Abstract: In one embodiment, a packet switching device is configured to operate as a spoke or a hub in a Dynamic Multipoint Virtual Private Network (DMVPN) using one or more initially negotiated service overlay capabilities including service encapsulation to use in communicating service overlay data packets between the packet switching device and another device (e.g., spoke, hub) of the DMVPN over an established tunnel (e.g., secure protocol channel). The packet switching device is further configured to negotiate updated one or more service overlay capabilities including updated service encapsulation to use in communicating service overlay data packets with another device (e.g., spoke, hub) without dropping the already established tunnel. In one embodiment, the negotiation between the packet switching device and another device (e.g., spoke, hub) of the DMVPN uses Next Hop Resolution Protocol (NHRP). In one embodiment, the service encapsulation uses Network Service Header (NSH).

Abstract: In one embodiment, a provider edge packet switching device of a provider network is configured with different Internet Protocol (IP) forwarding information bases (FIBs) depending on whether the forwarding information base is associated with core-facing ingress packet traffic (e.g., packet traffic from the provider network) or customer-facing ingress packet traffic (e.g., packet traffic from a customer network). In the latter case of customer-facing ingress packet traffic, the customer-facing forwarding information base includes load balancing lookup results for load balancing traffic between a customer edge packet switching device and through the provider network. In the case of core-facing ingress packet traffic, the core-facing forwarding information base includes a lookup result for forwarding traffic to a customer edge packet switching device, and does not include the above-referenced load balancing lookup result information.

Abstract: In one embodiment, physical layer error signatures of a communications link are determined by ascertaining characteristics of erred and correct modulation symbols received by a physical receiver of a communications device, such as, but not limited to, by a receiver of a packet switching device in a communications network normally used to receive data traffic. In one embodiment, a physical receiver of a physical communications device receives a particular modulation symbol and determines whether the received particular modulation symbol is an expected modulation symbol in a predetermined sequence of modulation symbols. One or more storage devices are maintained with one or more error signature measurements based on determining whether the particular modulation symbol is the expected modulation symbol in the predetermined sequence of modulation symbols, with the error signature measurements including performing a comparison to a threshold value or a current maximum value.

Abstract: In one embodiment, a timing slave packet switching device receives a received primary reference clock signal. The timing slave packet switching device communicates a first plurality of packet network synchronization packets over a packet switching network with a remote primary reference clock source and derives an over-network clock based on the first plurality of packet network synchronization packets. A phase offset between the phase of the over-network clock and the phase of the received primary reference clock signal is determined and typically stored in non-volatile storage. Subsequent to said determining the phase offset, the timing slave packet switching device communicates a second plurality of packet network synchronization packets over the packet switching network with the remote primary reference clock source and adjusts the phase of a clock derived from the second plurality of packet network synchronization packets based on the phase offset.

Abstract: In one embodiment, a network of nodes is configured to communicate according to a configuration of a vertical ladder topology as well as monitoring communication in the network, and/or selectively controls whether or not provisioned particular links will be used. One embodiment colors nodes of the network (e.g., a wireless deterministic network) along different paths through the network and marks packets with the color of each traversed node to track a path taken by a packet. One embodiment sends a particular packet through the network and marks over which links the packet traverses and aggregates these traversed links of other copies of the particular packet. One embodiment controls whether or not the provisioned time slots are used based on flooding a control packet through the network with enable or disable information for each of these links.

Abstract: In one embodiment, enhanced packet flow monitoring is performed by packet switching devices in a network. A packet switching device is configured to monitor a flow of packets passing through the packet switching device, including detecting a gap in consecutive packets of the flow of packets, and attributing the gap as not being dropped one or more packets based on a particular time duration between a last received packet of the flow of packets before said detected gap and a first received packet of the flow of packets after said detected gap. In one embodiment, the gap is attributed to not being dropped packets when the particular time duration is greater than a threshold value; and conversely, attributed to being dropped packets when the particular time duration is less than a same or different threshold value.

Abstract: In one embodiment, configurable policy-based processing of packets is performed, including, but not limited to, using user-configurable parameters to adjust control-plane allocation of resources used in processing of packets. In one embodiment, these resources include, but are not limited to, processing by fast path or slow path forwarding of packets; forwarding information base (FIB) entries, databases, and hardware processing elements; instantiation of sub-FIB databases; and/or selection of sub-FIB data plane entries for population of sub-FIB databases, a group of FIB entries is label switched traffic, fully expanded Internet Protocol routes, loopback addresses of packet switching devices in the network, label-switched to label-switched traffic, Internet Protocol (IP) to label-switched traffic, IP to IP traffic, and/or label to IP traffic. In one embodiment, a group of the plurality of different groups of FIB entries is defined upon how a route or label corresponding to a FIB entry was learned.

Abstract: In one embodiment, cells of a same packet are sent among multiple paths within a packet switching device. Each of these cells is associated with a same drop value for use in determining whether to drop or forward the cell at multiple positions within a packet switching fabric of a packet switching device in light of a current congestion measurement. In one embodiment, the drop value is calculated at each of these multiple positions based on fields of the cell that are packet variant, but not cell variant, so a same drop value is calculated by each cell of a packet. In one embodiment, at least one of these fields provides entropy (e.g., a timestamp of the packet) such that a produced drop value has, or approximately has, an equal probability of being any value within a predetermined range for fairness purposes.

Abstract: In one embodiment, for each particular multicast flow of a plurality of multicast flows of packets a particular consolidation encoding of a plurality of consolidation encodings is selected based on the sparseness of bit positions within a bit string corresponding to designated receiving packet switching devices of the particular multicast flow. The packet switching device sends one or more packets corresponding to said particular packet, with each of these one or more packets including designated receiving packet switching devices of the particular multicast flow in the header of said particular packet according to the particular consolidation encoding. In one embodiment, different consolidation encodings of the plurality of consolidation encodings are used for at least two different multicast flows of the plurality of multicast flows of packets. In one embodiment, each of said receiving packet switching devices is Bit Index Explicit Replication (BIER) Bit-Forwarding Router (BFR).

Abstract: In one embodiment, packets are sent a packet switching mechanism of a packet switching device, which includes partitioning each particular packet into a plurality of cells with each particular packet and cell derived therefrom associated with a same particular timestamp and a same particular ingress point identifier representing an ingress point of a plurality of ingress points of the packet switching mechanism. These cells are sent through the packet switching mechanism by selecting and forwarding, at each of a plurality of points within the packet switching mechanism. A tie-breaking value is determined based on a manipulation of ingress point identifier associated with said identifiable cell in a manner to vary the tie-breaking selection ordering of ingress point identifiers for different timestamp values. The tie-breaking value is used in selecting a next cell to forward when cells are associated with a same timestamp.

Abstract: In one embodiment, a packet switching device determines that a packet matches one of a plurality of predetermined patterns, however, this matching may produce a false-positive match of one of the underlying rules corresponding to the plurality of predetermined patterns. In one embodiment, determining the packet matches one of the plurality of predetermined patterns includes determining a first pattern match of a packet when each particular portion of a plurality of different portions of the packet is found to be matching a corresponding particular pattern portion by performing a table lookup operation based on the particular portion as an address in a corresponding different current portion-iteration table to retrieve a corresponding partial result. In one embodiment, the first pattern match is filtered using a second validation technique for removing false-positive first pattern matches. In one embodiment, the second validation technique includes using hashing.

Abstract: In one embodiment, a packet switching device receives a particular directive to throttle a flow of packet traffic. In response, the packet switching device performs an analysis to determine one or more reduced number of flow throttling engines of a plurality of flow throttling engines in the packet switching device configured to be responsive to a received directive to throttle a corresponding flow of packet traffic. The one or more reduced number of flow throttling engines correspond to learned one or more incoming interfaces on which packets of the flow of packet traffic are correct in being received, and the one or more reduced number of flow throttling engines is less than all of the plurality of flow throttling engines. The packet switching device configures to throttle the flow of packet traffic in each of said one or more reduced number of flow throttling engines.

Abstract: In one embodiment, command message generation and execution using a machine code-instruction is performed. One embodiment includes a particular machine executing a single machine-code instruction including a reference into a command-message-building data structure stored in memory. This executing the single machine-code instruction includes generating a command message and initiating communication of the command message to a hardware accelerator, including copying command information from the command-message-building data structure based on the reference into the command message. The hardware accelerator receives and executes the command message. In one embodiment, the command message is message-switched from a processor to a hardware accelerator, such as, but not limited to, a memory controller, a table lookup unit, or a prefix lookup unit. In one embodiment, a plurality of threads share the command-message-building data structure.

Abstract: In one embodiment, a device-independent label is associated with multiple network devices such that the packet switching devices in a network will forward a packet based on the device-independent label to one of these multiple network devices. In one embodiment, these device-independent labels include, but are not limited to, domain-identifying labels and forwarding-punt labels. In one embodiment, a domain-identifying label is defined as a label that identifies a plurality of network nodes without identifying a single particular network node, single particular interface, nor single particular link. In one embodiment, a first-domain forwarding-punt label is placed at the top of the label stack to identify to forward the label-switched packet to any one of a plurality of designated forwarding nodes corresponding to the first-domain forwarding-punt label (e.g., for sending to a packet switching device which will have forwarding information for the second domain-identifying label.).

Abstract: In one embodiment, a packet switching device comprises: a lookup chip including one or more processors and on-lookup chip memory, and off-lookup chip memory. In one embodiment, the lookup chip is configured to determine processing information for packets including performing a longest prefix match on a destination address of packets using progressive, exact matching of one or more single prefix length hash keys generated from the packets with entries in one or more hash tables until a matching hash table entry is found. The matching hash table entry is associated with particular information identifying how to process (e.g., manipulate, forward, drop) the corresponding packet. In one embodiment, entries of a hash table are distributed between said on-lookup chip memory and said off-lookup chip memory. In one embodiment, signatures of lookup keys are included in a hash table entry to quickly evaluate whether there is a match.

Abstract: In one embodiment, a packet switching device creates multiple virtual packet switching devices within the same physical packet switching device using virtual machines and sharing particular physical resources of the packet switching device. One embodiment uses this functionality to change the operating version (e.g., upgrade or downgrade) of the packet switching device by originally operating according to a first operating version, operating according to both a first and second operating version, and then ceasing operating according to the first operating version. Using such a technique, a packet switching device can be upgraded or downgraded while fully operating (e.g., without having to reboot line cards and route processing engines).

Abstract: Packets are encapsulated and sent from a service node to an application node for applying one or more Layer-4 to Layer-7 services to the packets, with service-applied packets being returned to the service node. An identification of a virtual private network (VPN) may be carried within a request packet, encapsulating a particular packet, sent by a service node to an application node for applying a service to the particular packet; with the corresponding response packet sent to the service node including an identification of the VPN for use by the service node in forwarding the services-applied packet. Additionally, parameters may be included in a request packet to identify a particular service of a general service to be applied to a particular packet encapsulated in the request packet.

Abstract: In one embodiment, an autonomous system border router (ASBR) advertises a same forwarding label for received advertised routes of a merging context that were advertised with a same forwarding label for the ASBR to use when sending corresponding packets. An ASBR receives via a routing protocol from a particular router in the same autonomous system, a plurality of same-labeled received routes advertised with a same first forwarding label within a merging context. In response to each of the plurality of same-labeled received routes having the same first forwarding label to use to forward packets to the particular router and being in the same merging context, the ASBR determines a merged forwarding label and advertises to a peer ASBR in another autonomous system (AS) each of the plurality of same-labeled received routes with the merged forwarding label for the peer ASBR to use to forward packets to the ASBR.

Abstract: In one embodiment, characteristics of a connection traversing a packet switching device is determined, which includes, but not limited to, determining a network port number and/or address of an established connection based on a signature of the connection. In one embodiment, a packet switching device receives and forwards packets of particular communication between a device and a remote node in a network. The packet switching device maintains information of the particular communication and identification data for use in subsequent identification of said particular communication.

Abstract: In one embodiment, a physical device (e.g., packet switching device, computer, server) is booted using custom-created frozen partially-booted virtual machines, avoiding the time required for an end-to-end boot process. In one embodiment while the system is operating under a current version, a partially-booted virtual image of a new operating version for each of multiple processing elements of the device is produced according to static configuration information specific to the device, with each of these partially-booted virtual machines frozen. The device is rebooted to a fully operational device by unfreezing these partially-booted virtual machines, thus removing this portion of a boot process from the real-time booting of the device. The generation of the frozen partially-booted virtual machines is advantageously performed by the device itself based on current static configuration information and the availability of the specific hardware configuration of the device.