Riverbed Technology Patent Grants

Method and apparatus for path selection

Granted: June 8, 2021
Patent Number: 11032188
Systems and techniques are described for configuring path selection in a network. The network can comprise a first router, a second router, a third router, a fourth router, and an intermediary device. The second router can be configured to use Differentiated Services Code Point (DSCP) while routing packets so that packets with a first DSCP value are routed through the third router, and packets with a second DSCP value are routed through the fourth router. The intermediary device can be…

Preserving policy with path selection

Granted: March 2, 2021
Patent Number: 10938716
Systems and techniques are described for ensuring that policies are consistently applied to traffic across an overlay network. An application identifier associated with a forward traffic flow and a corresponding reverse traffic flow can be determined by a device that routes packets of both the forward traffic flow and the corresponding reverse traffic flow. Next, an overlay header can be added to each packet in the forward traffic flow and to each packet in the corresponding reverse…

Software defined wide area network (SD WAN) enabled network fabric for containers

Granted: February 2, 2021
Patent Number: 10911374
Systems and techniques are described for creating a software-defined wide-area-network (SD-WAN) enabled network fabric for containers. Embodiments can configure one or more virtual networks on a network node, wherein the one or more virtual networks are used for creating the SD-WAN enabled network fabric for containers. Next, the embodiments can deploy a virtual gateway on the network node by executing the virtual gateway image. The embodiments can then create a container network…

High availability (HA) network device

Granted: January 5, 2021
Patent Number: 10887131
Some embodiments described herein provide a combination of a layer 3 (L3) hop with layer 2 (L2) bypass/fail-to-wire in a network device. Specifically, some embodiments place the network device between two routers, thereby becoming a L3 hop between the two routers. The existing route between the two routers is preserved by using L2 bypass through the network device. If the network device fails, then the physical fail-to-wire will be engaged, removing its L3 hop, but preserving the L2…

Estimating data transfer performance improvement that is expected to be achieved by a network optimization device

Granted: November 17, 2020
Patent Number: 10841192
Systems and techniques are described for calculating performance improvement achieved and/or expected to be achieved by optimizing a network connection. Network characteristics can be measured for non-optimized network connections. Next, the network characteristics can be analyzed to obtain a set of non-optimized connection groups, wherein each non-optimized connection group corresponds to non-optimized network connections that have similar network characteristics. Network…

Virtualized data storage system architecture

Granted: November 10, 2020
Patent Number: 10831721
Virtual storage arrays consolidate branch data storage at data centers connected via wide area networks. Virtual storage arrays appear to storage clients as local data storage; however, virtual storage arrays actually store data at the data center. The virtual storage arrays overcomes bandwidth and latency limitations of the wide area network by predicting and prefetching storage blocks, which are then cached at the branch location. Virtual storage arrays leverage an understanding of the…

Prefix compression for keyed values

Granted: September 1, 2020
Patent Number: 10762281
Systems and techniques are described for compressing strings by using a tree data structure. Specifically, for each string in a sequence of strings, the embodiments can traverse the tree data structure by matching characters of the string with characters associated with nodes of the tree data structure until either (1) all characters in the string have been processed, or (2) a current character in the string does not match a corresponding character in a current node of the tree data…

Hierarchical policies in a network

Granted: July 28, 2020
Patent Number: 10728097
Systems and techniques are described for applying a set of policy rules to network traffic. During operation, conditions specified in the set of policy rules can be evaluated, wherein each condition is a logical expression defined over a set of variables, and is evaluated by substituting values of the set of variables associated with the network traffic into the logical expression. Next, a subset of policy rules can be selected whose conditions evaluated as true. A highest precedence…

Displaying adaptive content in heterogeneous performance monitoring and troubleshooting environments

Granted: June 9, 2020
Patent Number: 10680926
Systems, methods, and computer program embodiments are disclosed for adaptively displaying application performance data. In an embodiment, a plurality of performance monitoring data sources may be identified based on an application model that defines the topological structure of a software application. A request may be received for performance data associated with the application. One or more content options may then be determined based on the received request, and each content option…

Virtualization planning system

Granted: October 22, 2019
Patent Number: 10452416
An interactive virtualization management system provides an assessment of proposed or existing virtualization schemes. A Virtual Technology Overhead Profile (VTOP) is created for each of a variety of configurations of host computer systems and virtualization technologies by measuring the overhead experienced under a variety of conditions. The multi-variate overhead profile corresponding to each target configuration being evaluated is used by the virtualization management system to…

Node fault identification in wireless LAN access points

Granted: September 24, 2019
Patent Number: 10425305
A wireless access point array having a plurality of access point radios, a monitor radio and an array controller. The array controller includes processes, methods and functions for verifying the operation of the access point radios. The access point radios may be verified by attempting to establish a data connection between the monitor radio and each of the access point radios.

Methods and systems for distribution and retrieval of network traffic records

Granted: August 27, 2019
Patent Number: 10397329
A method includes transmitting, by a distribution server, to each of a plurality of worker computers, a request for an enumeration of Internet Protocol (IP) addresses ranked according to a criterion. The method includes receiving, by the distribution computer, from a first of the plurality of worker computers, a first partial enumeration of the requested IP addresses ranked according to the criterion, the first partial enumeration stored in a hash table. The method includes receiving, by…

Dynamic key generation for identifying data segments

Granted: August 6, 2019
Patent Number: 10375197
Systems and techniques are described for caching resources. Multiple distinct resource identifiers that correspond to the same resource can be automatically collected, wherein the multiple distinct resource identifiers are included in resource requests that are sent from at least one client to at least one server. Next, a key can be automatically determined that matches the multiple distinct resource identifiers by analyzing the multiple distinct resource identifiers. A resource request…

Auto discovery between proxies in an IPv6 network

Granted: July 23, 2019
Patent Number: 10361997
Systems and techniques are described for performing proxy auto-discovery in an Internet Protocol version 6 (IPv6) network by using the destination options extension header field in the IPv6 header. Specifically, systems and techniques are described to enable a pair of proxies to transparently intercept connection handshake messages that are carried in IPv6 packets between two network nodes, and to use the destination options extension header field in the IPv6 packets to automatically…

Network topology generation using traceroute data

Granted: July 16, 2019
Patent Number: 10355962
Embodiments provide systems, methods, and computer program products for inferring node and link information from traceroute data in order to generate topology information. A system receives traceroute data for a data packet that traverses a path from a source to a destination. The system infers port types for the addresses in the traceroute data and groups subsets of the addresses in the traceroute data into logical nodes based on neighbor relationships demonstrated in backward and…

Minimally invasive monitoring of path quality

Granted: July 16, 2019
Patent Number: 10355944
Systems and techniques are described for performing minimally invasive monitoring of path quality in a network. Specifically, path quality requests and measurements can be piggy-backed on the data traffic that is flowing through a secure connection between two network nodes. For example, path quality requests and measurements can be inserted into the TFC padding field of IP/ESP packets that are being communicated between two IPsec devices. The disclosed embodiments ensure that the…

Method and apparatus for path selection

Granted: June 4, 2019
Patent Number: 10313229
Systems and techniques are described for path selection. A packet can be transparently intercepted at an intermediary device. Next, the intermediary device may modify one or more bits in the header of the packet. The intermediary device can then forward the packet to the next hop device. In some network configurations, the modifications to the one or more bits in the header of the packet may cause a downstream device to select a path that is different from the path that would have been…

Large-scale distributed correlation

Granted: May 14, 2019
Patent Number: 10291463
Disclosed herein are system, method, and computer program product embodiments for performing distributed correlation to determine a probable cause for a performance problem detected in an application. An embodiment operates by triggering an alert for a performance metric of an application executing on a local-level node. The alert may be sent to a higher-level node. Upon receiving the alert, the higher-level node may send a distributed correlation request, used to determine a root cause…

Rule based alerting in anomaly detection

Granted: May 7, 2019
Patent Number: 10284571
A graphical user interface for constructing rules to run on an intrusion detection system is described. The user interface includes a field that specifies a first set of nodes on a network by Host-Group, a field that specifies a second set of nodes on a network by Host-Group and a field which determines whether to interpret the first and second host-group fields as Client, server, source, destination or any of these.

Dynamically influencing route re-distribution between an exterior gateway protocol and an interior gateway protocol

Granted: April 16, 2019
Patent Number: 10263882
Systems and techniques are described for dynamically influencing route re-distribution between an exterior gateway protocol (EGP) and an interior gateway protocol (IGP). Some embodiments can dynamically influence which routes are re-distributed into the IGP network for use in cases where traffic destined to that particular remote site is desired to be steered on the desired network/border router. Moreover, some embodiments can dynamically influence route re-distribution from the IGP…