Patent application number | Description | Published |
20100235593 | FLOW RESILIENCY - In an example embodiment, packets for a selected flow are replicated and sent over one or more diverse paths, such as a primary path and at least one secondary path, to a destination switching device. At the destination switching device, one copy of the replicated packets is selected for delivery to the destination, and the remaining copies are discarded. In the event that packets are not received at the destination switching device due to loss of connection on the primary path or packets are not timely delivered due to congestion on the primary path, a different path may be selected as the primary path. | 09-16-2010 |
20110274035 | Routing to the Access Layer to Support Mobility of Internet Protocol Devices - Techniques are provided for seamless integration of wired and wireless functionality packet forwarding in network. A plurality of access switches are provided in each of a plurality of mobility sub-domains that are part of a mobility domain of a network. Each access switch serves one or more Internet Protocol (IP) subnets, each comprising a plurality of IP addresses. An access switch obtains an IP address for a wireless device according to the one or more IP subnets that the access switch serves. The access switch sends an association advertisement message to indicate the IP address of the wireless device and to enable other access switches and routers to compute a path to the wireless device. When a wireless device obtains an IP address, it can keep the same IP address as it roams in the mobility domain. | 11-10-2011 |
20110274036 | Maintaining Point of Presence at Tunneling Endpoint for Roaming Clients in Distributed Wireless Controller System - Techniques are provided to support roaming of wireless devices in a network such that the wireless devices can keep their Internet Protocol (IP) addresses as they roam within and across mobility sub-domains. When a wireless device roams from one access switch to another access switch, a tunneling endpoint apparatus in the wireless device's home mobility sub-domain is configured to serve as the point of presence for the roamed wireless device. Traffic for the roamed wireless device is tunneled from the access switch where the wireless device has roamed (where it is currently attached) to the tunneling endpoint apparatus. When the wireless device roams across mobility sub-domains, then traffic is tunneled from the access switch where the wireless device is currently attached to the tunneling endpoint apparatus in that mobility sub-domain (called a “foreign” mobility sub-domain) to the tunneling endpoint apparatus in the wireless device's home mobility sub-domain. | 11-10-2011 |
20110274037 | Hierarchical Control Signaling for Mobile Clients in Distributed Wireless Controller System - A system and method are provided for a hierarchical distributed control architecture to support roaming of wireless client devices. A plurality of access switches are provided and configured to serve one or more Internet Protocol (IP) subnets that comprises a plurality of IP addresses. The plurality of access switches are arranged in switch peer groups such that each access switch within a given switch peer group is configured to store information about other access switches in that switch peer group and about locations of wireless client devices that are associated with any wireless access point on any access switch in the switch peer group. The plurality of access switches are further grouped into a corresponding one of a plurality of mobility sub-domains each comprising a plurality of switch peer groups. A plurality of controller devices are provided, each configured to control access switches in a corresponding mobility sub-domain. Each controller device stores information about the plurality of access switches within its mobility sub-domain and about locations of wireless client devices at access switches in its mobility sub-domain. A central controller device is provided and configured to communicate with the plurality of controller devices for the respective mobility sub-domains. The central controller device is configured to store information about locations of wireless client devices in the mobility sub-domains. | 11-10-2011 |
20110274082 | Maintaining Point of Presence at Access Switch for Roaming Clients in Distributed Wireless Controller System - Techniques are provided to enable support of roaming wireless devices in a network such that the wireless devices can keep their Internet Protocol (IP) addresses as they roam across mobility sub-domains. Traffic for a wireless device that roams is tunneled back to the access switch that serves the IP subnet which includes an IP address for the wireless device. Traffic is tunneled back to that access switch for the wireless device when the wireless device roams to another access switch which does not serve the IP subnet for the wireless device in the same mobility sub-domain and when the wireless device roams to a different mobility sub-domain, in which case the traffic is tunneled between tunneling endpoints in the respective mobility sub-domains. | 11-10-2011 |
20110280213 | Guest Access Support for Wired and Wireless Clients in Distributed Wireless Controller System - Techniques are provided to enable a support for guest access of devices in a network. At a controller apparatus in a first mobility sub-domain of a network comprising a plurality of mobility sub-domains, a request message containing a request for guest network access for a device is received from a first access switch in the first mobility sub-domain. The controller apparatus forwards the request message to a guest controller. At a tunneling endpoint apparatus in the first mobility sub-domain, a tunnel is established to the guest controller to carry traffic between the device and the guest controller. Traffic for the device passes in a tunnel between the first access switch and the tunneling endpoint apparatus in the first mobility sub-domain, through the tunneling endpoint apparatus in the first mobility sub-domain and in the tunnel between the routing apparatus in the first mobility sub-domain and the guest controller. | 11-17-2011 |
20120082048 | SYSTEM AND METHOD FOR PROVIDING SMART GRID COMMUNICATIONS AND MANAGEMENT - A method is provided in one example embodiment and includes receiving phasor measurement unit (PMU) data in a first transmission; converting the first transmission into a multicast transmission; and multicasting the PMU data to a multicast group address, which identifies a plurality of subscribers. In more specific implementations, the converting of the first transmission into the multicast transmission occurs at a first-hop router in relation to a PMU source that sent the first transmission. In some cases, the first transmission is a unicast transmission sent from a network element, which includes a PMU sensor. | 04-05-2012 |
20120082159 | SYSTEM AND METHOD FOR PROVIDING SMART GRID COMMUNICATIONS AND MANAGEMENT - A method is provided in one example embodiment and includes receiving a request for a service that involves phasor measurement unit (PMU) data; identifying a service device in a network to perform the service; and multicasting one or more results of the service to a group of subscribers identified by a multicast group address. In more particular embodiments, particular PMU data is redirected to the service device via a service insertion architecture (SIA) protocol. In addition, the service can include replicating packets and masking a subset of traffic for forwarding to a first hop router of the network. In certain example instances, metadata is used in order to apply the service to certain traffic propagating in the network. | 04-05-2012 |
20120155395 | Client modeling in a forwarding plane - In one embodiment, a method includes receiving a packet at a network device in communication with a plurality of client nodes, the packet identifying a first client node, performing a look up in a table stored at the network device to locate policies associated with the first client node, the table including an entry for each of the client nodes, each entry having a plurality of policies associated with the client node, applying the policies associated with the first client node at a forwarding engine at the network device, and forwarding the packet from the network device. An apparatus is also disclosed. | 06-21-2012 |
20120203479 | FAST FAULT ISOLATION AND RESTORATION FOR DISTRIBUTION NETWORKS - In one embodiment, a method includes obtaining information relating to a steady state operation of a portion of an electrical network, the electrical network including a plurality of components, the information being obtained from the plurality of components while the portion of the electrical network is operating at steady state, wherein the information is obtained through a communications network that at least partially overlays the electrical network. The method also includes detecting a fault in the electrical network, isolating the location of the fault, and restoring the electrical network. The fault is detected by at least a first component of the plurality of components. Restoring the electrical network includes determining when the first component owns the fault. Determining when the first component owns the fault includes at least processing the information obtained from the plurality of components. | 08-09-2012 |
20120216239 | Integration of network admission control functions in network access devices - In one embodiment, a method includes receiving a communication from an endpoint device at a network access device located within a data path between the endpoint device and a network, identifying a network admission control policy for the endpoint device, enforcing at the network access device, the network admission control policy for traffic received from the endpoint device, and forwarding at the network access device, traffic from the endpoint device to the network in accordance with the network admission control policy. An apparatus is also disclosed. | 08-23-2012 |
20120300756 | Maintaining point of presence for clients roaming within a layer 2 domain - In one embodiment, a method includes receiving a packet from a source wireless device at a second switch, the source wireless device previously associated with a first switch and roamed to and associated with the second switch, wherein a point of presence for the source wireless device is maintained at the first switch, inserting into the packet a direction indicator, and forwarding the packet from the second switch to the first switch, the direction indicator identifying the packet as being transmitted towards the point of presence for the source wireless device to prevent a forwarding loop. An apparatus is also disclosed. | 11-29-2012 |
20120323381 | Security Measures for the Smart Grid - Security is enabled in an electrical system by examining a configuration file for a substation present in the electrical system, where the substation includes one or more electrical devices and one or more network devices. Based on the examination of the configuration file, information is determined on a characteristic of an electrical device that is selected from a group including a type, allowed role of the electrical device and allowed communication modes for the electrical device. Based on the determined information, a basis for controlling the role and communication modes for the electrical device is identified. A security policy is configured in a network device in the substation to incorporate the identified basis. Based on the configured security policy in the network device, communication patterns for the electrical device are allowed that are associated with the allowed role and allowed communication modes for the electrical device. | 12-20-2012 |
20130014217 | Adapting Extensible Authentication Protocol for Layer 3 Mesh Networks - Techniques are provided for adaptive routing of authentication packets in a network, such as a wireless mesh network. At an authenticated device in the network, an authentication packet is received over the network from a device that is seeking authentication. The authentication packet is encapsulated for transmission in Layer 3 packets over an Internet Protocol (IP) tunnel to an authenticator device associated in the network. Similarly, for an authentication packet encapsulated in Layer 3 packets from the authenticator device over the IP tunnel, the authentication packet is decapsulated from the Layer 3 packets and transmitted over the network to the device seeking authentication. | 01-10-2013 |
20130024149 | IDENTIFICATION OF ELECTRICAL GRID PHASE INFORMATION FOR END-POINTS IN A GRID NETWORK - In one embodiment, a requesting device (e.g., head-end application) requests a phase-related response from an end-point that does not know its phase in a polyphase power source system. In response, the requesting device receives the phase-related response from the end-point, where the response relays an identification of the end-point and related phase information without indicating an actual phase of the end-point, e.g., on which power-line is a response generated or at which time is a zero-crossing of the power source's waveform. The phase information of the phase-related response may then be correlated to a known phase of a known-phase device, such that the actual phase of the end-point may be identified based on the correlation. | 01-24-2013 |
20130036305 | Group Key Management and Authentication Schemes for Mesh Networks - According to one embodiment, techniques are provided to enable secure communication among devices in a mesh network using a group temporal key. An authenticator device associated with a mesh network stores a pairwise master key for each of a plurality of devices in a mesh network upon authentication of the respective devices. Using the pairwise master key, the authenticator device initiates a handshake procedure with a particular device in the mesh network to mutually derive a pairwise temporal key from the pairwise master key. The authenticator device encrypts and signs a group temporal key using the pairwise temporal key for the particular device and sends the group temporal key encrypted and signed with the pairwise temporal key to the particular device. | 02-07-2013 |
20130042301 | Authentication Control In Low-Power Lossy Networks - Techniques are provided for the controlled scheduling of the authentication of devices in a lossy network, such as a mesh network. An authenticator device that is configured to authenticate devices in a lossy network receives an authentication start message from a particular device to be authenticated. The authenticator device determines a schedule for engaging in an authentication procedure for the particular device based on an indication of current network utilization. | 02-14-2013 |
20130054784 | Session Layer for Monitoring Utility Application Traffic - Techniques are provided to facilitate monitoring of utility application traffic streams. At a network device that routes utility application traffic for utility devices, control information is received, where the control information is configured to cause the network device to monitor utility application traffic that passes through the network device. The network device monitors a header inserted into utility application traffic messages based on the control information. | 02-28-2013 |
20140146816 | SYSTEM AND METHOD FOR PROVIDING SMART GRID COMMUNICATIONS AND MANAGEMENT - A method is provided in one example embodiment and includes receiving a request for a service that involves phasor measurement unit (PMU) data; identifying a service device in a network to perform the service; and multicasting one or more results of the service to a group of subscribers identified by a multicast group address. In more particular embodiments, particular PMU data is redirected to the service device via a service insertion architecture (SIA) protocol. In addition, the service can include replicating packets and masking a subset of traffic for forwarding to a first hop router of the network. In certain example instances, metadata is used in order to apply the service to certain traffic propagating in the network. | 05-29-2014 |
20140156840 | Session Layer For Monitoring Utility Application Traffic - Techniques are provided to facilitate monitoring of utility application traffic streams. At a network device that routes utility application traffic for utility devices, control information is received, where the control information is configured to cause the network device to monitor utility application traffic that passes through the network device. The network device monitors a header inserted into utility application traffic messages based on the control information. | 06-05-2014 |
20140241346 | TRANSLATING NETWORK FORWARDING PLANE MODELS INTO TARGET IMPLEMENTATION USING NETWORK PRIMITIVES - A routing controller in a communication network may be responsible for generating a device model that defines intended forwarding behavior of the network. The device model may be generated using a target-independent universal language of network primitives. Network primitives are building blocks of the device model. The network primitives can be grouped to form submodels to create modularity within the device model. The network primitives and the submodels can be stored in libraries. The controller may send the device model to a target device. Upon receiving the device model from the controller, the target device may translate the device model to implementation. | 08-28-2014 |
20140241347 | STATIC TRANSLATION OF NETWORK FORWARDING PLANE MODELS INTO TARGET IMPLEMENTATION IN THE HARDWARE ABSTRACTION LAYER - A routing controller in a communication network may be responsible for generating a device model that defines intended forwarding behavior of the network. The device model may be generated using a target-independent universal language of network primitives. The controller may send the device model to a target device. The device controller may include one or more known identifiers associated with one or more portions of the model. The target device may know the mapping between the known identifiers and the capabilities of the target device. Upon receiving the device model from the controller, the target device may retrieve the known mapping to statically translate the device model to implementation. The static translation of the device model provides reusability of the previously determined mappings. The target device is not required to have a translator for dynamically translating the device model each time that the device model is received from the controller. | 08-28-2014 |
20140334488 | Data Plane Learning of Bi-Directional Service Chains - Techniques are provided to decouple service chain structure from the underlying network forwarding state and allow for data plane learning of service chain forwarding requirements and any association between services function state requirements and the forward and reverse forwarding paths for a service chain. In a network comprising a plurality of network nodes each configured to apply a service function to traffic that passes through the respective network node, a packet is received at a network node. When the network node determines that the service function it applies is stateful, it updates context information in a network service header of the packet to indicate that the service function applied at the network node is stateful and that traffic for a reverse path matching the classification criteria is to be returned to the network node. | 11-13-2014 |
20140362857 | Stacking Metadata Contexts for Service Chains - Presented herein are techniques useful in a network comprising a plurality of network nodes each configured to apply one or more service functions to traffic that passes through the respective network nodes. A network node receives packets encapsulated in a service header that includes information defining a variable set of context headers stacked into an association of metadata that is relevant to one or more service functions within a service path comprised of one or more network nodes. The network node interprets a forwarding state and a next-hop network node for the service path from the service header, and determines a service action or associated metadata from the set of context headers. | 12-11-2014 |