Patents by Inventor Ijsbrand Wijnands
Ijsbrand Wijnands has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11924108Abstract: In one embodiment, an offload platform is an compute platform, adjunct to a router or other packet switching device, that performs packet processing operations including determining an egress forwarding value corresponding to the next-hop node of the packet switching device to which to send an offload-platform processed packet. The offload platform downloads forwarding information from the router, and augments it, such as, but not limited to, representing interfaces of the router as identifiable virtual interface(s) on the offload platform, and including each of one or more next-hop nodes of the router represented as an identifiable virtual adjacency and identifiable tunnel (e.g., identified by the egress forwarding value). In one embodiment, the egress forwarding value is an Multiprotocol Label Switching (MPLS) label or Segment Routing Identifier. The router identifies packets of certain packet flows to send to the adjunct offload platform, rather than processing per its routing information base.Type: GrantFiled: July 27, 2023Date of Patent: March 5, 2024Assignee: Cisco Technology, Inc.Inventors: Ijsbrand Wijnands, Neale David Raymond Ranns, David Delano Ward, David Richard Barach
-
Patent number: 11924172Abstract: Methods for establishing a stateless extranet in a secure communication network include transmitting a consumer NHOP to a provider CPE from a consumer CPE in a control plane. The consumer NHOP is associated with at least one attribute of an NHOP, including an encryption key available with the consumer CPE, to establish a secure communication tunnel in a data plane. The consumer CPE receives a service definition over the control plane associated with a service available with the provider CPE. A service anchor point is created based on an identifier of the service definition. A network address translation (NAT) IP request is transmitted to the provider CPE. The consumer CPE receives a NAT IP from the provider CPE in response to the NAT IP request. The NAT IP is associated with the service anchor point of the consumer CPE. A stateless service is thereby instantiated on the consumer CPE.Type: GrantFiled: October 27, 2021Date of Patent: March 5, 2024Assignee: GRAPHIANT, INC.Inventors: Stefan Olofsson, Neale Ranns, Mandeep Rohilla, IJsbrand Wijnands, Cameron Ferdinands
-
Publication number: 20240014923Abstract: The present disclosure is directed to BIER forwarding over varying BSL domains, the methods including the steps of receiving, at a border node, a packet comprising a BIER header having a BIER bit string with a first bit string length; reading an incoming label of the packet comprising instructions to split the BIER header into a plurality of smaller headers associated with a plurality of smaller bit strings; generating a set of split bit masks; performing a separate bitwise AND operation on each split bit mask and the BIER bit string to generate the plurality of smaller bit strings, each copied to a corresponding smaller header of the plurality of smaller headers; and performing a lookup for each of the plurality of smaller headers on a respective forwarding table to determine one or more egress routers to which to transmit the packet.Type: ApplicationFiled: May 23, 2023Publication date: January 11, 2024Inventors: Mankamana Prasad Mishra, Nagendra Kumar Nainar, Carlos M. Pignataro, IJsbrand Wijnands
-
Publication number: 20230370297Abstract: A computer network efficiently provides a multicast network flow to a multicast recipient across a multihomed network element. The multihomed network element includes network devices that receive multicast data from a source of a multicast network flow. Each particular network device that received the multicast data publishes a notification indicating that the multicast network flow is available from the particular network device. The computer network receives a subscription to the multicast network flow from a multicast recipient, and determines whether to bridge the multicast data across the multihomed network element based on a multicast configuration of the computer network. The multihomed network element provides the multicast data to the multicast recipient from at least one of the particular network devices that received the multicast data from the source of the multicast network flow.Type: ApplicationFiled: July 24, 2023Publication date: November 16, 2023Inventors: Mankamana Mishra, Swadesh Agrawal, Ali Sajassi, Ijsbrand Wijnands, Samir Thoria
-
Publication number: 20230370382Abstract: In one embodiment, an offload platform is an compute platform, adjunct to a router or other packet switching device, that performs packet processing operations including determining an egress forwarding value corresponding to the next-hop node of the packet switching device to which to send an offload-platform processed packet. The offload platform downloads forwarding information from the router, and augments it, such as, but not limited to, representing interfaces of the router as identifiable virtual interface(s) on the offload platform, and including each of one or more next-hop nodes of the router represented as an identifiable virtual adjacency and identifiable tunnel (e.g., identified by the egress forwarding value). In one embodiment, the egress forwarding value is an Multiprotocol Label Switching (MPLS) label or Segment Routing Identifier. The router identifies packets of certain packet flows to send to the adjunct offload platform, rather than processing per its routing information base.Type: ApplicationFiled: July 27, 2023Publication date: November 16, 2023Inventors: Ijsbrand Wijnands, Neale David Raymond Ranns, David Delano Ward, David Richard Barach
-
Patent number: 11811546Abstract: A networking environment includes a first node and a second node configured as Ethernet Virtual Private Networking (EVPN) peers on an EVPN subnet that is coupled to a Layer 3 VPN over a core network. The first node receives a first multicast join request from a third node in the core network, the first multicast join request including a source address and multicast group address of a source of a multicast stream. The first node determines that the source address and the multicast group address for the source are behind the EVPN subnet at the second node. The first node sends to the second node, a control plane join request message that includes a receiver identifier that identifies the third node as a receiver of the multicast stream, the receiver identifier enabling the second node to forward the multicast stream directly into the core network to the third node.Type: GrantFiled: September 13, 2021Date of Patent: November 7, 2023Assignee: CISCO TECHNOLOGY, INC.Inventors: Mankamana Prasad Mishra, Ali Sajassi, Ijsbrand Wijnands, Krishnaswamy Muddenahally Ananthamurthy, Jayashree Subramanian
-
Publication number: 20230300134Abstract: In one embodiment, an apparatus includes one or more processors and one or more computer-readable non-transitory storage media coupled to the one or more processors. The one or more computer-readable non-transitory storage media include instructions that, when executed by the one or more processors, cause the apparatus to perform operations including receiving a user credential from a remote access client within a network and communicating the user credential to an authentication, authorization and accounting (AAA) server within the network. The operations also include receiving a user attribute from the AAA server and generating a contextual label based on the user attribute. The contextual label includes routing instructions associated with traffic behavior within the network. The operations further include advertising a control message, which includes the contextual label, to the remote access client.Type: ApplicationFiled: May 24, 2023Publication date: September 21, 2023Inventors: Stefan Olofsson, Ijsbrand Wijnands, Hendrikus G.P. Bosch
-
Patent number: 11757671Abstract: A computer network efficiently provides a multicast network flow to a multicast recipient across a multihomed network element. The multihomed network element includes network devices that receive multicast data from a source of a multicast network flow. Each particular network device that received the multicast data publishes a notification indicating that the multicast network flow is available from the particular network device. The computer network receives a subscription to the multicast network flow from a multicast recipient, and determines whether to bridge the multicast data across the multihomed network element based on a multicast configuration of the computer network. The multihomed network element provides the multicast data to the multicast recipient from at least one of the particular network devices that received the multicast data from the source of the multicast network flow.Type: GrantFiled: May 25, 2021Date of Patent: September 12, 2023Assignee: CISCO TECHNOLOGY, INC.Inventors: Mankamana Mishra, Swadesh Agrawal, Ali Sajassi, Ijsbrand Wijnands, Samir Thoria
-
Publication number: 20230246967Abstract: In one embodiment, an offload platform is an compute platform, adjunct to a router or other packet switching device, that performs packet processing operations including determining an egress forwarding value corresponding to the next-hop node of the packet switching device to which to send an offload-platform processed packet. The offload platform downloads forwarding information from the router, and augments it, such as, but not limited to, representing interfaces of the router as identifiable virtual interface(s) on the offload platform, and including each of one or more next-hop nodes of the router represented as an identifiable virtual adjacency and identifiable tunnel (e.g., identified by the egress forwarding value). In one embodiment, the egress forwarding value is an Multiprotocol Label Switching (MPLS) label or Segment Routing Identifier. The router identifies packets of certain packet flows to send to the adjunct offload platform, rather than processing per its routing information base.Type: ApplicationFiled: April 7, 2023Publication date: August 3, 2023Inventors: Ijsbrand Wijnands, Neale David Raymond Ranns, David Delano Ward, David Richard Barach
-
Patent number: 11705983Abstract: The present disclosure is directed to BIER forwarding over varying BSL domains, the methods including the steps of receiving, at a border node, a packet comprising a BIER header having a BIER bit string with a first bit string length; reading an incoming label of the packet comprising instructions to split the BIER header into a plurality of smaller headers associated with a plurality of smaller bit strings; generating a set of split bit masks; performing a separate bitwise AND operation on each split bit mask and the BIER bit string to generate the plurality of smaller bit strings, each copied to a corresponding smaller header of the plurality of smaller headers; and performing a lookup for each of the plurality of smaller headers on a respective forwarding table to determine one or more egress routers to which to transmit the packet.Type: GrantFiled: March 22, 2021Date of Patent: July 18, 2023Assignee: CISCO TECHNOLOGY, INC.Inventors: Mankamana Prasad Mishra, Nagendra Kumar Nainar, Carlos M. Pignataro, IJsbrand Wijnands
-
Patent number: 11695690Abstract: Embodiments of a method of communicating a packet by a network address translation (NAT) enabled router, are described. In an embodiment, the method includes receiving a return packet to be communicated to a destination. The destination is associated with a first source address in the context of a forward packet. The method further includes determining a return path to transmit the return packet to the destination based on security association data. The security association data is pre-recorded in a routing table of the NAT enabled router when the forward packet is received, prior to receiving the return packet, over a forward path established between the NAT enabled router and an enterprise node. The security association data uniquely identifies the forward path as the return path.Type: GrantFiled: November 8, 2021Date of Patent: July 4, 2023Assignee: GRAPHIANT, INC.Inventors: Ijsbrand Wijnands, Stefan Olofsson, Khalid Raza, Neale Ranns
-
Patent number: 11683308Abstract: In one embodiment, an apparatus includes one or more processors and one or more computer-readable non-transitory storage media coupled to the one or more processors. The one or more computer-readable non-transitory storage media include instructions that, when executed by the one or more processors, cause the apparatus to perform operations including receiving a user credential from a remote access client within a network and communicating the user credential to an authentication, authorization and accounting (AAA) server within the network. The operations also include receiving a user attribute from the AAA server and generating a contextual label based on the user attribute. The contextual label includes routing instructions associated with traffic behavior within the network. The operations further include advertising a control message, which includes the contextual label, to the remote access client.Type: GrantFiled: September 6, 2019Date of Patent: June 20, 2023Assignee: CISCO TECHNOLOGY, INC.Inventors: Stefan Olofsson, Ijsbrand Wijnands, Hendrikus G. P. Bosch
-
Publication number: 20230188457Abstract: A method comprises, at a first router configured to perform Bit Index Explicit Replication (BIER) for forwarding of multicast packets in a network, storing configuration information that indicates that the first router belongs to multiple subdomains of a BIER domain, and is able to forward the multicast packets for a virtual private network on the multiple subdomains. The method further comprises, during an auto-discovery procedure, generating an auto-discovery message to include an auto-discovery route and route attributes that indicate the multiple subdomains, and sending the auto-discovery message to a second router of the virtual private network the network.Type: ApplicationFiled: February 9, 2023Publication date: June 15, 2023Inventors: Mankamana Prasad Mishra, Ijsbrand Wijnands, Anuj Budhiraja, Ali Sajassi, Stephane Litkowski, Satya Ranjan Mohanty
-
Patent number: 11646906Abstract: Disclosed is the generation of a bit-indexed forwarding table (BIFT) that can include a plurality of entries, each such entry corresponding to a bit position of a plurality of bit positions, where each such bit position represents an egress network node of a plurality of egress network nodes, and the generating configures the BIFT to be used in forwarding a packet to one or more of the plurality of egress network nodes, based at least in part on a bit string in the packet. The generating includes selecting a bit position of the plurality of bit positions as a selected bit position, creating an entry of the plurality of entries (where the entry corresponds to the selected bit position), identifying a neighbor node associated with the selected bit position, and updating one or more fields of the entry with neighbor information regarding the neighbor node.Type: GrantFiled: May 10, 2021Date of Patent: May 9, 2023Assignee: CISCO TECHNOLOGY, INC.Inventors: Ijsbrand Wijnands, Gregory J. Shepherd, John H. W. Bettink
-
Patent number: 11632354Abstract: A disclosed method is performed at a first boundary node bordering a BIER domain. The method includes receiving a message associated with a source and group for multicast from outside the BIER domain. The method further includes generating an encapsulated message based on the message, a metric, and a first proxy address of the first boundary node. The method also includes forwarding the encapsulated message through the BIER domain to at least one second boundary node bordering the BIER domain and connectable to the first boundary node. The first boundary node additionally triggers the at least one second boundary node to decapsulate the encapsulated message for forwarding out of the first domain and store a record including the source, the group, the metric representing the cost of the first boundary node to the source, and the first proxy address on the at least one second boundary node.Type: GrantFiled: August 30, 2018Date of Patent: April 18, 2023Assignee: Cisco Technology, Inc.Inventors: Stig Ingvar Venaas, Mahesh Sivakumar, Ijsbrand Wijnands, Mankamana Prasad Mishra
-
Patent number: 11627086Abstract: In one embodiment, an offload platform is an compute platform, adjunct to a router or other packet switching device, that performs packet processing operations including determining an egress forwarding value corresponding to the next-hop node of the packet switching device to which to send an offload-platform processed packet. The offload platform downloads forwarding information from the router, and augments it, such as, but not limited to, representing interfaces of the router as identifiable virtual interface(s) on the offload platform, and including each of one or more next-hop nodes of the router represented as an identifiable virtual adjacency and identifiable tunnel (e.g., identified by the egress forwarding value). In one embodiment, the egress forwarding value is an Multiprotocol Label Switching (MPLS) label or Segment Routing Identifier. The router identifies packets of certain packet flows to send to the adjunct offload platform, rather than processing per its routing information base.Type: GrantFiled: July 25, 2022Date of Patent: April 11, 2023Assignee: Cisco Technology, Inc.Inventors: Ijsbrand Wijnands, Neale David Raymond Ranns, David Delano Ward, David Richard Barach
-
Patent number: 11627071Abstract: A method comprises, at a first router configured to perform Bit Index Explicit Replication (BIER) for forwarding of multicast packets in a network, storing configuration information that indicates that the first router belongs to multiple subdomains of a BIER domain, and is able to forward the multicast packets for a virtual private network on the multiple subdomains. The method further comprises, during an auto-discovery procedure, generating an auto-discovery message to include an auto-discovery route and route attributes that indicate the multiple subdomains, and sending the auto-discovery message to a second router of the virtual private network the network.Type: GrantFiled: June 29, 2021Date of Patent: April 11, 2023Assignee: CISCO TECHNOLOGY, INC.Inventors: Mankamana Prasad Mishra, Ijsbrand Wijnands, Anuj Budhiraja, Ali Sajassi, Stephane Litkowski, Satya Ranjan Mohanty
-
Patent number: 11606312Abstract: Various systems and methods for performing fast fail-over. One method involves receiving a packet at a primary forwarder node of a core network, determining whether the packet was received from a secondary forwarder node of the core network, via a tunnel, and, in response to a determination that the packet was received via the tunnel, forwarding the packet to another node in the core network. The tunnel communicatively couples the primary forwarder node and the secondary forwarder node. The primary forwarder node and the secondary forwarder node communicatively couple a local network and the core network. The packet was transmitted from the local network.Type: GrantFiled: December 29, 2020Date of Patent: March 14, 2023Assignee: CISCO TECHNOLOGY, INC.Inventors: Neale D. R. Ranns, Ijsbrand Wijnands, Gregory J. Shepherd
-
Patent number: 11601296Abstract: Functionality for creating a bit routing table for use in a bit-indexed explicit replication (“BIER”) environment in disclosed herein. In one embodiment, this functionality includes receiving information from a host, and determining whether the information comprises a MAC address that is a bit-indexed explicit replication (“BIER”) MAC address. In response to determining that the information comprises a BIER MAC address, this functionality creates an entry corresponding to the MAC address in a bit routing table. This functionality also analyzes the information to determine a bit position that is associated with the host, and also determines a port via which the host is reachable. The functionality updates the bit routing table by storing information identifying the bit position and the port in the entry, such that the bit position and the port both correspond to the MAC address. This functionality can be used to route packets in a BIER environment.Type: GrantFiled: August 6, 2020Date of Patent: March 7, 2023Assignee: CISCO TECHNOLOGY, INC.Inventors: Ijsbrand Wijnands, Gregory J. Shepherd, Nagendra Kumar Nainar
-
Publication number: 20220407736Abstract: Methods, network devices and computer readable media are disclosed relating to a communication network. In one embodiment, a method includes receiving a message comprising a message bit array. The message bit array identifies egress nodes for the message within a bit indexed explicit replication (BIER) domain of a communications network. A first bit position in the message bit array represents a first one or more of the egress nodes, and a bit value at the first bit position indicates that the message is to be forwarded to one of the first one or more of the egress nodes. The method further includes accessing a first forwarding table entry corresponding to the first bit position, determining whether the first bit position is an anycast bit position having multiple corresponding forwarding table entries, and forwarding the message to one of the first one or more of the egress nodes.Type: ApplicationFiled: August 24, 2022Publication date: December 22, 2022Inventors: Ijsbrand Wijnands, Pierre Pfister, Neale D.R Ranns, W. Mark Townsley, Gregory J. Shepherd