Adaptive location-based SD-WAN policies
Granted: April 25, 2023
Patent Number:
11637753
An example method includes receiving, by an SD-WAN system, WAN link characterization data for a plurality of WAN links of the SD-WAN system over a time period; and for each site of a plurality of sites of the SD-WAN system, generating, by the SD-WAN system, a local policy for the site, wherein generating the local policy is based on a machine learning model trained with the WAN link characterization data for the plurality of WAN links, and providing the local policy to an SD-WAN edge…
External laser enabled co-packaged optics architectures
Granted: April 18, 2023
Patent Number:
11632175
A sourceless co-packaged optical-electrical chip can include a plurality of different optical transceivers, each of which can transmit to an external destination or internal components. Each of the transceivers can be configured for a different modulation format, such as different pulse amplitude, phase shift key, and quadrature amplitude modulation formats. Different light sources provide light for processing by the transceivers, where the light source and transceivers can be configured…
Supporting optical line terminals of a passive optical network
Granted: April 18, 2023
Patent Number:
11632607
A first network device may configure a first bridge connecting a passive optical network (PON) controller and first optical line terminals (OLTs) of the first network device. The first network device may be associated with a PON and each of the first OLTs may be connected to a first plurality of optical network units (ONUs). The first network device may establish a connection between the first bridge and a second bridge of a second network device. The second network device is associated…
Content-based optimization and pre-fetching mechanism for security analysis on a network device
Granted: April 18, 2023
Patent Number:
11632389
A first device may receive content from a second device based on a request for the content. The first device may be located between the second device and a third device. The first device may determine a value for a portion of the content using a function, where the value is to be used to analyze the content. The value may uniquely identify the portion of the content. The first device may determine whether a classification of the content can be determined. The first device may selectively…
Dynamic provisioning of user groups within computer networks based on user attributes
Granted: April 18, 2023
Patent Number:
11632364
A controller may be used to create and process an assertion, in some cases, to implement single-sign on (SSO) in a computer network. In some examples, the controller includes processing circuitry coupled to a storage device. The processing circuitry is configured to create the assertion, where the assertion includes information indicative of a set of attributes and parse the assertion to determine the set of attributes. Additionally, the processing circuitry is configured to determine if…
Utilizing domain segment identifiers for inter-domain shortest path segment routing
Granted: April 18, 2023
Patent Number:
11632325
An ingress network device may receive a core domain network segment identifier associated with a core domain network of the multi-domain network. The ingress network device may receive location data of an egress network device associated with a second leaf domain network of the multi-domain network, wherein the location data may include data identifying the core domain network segment identifier, a second leaf domain network segment identifier associated with the second leaf domain…
Signaling IP path tunnels for traffic engineering
Granted: April 18, 2023
Patent Number:
11632296
In general, techniques are described for signaling IP path tunnels for traffic engineering using constraints in an IP network. For example, network devices, e.g., routers, of an IP network may compute an IP path using constraint information and establish the IP path using, for example, Resource Reservation Protocol, to signal the IP path without using MPLS. As one example, the egress router generates a path reservation signaling message that includes an egress IP address that is assigned…
Generating route target values for virtual private network routes
Granted: April 18, 2023
Patent Number:
11632268
Compute nodes can execute virtual routers to implement a forwarding plane for one or more virtual networks having virtual network destinations hosted by the compute nodes. In one example, a method includes generating, by a software-defined networking (SDN) controller that manages a plurality of compute nodes, based on a unique identifier of a virtual network, a route target value for the virtual network, wherein the virtual network comprises virtual network endpoints executing on the…
Multi-key exchange
Granted: April 18, 2023
Patent Number:
11632243
A first device may determine a prime integer for generating public keys, wherein the prime integer is based on a set of distinct prime integers. The first device may generate a set of multiple public keys based on a set of secret keys. The first device may combine the set of multiple public keys into a single value based on the prime integer and the set of distinct prime integers. The first device may transmit the single value to a second device.
Automatic negotiation of optical transceiver configuration parameters
Granted: April 18, 2023
Patent Number:
11632176
Techniques for negotiating optical configuration parameters of transceivers are disclosed. In one example, a method may include outputting, by a first optical node to a second optical node, a negotiation request message that specifies a configuration parameter setting for optical transceivers, the setting comprising one of a speed, a forward error correction (FEC) scheme, a modulation type, a transmission power, a minimum central frequency, a maximum central frequency, a minimum input…
AP-local dynamic switching
Granted: April 11, 2023
Patent Number:
11627461
A technique for implementing AP-local dynamic switching involves Layer 2 switching. This may be accomplished by providing data associated with wireless stations to an AP sufficient to enable the AP to determine whether traffic from a particular wireless station should be locally switched. Alternatively, the wireless station may be able to determine whether to locally switch traffic based upon the traffic itself. For example, it may be desirable to AP-locally switch voice traffic to avoid…
Generic layer independent fragmentation of non-internet protocol frames
Granted: April 11, 2023
Patent Number:
11627093
A network device may receive a non-Internet protocol (non-IP) frame with a particular size and may compare the particular size to a maximum transmission unit (MTU) associated with a path between the network device and another network device. The network device may divide the non-IP frame into fragments, based on the particular size being greater than the MTU and may prepend generic fragmentation headers to the fragments to generate fragments with headers, based on the particular size…
Utilizing a centralized controller for traffic engineering segment routing inter-autonomous systems
Granted: April 11, 2023
Patent Number:
11627068
A device receives border gateway protocol (BGP) data associated with links provided in a segment routing network. The segment routing network includes a first autonomous system (AS) with first network devices interconnected by a first portion of the links, a second AS with second network devices interconnected by a second portion of the links, and an inter-AS link provided between one of the first network devices and one of the second network devices. The device filters prefixes of the…
Processing unmodified configuration data with a network device application
Granted: April 11, 2023
Patent Number:
11627040
A network device may receive a first configuration object associated with an application and may parse the first configuration object to identify first configuration data. The network device may calculate a first hash value based on the first configuration data and may generate a first operational object based on the first configuration data and the first hash value. The network device may receive a second configuration object associated with the application of the network device and may…
Facilitating hitless security key rollover using data plane feedback
Granted: April 11, 2023
Patent Number:
11626981
A first network device may install a receiving key for decrypting traffic on protocol hardware associated with a data plane of the first network device. The first network device may receive, from the data plane, a first notification indicating that the receiving key is installed on the protocol hardware and may provide, to a second network device, a first message identifying the receiving key. The first network device may receive, from the second network device, an acknowledgment message…
Enhanced two-way active measurement protocol
Granted: April 4, 2023
Patent Number:
11621907
Techniques are described for an enhanced two-way active measurement protocol (TWAMP) to measure network performance of links and/or network paths in a fully converged Software Defined Wide Area Network (SD-WAN), using a single TWAMP instance. In one example, a first network device executing a TWAMP session-sender may send a test packet embedded with one or more metrics to the TWAMP session-reflector executed by another network device, which reflects the test packet embedded with one or…
Maintaining processing core affinity for fragmented packets in network devices
Granted: April 4, 2023
Patent Number:
11621914
Techniques are disclosed for maintaining processing unit core affinity for fragmented packets. In one example, a service physical interface card (PIC) implementing a service plane of a network device receives fragmented and/or non-fragmented packet data for a traffic flow. The service PIC comprises at least one processing unit comprising multiple cores. A routing engine operating in a control plane of the network device defines one or more core groups comprising a subset of the cores.…
Enhanced two-way active measurement protocol
Granted: April 4, 2023
Patent Number:
11621907
Techniques are described for an enhanced two-way active measurement protocol (TWAMP) to measure network performance of links and/or network paths in a fully converged Software Defined Wide Area Network (SD-WAN), using a single TWAMP instance. In one example, a first network device executing a TWAMP session-sender may send a test packet embedded with one or more metrics to the TWAMP session-reflector executed by another network device, which reflects the test packet embedded with one or…
Maintaining processing core affinity for fragmented packets in network devices
Granted: April 4, 2023
Patent Number:
11621914
Techniques are disclosed for maintaining processing unit core affinity for fragmented packets. In one example, a service physical interface card (PIC) implementing a service plane of a network device receives fragmented and/or non-fragmented packet data for a traffic flow. The service PIC comprises at least one processing unit comprising multiple cores. A routing engine operating in a control plane of the network device defines one or more core groups comprising a subset of the cores.…
Concurrent routing for network devices
Granted: April 4, 2023
Patent Number:
11621910
The disclosure describes techniques for concurrently operating multiple network stacks, one operating natively and one operating remotely, to control the routing table within a router of a network. An example network device includes a control unit comprising one or more processors. A native routing stack executes on the control unit to exchange routing protocol advertisements with a peer network device in accordance with a routing protocol. The native routing stack is configured to…
