Patents Assigned to Juniper Networks, Inc.
  • Patent number: 12293307
    Abstract: Disclosed are methods and systems for determining combinations of system parameters that indicate a root cause of a system level experience deterioration (SLED). Some of the disclosed embodiments generate a decision tree from a first class of operational parameter datasets. Rules are derived from the decision tree. Filtered rule sets for feature parameters included in the system parameters are then determined. Pairs of features within a particular dataset that each satisfy their respective filtered rule sets are indicative of a root cause of the degradation, at least in some embodiments.
    Type: Grant
    Filed: February 12, 2024
    Date of Patent: May 6, 2025
    Assignee: Juniper Networks, Inc.
    Inventor: Ravindra Guntur
  • Patent number: 12294511
    Abstract: A network device can automatically select an execution plan from a set of possible execution plans that cause a first set of traffic assignments in a network to be changed to a second set of traffic assignments. A traffic assignment indicates assignments of the traffic to one or more tunnels, internal routes and/or peer links to be utilized for routing traffic received at provider edge routers through a network to prefixes. A traffic assignment can have various parameters such as bandwidth, transmission costs etc. Each execution plan has one or more steps, and each step has one or more traffic assignment changes progressing from the first set of traffic assignments to the second set of traffic assignments. The network device can automatically select an execution plan based on an evaluation metric determined for each execution plan. The evaluation metric can be a cost based metric or a quality based metric.
    Type: Grant
    Filed: December 11, 2023
    Date of Patent: May 6, 2025
    Assignee: Juniper Networks, Inc.
    Inventors: Gregory A. Sidebottom, Patricio Giecco
  • Patent number: 12294517
    Abstract: A network device may receive an instruction to update a data structure implemented by the network device and update the data structure based on receiving the instruction. The data structure may include a routing instruction to direct the network device to provide a data flow to a server device for processing. The network device may receive the data flow destined for a destination device; determine the routing instruction based on at least a portion of an internet protocol (IP) address associated with the data flow and based on the data structure; execute the routing instruction to provide the data flow to the server device and to cause the data flow to be processed by the server device to form a processed data flow; and receive the processed data flow and provide the processed data flow towards the destination device.
    Type: Grant
    Filed: November 16, 2018
    Date of Patent: May 6, 2025
    Assignee: Juniper Networks, Inc.
    Inventors: Bruno Rijsman, Usha Sharma, Prabhakaran Ganesan, Sankar Ramamoorthi
  • Patent number: 12294528
    Abstract: In some implementations, a non-ingress node of one or more label-switched paths (LSPs) may identify a resource issue event. The non-ingress node may identify, based on identifying the resource issue event, one or more notification-requester stacks included in a data structure. The non-ingress node may generate one or more resource notification messages that each include a respective notification-requester stack of the one or more notification-requester stacks. The non-ingress node may send the one or more resource notification messages based on the one or more notification-requester stacks.
    Type: Grant
    Filed: June 28, 2023
    Date of Patent: May 6, 2025
    Assignee: Juniper Networks, Inc.
    Inventors: Vishnu Pavan Beeram, Chandrasekar Ramachandran
  • Patent number: 12289347
    Abstract: In some implementations, a security device may identify a resource profile based on a value of a resource utilization metric associated with the security device. The security device may identify a security services profile to be applied to traffic that is to be processed by the security device. The security device may determine a set of security services to be performed by the security device, the set of security services being identified based on the resource profile and the security services profile. The security device may perform the set of security services according to the security services profile.
    Type: Grant
    Filed: June 28, 2022
    Date of Patent: April 29, 2025
    Assignee: Juniper Networks, Inc.
    Inventors: Sravanthi Arimanda, Hari Prasad S R
  • Patent number: 12289198
    Abstract: Techniques are described for monitoring network performance and managing network faults in a computer network. A cloud-based network management system stores path data received from a plurality of network devices operating as network gateways for an enterprise network, the path data collected by each network device of the plurality of network devices for one or more logical paths of a physical interface from the network device over a wide area network (WAN). The network management system determines, based on the path data, one or more WAN link health assessments, wherein the one or more WAN link health assessments include a success or failure state associated with one or more of service provider reachability, physical interface operation, or logical path performance; and in response to determining the at least one failure state, outputs a notification including identification of a root cause of the at least one failure state.
    Type: Grant
    Filed: December 17, 2021
    Date of Patent: April 29, 2025
    Assignee: Juniper Networks, Inc.
    Inventors: Jisheng Wang, Xiaoying Wu, Amit Pillay
  • Patent number: 12289203
    Abstract: A customer edge device is connected, in a multi-homed configuration, to a device via a downlink of the device and to another device via another downlink of the other device. The device may determine that each of one or more uplinks of the device has an inactive interface status and may thereby cause the downlink of the device to be down. This may cause the customer edge device to communicate network traffic via the other downlink of the other device. The device may determine that at least one uplink, of the one or more uplinks, has an active interface status and may thereby cause the downlink to be up. This may cause the customer edge device to communicate network traffic via the downlink of the device.
    Type: Grant
    Filed: October 31, 2021
    Date of Patent: April 29, 2025
    Assignee: Juniper Networks, Inc.
    Inventors: Pravas Kumar Panda, Manas Ranjan Panda, Madhusudhana Malur Venkatagiri, Anand Vardhan, Venkata Duggirala
  • Patent number: 12288741
    Abstract: A mixed pitch method of placing pads in a ball grid array (BGA) package having a BGA substrate and a plurality of connectors arranged in an array and connected via the pads to the BGA substrate. Selected pairs of the pads are placed on the BGA substrate at a distance defined by a first pitch P1. Ground pads are placed on the BGA substrate at a distance from the selected pairs of pads defined by a second pitch P2, wherein P2=M*P1 and M is greater than one. The selected pairs of the pads on the BGA substrate are also placed at a distance from other selected pairs of the pads defined by the second pitch P2.
    Type: Grant
    Filed: April 7, 2023
    Date of Patent: April 29, 2025
    Assignee: Juniper Networks, Inc.
    Inventors: Granthana Kattehalli Rangaswamy, Arvind Hanumantharayappa, Srinivas Venkataraman
  • Patent number: 12289243
    Abstract: Techniques are disclosed for the detection of different states of a session comprising a bidirectional flow of network traffic between client devices so as to enable a network device to apply different network policies to different states of the session. In one example, a computing device identifies multiple states of a session and defines a plurality of network policies. Each network policy defines performance requirements for network traffic during each state of the session. A network device receives the plurality of network policies and determines a state of the session. The network device selects a path based on the performance requirements of the network policy associated with the determined state of the session. The network device forwards traffic associated with the session along the selected path while the session is in the determined state.
    Type: Grant
    Filed: November 9, 2021
    Date of Patent: April 29, 2025
    Assignee: Juniper Networks, Inc.
    Inventor: Patrick Timmons
  • Patent number: 12289233
    Abstract: In general, techniques are described for deploying virtualized cell site routers (vCSRs). In an example, a method comprises receiving, at a forwarding plane of a virtualized cell site router (vCSR) of a first Distributed Unit (DU) of a plurality of DU servers of a cell site for a 5G radio access network, the vCSR having a containerized routing protocol process and a forwarding plane configured to perform Layer 2 (L2) switching, L2 packets on a second interface for a second physical link connecting the first DU server to an L2 switch; and switching, by the forwarding plane of the vCSR of the first DU, the L2 packets on a first interface for a first physical link connecting the first DU server to a second DU server of the plurality of DU servers.
    Type: Grant
    Filed: February 5, 2024
    Date of Patent: April 29, 2025
    Assignee: Juniper Networks, Inc.
    Inventors: Muhammad Qasim Arham, Vinod Nair, Vinay K Nallamothu, Kiran K N, Shelesh Bansal, Shailender Sharma, Rakesh Kumar Reddy Varimalla
  • Patent number: 12289406
    Abstract: A network device may determine that network traffic for a communication session between a first peer device and a second peer device is to be protected using a security protocol suite. The network device may establish, using one or more tunnels, multiple security associations that are to be used to securely provide the network traffic of the communication session over an unsecured medium. The network device may determine a rekey scheduling time for each security association, of the multiple security associations, based on a combination of configuration information and dynamic network device information. The network device may perform, at each rekey scheduling time, a rekeying procedure to rekey each security association of the multiple security associations.
    Type: Grant
    Filed: January 21, 2021
    Date of Patent: April 29, 2025
    Assignee: Juniper Networks, Inc.
    Inventors: Shibu Piriyath, Vinay Gudur
  • Patent number: 12289364
    Abstract: An example method comprises determining, by an edge services controller, based on a respective predicted resource utilization value for each of a plurality of servers, a corresponding server weight for each of the plurality of servers; the plurality of servers comprising respective network interface cards (NICs), wherein each NIC of the plurality of NICs comprises an embedded switch and a processing unit coupled to the embedded switch; determining, by the edge services controller, based on a respective predicted resource utilization value for each of a plurality of services, a corresponding application weight for each of the plurality of services; and scheduling, by the edge services controller, based on the respective server weight for a server of the plurality of servers and the respective application weight for the service, a service of the plurality of services on the server.
    Type: Grant
    Filed: April 19, 2024
    Date of Patent: April 29, 2025
    Assignee: Juniper Networks, Inc.
    Inventors: Raja Kommula, Ganesh Byagoti Matad Sunkada, Thayumanavan Sridhar, Rajasree Krishnamoorthy, Raj Yavatkar, Jit Gupta, Krishna Kant
  • Patent number: 12289220
    Abstract: A network management system (NMS) generates a hierarchical attribution graph representing different scopes at different hierarchical levels of a wide area network (WAN); obtains logical path down data indicative of operational behavior including failure events associated with logical paths of network devices over the WAN; obtains total path data indicative of a historical number of active logical paths between the network devices; and determines a scope of a logical path down issue by, for a time period of the logical path down issue, determining a score for each scope of the different scopes based on the logical path down data aggregated across the respective scope and the total path data, and determining the scope of the logical path down issue as a particular scope of the different scopes having a highest score. The NMS may identify the particular scope as a root cause of the logical path down issue.
    Type: Grant
    Filed: December 8, 2022
    Date of Patent: April 29, 2025
    Assignee: Juniper Networks, Inc.
    Inventors: Amit Pillay, Xiaoying Wu, Patrick Timmons
  • Patent number: 12289325
    Abstract: A network device may be configured to receive a file stream associated with an file. The network device may be configured to identify, based on receiving the file stream, an initial portion of the file. The network device may be configured to process the initial portion of the file to determine one or more features of the file. The network device may be configured to generate, based on the one or more features of the file, a determination as to whether the file is malicious. The network device may be configured to block or allow, based on the determination, the file stream.
    Type: Grant
    Filed: December 3, 2021
    Date of Patent: April 29, 2025
    Assignee: Juniper Networks, Inc.
    Inventors: Paul Randee Dilim Kimayong, Mounir Hahad
  • Patent number: 12289249
    Abstract: In general, techniques are described for deploying and managing a virtual router having Data Plane Development Kit (DPDK) functionality to a computing device. In an example, a method includes creating, by a container orchestration platform executing on a computing device, a virtual router custom resource instance of a virtual router custom resource definition, the virtual router custom resource instance for a virtual router to execute on the computing device; based on configuration data for the virtual router custom resource instance, by the container orchestration platform, modifying the virtual router custom resource instance with the configuration data and deploying a first virtual computing instance comprising a virtual router configured according to the modified virtual router custom resource instance; and executing, by the computing device, the virtual router to process a packet.
    Type: Grant
    Filed: June 14, 2023
    Date of Patent: April 29, 2025
    Assignee: Juniper Networks, Inc.
    Inventors: Shailender Sharma, Vinod Nair, Kiran K N, Kirankumar Kashinath Raikar, Rakesh Kumar Reddy Varimalla
  • Patent number: 12289235
    Abstract: In some examples, a computing device comprises a first service function instance to apply a service function and a service function forwarder to: receive a first layer 3 routing protocol route advertisement that includes service function instance data for a second service function instance, the service function instance data indicating a service function type and a service identifier for the service function instance; receive a second layer 3 routing protocol route advertisement that includes service function chain data for a service function chain, the service function chain data indicating a service path identifier and one or more service function items; and send, to the second service function instance and based at least on determining a service function item of the one or more service function items indicates the second service function instance, a packet classified to the service function chain.
    Type: Grant
    Filed: June 6, 2023
    Date of Patent: April 29, 2025
    Assignee: Juniper Networks, Inc.
    Inventors: Eric C. Rosen, John E. Drake, William Stuart Mackie, Adrian John Farrel
  • Patent number: 12289240
    Abstract: An edge services controller may use a service scheduling algorithm to deploy services on Network Interface Cards (NICs) of a NIC fabric while incrementally scheduling services. The edge services controller may assign services to specific nodes depending on their available resources on these nodes. Available resources may include CPU compute, DPU compute, node bandwidth, etc. The edge services controller may also consider the distance between the services that communicate with each other (i.e., hop count between nodes if two communicating services are placed on separate nodes) and the weight of communication between the services. Two services that communicate heavily with each other may consume more bandwidth, and putting them further apart is more detrimental than keeping them closer to each other, i.e., reducing the hop count between each other depending on the bandwidth consumption due to their inter-service communications.
    Type: Grant
    Filed: May 12, 2023
    Date of Patent: April 29, 2025
    Assignee: Juniper Networks, Inc.
    Inventors: Raja Kommula, Ganesh Byagoti Matad Sunkada, Thayumanavan Sridhar, Raj Yavatkar
  • Patent number: 12289182
    Abstract: This disclosure describes techniques are described for proactively computing configuration information for policy-driven on-demand tunnel creation and deletion between sites in a software-defined networking in wide area network (SD-WAN) environment. In some examples, a controller device is configured to precompute configuration data for an overlay tunnel through the wide area network to connect a first site and a second site of a plurality of sites in the SD-WAN environment. The controller device is further configured to obtain, after precomputing the configuration data, an indication to configure the overlay tunnel. The controller device is also configured to send, in response to receiving the indication to configure the overlay tunnel, at least some of the configuration data to the first site to configure the first site with the overlay tunnel.
    Type: Grant
    Filed: December 29, 2022
    Date of Patent: April 29, 2025
    Assignee: Juniper Networks, Inc.
    Inventors: Nithyananda Vishnu K S, Venkata Rajasekharu Athreyapurapu
  • Patent number: 12289194
    Abstract: Methods and apparatus for identifying the root cause of deterioration of system level experience (SLE). Offending network components that caused the SLE deterioration are identified and corrective actions are taken.
    Type: Grant
    Filed: April 25, 2023
    Date of Patent: April 29, 2025
    Assignee: Juniper Networks, Inc.
    Inventor: Ebrahim Safavi
  • Patent number: 12289231
    Abstract: In some examples, a method includes receiving, by an egress network device for a network, messages from each of a plurality of ingress network devices for the network, wherein each of the messages specifies a multicast source, a multicast group, and an upstream multicast hop weight value for multicast traffic for the multicast source and the multicast group; selecting, by the egress network device and based on the upstream multicast hop weight values specified by the received messages, one of the plurality of ingress network devices to which to send a multicast join message of a plurality of multicast join messages for the multicast source and multicast group; and sending, by the egress network device, the multicast join message to the selected one of the plurality of ingress network devices.
    Type: Grant
    Filed: December 29, 2023
    Date of Patent: April 29, 2025
    Assignee: Juniper Networks, Inc.
    Inventors: Vinod Kumar N, Robert W. Kebler, Ashok Patrick Jude Manoharan, Hariharan Boopathy