Patents by Inventor Khalil A. Jabr
Khalil A. Jabr has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11722410Abstract: Systems, methods, and computer-readable media for interconnecting SDWANs through segment routing. A first SDWAN and a second SDWAN of a SDWAN fabric can be identified. A segment routing domain that interconnects the first SDWAN and the second SDWAN can be formed across a WAN underlay of the SDWAN fabric. Data transmission between the first SDWAN and the second SDWAN can be controlled by performing segment routing through the segment routing domain formed between the first SDWAN and the second SDWAN.Type: GrantFiled: November 29, 2022Date of Patent: August 8, 2023Assignee: Cisco Technology, Inc.Inventors: Balaji Sundararajan, Khalil A. Jabr, Anand Oswal, Vivek Agarwal, Chandramouli Balasubramanian
-
Publication number: 20230103683Abstract: Systems, methods, and computer-readable media for interconnecting SDWANs through segment routing. A first SDWAN and a second SDWAN of a SDWAN fabric can be identified. A segment routing domain that interconnects the first SDWAN and the second SDWAN can be formed across a WAN underlay of the SDWAN fabric. Data transmission between the first SDWAN and the second SDWAN can be controlled by performing segment routing through the segment routing domain formed between the first SDWAN and the second SDWAN.Type: ApplicationFiled: November 29, 2022Publication date: April 6, 2023Inventors: Balaji Sundararajan, Khalil A. Jabr, Anand Oswal, Vivek Agarwal, Chandramouli Balasubramanian
-
Publication number: 20230077361Abstract: Systems, methods, and computer-readable media for interconnecting SDWANs through segment routing. A first SDWAN and a second SDWAN of a SDWAN fabric can be identified. A segment routing domain that interconnects the first SDWAN and the second SDWAN can be formed across a WAN underlay of the SDWAN fabric. Data transmission between the first SDWAN and the second SDWAN can be controlled by performing segment routing through the segment routing domain formed between the first SDWAN and the second SDWAN.Type: ApplicationFiled: November 21, 2022Publication date: March 16, 2023Inventors: Balaji Sundararajan, Khalil A. Jabr, Anand Oswal, Vivek Agarwal, Chandramouli Balasubramanian
-
Patent number: 11533257Abstract: Systems, methods, and computer-readable media for interconnecting SDWANs through segment routing. A first SDWAN and a second SDWAN of a SDWAN fabric can be identified. A segment routing domain that interconnects the first SDWAN and the second SDWAN can be formed across a WAN underlay of the SDWAN fabric. Data transmission between the first SDWAN and the second SDWAN can be controlled by performing segment routing through the segment routing domain formed between the first SDWAN and the second SDWAN.Type: GrantFiled: February 1, 2021Date of Patent: December 20, 2022Assignee: Cisco Technology, Inc.Inventors: Balaji Sundararajan, Khalil A. Jabr, Anand Oswal, Vivek Agarwal, Chandramouli Balasubramanian
-
Publication number: 20210160179Abstract: Systems, methods, and computer-readable media for interconnecting SDWANs through segment routing. A first SDWAN and a second SDWAN of a SDWAN fabric can be identified. A segment routing domain that interconnects the first SDWAN and the second SDWAN can be formed across a WAN underlay of the SDWAN fabric. Data transmission between the first SDWAN and the second SDWAN can be controlled by performing segment routing through the segment routing domain formed between the first SDWAN and the second SDWAN.Type: ApplicationFiled: February 1, 2021Publication date: May 27, 2021Inventors: Balaji Sundararajan, Khalil A. Jabr, Anand Oswal, Vivek Agarwal, Chandramouli Balasubramanian
-
Publication number: 20210067442Abstract: Systems, methods, and computer-readable media for interconnecting SDWANs through segment routing. A first SDWAN and a second SDWAN of a SDWAN fabric can be identified. A segment routing domain that interconnects the first SDWAN and the second SDWAN can be formed across a WAN underlay of the SDWAN fabric. Data transmission between the first SDWAN and the second SDWAN can be controlled by performing segment routing through the segment routing domain formed between the first SDWAN and the second SDWAN.Type: ApplicationFiled: September 4, 2019Publication date: March 4, 2021Inventors: Balaji Sundararajan, Khalil A. Jabr, Anand Oswal, Vivek Agarwal, Chandramouli Balasubramanian
-
Patent number: 10938717Abstract: Systems, methods, and computer-readable media for interconnecting SDWANs through segment routing. A first SDWAN and a second SDWAN of a SDWAN fabric can be identified. A segment routing domain that interconnects the first SDWAN and the second SDWAN can be formed across a WAN underlay of the SDWAN fabric. Data transmission between the first SDWAN and the second SDWAN can be controlled by performing segment routing through the segment routing domain formed between the first SDWAN and the second SDWAN.Type: GrantFiled: September 4, 2019Date of Patent: March 2, 2021Assignee: CISCO TECHNOLOGY, INC.Inventors: Balaji Sundararajan, Khalil A. Jabr, Anand Oswal, Vivek Agarwal, Chandramouli Balasubramanian
-
Patent number: 9461965Abstract: Techniques are presented herein for redirection between any number of network devices that are distributed to any number of sites. A first message of a flow is received from a network endpoint at a first network device. A relationship between the endpoint and the first network device is registered in a directory that maps endpoints for network devices. A state for the flow is stored at the first network device. A second message is received for the flow which is indicative of the first endpoint at a second network device. It is determined that the second network device does not store the flow state for the flow. Querying is performed to receive information indicative of the relationship between the endpoint and the first network device. The received information is stored in a cache at the second network device. Services are applied to the second message according to the stored information.Type: GrantFiled: October 5, 2012Date of Patent: October 4, 2016Assignee: Cisco Technology, Inc.Inventors: Khalil A. Jabr, Ray Blair, Victor M. Moreno, Massimiliano Ardica
-
Patent number: 9380005Abstract: In one embodiment, a device receives a first packet stream and a second packet stream over different paths through a network, wherein each of said sent first and the second packet streams includes a same replicated stream of packets. The apparatus processes packets of the first packet stream when the first packet stream is in an active packet stream, and while buffering and subsequently dropping packets of the second packet stream when the second packet stream is in a non-active state. In response to identifying a difference in a number of packets in the same replicated stream of packets received in the second packet stream compared to in the first packet stream equaling or exceeding a predetermined threshold, the second packet stream becomes in the active state and missing packets are forwarded from the buffered second stream packets.Type: GrantFiled: December 19, 2011Date of Patent: June 28, 2016Assignee: Cisco Technology, Inc.Inventors: Khalil A. Jabr, Naveen Kumar R (Ramalingappa), Sandesh Kumar B Narappa, Sudhakar Shenoy
-
Patent number: 8824297Abstract: In an example embodiment, there is disclosed herein an apparatus comprising an ingress interface, an egress interface, and a storm controller coupled to the ingress interface and the egress interface. The storm controller is operable to determine whether to forward packets for a traffic flow received at the ingress interface to the egress interface based on a rate over a time period. The storm controller forwards packets for the traffic flow while the rate exceeds a first threshold and is less than a second threshold while a predefined condition exits. The storm controller limits traffic for the traffic flow to the first threshold while the rate exceeds the first threshold and the predefined condition does not exist.Type: GrantFiled: April 26, 2012Date of Patent: September 2, 2014Assignee: Cisco Technology, Inc.Inventors: Rajesh Amaresh Rajah, Amit Surendra Singh, Khalil A. Jabr, Nick Satsia
-
Patent number: 8792490Abstract: Systems, methods, and other embodiments associated with logically partitioned networking devices are described herein. One example method includes receiving a message from a common interface. The message comprises a logical partition header (LPH) and a network segmentation header (NSH). The LPH may be associated with a logical partition of a networking device. The NSH is associated with a grouping (e.g., segmentation) of networking devices. The example method may also include forwarding the message to the grouping of networking devices based, at least in part, on the NSH and a virtual route forwarding (VRF) table. Forwarding the message to the logical partition of the networking device based, at least in part, on the LPH.Type: GrantFiled: March 16, 2009Date of Patent: July 29, 2014Assignee: Cisco Technology, Inc.Inventors: Khalil Jabr, S. Scott Van de Houten, Victor M. Moreno
-
Publication number: 20140101321Abstract: Techniques are presented herein for redirection between any number of network devices that are distributed to any number of sites. A first message of a flow is received from a network endpoint at a first network device. A relationship between the endpoint and the first network device is registered in a directory that maps endpoints for network devices. A state for the flow is stored at the first network device. A second message is received for the flow which is indicative of the first endpoint at a second network device. It is determined that the second network device does not store the flow state for the flow. Querying is performed to receive information indicative of the relationship between the endpoint and the first network device. The received information is stored in a cache at the second network device. Services are applied to the second message according to the stored information.Type: ApplicationFiled: October 5, 2012Publication date: April 10, 2014Applicant: Cisco Technology, Inc.Inventors: Khalil A. Jabr, Ray Blair, Victor M. Moreno, Massimiliano Ardica
-
Publication number: 20130286832Abstract: In an example embodiment, there is disclosed herein an apparatus comprising an ingress interface, an egress interface, and a storm controller coupled to the ingress interface and the egress interface. The storm controller is operable to determine whether to forward packets for a traffic flow received at the ingress interface to the egress interface based on a rate over a time period. The storm controller forwards packets for the traffic flow while the rate exceeds a first threshold and is less than a second threshold while a predefined condition exits. The storm controller limits traffic for the traffic flow to the first threshold while the rate exceeds the first threshold and the predefined condition does not exist.Type: ApplicationFiled: April 26, 2012Publication date: October 31, 2013Inventors: Rajesh Amaresh Rajah, Amit Surendra Singh, Khalil A. Jabr, Nick Satsia
-
Publication number: 20130114593Abstract: In one embodiment, a device receives a first packet stream and a second packet stream over different paths through a network, wherein each of said sent first and the second packet streams includes a same replicated stream of packets. The apparatus processes packets of the first packet stream when the first packet stream is in an active packet stream, and while buffering and subsequently dropping packets of the second packet stream when the second packet stream is in a non-active state. In response to identifying a difference in a number of packets in the same replicated stream of packets received in the second packet stream compared to in the first packet stream equaling or exceeding a predetermined threshold, the second packet stream becomes in the active state and missing packets are forwarded from the buffered second stream packets.Type: ApplicationFiled: December 19, 2011Publication date: May 9, 2013Applicant: Cisco Technology, Inc., a corporation of CaliforniaInventors: Khalil A. Jabr, Naveen Kumar R (Ramalingappa), Sandesh Kumar B. Narappa, Sudhakar Shenoy
-
Patent number: 8271775Abstract: Systems, methods, and other embodiments associated with layer two (L2) encryption for data center interconnectivity are described. One example system includes a receive logic to receive an unencrypted L2 switched frame (UL2SF). The UL2SF may include a payload and an L2 header. The example system may also include an encryption logic to selectively encrypt the UL2SF into an encrypted frame if the UL2SF is to be sent through an L2 virtual private network (L2VPN) requiring encryption. The example system may also include a delivery logic that adds a header to the encrypted frame. The header may include data to identify a decryption function to decrypt the encrypted frame and routing information for the encrypted frame. The delivery logic may also provide the encrypted frame to the L2VPN, where the providing includes selectively sending the encrypted frame as one of, a point to point packet, and a multipoint packet.Type: GrantFiled: December 17, 2008Date of Patent: September 18, 2012Assignee: Cisco Technology, Inc.Inventors: Sudhakar Shenoy, Khalil Jabr, Sridar Kandaswamy, Madhusudanan Manohar, Sandeep Hebbani
-
Patent number: 8189600Abstract: A method, apparatus and computer program product for providing IP Routing when using dynamic virtual local area networks (VLANs) with web based authentication. A downstream VLAN is assigned to a first switch port of a first network device. A first upstream VLAN is also assigned to the first switch port of the first network device. The first upstream VLAN is changed to a second upstream VLAN upon authentication, and the downstream VLAN is maintained.Type: GrantFiled: April 10, 2006Date of Patent: May 29, 2012Assignee: Cisco Technology, Inc.Inventors: Khalil Jabr, S. Scott Van De Houten, Jason Frazier, Victor Moreno
-
Patent number: 8165023Abstract: One embodiment provides a method to interconnect virtual network segments (VNETs) defined for a local-area network (LAN) infrastructure separated by a wide-area network infrastructure. The technique involves the routing device at the LAN-WAN interconnection points to impose or dispose the VNET-shim, which encodes the VNET-id information in a Layer 4 portion of the packet. In a data plane, a new IP protocol value may be used to signify the presence of the VNET-shim followed by cryptography specific information in an IP packet. In a control plane, the routing protocol is expanded to exchange the routing information along with the VNET information.Type: GrantFiled: August 28, 2007Date of Patent: April 24, 2012Assignee: CISCO TECHNOLOGY, Inc.Inventors: Mohamed Khalid, Khalil Jabr, Rajiv Asati, Warren Scott Wainner, Scott Thomas Fanning
-
Patent number: 8036118Abstract: In one embodiment, a technique for selecting a topology, in a multi-topology routing network, based on a source-destination pair of a packet is provided. The packet may be routed on a preferred path of the selected topology. By selecting the same topology for the source-destination pair even if the source and destination addresses are swapped, upstream and downstream traffic may be routed in a symmetrical manner. For some embodiments, a topology may be selected using a hash value that is generated using an algorithm that is commutative with respect to the source and destination addresses.Type: GrantFiled: February 1, 2008Date of Patent: October 11, 2011Assignee: Cisco Technology, Inc.Inventor: Khalil Jabr
-
Publication number: 20110110382Abstract: PortChannel groups are disclosed which include multiple PortChannel links of a PortChannel. Further, the selection of a particular PortChannel group, and possibly a PortChannel link within a selected PortChannel group, for a packet is provided by user-programmable matching of programmed values or rules to data extracted from the packet. In this manner, the forwarding of packets over PortChannel groups can be explicit. Moreover, packets of different flows of a packet session can be caused to be forwarded over a same PortChannel group, possibly leading to a service node for performing one or more applications based on the packets of the flow(s) of a packet session.Type: ApplicationFiled: December 23, 2009Publication date: May 12, 2011Applicant: Cisco Technology, Inc., a corporation of CaliforniaInventors: Khalil A. Jabr, Sudhakar Shenoy, Dileep K. Devireddy
-
Publication number: 20100232435Abstract: Systems, methods, and other embodiments associated with logically partitioned networking devices are described herein. One example method includes receiving a message from a common interface. The message comprises a logical partition header (LPH) and a network segmentation header (NSH). The LPH may be associated with a logical partition of a networking device. The NSH is associated with a grouping (e.g., segmentation) of networking devices. The example method may also include forwarding the message to the grouping of networking devices based, at least in part, on the NSH and a virtual route forwarding (VRF) table. Forwarding the message to the logical partition of the networking device based, at least in part, on the LPH.Type: ApplicationFiled: March 16, 2009Publication date: September 16, 2010Applicant: CISCO TECHNOLOGY, INC.Inventors: Khalil JABR, S. Scott VAN de HOUTEN, Victor M. MORENO