SCALABLE FORWARDING TABLE WITH OVERFLOW ADDRESS LEARNING
Granted: January 24, 2013
Application Number:
20130022045
A node is configured to receive a packet from a host device, where the packet includes a source address associated with the host device; determine that the source address is not stored by the node; generate one or more logical distances, associated with one or more nodes, based on the source address and a respective address associated with each of the nodes; determine that another node is associated with a shortest logical distance, of the one or more logical distances; and transmit the…
MANAGING A FLOW TABLE
Granted: January 10, 2013
Application Number:
20130013598
A device may include a flow table to store, in flow table records, statistics associated with a number of data flows, and a flow type table to store, in flow type table records, information that indicates whether to store statistics in the flow table for each of a number of types of data flows, information that indicates a manner for sampling data units associated with the data flows, and/or information that indicates when to delete flow table records from the flow table.
Apparatus and Method of Compensating for Clock Frequency and Phase Variations by Processing Packet Delay Values
Granted: January 10, 2013
Application Number:
20130010815
An apparatus and method are described for compensating for frequency and phase variations of electronic components by processing packet delay values. In one embodiment, a packet delay determination module determines packet delay values based on time values associated with a first and a second electronic component. A packet delay selection module selects a subset of the packet delay values based on the maximum frequency drift of the first electronic component. A statistical parameter…
LAUNCHING SERVICE APPLICATIONS USING A VIRTUAL NETWORK MANAGEMENT SYSTEM
Granted: January 3, 2013
Application Number:
20130007624
A network service administration system including a plurality of service objects, a plurality of address objects; and a service configuration application for a multifunction appliance running on a client computer coupled to the appliance via a network. The service configuration application includes an interface allowing subscribers to configure at least a subset of application content services provided by the appliance and including a rule set implementing rules in ones of said…
ROUTING A PACKET BY A DEVICE
Granted: January 3, 2013
Application Number:
20130007839
Methods and apparatus for transferring packets in a packet switched communication system. A system is provided that includes an L2 device including a controller determining for each packet received whether the received packet is to be inspected, an inspection device operable to inspect and filter packets identified by the controller including using a zone specific policy and an L2 controller for transferring inspected packets in accordance with L2 header information using L2 protocols.
AUTOMATED INTEGRATED CIRCUIT CLOCK INSERTION
Granted: January 3, 2013
Application Number:
20130007685
A user device receives a request to perform an automatic clock insertion operation for an integrated circuit; retrieves location information regarding a group of components, of the integrated circuit, that use a clock signal; deploys a clock mesh based on the location information regarding the group of components; and inserts drop points into the clock mesh; deploys a particular buffer for a particular drop point; maps a component, of the group of components, to the particular buffer;…
FLOW-BASED RATE LIMITING
Granted: January 3, 2013
Application Number:
20130003554
A device may include logic configured to receive a packet, identify a flow associated with the packet in a flow table, and identify a rate limit associated with the flow in the flow table. A current rate associated with the flow may be calculated based on the packet. It may be determined whether the current rate associated with the flow exceeds the rate limit associated with the flow. If so, the packet may be discarded or tagged as “over limit.”
USER SESSION ROUTING BETWEEN MOBILE NETWORK GATEWAYS
Granted: January 3, 2013
Application Number:
20130007286
In general, techniques are described for dynamically redirecting session requests received with a mobile network gateway to another gateway of the mobile network. Heterogeneous static and dynamic capabilities among gateways of the mobile network lead some gateways unable to service a particular session requested by a wireless device attached to the mobile network. A set of policies configured within the gateways by a mobile network operator and applied by the gateway enable the gateway…
FILTER SELECTION AND RESUSE
Granted: January 3, 2013
Application Number:
20130007257
In general, techniques are described for selectively applying and reusing filters stored in a router. In one example, a method includes receiving a network access request from a first user. The method also includes selecting a candidate rule group associated with the packet flow, wherein the candidate rule group comprises one or more currently deployed rules of an existing rule group on the computing device that are currently installed within a forwarding plane and are being applied by…
MOBILE GATEWAY HAVING DECENTRALIZED CONTROL PLANE FOR ANCHORING SUBSCRIBER SESSIONS
Granted: January 3, 2013
Application Number:
20130007237
In general, techniques are described for decentralizing handling of subscriber sessions within a gateway device of a mobile network. A mobile network gateway comprises a data plane having a plurality of forwarding components to receive session requests from a mobile service provider network in which the mobile network gateway resides. A control plane comprises a plurality of distributed subscriber management service units coupled by a switch fabric to the data plane. Each of the…
SELECTIVE ROUTING TO GEOGRAPHICALLY DISTRIBUTED NETWORK CENTERS FOR PURPOSES OF POWER CONTROL AND ENVIRONMENTAL IMPACT
Granted: January 3, 2013
Application Number:
20130003743
In general, this disclosure describes techniques of selecting routes for network packets through a computer network based, at least in part, on electrical power procurement arrangements of devices in the computer network. A computing system includes a hardware processor and a database storing power procurement profiles. Each of the power procurement profiles stores data indicating an arrangement between an operator of one or more of routing devices to procure electrical power from a…
VARIABLE-BASED FORWARDING PATH CONSTRUCTION FOR PACKET PROCESSING WITHIN A NETWORK DEVICE
Granted: January 3, 2013
Application Number:
20130003736
In general, this disclosure describes techniques for applying, with a network device, subscriber-specific packet processing using an internal processing path that includes service objects that are commonly applied to multiple packet flows associated with multiple subscribers. In one example, a network device control plane creates subscriber records that include, for respective subscribers, one or more variable values that specify service objects as well as an identifier for a packet…
PROVIDING EXTENDED ADMINISTRATIVE GROUPS IN COMPUTER NETWORKS
Granted: January 3, 2013
Application Number:
20130003728
In general, techniques are described for providing extended administrative groups in networks. A network device comprising an interface and a control unit may implement the techniques. The interface receives a routing protocol message that advertises a link. This message includes a field for storing first data associated with the link in accordance with the routing protocol. The field is defined by the routing protocol as a field having a different function from an administrative group…
HYBRID PORT RANGE ENCODING
Granted: January 3, 2013
Application Number:
20130003727
In general, techniques are described for encoding port ranges. In one example, a method includes generating an encoded value that represents a specified port range including a first element storing an identifier that identifies a frequently occurring port range stored in an associative data structure of most frequently occurring port ranges, a second element storing an index that represents a dynamically-learned port range specifying at least a part of the specified port range, the…
METHODS AND APPARATUS RELATED TO A FLEXIBLE DATA CENTER SECURITY ARCHITECTURE
Granted: January 3, 2013
Application Number:
20130003726
In one embodiment, edge devices can be configured to be coupled to a multi-stage switch fabric and peripheral processing devices. The edge devices and the multi-stage switch fabric can collectively define a single logical entity. A first edge device from the edge devices can be configured to be coupled to a first peripheral processing device from the peripheral processing devices. The second edge device from the edge devices can be configured to be coupled to a second peripheral…
PREVENTING UPPER LAYER RENEGOTIATIONS BY MAKING PPP AWARE OF LAYER ONE SWITCHOVERS
Granted: December 27, 2012
Application Number:
20120327763
A method may include establishing a first Point-to-Point Protocol (PPP) session on an interface, receiving an indication of a layer one failure, omitting for a period of time, an indication that the first PPP session on the interface is down, based on the indication of the layer one failure, establishing a layer one switchover to another interface based on the indication of the layer one failure, and attempting during the period of time, to establish a second PPP session on the other…
AUTHENTICATION AND AUTHORIZATION IN NETWORK LAYER TWO AND NETWORK LAYER THREE
Granted: December 27, 2012
Application Number:
20120331530
A method may include authenticating a node over layer 2 in a network based on authentication rules; sending a node authentication code to the node; and providing layer 3 network access based on the node authentication code.
TERMINATING CONNECTIONS AND SELECTING TARGET SOURCE DEVICES FOR RESOURCE REQUESTS
Granted: December 20, 2012
Application Number:
20120324109
A device receives, from a client device, a request for a resource, and accesses a table that includes one or more items of information. The device compares information provided in the request to the one or more items of information provided in the table, and terminates a connection for the request at the device when the information provided in the request matches at least one of the one or more items of information provided in the table. The device forwards the request to a network when…
ROUTING PROXY FOR RESOURCE REQUESTS AND RESOURCES
Granted: December 20, 2012
Application Number:
20120324110
A device receives, from a client device, a request for a resource, where the request provides an identifier of the client device. The device selects a target device for the resource, connects with the selected target device, and provides a proxy of the request to the selected target device, where the proxy of the request hides the identifier of the client device. The device receives the resource from the selected target device, where the resource provides an identifier of the target…
WIRELESS NETWORK HAVING MULTIPLE SECURITY INTERFACES
Granted: December 20, 2012
Application Number:
20120324533
A number of wireless networks are established by a network device, each wireless network having an identifier. Requests are received from client devices to establish wireless network sessions via the wireless networks using the identifiers. Network privileges of the client devices are segmented into discrete security interfaces based on the identifier used to establish each wireless network session.
