Ruled-based network traffic interception and distribution scheme
Granted: July 28, 2020
Patent Number:
10728176
Using a hash function, an L2/L3 switch can produce an FID for a data packet. The L2/L3 switch can select, from among potentially several stored VLAN flooding tables, a particular VLAN flooding table that is associated with a particular VLAN on which the data packet is to be carried. The rows of the particular VLAN flooding table can specify different combinations of the particular VLAN's egress ports. The L2/L3 switch can locate, in the particular VLAN flooding table, a particular row…
Intelligent sorting for N-way secure split tunnel
Granted: June 30, 2020
Patent Number:
10701034
A method of intelligently sorting packets/datagrams for sending through appropriate branches of a N-way split VPN tunnel according to embodiments of the present invention allow for efficient movement of network traffic to and from a remote network location. Intelligent sorting may be based on a wide range of criteria in order to implement different policies. For example, datagrams may be sorted for sending through the branches of a 3-way split tunnel so that all traffic from a remote…
Predictive roaming between subnets
Granted: June 30, 2020
Patent Number:
10700892
A network device of a subnet determines predictive roaming information for a wireless client. Predictive roaming information can identify the wireless client and a home network subnet of the wireless client. The network device provides predictive roaming information associated with a wireless client to neighboring subnets. Neighboring subnets store received predictive roaming information, and use the predictive roaming information if the wireless client roams to them.
Network device based proximity beacon locating
Granted: June 23, 2020
Patent Number:
10694319
A proximity beacon signal transmitted by a network device-coupled proximity beacon transmitter is received at a network device. A RSSI reporting message is generated at the network device based on the proximity beacon signal. A position of the network device-coupled proximity beacon transmitter with respect to the network device is determined using the RSSI reporting message. A location of the network device within a region is determined using the RSSI reporting message and network…
Single band dual concurrent network device
Granted: June 23, 2020
Patent Number:
10693243
A network device comprising, a first radio module configured to transmit and receive first radio signals in a first frequency band, a first antenna array configured to transmit and receive the first radio signals for the first radio module in the first frequency band, a second radio module configured to transmit and receive second radio signals in the first frequency band, a second antenna array configured to transmit and receive the second radio signals for the second radio module in…
Ingress gateway selection for a shortest path bridging network to support inter domain multicast routing
Granted: June 9, 2020
Patent Number:
10680931
In a Shortest Path Bridge (SPB) network comprising a plurality of backbone edge bridges (BEBs), a gateway controller of the SPB network, establishes a link using Multicast Source Discovery Protocol (MSDP) with an external network domain; discovers via the link a source of a multicast stream originating outside of the SPB network; and determines a subset of the plurality of BEBs that are able to receive the multicast stream from the source. Once that occurs, the gateway controller selects…
mDNS support in unified access networks
Granted: June 9, 2020
Patent Number:
10680885
Methods, systems and computer readable media for mDNS support in unified access networks are described.
Methods, systems, and computer readable media for advanced distribution in a link aggregation group
Granted: June 2, 2020
Patent Number:
10673744
The subject matter described herein includes methods, systems, and computer readable media for advanced distribution in a link aggregation group (LAG). In some examples, a packet forwarding device includes physical ports for sending and receiving network traffic. The packet forwarding device includes one or more packet processors configured to perform LAG distribution by distributing incoming packets across active links of a first LAG formed between the packet forwarding device and one…
Method for intelligent multi-hop overlay routing
Granted: May 26, 2020
Patent Number:
10666548
Systems and methods are presented herewith for selecting a preferred route for routing a packet from a first network node to a second network node. A set of possible routes is maintained, with each route having am associated weight value. A random subset of routes is then selected based on the weight values. Each route of the subset is then probed to determine its gain value. The preferred route is selected based on the gain values (e.g., by selecting the highest gain value). Then, all…
Forwarding table management
Granted: May 19, 2020
Patent Number:
10659363
Disclosed herein are system, method, and computer program product embodiments for representing a forwarding information base (FIB) in a database. An embodiment operates by determining that a first routing prefix of a first forwarding entry in the FIB is a less specific routing prefix than a second routing prefix in a second forwarding entry in the FIB. The embodiment determines that a first next hop of the first routing prefix is equal to a second next hop of the second routing prefix.…
Access network dual path connectivity
Granted: March 17, 2020
Patent Number:
10594512
A transport network employs dual homing to an access network to provide connectivity from multiple network switches. Dual homing is a mechanism by which an access network employs pair of switches in the transport network as if it were connecting to a single device. Conventional arrangements for defining multiple paths from a transport network to an access network suffer from the shortcomings of potential routing loops, increased hops to the access network, and inability or inconsistency…
Network discovery optimization using supplemental information published by devices
Granted: March 10, 2020
Patent Number:
10587475
Methods, systems and computer readable media for optimizing (or improving) network discovery using supplemental information published by devices and available on their neighbor devices are described. In some implementations, the method can include obtaining, at a network management computer system, a list of one or more seed devices. The method can also include retrieving a device identifier of a corresponding seed device from the list of one or more seed devices. The method can further…
Smart filter generator
Granted: February 18, 2020
Patent Number:
10567259
Techniques for implementing a smart filter generator in a visibility network are provided. In one set of embodiments, the smart filter generator can maintain at least one mapping between (1) a first-order parameter found in network traffic replicated from a core network monitored by the visibility network, and (2) a second-order parameter related to the first-order parameter, where the second-order parameter is not found in the network traffic replicated from the core network. The smart…
Configuration of load-sharing components of a network visibility router in a network visibility system
Granted: January 7, 2020
Patent Number:
10530688
A network visibility system includes a packet router and a router controller. The router controller programs respective forwarding rules in each of a set of load-sharing components of the packet router. Each load-sharing component in the set is designed to forward communication packets according to the respective programmed packet-forwarding rules. The router controller receives, from the packet router, information indicating an update to the availability status of components in the set…
Multicast to unicast conversion technique
Granted: December 31, 2019
Patent Number:
10523458
A technique allows stations to utilize an equal share of resources (e.g., airtime or throughput). This prevents slow stations from consuming too many resources (e.g., using up too much air time). Fairness is ensured by selective dropping after a multicast packet is converted to unicast. This prevents slow stations from using more than their share of buffer resources. Multicast conversion aware back-pressure into the network layer can be used to prevent unnecessary dropping of packets…
Securely onboarding virtual machines using a centralized policy server
Granted: December 17, 2019
Patent Number:
10511483
In some implementations, a method can include determining a virtual machine (VM) inventory baseline of a system, including identifying VMs in a baseline configuration and generating a VM fingerprint for each VM in the inventory baseline, and detecting a user onboarded VM and moving the user onboarded VM to a quarantine operating area for a period of time. The operational posture of the user onboarded VM can be compared to an operational posture policy of the system. When the operational…
Systems and methods for hardware-implemented anomaly detection in VLAN network using loopback port
Granted: December 10, 2019
Patent Number:
10505679
Systems and methods are disclosed herein for determining that a diagnostic mode is enabled for a port of a switch, the port being part of a VLAN, and responsively designating a port of the plurality of ports as a loopback port, where a packet transmitted on the loopback port is forwarded according to an entry of a forwarding database. The disclosure further describes generating a layer 2 multicast index comprising an entry for the port and an entry for the loopback port, programming the…
Redundant ethernet automatic protection switching access to virtual private LAN services
Granted: November 5, 2019
Patent Number:
10469366
Embodiments disclosed herein provide redundant connectivity between an Ethernet Automatic Protection Switching (EAPS) access network and a Virtual Private LAN Service (VPLS) network. A first VPLS node is provided to function as an EAPS controller node. A second VPLS node is provided to function as an EAPS partner node. The first and second VPLS nodes are linked by a pseudowire and an EAPS shared-link. Additional EAPS nodes are also provided. The additional EAPS nodes are linked to each…
Auto-attach signaling used as wireless local area network (WLAN) selection criterion
Granted: October 29, 2019
Patent Number:
10462099
A method for implementing auto attach for a shortest path bridging (SPB) network comprises determining, on an access point, that an auto attach device communicating in a SPB network is enabled for auto attach, and an advertisement is transmitted to a mobile station. The access point acts a proxy between the mobile station and the auto-attach device by communicably coupling the auto attach device and the mobile station via the access point. A virtual local area network (VLAN)…
Synchronizing peer nodes of a multi-chassis switching cluster
Granted: October 15, 2019
Patent Number:
10447778
Implementations generally relate to synchronizing peer nodes in networks. In one embodiment, a method includes generating a data sequence number. The method also includes associating the data sequence number with a data item. The method also includes sending the data item and the data sequence number to each peer node of a plurality of peer nodes. The method also includes determining if an acknowledgment has been received from each peer node, wherein each acknowledgment indicates the…
