a second logic plane associated with a second logical entity. A collaboration algorithm is used to provide processing coordination between the first logical entity and the second logical entity. | 12-04-2008 |
20090003229 | Adaptive Bandwidth Management Systems And Methods - Adaptive bandwidth management systems and methods are disclosed. An exemplary system comprises a network switching device including a plurality of physical ports and at least one switching fabric for managing connections between the physical ports. The system also includes a management processor operatively associated with the plurality of physical ports and the at least one switching fabric. The system also includes program code stored in computer-readable storage and executable by the management processor, the program code configuring the network switching device to conserve electrical energy based on the current bandwidth requirements. | 01-01-2009 |
20090016226 | Packet monitoring - Network devices, systems, and methods are provided for packet processing. One network device includes a network chip having logic and a number of network ports for the device for receiving and transmitting packets therefrom. The logic is encoded with application specific integrated circuit (ASIC) primitives to check header fields and payload content in the packets. | 01-15-2009 |
20090016336 | Packet processing - Network devices and methods are provided for packet processing. One method includes using logic embedded in an application specific integrated circuit on a network device to dynamically adjust an access control list. According to the method, the access control list is adjusted in response to information received from a checking functionality related to packets received by the network device from a particular port. The method also includes handling packets later received from the particular port according to the adjusted access control list. | 01-15-2009 |
20090016337 | Tunnel configuration - A network, network devices, and methods are described for packet processing. A method includes using logic on a first network device to select a checking functionality based on a number of criteria. The method uses logic on the first network device to select the checking functionality from a list of checking functionalities. The checking functionality is selected for processing packets identified by the first network device. The method also includes using logic on the first network device to configure a tunnel initiation to tunnel packets to a second network device that is associated with the selected checking functionality. The second network device has a destination address different from an original destination address of identified packets. | 01-15-2009 |
20090190486 | System and methods for distributed output packet metering using input lookups - System and methods for metering output packet traffic at network devices. Ingress packet lookups are employed in combination with egress packet meters, which can be arranged in parallel fashion, and used to meter traffic across multiple blades of a switch chassis. Also, egress packet traffic metering is accomplished while matching complex ingress rules without additional egress packet processing. The system has a first node for creating requests that contain a number of filter indicies for specifying packet forwarding criteria. The first node also specifies values for the filter and meter indicies based on a packet to be forwarded. The system also has a second node coupled to the first node and to a number of ports. The second node has at least one table for specifying which of the ports are to receive the packet based on the filter values, and at least one table for accounting for egress traffic bandwidth. | 07-30-2009 |
20090207834 | TRANSMITTING A PACKET FROM A DISTRIBUTED TRUNK SWITCH - A method of transmitting an upstream communication packet from a distributed trunk (DT) switch is described. The method comprises receiving a packet from a device connected to a DT port of the DT switch; and transmitting the received packet via a non-DT port of the DT switch if the DT switch is the owner of the device and transmitting the received packet via a DT interconnect (DTI) port of the DT switch if the DT switch is not the owner of the device. | 08-20-2009 |
20100142371 | Loadbalancing network traffic across multiple remote inspection devices - Methods of balancing network packet traffic among multiple checking functionalities (CFs) are described. A network has at least one client operatively connected to at least one source switch and multiple available CFs operatively connected to at least one destination switch. Each available CF has predetermined, but possibly different inspection capabilities. A source switch receiving packets from a client inspects each packet and can optionally choose an available CF having at least the minimum necessary inspection capabilities to inspect the particular packet, and tunnel the packet to the chosen CF. | 06-10-2010 |
20100142539 | PACKET PROCESSING INDICATION - A network, network devices, and methods are described for packet processing indication. A method includes tunneling a packet from a first network device to a second network device associated with a first checking functionality. The second network device has an address different than an original destination address of the packet. The method also includes return-tunneling the packet from the second network device to the first network device with an indication of whether the packet was processed by the first checking functionality. The method includes tunneling the packet from the first network device to a third network device associated with a second checking functionality in response to the indication being that the packet was not processed by the first checking functionality. The third network device has an address different from the original destination address of the packet. | 06-10-2010 |
20110134932 | MARKED PACKET FORWARDING - A network, network devices, and methods are described for marked packet forwarding. A network device includes a network chip having a number of network ports for receiving and transmitting packets. The network chip includes logic to decapsulate a packet received from a tunnel, mark the packet with a handle associated with an originating network device of the packet using information from an encapsulation header, and forward the marked packet to a checking functionality having a destination address different from an original destination address of the packet. | 06-09-2011 |
20110231933 | LOADBALANCING NETWORK TRAFFIC ACROSS MULTIPLE REMOTE INSPECTION DEVICES - An apparatus includes a checking functionality (CF) for processing data packets in a computer network that comprises a plurality of CFs. The CF includes an interface for communication with one or more source switches that route data packets to the CF for processing, a packet processing capability for processing the data packets, and logic for communicating data regarding the packet processing capability to the source switch through the interface. | 09-22-2011 |
20120008505 | PACKET TUNNELING - Network devices, systems, and methods are provided for packet processing. One network device includes a network chip having a number of network ports for the device. The network chip includes logic to select original data packets, based on a set of criteria, received from or destined to a particular port on the device and to tunnel the selected data packets to a second network device having a different destination address to that of the selected data packets. | 01-12-2012 |
20120320909 | SENDING REQUEST MESSAGES OVER DESIGNATED COMMUNICATIONS CHANNELS - Techniques described herein provide for sending request messages. The request messages may be sent in order. The request messages may be sent over a designated communications channel. | 12-20-2012 |
20130074147 | PACKET PROCESSING - Network devices and methods are provided for packet processing. One method includes using logic embedded in an application specific integrated circuit on a network device to dynamically adjust an access control list. According to the method, the access control list is adjusted in response to information received from a checking functionality related to packets received by the network device from a particular port. The method also includes handling packets later received from the particular port according to the adjusted access control list. | 03-21-2013 |
20130191917 | PATTERN DETECTION - Data is moved through a pipeline as processing of the data unrelated to detection of pattern is performed. The detector detects the pattern within the data at a predetermined location or based on a predetermined reference as the data is moved through the pipeline, in parallel with the processing of the data as the data is moved through the pipeline. The detector detects the pattern within the data as the data is moved through the pipeline without delaying movement of the data into, through, and out of the pipeline. | 07-25-2013 |
20130215897 | MITIGATION OF DETECTED PATTERNS IN A NETWORK DEVICE - A method for mitigating detected patterns in a network device is described herein. A packet is moved through a first pipeline of the network device, to perform processing of the packet. A pattern is detected within the packet. In response to detecting the pattern, a hardware component of the network device generates a flag as the packet is moving through the first pipeline, in parallel with the processing of the packet. One or more forwarding policies associated with the packet are determined using the flag. | 08-22-2013 |
20140086255 | PACKET FORWARDING BETWEEN PACKET FORWARDING ELEMENTS IN A NETWORK DEVICE - A network device having a plurality of packet forwarding elements, each including a hardware component for receiving and forwarding data packets from and to other network devices via a plurality of input ports connected to a network. Each hardware component is configured to determine whether a received data packet is one of a predetermined class of data packets based on data in the received data packet and, if so, generate expedited processing instructions corresponding to the received data packet based on data in the received data packet. The hardware component forwards the received data packet, together with the corresponding expedited processing instructions, directly to the hardware component of all packet forwarding elements of the plurality of packet forwarding elements for processing based on the expedited processing instructions. | 03-27-2014 |
20140153435 | TIERED DEEP PACKET INSPECTION IN NETWORK DEVICES - Packet inspection in a network device includes a first stage circuit to monitor packets being switched by a network interface in the network device. The first stage circuit includes at least one pattern matcher to identify selected flows in the packets satisfying first criteria and to divert the selected flows from standard processing in the network interface. A second stage circuit receives the selected flows, performs deep packet inspection on the selected flows to identify further selected flows satisfying a second criteria, and controls the network interface to apply alternative processing to the further selected flows and allow the selected flows other than the further selected flows to rejoin the standard processing. | 06-05-2014 |
20150036502 | Packet Processing Indication - A network, network devices, and methods are described for packet processing indication. A method includes tunneling a packet from a first network device to a second network device associated with a first checking functionality. The second network device has an address different than an original destination address of the packet. The method also includes return-tunneling the packet from the second network device to the first network device with an indication of whether the packet was processed by the first checking functionality. The method includes tunneling the packet from the first network device to a third network device associated with a second checking functionality in response to the indication being that the packet was not processed by the first checking functionality. The third network device has an address different from the original destination address of the packet. | 02-05-2015 |