Patents Assigned to Cisco Technology
-
Patent number: 10977574Abstract: In one embodiment, a device in a network receives control plane packet data indicative of control plane packets for a control plane in the network. The device models the control plane using a machine learning model based on the control plane packet data. The device predicts an instability in the control plane using the machine learning model. The device causes performance of a mitigation action based on the predicted instability in the control plane.Type: GrantFiled: February 14, 2017Date of Patent: April 13, 2021Assignee: Cisco Technology, Inc.Inventors: Dmitry Goloubew, Gonzalo Salgueiro, Enzo Fenoglio, Hugo Latapie, Andre Surcouf
-
Patent number: 10979451Abstract: In one embodiment, a security device in a computer network detects potential domain generation algorithm (DGA) searching activity using a domain name service (DNS) model to detect abnormally high DNS requests made by a host attempting to locate a command and control (C&C) server in the computer network. The server device also detects potential DGA communications activity based on applying a hostname-based classifier for DGA domains associated with any server internet protocol (IP) address in a data stream from the host. The security device may then correlate the potential DGA searching activity with the potential DGA communications activity, and identifies DGA performing malware based on the correlating, accordingly.Type: GrantFiled: February 14, 2018Date of Patent: April 13, 2021Assignee: Cisco Technology, Inc.Inventors: Lukas Machlica, Ivan Nikolaev, Karel Bartos, Martin Grill
-
Patent number: 10979347Abstract: Certain aspects of the present disclosure are generally directed to version-aware service function chaining. One example method generally includes determining version information corresponding to one or more of a plurality of network functions to be performed for a packet for a service function chain (SFC) and encapsulating a service header in the packet for the SFC, the service header indicating the plurality of network functions to be performed for the packet and the version information corresponding to the one or more network functions. In certain aspects, the method also includes sending the packet to one or more service nodes for performing the plurality of network functions in accordance with the service header.Type: GrantFiled: October 27, 2018Date of Patent: April 13, 2021Assignee: Cisco Technology, Inc.Inventors: Sebastian Jeuk, Gonzalo A. Salgueiro
-
Patent number: 10979351Abstract: A method for managing routing tables and data packet forwarding is disclosed. The method comprises obtaining, at a networking device, a first outgoing label associated with one or more output port identifiers of the networking device. The first outgoing label identifies a first destination node. The one or more output port identifiers identify one or more of a plurality of output ports. The method further comprises determining whether or not the one or more output port identifiers are also associated with a second outgoing label. The second outgoing label identifies a second destination node different from the first destination node. The method further comprises merging, into a next hop table allocated in a non-transitory memory, the first outgoing label with the second outgoing label in response to determining that the one or more output port identifiers are also associated with the second outgoing label.Type: GrantFiled: May 15, 2018Date of Patent: April 13, 2021Assignee: Cisco Technology, Inc.Inventors: Anbu Chezhian Gunalan, Ramanathan Lakshmikanthan, Jose Antonio Liste
-
Link state addition and deletion based on reception of a single message in link state vector routing
Patent number: 10979340Abstract: Techniques for updating a routing table based on a single message are described. One technique includes receiving at a first network device a node message from a second network device. The node message includes a sequence number and a list of link state(s) originated by the second network device. The first network device determines whether to withdraw one or more link states originated by the second network device and maintained in a routing table of the first network device based on the sequence number and the list of the link state(s) within the node message. The routing table is updated based on the determinations.Type: GrantFiled: July 8, 2019Date of Patent: April 13, 2021Assignee: Cisco Technology, Inc.Inventors: Jakob Heitz, Alfred C. Lindem, III -
Publication number: 20210103507Abstract: This disclosure describes techniques for providing a distributed scalable architecture for Network Address Translation (NAT) systems with high availability and mitigations for flow breakage during failover events. The NAT servers may include functionality to serve as fast-path servers and/or slow-path servers. A fast-path server may include a NAT worker that includes a cache of NAT mappings to perform stateful network address translation and to forward packets with minimal latency. A slow-path server may include a mapping server that creates new NAT mappings, depreciates old ones, and answers NAT worker state requests. The NAT system may use virtual mapping servers (VMSs) running on primary physical servers with state duplicated VMSs on different physical failover servers.Type: ApplicationFiled: October 3, 2019Publication date: April 8, 2021Applicant: Cisco Technology, Inc.Inventors: Pierre Pfister, Ian James Wells, Kyle Andrew Donald Mestery, William Mark Townsley, Yoann Desmouceaux, Guillaume Ruty, Aloys Augustin
-
Patent number: 10972773Abstract: System and methods for modifying streaming data based on radio frequency information is provided. As radio transceivers transition move to a shared resource or cloud model and the existing radio transceivers are split into a baseband unit and a remote radio head, radio frequency (RF) information including power levels, encoding, data rates, and bandwidth can be provided to video optimization server. The RF information can be provided more frequently to allow real-time modifications to streaming video data. Existing protocols are reactionary in nature and perceive changing channel conditions indirectly. By providing RF information from the baseband unit on a low latency channel, modifications to the video stream can be made before an impact would be noticed at the protocol level. Also, policy information can be used to influence the changes made to streaming data in addition to the RF information.Type: GrantFiled: September 25, 2017Date of Patent: April 6, 2021Assignee: Cisco Technology, Inc.Inventors: Ashish Dalela, Michael Hammer, Kevin Shatzkamer, Monique Morrow, Peter Tomsu, Vojislav Vucetic
-
Patent number: 10972943Abstract: In one embodiment, a supervisory device for a wireless network classifies each client of a set of access points in the wireless network as either an Internet of Things (IoT) device or a non-IoT device. The supervisory device selects, for each of the access points in the set, a channel width based on the classifications of its clients. The supervisory device assigns, for each of the access points in the set, one or more wireless channels for use by that access point, based on the selected channel width for that access point. The supervisory device instructs the access points in the set to use their assigned channels to communicate with their clients.Type: GrantFiled: March 8, 2019Date of Patent: April 6, 2021Assignee: Cisco Technology, Inc.Inventors: Santosh Babaji Kulkarni, Vishal Satyendra Desai, Pooya Monajemi, Young Il Choi
-
Patent number: 10972381Abstract: In one embodiment, in-band operations data (e.g., In-situ Operations, Administration, Maintenance and/or other operations data) is added to Seamless Bidirectional Forwarding (S-BFD) packets. In one embodiment, a S-BFD packet received by a node includes a BFD discriminator and operations data. Reactive processing is identified based on the BFD discriminator. The S-BFD packet and the operations data (e.g., in an operations data field in a header of the received S-BFD packet, in an IOAM Type-Length-Value (TLV), etc.) is processed according to the identified reactive function. Examples of these reactive actions include, but are not limited to, determining a result based on processing of said particular operations data by the local node or a remote analytics server, and sending a response packet including unprocessed and/or a result of the processed operations data (e.g., performance, loss, jitter, an indication of compliance with a service level agreement, and/or another data measurement or result).Type: GrantFiled: April 23, 2019Date of Patent: April 6, 2021Assignee: Cisco Technology, Inc.Inventors: Carlos M. Pignataro, Nagendra Kumar Nainar, Reshad Rahman, Frank Brockners, Shwetha Subray Bhandari
-
Patent number: 10972391Abstract: In one embodiment, a device in a network identifies a packet to be sent to a destination in the network via a path using segment routing. The device determines a list of one or more unique identifiers for one or more of the nodes along the path. The device includes a segment routing header with the packet, the segment routing header comprising a set of segment identifiers and the list of one or more unique identifiers. The device sends the packet with the segment routing header towards the destination in the network. One or more receiving nodes that receive the packet use the set of segment identifiers to route the packet towards the destination and the list of one or more unique identifiers to notify the device when the packet was not sent to the destination via the path.Type: GrantFiled: September 10, 2019Date of Patent: April 6, 2021Assignee: Cisco Technology, Inc.Inventors: Nagendra Kumar Nainar, Carlos M. Pignataro
-
Patent number: 10972377Abstract: In one embodiment, network nodes coordinate recording of In-Situ Operations, Administration, and Maintenance (IOAM) data in packets traversing the network nodes, including a node adding IOAM data of another node to packets on behalf of the another node. After receiving a particular packet, a network node adds first IOAM data and second IOAM data to the particular packet, with the first IOAM data related to the first network node and the second IOAM data related to a second network node. The packet is then sent from the first network node. The coordinated offloading of the adding of IOAM data to packets allows a node to free up resources currently used for IOAM operations to be used for other packet processing operations, while still having IOAM data related to the node recorded in packets. The coordinated offloading may include control plane communication (e.g., via a routing or other protocol).Type: GrantFiled: December 21, 2018Date of Patent: April 6, 2021Assignee: Cisco Technology, Inc.Inventors: Nagendra Kumar Nainar, Carlos M. Pignataro, Frank Brockners, Shwetha Subray Bhandari
-
Patent number: 10969546Abstract: A method of fabricating an optical apparatus comprises forming a first waveguide on a dielectric substrate. The first waveguide extends in a direction of an optical path. The first waveguide comprises a monocrystalline semiconductor material and is doped with a first conductivity type. The method further comprises depositing a first dielectric layer on the first waveguide, etching a first opening that extends at least partly through the first dielectric layer, and forming a second waveguide at least partly overlapping the first waveguide along the direction. The second waveguide is doped with a different, second conductivity type. Forming the second waveguide comprises depositing a monocrystalline semiconductor material on the first dielectric layer, whereby the first opening is filled with the deposited monocrystalline semiconductor material.Type: GrantFiled: November 21, 2018Date of Patent: April 6, 2021Assignee: Cisco Technology, Inc.Inventors: Xunyuan Zhang, Vipulkumar K. Patel, Prakash B. Gothoskar
-
Patent number: 10965546Abstract: Installing on a node of a computer network, an agent of a network system. The installed agent receives a network task via the network. The network task involves a second node of the network. The receiving agent generates a probe implementing the task and targeted to the second node. Either the receiving agent or the generated probe generates a command for the second node. The command is related to the probe and can be in the form of a data link layer protocol data unit for network operations, administration, and maintenance (OAM). The agent or node that generates the command communicates the command to the second node. The second node executes the communicated command. The second node communicates an acknowledgment of the executed command to the first node.Type: GrantFiled: August 16, 2019Date of Patent: March 30, 2021Assignee: Cisco Technology, Inc.Inventors: Carlos M. Pignataro, Ludwig Alexander Clemm, Yegnanarayanan Chandramouli
-
Patent number: 10965349Abstract: In one embodiment, a method includes identifying a number of configured proactive repetitions in downlink transmissions from the base station, selecting k antenna states for receiving repetitive downlink transmissions among the number of antenna states, where k equals the number of configured proactive repetitions, and where each of the k antenna states corresponds to each of the repetitive downlink transmissions, transmitting a CSI report for each of the k antenna states to the base station, where a CSI report for an antenna state is used by the base station to adjust configurations for the corresponding downlink transmission, receiving signals for each of the k repetitive downlink transmissions from the base station using each of the k antenna states, and decoding the downlink transmission based on k sets of received signals, each of the k sets being received using each of the k selected antenna states.Type: GrantFiled: September 3, 2019Date of Patent: March 30, 2021Assignee: Cisco Technology, Inc.Inventors: Matthew Aaron Silverman, Fred J. Anderson, Ardalan Alizadeh, Huaiyi Wang
-
Patent number: 10965620Abstract: Presented herein are techniques for redacting mirrored network packets prior to providing the mirrored packets to an intended recipient application, such as a third-party analysis application. More specifically, a multi-destination packet redaction device obtains mirrored network traffic that comprises one or more mirrored network packets. The multi-destination packet redaction device filters the mirrored network traffic to determine an intended recipient application of the one or more mirrored network packets and applies a redaction process to redact one or more portions of at least one of the one or more mirrored network packets. The redaction process is customized based on one or more attributes of the intended recipient application.Type: GrantFiled: June 6, 2019Date of Patent: March 30, 2021Assignee: Cisco Technology, Inc.Inventors: Chih-Tsung Huang, Wei-Jen Huang, Kelvin Chan, Chiapeng Wu
-
Patent number: 10965589Abstract: One technique includes receiving, in a first network, a multi-destination packet from a second network, and determining, based on the multi-destination packet, a first multi-destination tree in the first network for forwarding the multi-destination packet. In response to determining that the first multi-destination tree is not rooted on the network device, a second multi-destination tree in the first network is determined, and the multi-destination packet is transmitted using the second multi-destination tree. Another technique includes, upon detecting a first network device joining a network, sending a first indication to a second network device that the first network device is in a state for an amount of time. After the amount of time has elapsed, a second indication that the first network device has exited the state is sent to the second network device. A topology of the network is updated after the first network device has exited the state.Type: GrantFiled: February 28, 2019Date of Patent: March 30, 2021Assignee: Cisco Technology, Inc.Inventors: Hrishikesh Narasimhan, Sundher Narayanaswamy, Biju M. Mammen, Balaji Muthuvarathan, Arnav Goel
-
Patent number: 10965377Abstract: Thermal tuning and quadrature control of opto-electronic devices using active extinction ratio tracking is proved by phase shifting, via a first phase shifter, a first optical signal carried on a first arm of an interferometer relative to a second optical signal carried on a second arm of the interferometer; combining the first optical signal with the second optical signal as an output signal; detecting a peak value in the output signal; and adjusting a relative phase offset imparted by the first phase shifter on the first optical signal relative to the second optical signal, based on the peak value, to increase an amplitude of the peak value. In various embodiments, the peak value is increased over time to maximize an extinction ratio of the optoelectronic device and maintain the extinction ratio in a maximized state during operation.Type: GrantFiled: January 16, 2020Date of Patent: March 30, 2021Assignee: Cisco Technology, Inc.Inventors: Craig S. Appel, Romesh Kumar Nandwana, Sanjay Sunder, Kadaba Lakshmikumar
-
Patent number: 10966216Abstract: A method is provided in a wireless access point in a wireless communications network. The method includes obtaining information characterizing a first wireless stream and the second wireless stream transmitted or received by the wireless access point. The information includes at least a wireless channel quality for each of the first wireless stream and the second wireless stream. The method further includes allocating transmission resources to the first wireless stream and the second wireless stream based on the obtained information. In response to a change in quality of the first wireless stream, the method further includes revising the allocation of transmission resources for the first wireless stream based on at least one of a target bit-rate and a target level of smoothness.Type: GrantFiled: August 29, 2019Date of Patent: March 30, 2021Assignee: Cisco Technology, Inc.Inventors: Xiaoqing Zhu, Wai-tian Tan, Herb Wildfeuer
-
Patent number: 10965704Abstract: In one embodiment, a device in a network receives traffic information regarding one or more secure sessions in the network. The device associates the one or more secure sessions with corresponding certificate validation check traffic indicated by the received traffic information. The device makes a self-signed certificate determination for an endpoint domain of a particular secure session based on whether the particular secure session is associated with certificate validation check traffic. The device causes the self-signed certificate determination for the endpoint domain to be used as input to a malware detector.Type: GrantFiled: June 20, 2019Date of Patent: March 30, 2021Assignee: Cisco Technology, Inc.Inventors: Martin Kopp, Martin Grill, Jan Kohout
-
Patent number: 10965516Abstract: In one embodiment, a service that monitors a network detects a plurality of anomalies in the network. The service uses data regarding the detected anomalies as input to one or more machine learning models. The service maps, using a conceptual space, outputs of the one or more machine learning models to symbols. The service applies a symbolic reasoning engine to the symbols, to rank the anomalies. The service sends an alert for a particular one of the detected anomalies to a user interface, based on its corresponding rank.Type: GrantFiled: June 3, 2019Date of Patent: March 30, 2021Assignee: Cisco Technology, Inc.Inventors: Enzo Fenoglio, Hugo Latapie, David Delano Ward, Sawsen Rezig, Raphaƫl Wouters, Didier Colens, Donald Mark Allen, Dmitri Goloubev