SUMMARIZATION AND LONGEST-PREFIX MATCH WITHIN MPLS NETWORKS
Granted: August 11, 2011
Application Number:
20110194561
In general, techniques are described for summarizing label mappings and thereby enabling longest-prefix match within Multi-Protocol Label Switching (MPLS) networks. More specifically, a first router included within a first area of a network comprises a control unit that maintains a label space defining labels available for mapping to a plurality of addresses assigned to network devices within the network. The control unit reserves a contiguous set of the labels of the label space and…
SYSTEMS AND METHODS FOR ORDER PRESERVING DATA
Granted: August 11, 2011
Application Number:
20110196999
A data processing system includes an input circuit, a plurality of processing paths and an output circuit. The input circuit receives blocks of data on a plurality of data streams and distributes the blocks of data to the plurality of processing paths. The plurality of processing paths receive and process the distributed blocks of data. The output circuit selectively queues and dequeues the processed blocks of data based on a determined maximum differential delay among each of the…
RATE LIMITING DATA TRAFFIC IN A NETWORK
Granted: August 11, 2011
Application Number:
20110197274
A network device coordinates with other devices in a network to create a distributed filtering system. The device detects an attack in the network, such as a distributed denial of service attack, and forwards attack information to the other devices. The devices may categorize data into one or more groups and rate limit the amount of data being forwarded based on rate limits for the particular categories. The rate limits may also be updated based on the network conditions. The rate limits…
DATA STRUCTURE-LESS DISTRIBUTED FABRIC MULTICAST
Granted: August 11, 2011
Application Number:
20110194557
A network device receives a packet with a multicast nexthop identifier, and creates a mask that includes addresses of egress packet forwarding engines, of the network device, to which to provide the packet. The network device divides the mask into two portions, generates two copies of the packet, provides a first portion of the mask in a first copy of the packet, and provides a second portion of the mask in a second copy of the packet. The network device also forwards the first copy of…
CONNECTION MODULE FOR PROVIDING N+N AND M+1 REDUNDANT POWER DISTRIBUTION
Granted: August 4, 2011
Application Number:
20110187187
A device may include an interconnect module that includes a number of ports, where each port is configured to receive both an alternating current (AC) power supply and a direct current (DC) power supply; where the interconnect module provides power from the received power supplies to a plurality of field replaceable units (FRUs).
PACKET-BASED MEMORY TEST OF A NETWORK DEVICE
Granted: August 4, 2011
Application Number:
20110188386
A router may be tested using a packet-based testing technique in which the test packets are generated by the router. In one implementation, a forwarding plane in a router may include a first component to process header information of packets to determine forwarding information, and a memory component to store payload data for the packets. A control plane of the router may generate test packets, insert the test packets into the forwarding plane, receive a second set of packets from the…
DETECTION OF ACTIVE NODES, SAFE NODE REMOVAL CONDITIONS, AND CROSS-CABLING CONDITIONS FOR MAINTENANCE OPERATIONS WITHIN A MULTI-CHASSIS ROUTING MATRIX
Granted: August 4, 2011
Application Number:
20110188387
A system includes a first device connected to a second device The first device includes a second node connected to a first node and the second device via a link, and includes a backup second node connected to the first node and the second device via another link. The first node is configured to receive, via the link or the other link, a group of packets (i.e., “packets”), from the second device; display a first notification that the second node can be removed when the packets are…
ERROR DETECTION FOR DATA FRAMES
Granted: August 4, 2011
Application Number:
20110188401
A method for detecting data frame mode mismatch errors may include receiving a data frame that includes an overhead byte. It may be determined whether a value associated with the overhead byte indicates that a transmitting device operating mode matches a receiving device operating mode. In an additional implementation, it may be determined whether a value associated with the overhead byte indicates that a transmitting device output port matches a receiving device input port. An alarm may…
DYNAMICALLY MANIPULATING CONTENT TO FORCE WEB BROWSERS TO OPEN MORE CONNECTIONS
Granted: July 28, 2011
Application Number:
20110185270
A system may identify a group of first links in a document, where the first links correspond to a group of objects within the document and are associated with a same identifier. The system may replace the first links in the document with second links that point to a number of different identifiers, and forward the document with the second links to a client.
DETECTION OF NETWORK SECURITY BREACHES BASED ON ANALYSIS OF NETWORK RECORD LOGS
Granted: July 28, 2011
Application Number:
20110185426
Computer program products and methods of inspecting a log of security records in a computer network are provided. The method includes retrieving a log record, processing the log record including deriving a key to a table, determining a data value from information in the log record and adding the data value to a list of data values associated with the key if the data value is unique. One or more entries of the table are evaluated based on predetermined criteria to detect attempted…
END-POINT AWARE RESOURCE RESERVATION PROTOCOL PROXY
Granted: July 28, 2011
Application Number:
20110182288
A method performed by a first network device may include receiving a request for a resource from an end-point device and acknowledging the request for the resource to the end-point device. The method may also include receiving a resource coordination message from a second network device and transmitting a return resource coordination message to the second network device.
BASE STATION MODULATOR/DEMODULATOR AND SEND/RECEIVE METHOD
Granted: July 28, 2011
Application Number:
20110182219
A base station, in a mobile communication network, includes a receive component to receive, from a higher rank station in the network, a particular data unit that includes multiple data units multiplexed together; a master processor to determine that the first portion of the particular data unit is destined for the base station and that the second portion of the particular data unit is not destined for the base station, and discard the second portion of the particular data unit; and a…
MALWARE DETECTION SYSTEM AND METHOD FOR MOBILE PLATFORMS
Granted: July 21, 2011
Application Number:
20110179484
In one example, a management server is configured to provide malware protection for one or more client mobile platforms in communication with the management server via a mobile network. In the example, the management server includes a processor configured to detect malware in the mobile network, select a client mobile platform having a malware scanning agent, and, manage the malware scanning agent of the client mobile platform using a device independent secure management protocol based…
ADAPTIVE POWER ARCHITECTURE FOR ELECTRONIC MODULES
Granted: July 14, 2011
Application Number:
20110169331
A system may include a module that includes a component, a logic device to provide an instruction on behalf of the component, and control logic to generate a desired output voltage signal in response to a constant current, where the desired output voltage signal indicates a determined voltage that the component is configured to operate with when performing an operation. The system may include a board that includes a power supply to produce the determined voltage based on the instruction,…
LSP PING AND TRACEROUTE FOR BYPASS TUNNELS
Granted: July 14, 2011
Application Number:
20110170426
A method performed by a network device may include assembling a multiprotocol label switching (MPLS) echo request, the echo request including an instruction for a transit node to forward the echo request via a bypass path associated with the transit node, and an instruction for an egress node to send an echo reply indicating that the echo request was received on the bypass path. The method may also include sending the MPLS echo request over a functioning label switched path (LSP).
LOGICAL SEPARATION AND ACCESSING OF DESCRIPTOR MEMORIES
Granted: July 14, 2011
Application Number:
20110170546
A packet header processing engine includes a memory having a number of distinct portions for respectively storing different types of descriptor information for a header of a packet. A packet header processing unit includes a number of pointers corresponding to the number of distinct memory portions. The packet header processing unit is configured to retrieve the different types of descriptor information from the number of distinct memory portions and to generate header information from…
FAST RESOURCE RECOVERY AFTER THREAD CRASH
Granted: July 14, 2011
Application Number:
20110173483
A resource recovery system may maintain a counter in memory that indicates a number of times one or more threads of execution, which use shared resources, have crashed. The system may associate a first value of the counter with a resource allocated to a thread of the one or more threads, and may set an indicator associated with the thread to indicate whether the thread has crashed. The system may determine whether to re-allocate the resource to the thread based on the first value of the…
HIGH AVAILABILITY FOR NETWORK SECURITY DEVICES
Granted: July 14, 2011
Application Number:
20110173490
In one example, a backup intrusion detection and prevention (IDP) device includes one or more network interfaces to receive a state update message from a primary IDP device, wherein the state update message indicates a network session being inspected by the primary IDP device and an identified application-layer protocol for the device, to receive an indication that the primary device has switched over or failed over to the backup device, and to receive a plurality of packets of the…
SYSTEMS AND METHODS FOR ROUTING DATA IN A NETWORK DEVICE
Granted: July 14, 2011
Application Number:
20110173520
A system detects an error in a network device that receives data via a group of data streams. The system receives a data unit, where the data unit is associated with at least one of the streams and a sequence number for each of the associated streams. The system determines whether each sequence number associated with the data unit is a next sequence number for the corresponding stream, and detects an error for a particular stream when the sequence number for that stream is not a next…
BAND CONTROL SYSTEM FOR A DIGITAL SUBSCRIBER NETWORK AND BAND CONTROL METHOD THEREFOR
Granted: July 7, 2011
Application Number:
20110164497
A band control system for a digital subscriber line network in which a first apparatus and a second apparatus situated at a subscriber station and a center, respectively, are interconnected by a cable for interchanging at least a digital data signal with each other. The system may cause one of the first apparatus or the second apparatus to monitor receipt of signals from the other of the first apparatus or the second apparatus; send, based on a result of monitoring, a band variation…
