Patents Assigned to Juniper Networks, Inc.
-
Patent number: 9166878Abstract: In one embodiment, an apparatus includes a network management module configured to execute at a network device operatively coupled to a switch fabric. The switch fabric may have a distributed control plane. The network management module is configured to receive a request regarding status information for a certain set of network resources identified with a virtual or logical identifier. The network management module is configured to generate and send a corresponding query for status information to a set of physical elements that encompass and may be larger than the certain set of network resources and collect responses to that query. The network management module is configured to construct a response to the request from the status information in the collected responses to the query. The constructed response includes only information related to the original request.Type: GrantFiled: December 23, 2010Date of Patent: October 20, 2015Assignee: Juniper Networks, Inc.Inventors: Dana Cook, Chris Cole, David Nedde
-
Patent number: 9166929Abstract: In general, techniques are described that facilitate scalable wholesale layer two (L2) connectivity between customers and service providers and a demarcation between the L2 wholesale network and one or more ISPs with which customers communicate L2 PDUs. In one example, a network device receives PDU having both a service identifier identifying a service virtual local area network (SVLAN) and a customer identifier identifying a customer VLAN (CVLAN). A virtual switch determines whether an entry of a L2 learning table is associated with both the service identifier and the customer identifier of the PDU. When no such entry exists, a VLAN learning module updates the L2 learning table to create a new entry that maps to a network device interface and is associated with both the service identifier of the PDU and a plurality of customer identifiers that includes the customer identifier of the PDU.Type: GrantFiled: March 17, 2014Date of Patent: October 20, 2015Assignee: Juniper Networks, Inc.Inventors: Prakash Kamath, Apurva Mehta, Debi Prasad Sahoo, Jagadish Grandhi, Krishna Sankaran, Moojin Jeong
-
Patent number: 9166901Abstract: The liveness of routing protocols can be determined using a mechanism to aggregate liveness information for the protocols. The ability of an interface to send and receive packets and the forwarding capability of an interface can also be determined using this mechanism. Since liveness information for multiple protocols, the liveness of interfaces, the forwarding capability of interfaces, or both, may be aggregated in a message, the message can be sent more often than could individual messages for each of the multiple protocols. This allows fast detection of failures, and sending connectivity messages for the individual protocols, such as neighbor “hellos,” to be sent less often.Type: GrantFiled: July 20, 2010Date of Patent: October 20, 2015Assignee: Juniper Networks, Inc.Inventor: Kireeti Kompella
-
Patent number: 9166918Abstract: In some embodiments, an apparatus includes a transmission schedule module in at least one of a memory or a processing device that can select, at a first time, a data unit to send to a network device based at least in part on a value of a transmission rate counter indicating that the network is in a first state. The transmission schedule module can receive, at a second time, an indication of a number of buffers associated with the data unit and can calculate a size estimate of the data unit based on the number of buffers and a capacity associated with each buffer. The transmission schedule module can calculate at a third time, a temporary transmission rate count and can send a signal to transition the network device from the first state to a second state if the temporary transmission rate count meets a criterion.Type: GrantFiled: September 30, 2013Date of Patent: October 20, 2015Assignee: Juniper Networks, Inc.Inventors: Craig R. Frink, Gerald Lampert, Steven Aiken, Srihari R. Vegesna
-
Patent number: 9166807Abstract: Principles of the invention relate to techniques for transmission of Layer 2 (L2) traffic over a point to multi-point (P2MP) label switched path (LSP) within a multi-protocol Label Switching (MPLS) network. A source or ingress network device may implement the techniques to connect multiple L2 interfaces to a P2MP LSP within an MPLS network via a P2MP Pseudo-Wire (PW) mechanism that emulates delivery of L2 data units over a packet switched network, such as the MPLS network. The ingress network device first establishes the P2MP LSP and then connects two or more L2 interfaces to the P2MP LSP via the P2MP PW mechanism. Egress network devices may also implement the techniques to terminate the P2MP LSP and de-multiplex traffic arriving via multiple P2MP PWs carried over the same P2MP LSP.Type: GrantFiled: March 16, 2009Date of Patent: October 20, 2015Assignee: Juniper Networks, Inc.Inventors: Rahul Aggarwal, Yakov Rekhter, Kireeti Kompella
-
Patent number: 9154371Abstract: An apparatus includes a first edge device configured to receive a data unit destined to a peripheral processing device that is operatively coupled to a network interconnect via a LAG associated with a second edge device and a third edge device. The first edge device is configured to select an edge device set that includes the third edge device and excludes the second edge device, from a group of edge device sets. Each edge device set from the group of edge device sets is directly coupled to the peripheral processing device. The first edge device is configured to send an instance of the data unit to each edge device from the edge device set such that the third edge device sends an instance of the data unit to the peripheral processing device based on a selection method that omits ports on the second edge device as potential selections.Type: GrantFiled: June 3, 2013Date of Patent: October 6, 2015Assignee: Juniper Networks, Inc.Inventor: Shriram Srinivasan
-
Publication number: 20150281088Abstract: A computer-implemented method for multipath load balancing may include (1) identifying a plurality of paths from a source switch to a destination switch, (2) determining, for each of the plurality of paths, a limiting bandwidth of the path based at least in part on the lowest link bandwidth of one or more data links in the path, and (3) balancing network traffic that is transmitted from the source switch to the destination switch across the plurality of paths based at least in part on the limiting bandwidth of each of the plurality of paths. Various other methods, systems, and computer-readable media are also disclosed.Type: ApplicationFiled: March 30, 2014Publication date: October 1, 2015Applicant: Juniper Networks, Inc.Inventor: Qiang Wu
-
Publication number: 20150281045Abstract: An apparatus may include a processor and a control plane that directs the processor to (1) detect that at least a portion of an initial branch path of a point-to-multipoint label-switched path has failed over to a failover route that rejoins the initial branch path at a merge-point device and (2) establish an alternate branch path that merges with the initial branch path at the merge-point device. The apparatus may also include a network interface and a data plane that uses the network interface to transmit data via the alternate branch path while data is still being transmitted via the initial branch path, where after the data plane begins transmitting data via the alternate branch path, the control plane instructs the merge-point device to forward data from the alternate branch path rather than from the failover route. Various other apparatuses, systems, and methods are also disclosed.Type: ApplicationFiled: March 31, 2014Publication date: October 1, 2015Applicant: Juniper Networks, Inc.Inventors: Raveendra Torvi, Vishnu Pavan Beeram, Maruthi Kishore Tiruveedhula
-
Publication number: 20150281090Abstract: A computer-implemented method for load balancing multicast traffic may include (1) identifying a plurality of switches that include at least a first switch that is connected to a second switch by a first path and a second path, (2) calculating a plurality of multicast distribution trees for distributing multicast traffic among the plurality of switches that includes (i) a first tree that includes the first path and whose root is different than the root of a second tree and (ii) the second tree that includes the second path, (3) receiving a plurality of multicast packets ingress to the plurality of switches at the first switch, and (4) using at least two of the plurality of multicast distribution trees to transmit the plurality of multicast packets from the first switch to the second switch. Various other methods, systems, and computer-readable media are also disclosed.Type: ApplicationFiled: March 31, 2014Publication date: October 1, 2015Applicant: Juniper Networks, Inc.Inventors: Qiang Wu, Xichun Hong
-
Publication number: 20150281276Abstract: In one example, a server device for monitoring security policy compliance for a network includes a network interface and a control unit configured to determine that a target endpoint device is attempting to access the network, send, via the network interface, instructions to a trusted endpoint device of the network to cause the trusted endpoint device to determine whether the target endpoint device complies with at least one security policy, and grant the target endpoint device access to the network when the trusted endpoint device indicates that the target endpoint device complies with the at least one security policy.Type: ApplicationFiled: March 26, 2014Publication date: October 1, 2015Applicant: JUNIPER NETWORKS, INC.Inventor: Anantha Krishnan U
-
Patent number: 9147075Abstract: The disclosed apparatus may include a storage device and a secure counter. The apparatus may also include a tamper-logging component that (1) detects an action that is associated with booting untrusted images from the storage device and, in response to detecting the action, (2) securely logs the action by incrementing the secure counter. Various other apparatuses, systems, and methods are also disclosed.Type: GrantFiled: March 20, 2014Date of Patent: September 29, 2015Assignee: Juniper Networks, Inc.Inventor: Moshe Litvin
-
Patent number: 9148343Abstract: In some embodiments, an apparatus includes a network device configured to receive an anomaly database of a first image that stores a set of differences between the first image and a base image. The network device is configured to compare the anomaly database of the first image with an anomaly database of a second image storing a set of differences between the second image and the base image to determine if the first and second images include at least one incompatible critical feature or incompatible non-critical feature. The network device is configured to send a signal associated with a first action if the first and second images include the at least one incompatible critical feature. The network device is configured to send a signal associated with a second action different from the first action if the first and second images include the at least one incompatible non-critical feature.Type: GrantFiled: March 27, 2012Date of Patent: September 29, 2015Assignee: Juniper Networks, Inc.Inventors: Sandip Shah, Surinder Singh
-
Publication number: 20150271102Abstract: In one example, a method includes receiving, by a service node, a request from an access node to establish a pseudowire to be used for sending subscriber traffic to the service node for application of services to the subscriber traffic at the service node, and, in response to receiving the request, sending a request message from the service node to a central server requesting both subscriber authentication and assignment of a forwarding component of the service node to which to anchor the pseudowire. The method also includes receiving, by the service node and from the central server, an authentication message in response to the request message, wherein the authentication message confirms subscriber authentication and indicates a forwarding component of the service node to which the service node should anchor the pseudowire.Type: ApplicationFiled: April 11, 2014Publication date: September 24, 2015Applicant: Juniper Networks, Inc.Inventor: Javier Antich
-
Patent number: 9143557Abstract: In general, techniques are described for providing feedback loops for service engineered paths. A service node comprising an interface and a control unit may implement the techniques. The interface receives traffic via a path configured within a network to direct the traffic from an ingress network device of the path to the service node. The control unit applies one or more services to the traffic received via the path and generates service-specific information related to the application of the one or more services to the traffic. The interface then sends the service-specific information to at least one network device configured to forward the traffic via the path so that the at least one network device configured to forward the traffic via the path is able to adapt the path based on the service-specific information.Type: GrantFiled: June 27, 2012Date of Patent: September 22, 2015Assignee: Juniper Networks, Inc.Inventors: James Guichard, David Ward, Jan Medved, Maciek Konstantynowicz
-
Patent number: 9137724Abstract: A method includes receiving a signal indicative that a first access point can transmit data over a first number of spatial streams, and a second access point can transmit data over a second number of spatial streams. The method includes receiving a probe request from a set of client devices. A first portion of the set of client devices is configured to transmit data over the first number of spatial streams and a second portion of the client devices is configured to transmit data over the second number of spatial streams. The method includes sending a signal to the first portion associated with authorizing the first portion to connect to the first access point and sending a signal to the second portion associated with authorizing the second portion to connect to the second access point.Type: GrantFiled: December 21, 2012Date of Patent: September 15, 2015Assignee: Juniper Networks, Inc.Inventor: Chandra Prakash Sharma
-
Patent number: 9136624Abstract: A line card of a set of line cards is configured to be coupled to a set of switch-fabric cards to collectively define at least a portion of an orthogonal cross fabric without a midplane board. The line card has an edge portion, a first side and a second side, opposite the first side. The line card includes a set of first set of connectors and a second set of connectors. The first set of connectors is disposed along the edge portion on the first side of the line card and the second set of connectors is disposed along the edge portion on the second side of the line card.Type: GrantFiled: March 28, 2013Date of Patent: September 15, 2015Assignee: Juniper Networks, Inc.Inventors: Boris Reynov, Venkata S. Raju Penmetsa, Ben T. Nitzan, Jack W. Kohn, Oscar Diaz-Landa, Shreeram Siddhaye
-
Patent number: 9137116Abstract: In general, techniques are described for defining an interface to a network router software infrastructure that allows developers to dynamically extend a routing protocol executed by the network router to distribute data throughout the routing domain for use with custom applications. In some examples, a routing protocol process executing on a control plane of a network device may expose an interface, such as an Application Programming Interface (API), that defines methods and parameters for extending the operation of a routing protocol executed by the routing protocol process.Type: GrantFiled: July 12, 2012Date of Patent: September 15, 2015Assignee: Juniper Networks, Inc.Inventor: Bruno Rijsman
-
Patent number: 9137142Abstract: This disclosure describes techniques to reduce traffic loss for a Border Gateway Protocol (BGP) session by delaying re-advertisement of routes received from a newly re-established multi-homed router by a primary router until all the routes are installed in a forwarding plane of the primary router. The techniques of this disclosure make use of a BGP marker received from the multi-homed router that indicates the end of a route download for an address family. Upon receiving the BGP marker, a control plane of the primary router requests a route acknowledgement message (Route-ACK) from the forwarding plane for only the last route of the address family received before the BGP marker. When the control plane receives the Route-ACK indicating that the last route has been installed in the forwarding plane, the primary router initiates re-advertisement of the routes to other BGP peer routers.Type: GrantFiled: March 31, 2012Date of Patent: September 15, 2015Assignee: Juniper Networks, Inc.Inventor: Kaliraj Vairavakkalai
-
Patent number: 9128785Abstract: A method for managing a shared buffer between a data processing system and a network. The method provides a communication interface unit for managing bandwidth of data between the data processing system and an external communicating interface connecting to the network. The method performs, by the communication interface unit, a combined de-queue and head drop operation on at least one data packet queue within a predefined number of clock cycles. The method also performs, by the communication interface unit, an en-queue operation on the at least one data packet queue in parallel with the combined de-queue operation and head drop operation within the predefined number of clock cycles.Type: GrantFiled: April 22, 2013Date of Patent: September 8, 2015Assignee: Juniper Networks, Inc.Inventors: John Delmer Johnson, Abhijit Ghosh, Manju Agrawal
-
Patent number: 9130859Abstract: A first access point is included in a first VLAN but not included in a second VLAN. The first access point is operatively coupled to a second access point that is included in the second VLAN but not included in the first VLAN. The second VLAN includes a multicast domain name system (mDNS) service that is not multicast to the first VLAN. The first access point is configured to receive an mDNS request for the mDNS service from a client device that is operatively coupled to the first VLAN. The first access point is configured to send, to the second access point, an encapsulated mDNS request that is based on the mDNS request from the client device such that a connection is established between the client device and a network device providing the mDNS service within the second VLAN.Type: GrantFiled: March 29, 2013Date of Patent: September 8, 2015Assignee: Juniper Networks, Inc.Inventor: Michael Knappe
