Patents by Inventor Rajshekhar Biradar
Rajshekhar Biradar has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11956136Abstract: Systems and methods for selectively generating a telemetry report to calculate a flow or bit rate are disclosed. The methods include calculating a hash value of a packet, using it as a key to query a bloom filter, and obtaining a packet count. If the packet count reaches a trigger value, a telemetry report is generated and sent, along with the ingress timestamp, hash value, and the packet count, to the collector for calculating the flow rate (or bit rate). The collector compares the packet count and ingress timestamp of the packet of the first telemetry report with a second telemetry report, both reports being generated at various trigger values, and calculates the flow rate. If a hash collision is detected, the calculations are voided and an update to the hash function is suggested.Type: GrantFiled: May 10, 2021Date of Patent: April 9, 2024Assignee: ARISTA NETWORKS, INC.Inventor: Rajshekhar Biradar
-
Publication number: 20230336477Abstract: A central controller in a data network can maintain a set of access control list (ACL) rules that represent traffic and data policies of the data network. The controller can autonomously propagate the set of ACL rules to switches in the data network. Each switch that receives the set of ACL rules can selectively install rules from the set based on criteria such as whether or not a given rule in the set is close to the source and device class.Type: ApplicationFiled: April 27, 2023Publication date: October 19, 2023Inventors: Naveen Kumar Devaraj, Rajshekhar Biradar
-
Patent number: 11671361Abstract: A central controller in a data network can maintain a set of access control list (ACL) rules that represent traffic and data policies of the data network. The controller can autonomously propagate the set of ACL rules to switches in the data network. Each switch that receives the set of ACL rules can selectively install rules from the set based on criteria such as whether or not a given rule in the set is close to the source and device class.Type: GrantFiled: May 11, 2020Date of Patent: June 6, 2023Assignee: Arista Networks, Inc.Inventors: Naveen Kumar Devaraj, Rajshekhar Biradar
-
Patent number: 11627130Abstract: Systems and methods are provided herein for transitioning a supplicant from one virtual local area network (VLAN) to another using a change of authorization (COA) message. This may be accomplished by an authentication server notifying a network device that a host should be granted access to the network, wherein the authentication server authenticates the host using MAC based authentication. Based on this notification and the MAC address of the host, the network device assigns the host to a first VLAN. If the authentication server determines that the host needs to change from the first VLAN to a second VLAN the authentication server generates a COA message, associated with the host, wherein the COA message comprises a VLAN identifier related to the second VLAN. The authentication server transmits the COA message to the network device causing the network device to route traffic to and from the host using the second VLAN.Type: GrantFiled: February 17, 2021Date of Patent: April 11, 2023Assignee: ARISTA NETWORKS, INC.Inventors: Rahul Sharma, Rahul Kumar Singh, Rajshekhar Biradar
-
Publication number: 20220311691Abstract: Systems and methods for selectively generating a telemetry report to calculate a flow or bit rate are disclosed. The methods include calculating a hash value of a packet, using it as a key to query a bloom filter, and obtaining a packet count. If the packet count reaches a trigger value, a telemetry report is generated and sent, along with the ingress timestamp, hash value, and the packet count, to the collector for calculating the flow rate (or bit rate). The collector compares the packet count and ingress timestamp of the packet of the first telemetry report with a second telemetry report, both reports being generated at various trigger values, and calculates the flow rate. If a hash collision is detected, the calculations are voided and an update to the hash function is suggested.Type: ApplicationFiled: May 10, 2021Publication date: September 29, 2022Inventor: Rajshekhar Biradar
-
Publication number: 20220263821Abstract: Systems and methods are provided herein for transitioning a supplicant from one virtual local area network (VLAN) to another using a change of authorization (COA) message. This may be accomplished by an authentication server notifying a network device that a host should be granted access to the network, wherein the authentication server authenticates the host using MAC based authentication. Based on this notification and the MAC address of the host, the network device assigns the host to a first VLAN. If the authentication server determines that the host needs to change from the first VLAN to a second VLAN the authentication server generates a COA message, associated with the host, wherein the COA message comprises a VLAN identifier related to the second VLAN. The authentication server transmits the COA message to the network device causing the network device to route traffic to and from the host using the second VLAN.Type: ApplicationFiled: February 17, 2021Publication date: August 18, 2022Inventors: Rahul Sharma, Rahul Kumar Singh, Rajshekhar Biradar
-
Publication number: 20220255820Abstract: Systems and methods for INT telemetry are disclosed. The system selects a subset of flows from a plurality of flows to monitor. Parameters of the selected flows are sent by the management controller to an INT source for creating a watchlist. The INT source analyses an incoming packet against the parameters in the watchlist to determine if the packet belongs to a flow selected for monitoring. If the packet matches any one of the parameters, then the INT source embeds the packet with an IP address of a designated tenant collector and the INT instructions. A designated collector is allocated for each flow, set of flows, or tenant. Regardless of the path taken by the packet, the embedded INT packet contains all the information needed for a downstream network element to send telemetry data without the need for configuring the network element for telemetry.Type: ApplicationFiled: April 27, 2022Publication date: August 11, 2022Inventors: Rajshekhar Biradar, Naveen Kumar Devaraj
-
Patent number: 11405298Abstract: The disclosure describes processing packets in connection with a traceroute session in an overlay network that includes detecting traceroute probes using static and dynamic rules and using the time to live (TTL) value in a received traceroute probe to compute an outer TTL value. The TTL value (inner TTL) of the received probe is updated based on the number of underlay routers (hops) comprising the underlay network that are detected during the traceroute session. The received probe with its updated TTL value is encapsulated in an outer frame that includes the computed outer TTL value. The number of hops is updated each time an underlay router sends an ICMP time exceeded message.Type: GrantFiled: May 11, 2020Date of Patent: August 2, 2022Assignee: Arista Networks, Inc.Inventors: Naveen Kumar Devaraj, Rajshekhar Biradar
-
Publication number: 20220210087Abstract: Systems and methods for managing a data packet's maximum transmission unit (MTU) limit in an in-band telemetry (INT) network are disclosed. The methods include a downstream network element receiving a packet with INT instructions and in response to determining that adding its own metadata would exceed the allowed MTU limit at its egress interface, generating and forwarding a telemetry report containing existing and new metadata to the designated collector, and forwarding the received packet without any metadata to the next hop. The methods forward the telemetry report to the collector when the packet's MTU limit is exceeded and thereby avoids uncontrolled growth of the packet size.Type: ApplicationFiled: June 29, 2021Publication date: June 30, 2022Inventors: Rajshekhar Biradar, Naveen Kumar Devaraj
-
Patent number: 11356319Abstract: A facility to determine if performance issues between two host computers in a data network includes a central controller identifying endpoints of a flow path between the two hosts. The central controller communicates with endpoint network devices to initiate telemetry tagging traffic on the flow path. A collector receives telemetry communicated in a packet from network devices on the flow path. A network operator can view the collected telemetry to assess whether the performance issue is in the network or not.Type: GrantFiled: September 11, 2020Date of Patent: June 7, 2022Assignee: ARISTA NETWORKS, INC.Inventors: Naveen Kumar Devaraj, Rajshekhar Biradar, Vijay Rangarajan, Padmanabh Ratnakar, Gagandeep S. Arneja
-
Patent number: 11329847Abstract: Systems and methods for INT telemetry are disclosed. The system selects a subset of flows from a plurality of flows to monitor. Parameters of the selected flows are sent by the management controller to an INT source for creating a watchlist. The INT source analyses an incoming packet against the parameters in the watchlist to determine if the packet belongs to a flow selected for monitoring. If the packet matches any one of the parameters, then the INT source embeds the packet with an IP address of a designated tenant collector and the INT instructions. A designated collector is allocated for each flow, set of flows, or tenant. Regardless of the path taken by the packet, the embedded INT packet contains all the information needed for a downstream network element to send telemetry data without the need for configuring the network element for telemetry.Type: GrantFiled: June 29, 2021Date of Patent: May 10, 2022Assignee: ARISTA NETWORKS, INC.Inventors: Rajshekhar Biradar, Naveen Kumar Devaraj
-
Publication number: 20210352013Abstract: A central controller in a data network can maintain a set of access control list (ACL) rules that represent traffic and data policies of the data network. The controller can autonomously propagate the set of ACL rules to switches in the data network. Each switch that receives the set of ACL rules can selectively install rules from the set based on criteria such as whether or not a given rule in the set is close to the source and device class.Type: ApplicationFiled: May 11, 2020Publication date: November 11, 2021Inventors: Naveen Kumar Devaraj, Rajshekhar Biradar
-
Publication number: 20210352000Abstract: The disclosure describes processing packets in connection with a traceroute session in an overlay network that includes detecting traceroute probes using static and dynamic rules and using the time to live (TTL) value in a received traceroute probe to compute an outer TTL value. The TTL value (inner TTL) of the received probe is updated based on the number of underlay routers (hops) comprising the underlay network that are detected during the traceroute session. The received probe with its updated TTL value is encapsulated in an outer frame that includes the computed outer TTL value. The number of hops is updated each time an underlay router sends an ICMP time exceeded message.Type: ApplicationFiled: May 11, 2020Publication date: November 11, 2021Inventors: Naveen Kumar Devaraj, Rajshekhar Biradar
-
Patent number: 11153199Abstract: A packet loop runs between two participating endpoint network devices, and in particular runs in the respective data planes of the endpoint devices. A probe packet is provided to the data plane of an initiating device and is forwarded to the other device to initiate the packet loop. The source and destination addresses in the probe packet are set equal to a common address. Based on the common address, entries in the respective forwarding tables of the endpoint devices are established to point to each other so that the probe packet is forwarded back and forth between the two devices thus sustaining the packet loop. A broken loop indicates a forwarding path failure at which time corrective action to be taken.Type: GrantFiled: November 27, 2019Date of Patent: October 19, 2021Assignee: Arista Networks, Inc.Inventors: Rajshekhar Biradar, Naveen Kumar Devaraj
-
Publication number: 20210160173Abstract: A packet loop runs between two participating endpoint network devices, and in particular runs in the respective data planes of the endpoint devices. A probe packet is provided to the data plane of an initiating device and is forwarded to the other device to initiate the packet loop. The source and destination addresses in the probe packet are set equal to a common address. Based on the common address, entries in the respective forwarding tables of the endpoint devices are established to point to each other so that the probe packet is forwarded back and forth between the two devices thus sustaining the packet loop. A broken loop indicates a forwarding path failure at which time corrective action to be taken.Type: ApplicationFiled: November 27, 2019Publication date: May 27, 2021Inventors: Rajshekhar Biradar, Naveen Kumar Devaraj