Selective packet processing including a run-to-completion packet processing data plane
Granted: November 7, 2023
Patent Number:
11811685
An example virtual router includes a plurality of logical cores (“lcores”), where each lcore comprises a CPU core or hardware thread. The virtual router is configured to determine a latency profile, select, based at least in part on the latency profile, a packet processing mode from the plurality of packet processing modes. In response to a determination that the packet processing mode comprises the run-to-completion mode, an lcore of the plurality of lcores is configured to: read a…
Containerized router with a disjoint data plane
Granted: November 7, 2023
Patent Number:
11812362
In general, this disclosure describes techniques for a containerized router operating within a cloud native orchestration framework. In an example, a computing device comprises processing circuity; a containerized set of workloads; a containerized routing protocol process configured to execute on the processing circuitry and configured to receive routing information; a kernel network stack executing on the processing circuitry and configured to forward packets based on first routing…
Intelligent radio band reconfiguration for access points of a wireless network
Granted: November 7, 2023
Patent Number:
11812275
Methods and apparatus for automatically reconfiguring network parameters are described. Some embodiments identify communication channels that may interfere with higher priority equipment and deactivate communication channels that may cause harmful interference. Some APs are switched to 2.4 GHz communication channels. In some embodiments, AP operating parameters, such as transmission power are adjusted to reduce interference for higher priority receivers.
Facilitating authentication of routing modules associated with one or more network devices to allow zero touch provisioning
Granted: November 7, 2023
Patent Number:
11811951
A network device may receive a redundant identifier certificate associated with a redundant routing module, and may provide, to a bootstrap device, a primary identifier certificate associated with a primary routing module associated with the network device. The network device may establish a secure connection with the bootstrap device based on the bootstrap device verifying an authenticity of the primary routing module via the primary identifier certificate. The network device may…
Real-time detection of completion of sensor wrap completion in GNMI telemetry of a network device
Granted: November 7, 2023
Patent Number:
11811891
A device may provide, to a network device, a subscribe request that includes a request for sensor data, and may receive sensor data packets that include the sensor data and header extensions identifying a group identifier for a group of sensor data and final packet information indicating whether the sensor data packet is a final one for the group. The device may store the sensor data packets until the final packet information of one of the sensor data packets indicates that the one of…
Displaying a firewall policy interface
Granted: November 7, 2023
Patent Number:
11811830
A device may generate a display of a firewall policy management GUI. The device may generate a display in the firewall policy management GUI of a list of existing firewall policies and a firewall policy interface that is adjacent to the list of existing firewall policies in a same view of the firewall policy management GUI. The device may generate a display in the firewall policy management GUI of at least one of a plurality of candidate sources for a new firewall policy, a plurality of…
SSL proxy whitelisting
Granted: November 7, 2023
Patent Number:
11811817
A network device may receive a first data packet. The network device may determine that a level of available computing resources satisfies a threshold level. The network device may perform a secure socket layer (SSL) proxy function based on the level of available computing resources satisfying the threshold level. The network device may receive a second data packet. The network device may determine that the level of available computing resources fails to satisfy the threshold level. The…
Maximum device access restriction at authenticator level
Granted: November 7, 2023
Patent Number:
11811765
A network device may receive a request to access a network from a client device. The network device may determine that the client device is authenticated based on a set of authentication credentials obtained for the client device. The network device may determine, based on the client device being authenticated, that a quantity of devices currently accessing the network using the set of authentication credentials is equal to a maximum quantity of devices permitted to access the network…
Broadband network gateway (BNG) as dynamic host configuration protocol (DHCP) server
Granted: November 7, 2023
Patent Number:
11811728
In some implementations, a broadband network gateway (BNG) may receive, from a customer premises equipment, a dynamic host configuration protocol (DHCP) discover request, wherein the BNG is connected to the customer premises equipment and a fixed mobile interworking function (FMIF). The BNG may communicate with, based on the DHCP discover request, the FMIF. The BNG may provide to the customer premises equipment, and based on communicating with the FMIF, a DHCP offer that offers…
Edge device for source identification using source identifier
Granted: November 7, 2023
Patent Number:
11811721
A device comprises processing circuitry configured to identify a telemetry packet indicating telemetry data for a plurality of packets output by a network device of a plurality of network devices and select a source identifier for the network device from a plurality of source identifiers. The processing circuitry is further configured to modify the telemetry packet to further indicate the selected source identifier and output the modified telemetry packet.
Visualizing network traffic plans based on egress peer engineering
Granted: November 7, 2023
Patent Number:
11811664
A traffic planning platform may receive information related to a traffic flow including a traffic bandwidth to transport through a network with various network devices interconnected by links. The traffic planning platform may generate a traffic plan by assigning the traffic flow to a set of the links that includes network resources connecting a source of the traffic flow to a destination of the traffic flow. The traffic planning platform may render a visualization of the traffic plan,…
Apparatus, system, and method for steering traffic over network slices
Granted: November 7, 2023
Patent Number:
11811651
A disclosed method may include (1) receiving, at a network node within a network, a packet from another network node within the network, (2) identifying, within the packet, a slice label that indicates a network slice that has been logically partitioned on the network, (3) determining a QoS policy that corresponds to the network slice indicated by the slice label, (4) applying the QoS policy to the packet, and then upon applying the QoS policy to the packet, (5) forwarding the packet to…
Automatic discovery of route reflection peering end-points
Granted: November 7, 2023
Patent Number:
11811649
An auto-discovery route reflector (auto-discovery-RR) may obtain a route from an originating network device and may update a data structure to include at least some information contained in the route. The auto-discovery-RR may identify, based on the data structure, a plurality of target network devices, wherein the plurality of target network devices includes at least one route reflector (RR) and at least one route reflector client (RR-client). The auto-discovery-RR may send the route to…
Secure network topology
Granted: November 7, 2023
Patent Number:
11811641
A secure IGP topology or other link state topology can be implemented by a network security unit that runs in a centralized environment on servers separate from a network associated with the IGP topology. The network security unit acquires the topology information, such as by participating in IGP or through border gateway protocol with link state (BGP-LS). The network security unit detects possible network problems, such as indicators of potential network attacks. Once an indicator of a…
Adaptable software defined wide area network application-specific probing
Granted: November 7, 2023
Patent Number:
11811638
Systems, devices and techniques for an adaptive application-specific probing scheme are disclosed. An example network device includes memory configured to store a network address and probe protocol usable for probing a first network device associated with a source of an application, and one or more processors configured to determine a network address and probe protocol usable for probing the first network device, wherein the first network device comprises a server that is responsive to…
Systems and methods for efficient presentation of device-level information via scalable interactive device-visualization interfaces
Granted: November 7, 2023
Patent Number:
11811618
A disclosed method may include (1) querying, in connection with a monitoring service, a network device for device-specific data that identifies features of the network device, (2) determining, based at least in part on the device-specific data, identities of a set of ports on the network device, (3) identifying, based at least in part on the device-specific data, one or more port-specific data objects corresponding to the set of ports, (4) dynamically creating, based at least in part on…
Predictive pipeline analytics for a network management system
Granted: November 7, 2023
Patent Number:
11811601
A controller device includes a memory and one or more processors coupled to the memory. The memory stores instructions that, when executed, cause the one or more processors to receive a query indicating a first time and a network service, determine a first set of configuration elements using telemetry data associated with the first time and the network service, and determine a second set of configuration elements using an intent model. The instructions further cause the one or more…
Signaling IP path tunnels for traffic engineering
Granted: November 7, 2023
Patent Number:
11811595
In general, techniques are described for signaling IP path tunnels for traffic engineering using constraints in an IP network. For example, network devices, e.g., routers, of an IP network may compute an IP path using constraint information and establish the IP path using, for example, Resource Reservation Protocol, to signal the IP path without using MPLS. As one example, the egress router generates a path reservation signaling message that includes an egress IP address that is assigned…
Signaling IP path tunnels for traffic engineering
Granted: October 31, 2023
Patent Number:
11805010
In general, techniques are described for signaling IP path tunnels for traffic engineering using constraints in an IP network. For example, network devices, e.g., routers, of an IP network may compute an IP path using constraint information and establish the IP path using, for example, Resource Reservation Protocol, to signal the IP path without using MPLS. As one example, the egress router generates a path reservation signaling message that includes an egress IP address that is assigned…
Bulk discovery of devices behind a network address translation device
Granted: October 31, 2023
Patent Number:
11805011
In one example, a network management system discovers a plurality of network devices behind a network address translation device, such as a firewall. The network management system may receive a model of a seed network device, generate a first activation configuration and commit the first activation configuration on the seed network device. The network management system may connect to the seed network device and discover neighboring devices from information in the seed network device. The…
