SELECTIVE RULE MANAGEMENT BASED ON TRAFFIC VISIBILITY IN A TUNNEL
Granted: November 30, 2017
Application Number:
20170346731
One embodiment of the present invention provides a switch. The switch includes a storage device, a rule management module, an inner packet module, and a packet processor. During operation, the rule management module obtains a rule associated with a data flow within tunnel encapsulation of a tunnel. This rule indicates how the flow is to be processed at the switch. The rule management module then applies an initial rule to a respective line card of the switch. The initial rule is derived…
DISTRIBUTED CONFIGURATION MANAGEMENT FOR VIRTUAL CLUSTER SWITCHING
Granted: November 9, 2017
Application Number:
20170324682
One embodiment of the present invention provides a switch. The switch includes a port to couple to a second switch. The switch also includes a control mechanism configured to maintain a set of configuration information for a virtual cluster switch which includes a number of member switches. The set of configuration information includes global configuration information for the virtual cluster switch and switch-specific configuration information for one or more member switches. In…
DYNAMIC MULTI-DESTINATION TRAFFIC MANAGEMENT IN A DISTRIBUTED TUNNEL ENDPOINT
Granted: October 26, 2017
Application Number:
20170310582
One embodiment of the present invention provides a switch. The switch includes a storage device, a mapping module, and a packet processor. During operation, the mapping module maintains a first and a second mappings. The first mapping, which can be in the storage device, is between a first service tunnel identifier and a first virtual local area network (VLAN) identifier. The second mapping is between the first VLAN identifier and an indicator, which indicates whether the switch is…
INTERCONNECTION OF SWITCHES BASED ON HIERARCHICAL OVERLAY TUNNELING
Granted: June 8, 2017
Application Number:
20170163569
A novel fabric switch is provided. The switch includes a tunnel management apparatus that maintains a local inter-switch tunnel and an inter-fabric tunnel. The local inter-switch tunnel facilitates communication to a switch in a local fabric switch. The inter-fabric tunnel facilitates communication to a remote fabric switch. The switch further includes a packet header management apparatus that decapsulates a packet received from the local inter-switch tunnel and encapsulates the packet…
VIRTUAL CLUSTER SWITCHING
Granted: June 1, 2017
Application Number:
20170155599
One embodiment of the present invention provides a switch system. The switch includes one or more ports on the switch configured to transmit packets encapsulated based on a first protocol. The switch further includes a control mechanism. During operation, the control mechanism forms a logical switch based on a second protocol, receives an automatically assigned identifier for the logical switch without requiring manual configuration of the identifier, and joins a virtual cluster switch.
SYSTEM AND METHOD FOR FLOW MANAGEMENT IN SOFTWARE-DEFINED NETWORKS
Granted: May 11, 2017
Application Number:
20170134281
One embodiment of the present invention provides a system for facilitating flow definition management in a switch. During operation, the system identifies a generic flow definition which specifies a flow that is not specific to any input port of a switch. The system further stores in a flow lookup data structure one or more port-specific flow rules based on the generic flow definition, wherein each port-specific flow rule corresponds to a respective port capable of processing data flows.
SPANNING TREE IN FABRIC SWITCHES
Granted: May 11, 2017
Application Number:
20170134266
One embodiment of the present invention provides a switch. The switch includes a packet processor and a spanning tree management module. The packet processor obtains information associated with a spanning tree from a message. The spanning tree management module, in response to the obtained information being superior to locally available information of the spanning tree, determines the port role of a local port of the switch for the spanning tree to be the root port and the port state of…
MULTICAST TRAFFIC LOAD BALANCING OVER VIRTUAL LINK AGGREGATION
Granted: April 27, 2017
Application Number:
20170118124
One embodiment of the present invention provides a switch. The switch comprises one or more ports, a link management module and a load balancing module. The link management module operates a port of the one or more ports of the switch in conjunction with a remote switch to form a virtual link aggregation. The load balancing module generates an index of a weight distribution vector based on address information of a multicast group associated with the virtual link aggregation. A slot of…
VIRTUAL EXTENSIBLE LAN TUNNEL KEEPALIVES
Granted: April 27, 2017
Application Number:
20170118044
One embodiment of the present invention provides a switch that is a member of a fabric switch. The switch includes a keepalive response module that identifies a keepalive response packet that does not correspond to any keepalive packet previously transmitted by the switch. The switch also includes a switch identifier extraction module that extracts a switch identifier from a payload of the keepalive response packet, where the switch identifier corresponds to another member switch in the…
IP-BASED INTERCONNECTION OF SWITCHES WITH A LOGICAL CHASSIS
Granted: March 16, 2017
Application Number:
20170078150
One embodiment of the present invention provides a switch. The switch includes a logical channel apparatus and a tunnel apparatus. The logical channel apparatus associates a logical channel identifier of a logical channel with the switch and assigns an Internet Protocol (IP) address as switch identifier of the switch. The logical channel includes a plurality of member switches and the switch is a member switch of the logical channel. The IP address uniquely identifies the switch in the…
GRACEFUL RECOVERY OF A MULTICAST-ENABLED SWITCH
Granted: February 2, 2017
Application Number:
20170034047
One embodiment of the present invention provides a switch. The switch includes a processor, a storage device, a multicast management module, and a graceful recovery module. The multicast management module participates in a multicast tree of a multicast group. The graceful recovery module determines a recovery event and constructs a message indicating the recovery event for a second switch. The switch and the second switch belong to a first virtual local area network (VLAN). The graceful…
SCALABLE GATEWAYS FOR A FABRIC SWITCH
Granted: January 26, 2017
Application Number:
20170026197
One embodiment of the present invention provides a switch. The switch includes a gateway subgroup module, a tunnel management module, and a packet processor. The gateway subgroup module operates the switch in conjunction with a remote switch to form a gateway subgroup. The switch and the remote switch actively operate as tunnel gateways. The tunnel management module maintains a data structure indicating whether a tunnel source subnet is associated with the gateway subgroup. The packet…
CONFIGURATION OF LOAD-SHARING COMPONENTS OF A NETWORK VISIBILITY ROUTER IN A NETWORK VISIBILITY SYSTEM
Granted: December 22, 2016
Application Number:
20160373352
A network visibility system includes a packet router and a router controller. The router controller programs respective forwarding rules in each of a set of load-sharing components of the packet router. Each load-sharing component in the set is designed to forward communication packets according to the respective programmed packet-forwarding rules. The router controller receives, from the packet router, information indicating an update to the availability status of components in the set…
ARCHITECTURE FOR A NETWORK VISIBILITY SYSTEM
Granted: December 22, 2016
Application Number:
20160373351
Aspects of the present disclosure provide a suitable architecture for a router controller which configures forwarding rules in a packet router of a network visibility system. In an embodiment, the router controller contains multiple controller blocks, with each controller block to examine a corresponding set of packets and to generate a respective set of forwarding rules for configuring the packet router. The router controller may also contain a switch to receive multiple packets and to…
CONFIGURATION OF RULES IN A NETWORK VISIBILITY SYSTEM
Granted: December 22, 2016
Application Number:
20160373304
Aspects of the present disclosure enable a router controller to maintain a default rules table indicating allocation of IP addresses (of GTP packets) to respective output ports. In an embodiment, the router controller receives information indicating the respective tunnel endpoint IP addresses of a control session and a data session of a user. The router controller is configured to determine whether such IP addresses of the control session and the data session(s) are allocated to the same…
CONFIGURATION OF A NETWORK VISIBILITY SYSTEM
Granted: December 22, 2016
Application Number:
20160373303
A network visibility system provided according to an aspect of the present disclosure forms rules for routing of packets to appropriate analytic server, based on IP addresses discovered while processing packets. Due to such discovery and forming of rules based on discovery, manual configuration of the network visibility system can be avoided. In an embodiment, the network visibility system comprises a packet router and a router controller. The router controller receives the examined…
TECHNIQUES TO RESTORE MULTICAST DATA PLANE FROM PERSISTENT STORAGE
Granted: December 15, 2016
Application Number:
20160366070
One embodiment of the present invention provides a switch. The switch includes a multicast management module, a storage module, and a recovery module. During operation, the multicast management module represents multicast information from one or more entries of a multicast data structure in a way that the switch can derive its multicast states from the multicast information. The storage module stores the multicast information in a recovery file in a local persistent storage device. If…
MAC ADDRESS SYNCHRONIZATION IN A FABRIC SWITCH
Granted: November 24, 2016
Application Number:
20160344658
One embodiment of the present invention provides a system for facilitating synchronization of MAC addresses in a fabric switch. During operation, the system divides a number of media access control (MAC) addresses associated with devices coupled to an interface of the switch. The system then computes a checksum for a respective chunk of MAC addresses. In addition, the system broadcasts MAC address information of the chunk to facilitate MAC address synchronization in a fabric switch of…
VIRTUAL LINK AGGREGATIONS ACROSS MULTIPLE FABRIC SWITCHES
Granted: November 10, 2016
Application Number:
20160330141
One embodiment of the present invention provides a switch. The switch is configurable to be a member of a first fabric switch. The switch includes a link aggregation module. During operation, the link aggregation module marks an ingress-switch field of a frame with a virtual switch identifier. This virtual switch identifier is associated with the switch and a second switch, which is a member of a second fabric switch, and is from a range of identifier associated with the first fabric…
DYNAMIC ORCHESTRATION OF OVERLAY TUNNELS
Granted: October 13, 2016
Application Number:
20160299775
One embodiment of the present invention provides a dynamic overlay tunnel orchestration system. During operation, the system detects the appearance of a first virtual machine running on a hypervisor of a first host machine coupled to a first switch in a network. The system identifies a first virtual local area network (VLAN) associated with the first virtual machine and determines whether an overlay tunnel exists between the first switch and a second switch coupling a second virtual…
