Patent application number | Description | Published |
20110252231 | REKEY SCHEME ON HIGH SPEED LINKS - In one embodiment, apparatus and methods for a rekey process are disclosed. In certain rekey embodiments, when a key-generation protocol exchange is executed, instead of generating a single new security relationship, such as a Security Association or SA, a multiple set (e.g., 10) of new security relationships (e.g., SAs) are generated. An authorized device can then individually use these security relationships (e.g., SAs) as needed to securely communicate with each other. For example, a set of SAs can be efficiently programmed into an 802.1ae protocol ASIC for handling transmitted and received data packets. In the description herein, embodiments of the invention are described with respect to SA's, and this “SA” term is generally defined as any type of security relation that can be formed to allow a particular node to securely transmit packets or frames to another receiving node. | 10-13-2011 |
20110273990 | Per-graph link cost assignment in layer 2 multipath networks - In one embodiment, a method includes assigning at a switch in a layer 2 multipath network, costs to a link in the network, each of the link costs associated with a different graph for forwarding traffic in the network, transmitting the link costs to other switches in the layer | 11-10-2011 |
20120027017 | MULTI-DESTINATION FORWARDING IN NETWORK CLOUDS WHICH INCLUDE EMULATED SWITCHES - Techniques are described which facilitate multi-destination forwarding in a Layer 2 Multipath (L2MP) network which includes an emulated switch. The emulated switch may correspond to two or more underlying peer link switches in the L2MP network, in which each of the peer link switches is linked to a Classical Ethernet (CE) switch over a virtual port channel (vPC). Traffic received by one of the peer link switches over the vPC is automatically forwarded to the other peer link switch (or switches). Multi-destination frames originating from the L2MP network addressed to hosts within the CE network are sent over only one of the peer link switches. | 02-02-2012 |
20120106339 | Probing Specific Customer Flow in Layer-2 Multipath Networks - Techniques are provided to enable a switch in a layer-2 multipath network to determine connectivity of a path to a destination switch. At a source switch, user flow parameters are determined for user flow packets to be transported in the layer-2 multipath network to a destination switch. The sourced switch determines a number of hops from it to the destination switch based on the user flow parameters. Timestamping is activated for time-to-live expiry packets received at the source switch and for time-to-live expiry packets received at the destination switch. One or more probe packets having user flow parameters matching the user flow parameters of user flow packets are generated so that the probe packets use the same path taken by the user flow packets between the source switch and the destination switch. In addition, a time-to-live value corresponding to the number of hops from the source switch to the destination switch is included in a hop count field of the one or more probe packets. The time-to-live value distinguishes the one or more probe packets from user flow packets. The one or more probe packets are sent in the layer-2 multipath network from the source switch to the destination switch. Connectivity between the source switch and the destination switch is determined based on the one or more probe packets. | 05-03-2012 |
20120106358 | SYSTEM AND METHOD FOR PROVIDING PROACTIVE FAULT MONITORING IN A NETWORK ENVIRONMENT - An example method is provided and includes communicating a request packet to a first network element. The request packet is associated with a request for a list of flow parameters. The method also includes receiving a response to the request for the list of flow parameters, and communicating a test packet to initiate fault monitoring. The test packet is communicated to a second network element and the test packet includes at least one of the flow parameters provided by the first network element. The method also includes receiving a plurality of fault monitoring results. The results are limited to reflect multiple paths associated with the first network element. | 05-03-2012 |
20120131216 | Active-Active Multi-Homing Support for Overlay Transport Protocol - Techniques are provided for active-active multi-homing support over an overlay transport virtualization protocol for an edge switch at a data center site. At an edge switch that is configured to operate in an active-active multi-homing mode with at least one other edge switch in an edge switch cluster at a first data center site that comprises one or more endpoint devices, information is stored indicating a media access control (MAC) address of at least one endpoint device at the first site. The edge switch in the edge switch cluster at the first site sends via an overlay transport virtualization protocol a Layer-3 message that is configured to advertise the MAC address of the at least one endpoint at the first site to enable the at least one edge switch at the second site to perform multipath routing to the endpoint device at the first site based on each of the edge switches in the edge switch cluster at the first site. | 05-24-2012 |
20120195195 | Load-Balancing Traffic with Virtual Port Channels - Techniques are provided to load-balance traffic across a plurality of virtual PortChannel links (ports) at a switch device. The switch device interfaces to the plurality of virtual PortChannel links and receives packets to be routed of the plurality of links. The switch device routes the packets of the links so as to favor certain links over others based on operation conditions of the respective links. | 08-02-2012 |
20130155846 | Active Standby Virtual Port-Channels - An active-standby virtual port channel mechanism may be provided, where at any point only one virtual port channel link would be active. Upon failover of the active, a fast failover mechanism is employed to move active traffic to a standby port channel link. | 06-20-2013 |
20140023074 | SYSTEM AND METHOD FOR LAYER-2 NETWORK ROUTING - An example method is provided and includes receiving a data message from a first virtual local area network; determining at an edge switch-router of a Layer-2 network whether the message should be routed; and routing the message in the Layer-2 network at the edge switch-router if the message should be routed. The method also includes switching the message at the edge switch-router if the message should not be routed. | 01-23-2014 |
20140043987 | PASSIVE NETWORK LATENCY MONITORING - A method measures a resident delay for each port in a node in a network and a peer delay between each pair of neighbor nodes in the network. From these resident delays and peer delays, latency between each pair of neighbor nodes in the network is determined. The method includes weighting a route for a data packet going through the nodes in the network using the determined latencies. Each node includes a switch having switchable connections and is configured by a controller to send probe packets from an output port to a port in a neighbor node. The packet may include a time stamp and an identifier. | 02-13-2014 |
20140215216 | REKEY SCHEME ON HIGH SPEED LINKS - In one embodiment, apparatus and methods for a rekey process are disclosed. In certain rekey embodiments, when a key-generation protocol exchange is executed, instead of generating a single new security relationship, such as a Security Association or SA, a multiple set (e.g., 10) of new security relationships (e.g., SAs) are generated. An authorized device can then individually use these security relationships (e.g., SAs) as needed to securely communicate with each other. For example, a set of SAs can be efficiently programmed into an 802.1ae protocol ASIC for handling transmitted and received data packets. In the description herein, embodiments of the invention are described with respect to SA's, and this “SA” term is generally defined as any type of security relation that can be formed to allow a particular node to securely transmit packets or frames to another receiving node. | 07-31-2014 |