Patent application number | Description | Published |
20090116483 | Supporting BGP Based IP-VPN In A Routed Network - A new type of Provider Edge (PE) device is used to support BGP-based IP-VPNs. Each VRF instance in a PE device is associated with a dedicated IP address (Service IP address). Each service IP address is dedicated to a VRF in a PE device. The service IP address is distributed by BGP for VPN route association. Customer/VRF IP packets can be sent to a VRF instance in the egress PE device using service IP header encapsulation (with IP Destination Address=Service IP address of egress PE's VRF & IP Source Address=Service IP address of ingress PE's VRF). This obviates the need for explicit tunnels in the core. | 05-07-2009 |
20090168666 | Implementation of VPNs over a link state protocol controlled Ethernet network - Nodes on a link state protocol controlled Ethernet network implement a link state routing protocol such as IS-IS. Nodes assign an IP address or I-SID value per VRF and then advertise the IP addresses or I-SID values in IS-IS LSAs. When a packet is to be forwarded on the VPN, the ingress node identifies the VRF for the packet and performs an IP lookup in customer address space in the VRF to determine the next hop and the IP address or I-SID value of the VRF on the egress node. The ingress node prepends an I-SID or IP header to identify the VRFs and then creates a MAC header to allow the packet to be forwarded to the egress node on the link state protocol controlled Ethernet network. When the packet is received at the egress node, the MAC header is stripped from the packet and the appended I-SID or IP header is used to identify the egress VRF. A customer address space IP lookup is then performed in the identified VRF on the egress node using the information in the client IP header to determine how to forward the packet. Customer reachability information within a VPN may be exchanged between VRFs using iBGP, or directly by using link state protocol LSAs tagged with the relevant I-SID. | 07-02-2009 |
20090310535 | Unifying Virtualizations in a Core Network and a Wireless Access Network - To unify virtualizations in a core network and a wireless access network a virtual wireless network is mapped to a virtual network in the core network. Based on the mapping, data associated with a communications session can be communicated through the virtual wireless network and core virtual network. | 12-17-2009 |
20100158003 | SHARING OF NETWORK SECURITY AND SERVICES PROCESSING RESOURCES - Systems and methods are disclosed of routing traffic in a network that include classifying incoming data packets using the content of the incoming data packets that remains relatively consistent during a network session. These systems and methods also include ordering the incoming traffic according to at least one internet protocol address comprised within the incoming traffic, hashing the at least one internet protocol address and the destination port within the incoming traffic, and determining a destination service module for the incoming traffic. Through these systems and methods, data can be routed without the need for complete flow tables. | 06-24-2010 |
20100329265 | Method and Apparatus for implementing L2 VPNs on an IP Network - MP-BGP VPN infrastructure based on IETF RFC 4364/2547 is used to configure a layer 2 VPN on an IP network. VRFs for the VPN are configured on Ethernet switches and service IP addresses are associated with each configured VRF. The service IP addresses are exchanged to enable VPN traffic to be encapsulated for transport over the IP network. To enable a L2 VPN to be established on the network, a VPN-VLAN ID will be configured for the L2 VPN and import/export route targets for the VPN-VLAN will be set in each VRF and UNI-VLAN that is part of the VPN. The VPN-VLAN will be announced to all PEs using MP-iBGP with export route targets set for this VPN-VLAN. The PE's control plane learns the VPN-VLAN on a logical port if the import RT matches the export RT received by the MP-iBGP control plane. Once the VPN-VLAN is learned on a logical port, the PE will perform MAC learning on that logical port and treat the logical port as if it were part of the L2 VLAN. | 12-30-2010 |
20120106320 | ROUTED SPLIT MULTI-LINK TRUNKING RESILIENCY FOR WIRELESS LOCAL AREA NETWORK SPLIT-PLANE ENVIRONMENTS - A method, apparatus and computer program product for performing Routed Split Multi-Link Trunking Resiliency for Wireless Local Area Network split-plane environments is presented. A first network switch learns first data associated with a second network switch and the first network switch terminates an Access Tunnel (AT). The said second network switch learns second data associated with said first network switch. The first and second data are synchronized between the first network switch and the second network switch. The first network switch and the second network load sharing tunnel data packets. The second network switch forwards tunnel control packets received by the second network switch to the first network. A failure relating to said first network switch is detected and a new AT is established with the second network switch. | 05-03-2012 |
20120106523 | PACKET FORWARDING FUNCTION OF A MOBILITY SWITCH DEPLOYED AS ROUTED SMLT (RSMLT) NODE - A method, apparatus and computer program product for providing Routed Split Multi Link Trunking (RSMLT) for Wireless Local Area Network (WLAN) tunnels is presented. A first and second network switch learn data associated with each other, wherein the first network switch and the second network switch operate concurrently. The first network switch terminates a WLAN Tunnel. The data is synchronized between the first network switch and the second network switch, wherein the data includes MAC Addresses, Internet Protocol (IP) interface addresses, Virtual Local Area Network (VLAN) associations, WLAN tunnel assignments and Network switch Internet Protocol (IP) addresses. Load sharing of tunnel data packets is performed by the first and the second network switch. Tunnel control packets received by the second network switch are forwarded to the first network switch over an Inter Switch Trunk (IST). | 05-03-2012 |
20120110393 | METHOD AND APPARATUS PROVIDING FAILOVER FOR A POINT TO POINT TUNNEL FOR WIRELESS LOCAL AREA NETWORK SPLIT-PLANE ENVIRONMENTS - A method, apparatus and computer program product for providing failover for a point to point tunnel for wireless local area network split-plane environments is presented. A second network switch learns first data associated with a third network switch and the second network switch terminates a tunnel. The third network switch learns second data associated with the second network switch. The first and second data are synchronized between the second network switch and the third network switch. The second network switch and the third network switch load sharing tunnel data packets. The third network switch forwards tunnel control packets received by the third network switch to the second network switch. A failure relating to the second network switch is detected and a new tunnel is established with the third network switch. | 05-03-2012 |
20120170578 | MULTICAST VPN SUPPORT FOR IP-VPN LITE - Techniques disclosed herein include systems and methods for providing multicast Virtual Private Network (VPN) support for IP VPN networks, including IP VPN-lite networks. Such techniques provide multicast VPN capability over an IP unicast core network by creating a multicast service VLAN and IP interface, which is used for multicast control traffic exchange between VPN instances. Multicast VPN data traffic is then carried over unicast IP-in-IP tunnels. A given ingress Provide Edge (PE) replicates the multicast traffic for all receiving egress PEs, and adds control information so that the multicast traffic appears as unicast traffic to the Core network. With such a technique, a given Core network only needs to run an IP unicast that is free of VPN unicast or multicast route or tree information. | 07-05-2012 |
Patent application number | Description | Published |
20130060966 | METHOD AND APPARATUS FOR FORMING A TIERED WIRELESS LOCAL AREA NETWORK (WLAN) SERVER TOPOLOGY - A method, apparatus and computer program product for forming a tiered Wireless Local Area Network (WLAN) server topology is presented. A Wireless Local Area Network (WLAN) having a plurality of Mobile Virtual Local Area Network (MVLAN) servers is broken into a plurality of zones, each zone including at least one MVLAN server. An Identifier (ID) is assigned to each zone. A MVLAN server in each zone is designated as a MVLAN gateway server, wherein MVLAN servers within a zone communicate with each other within the zone, wherein the MVLAN servers within a zone communicate directly with the MVLAN gateway sever within the zone, wherein MVLAN gateway servers communicate directly with each other, and wherein a MVLAN server within a first zone communicates with a MVLAN server in a second zone by way of the MVLAN gateway sever of the first zone and the MVLAN gateway server of the second zone. | 03-07-2013 |
20130124750 | NETWORK VIRTUALIZATION WITHOUT GATEWAY FUNCTION - A local network, such as a data center, includes a plurality of servers each of which are linked to a network switch. Some of the plurality of servers are network virtualization capable and some are not. The network virtualization capable servers include functionality that encapsulates a data frame, generated by one network virtualization servers that is to be sent to another network virtualization capable server, with a network virtualization identity. In the event that a network virtualization server generates a data frame for transmission to a server that is not capable of network virtualization, the network virtualization capable server does not encapsulate the data frame with the network virtualization identity. | 05-16-2013 |
20130322441 | SCALING UP/OUT THE NUMBER OF BROADCAST DOMAINS IN NETWORK VIRTUALIZATION ENVIRONMENTS - A method for handling multicast traffic is presented. A method of handling multicast traffic according to some embodiments of the present invention includes forming IP multicast (IPMC) groups of hypervisors based on broadcast domains; and directing multicast traffic from a broadcast domain on a source hypervisor to hypervisors that are members of the IPMC group. | 12-05-2013 |
20140192804 | SYSTEMS AND METHODS FOR PROVIDING MULTICAST ROUTING IN AN OVERLAY NETWORK - An information handling system is provided. The information handling system includes a first hypervisor running on a first host and a second hypervisor running on a second host. The first hypervisor managing a first virtual switch, and the second hypervisor managing a second virtual switch. The information handling system also includes a plurality of virtual machines (VMs), including a first VM, which is part of a first tenant, running on the first host, and a second VM, part of a second tenant, running on the second host. The first virtual switch has a mapping in memory that maps a customer-specific multicast IP address, used by the plurality of VMs to indicate a multicast group that includes VMs on the first and second tenants, to a global multicast IP address used by the first and second hosts. | 07-10-2014 |
20140254406 | SYSTEM AND METHOD FOR VIRTUAL PRIVATE APPLICATION NETWORKS - A system and method for virtual private application networks includes receiving a first packet associated with a first network flow at a network device, determining one or more first characteristics of the first network flow based on information associated with the first packet, determining one or more second characteristics of a first virtual private application network (VPAN) based on information associated with the one or more first characteristics, assigning the first network flow to the first VPAN, selecting one or more first network switching devices to be associated with the first VPAN, and transmitting one or more first flow control messages to the selected one or more first network switching devices. The one or more first flow control messages provide forwarding instructions for network traffic associated with the first network flow to the selected one or more first network switching devices. | 09-11-2014 |
20140254605 | SYSTEM AND METHOD FOR STORING FLOW ENTRIES IN HARDWARE TABLES - A system and method for storing flow entries in hardware tables includes one or more controllers, memory, a first flow table for storing first flow entries, and a second flow table for storing second flow entries that override the first flow entries. The first flow table implements a fixed priority and the second flow table a flexible priority. The one or more controllers is configured to add a third flow entry with a first priority to the first table when the first priority is consistent with priorities of all overlapping first flow entries, move selected overlapping first flow entries to the second table and add the third flow entry to the first table when moving the selected first flow entries removes any priority inconsistencies in the first table when the third flow entry is added to the first table, and otherwise add the third flow entry to the second table. | 09-11-2014 |
20140269252 | SYSTEMS AND METHODS FOR MANAGING SWITCHING DEVICES IN AN INFORMATION HANDLING SYSTEM - Systems and methods are provided that allow for the management of switching devices in an information handling system without having to access the switching device. An information handling system as provided herein includes at least one switching device and a controlling device in communication with the at least one switching device. The controlling device includes a network interface component configured to receive a request from the at least one switching device, and one or more processors. The one or more processors are configured to provide configuration settings and an operating system to the at least one switching device in response to the received request, record network traffic of the at least one switching device, provide the recorded traffic to an analytics engine, and debug the at least one switching device based on information received from the analytics engine. | 09-18-2014 |
20140269295 | SYSTEM AND METHOD FOR MANAGEMENT OF VIRTUAL SUB-NETWORKS - A system and method for management of virtual sub-networks includes a network controller including a control unit and one or more ports coupled to the control unit. The network controller is configured to receive a first admit request from a network switching device on a first virtual sub-network, form a first admit response based on information associated with the first admit request, transmit the first admit response to the network switching device on the first virtual sub-network, form one or more first flow control messages including configuration information for coupling the network controller and the network switching device using a second virtual sub-network, transmit the one or more first flow control messages, transmit a first migrate message to the network switching device, and exchange management traffic with the network switching device using the second virtual sub-network. | 09-18-2014 |
20140269710 | PORT EXTENDER - An extended bridge structure that includes a controlling bridge and port extenders is disclosed. A port extender according to some embodiments of the present invention includes a processor that processes receives packets in a way that executes at least one procedure that substitutes for a function of the controlling bridge. A controlling bridge according to the present invention provides data to the port extender that enables it to execute the at least one procedure that substitutes for a function of the controlling bridge. | 09-18-2014 |
20140341225 | SYSTEM AND METHOD FOR FLEXIBLE SWITCHING FABRIC - A system and method for a flexible switching fabric includes a network switching device. The network switching device includes a plurality of connectors configured to couple the network switching device to other network devices, one or more front panel cards, each front panel card including one or more first ports and configured to forward network packets between the first ports, one or more fabric cards, each fabric card including one or more second ports and configured to forward network packets between the second ports, and a port multiplexing unit configured to flexibly couple the plurality of connectors to the one or more first ports and the one or more second ports to the one or more first ports. The flexible coupling between the one or more first ports and the plurality of connectors and the one or more second ports is determined based on a desired configuration for the network switching device. | 11-20-2014 |