Pattern matching by a network device for domain names with wildcard characters
Granted: January 24, 2023
Patent Number:
11563715
A network device may receive data, may extract primary patterns from a plurality of domain names included in the data, may process the primary patterns, with a hash model, to generate hash keys for the primary patterns, wherein a hash key includes a hash value associated with a wildcard character, and may store the plurality of domain names in a hash table. The network device may extract a particular primary pattern from a particular domain name included in a search request, may…
Routing engine switchover based on health determined by support vector machine
Granted: January 24, 2023
Patent Number:
11563671
This disclosure describes techniques that include determining the health of one or more routing engines included within a router. In one example, this disclosure describes a method that includes performing, by a first routing engine included within a router, routing operations, wherein the router includes a plurality of routing engines, including the first routing engine and a second routing engine; receiving, by a computing system, data including health indicators associated with the…
Proactive tunnel configuration computation for on-demand SD-WAN tunnels
Granted: January 24, 2023
Patent Number:
11563601
This disclosure describes techniques are described for proactively computing configuration information for policy-driven on-demand tunnel creation and deletion between sites in a software-defined networking in wide area network (SD-WAN) environment. In some examples, a controller device is configured to precompute configuration data for an overlay tunnel through the wide area network to connect a first site and a second site of a plurality of sites in the SD-WAN environment. The…
Lockless management of immutable objects by multi-threaded processes using multiple counters
Granted: January 24, 2023
Patent Number:
11561823
In general, the disclosure describes techniques for lockless management of immutable objects by multi-threaded processes. A device comprising a processor may implement the techniques, where the processor execute a multi-threaded process including a producer thread and a consumer thread. The producer thread may instantiate an immutable object, and provide, to the consumer thread, a reference to the immutable object. The producer thread may also increment a reference counter to indicate…
Determining rate differential weighted fair output queue scheduling for a network device
Granted: January 17, 2023
Patent Number:
11558775
A network device may receive packets and may calculate, during a time interval, an arrival rate and a departure rate, of the packets, at one of multiple virtual output queues. The network device may calculate a current oversubscription factor based on the arrival rate and the departure rate, and may calculate a target oversubscription factor based on an average of previous oversubscription factors associated with the multiple virtual output queues. The network device may determine…
Apparatus, system, and method for wirelessly accessing management interfaces of routers
Granted: January 17, 2023
Patent Number:
11558465
A disclosed apparatus ay include (1) a wireless receiver that facilitates communicatively coupling to a wireless transmitter of an access point connected to a network switch of a service provider, and (2) at least one processing device of a router communicatively coupled to the wireless receiver, wherein the processing device of the router (A) activates a wireless mode that (I) causes the router to establish a wireless connection with the access point via the wireless transmitter and the…
Bulk delivery of change of authorization data via AAA protocols
Granted: January 17, 2023
Patent Number:
11558382
In general, techniques are described for supporting bulk delivery of change of authorization data in authentication, authorization, and accounting (AAA) protocols, where delivery is performed as a change of authorization after a subscriber has successfully authenticated and initially authorized. In one example, the techniques are directed to a method including determining, by a RADIUS server for a service provider network, change of authorization data for services to which the subscriber…
Network controller subclusters for distributed compute deployments
Granted: January 17, 2023
Patent Number:
11558293
The disclosure describes examples where a first data center includes a first gateway router, a first set of computing devices, and a second set of computing devices. The first set of computing devices is configured to execute a software defined networking (SDN) controller cluster to facilitate operation of one or more virtual networks within the first data center. The second set of computing devices is configured to execute one or more control nodes to exchange route information, between…
Wireless control and fabric links for high-availability cluster nodes
Granted: January 17, 2023
Patent Number:
11558286
A first network device in a high-availability cluster may configure a first wireless channel for a wireless control link. The first network device may establish, using the first wireless channel, the wireless control link with a second network device in the high-availability cluster. The first network device may configure a second wireless channel for a wireless fabric link. The first network device may establish, using the second wireless channel, the wireless fabric link with the…
End-to-end flow monitoring in a computer network
Granted: January 10, 2023
Patent Number:
11552893
In this disclosure, in a network comprising a plurality of network devices, a network device includes processing circuitry configured to: receive packet data corresponding to a network flow originating at a first device, the packet data destined to a second device; generate an entropy label to add to a label stack of the packet data, wherein the entropy label is generated from one or more attributes corresponding to the network flow that originated at the first device and is destined to…
Session establishment using path change
Granted: January 10, 2023
Patent Number:
11552883
As described herein, a router signals a source device to establish a new stateful communication session with a destination device by changing a network path used by traffic associated with the session. In one example, a router forwards traffic of a first stateful routing session established by the source device along a first path. In response to determining that that the first path should not be used, the router forwards a packet of the first session along a second path. The destination…
Measuring metrics of a computer network
Granted: January 10, 2023
Patent Number:
11552864
A method of measuring (100) metrics of a computer network, comprising the steps of: —from a data source collecting (110) sets of data points during a sampling time period, wherein the set of data points constitute a sample, and uploading (120) each sample to a server for further processing (130), wherein from each sample, a tractile information instance is produced (131), wherein the tractile information has a type and each data source is associated (110a) with a fractile information…
Fast reroute for ethernet virtual private networks—virtual extensible local area network
Granted: January 3, 2023
Patent Number:
11546253
Techniques are described for providing fast reroute for traffic in EVPN-VXLAN. For example, a backup PE device of an Ethernet segment is configured with an additional tunnel endpoint address (“reroute tunnel endpoint address”) for a backup path associated with a second split-horizon group that is different than a tunnel endpoint address and first split-horizon group for another path used for normal traffic forwarding. The backup PE device sends the reroute tunnel endpoint address to…
Layer-2 network extension over layer-3 network using layer-2 metadata
Granted: January 3, 2023
Patent Number:
11546249
Techniques are disclosed for session-based routing within Open Systems Interconnection (OSI) Model Layer-2 (L2) networks extended over Layer-3 (L3) networks. In one example, L2 networks connect a first client device to a first router and a second client device to a second router. An L3 network connects the first and second routers. The first router receives, from the first client device, an L2 frame destined for the second client device. The first router generates an L3 packet comprising…
Minimizing or reducing traffic loss when an external border gateway protocol (eBGP) peer goes down
Granted: January 3, 2023
Patent Number:
11546246
A router configured as an autonomous system border router (ASBR) in a local autonomous system (AS), includes: (1) a control component for communicating and computing routing information, the control component running a Border Gateway Protocol (BGP) and peering with at least one BGP peer device in an outside autonomous system (AS) different from the local AS; and (2) a forwarding component for forwarding packets using forwarding information derived from the routing information computed by…
Namespace-aware test agents for network performance measurement
Granted: January 3, 2023
Patent Number:
11546244
In general, the disclosure describes a method that includes partitioning resources of a computing device into a first namespace comprising a first physical network interface and a second namespace comprising a second physical network interface; creating, by a test agent executing as a process in the second namespace, a test agent child in the second namespace; migrating the test agent to execute as a process in the first namespace; communicating, by the test agent child via the second…
Initializing network device and server configurations in a data center
Granted: January 3, 2023
Patent Number:
11546210
A system for configuring a data center includes a fabric management server coupled to a management switch. A provisional Software Defined Networking (SDN) controller executing on the fabric management server can discover physical servers coupled to the management switch, receive network interface configuration information from the physical servers, and use the discovered network interface configuration information to determine a configuration for switches and servers coupled to an IP…
Automatic formation of a virtual chassis using zero touch provisioning
Granted: December 27, 2022
Patent Number:
11537406
A network device may obtain information concerning a virtual chassis that indicates that the network device and an additional network device are to be included in the virtual chassis. The network device may determine, based on the information concerning the virtual chassis, that the network device is connected to the additional network device, wherein the network device is connected to the additional network device via a link between a network interface of the network device and a…
Predictive pipeline analytics for a network management system
Granted: December 27, 2022
Patent Number:
11539586
A controller device includes a memory and one or more processors coupled to the memory. The memory stores instructions that, when executed, cause the one or more processors to receive a query indicating a first time and a network service, determine a first set of configuration elements using telemetry data associated with the first time and the network service, and determine a second set of configuration elements using an intent model. The instructions further cause the one or more…
Pausing a media access control security (MACsec) key agreement (MKA) protocol of an MKA session using a fast heartbeat session
Granted: December 27, 2022
Patent Number:
11539513
A network device may establish a media access control security (MACsec) key agreement (MKA) session with another network device via a MACsec communication link; establish a fast heartbeat session via the MACsec communication link, between a first packet processing engine of the network device and a second packet processing engine of the other network device, where the fast heartbeat session is to permit the first packet processing engine and the second packet processing engine to…
