Abstract: A network device coordinates with other devices in a network to create a distributed filtering system. The device detects an attack in the network, such as a distributed denial of service attack, and forwards attack information to the other devices. The devices may categorize data into one or more groups and rate limit the amount of data being forwarded based on rate limits for the particular categories. The rate limits may also be updated based on the network conditions. The rate limits may further be used to guarantee bandwidth for certain categories of data.

Abstract: A network device receives, from a remote user device, a requested test that includes test Internet protocol (IP) packets, and converts the test IP packets into hardware test commands. The network device also performs, based on the hardware test commands, the requested test on a component of a network device card to produce hardware test results. The network device further converts the hardware test results into test results in an IP packet format, and provides the tests results in the IP packet format to the remote user device.

Abstract: A data processing system includes an input circuit, a plurality of processing paths and an output circuit. The input circuit receives blocks of data on a plurality of data streams and distributes the blocks of data to the plurality of processing paths. The plurality of processing paths receive and process the distributed blocks of data. The output circuit selectively queues and dequeues the processed blocks of data based on a determined maximum differential delay among each of the processing paths and transmits the processed blocks of data.

Abstract: A network device includes a receiver component that generates flow control information. The network device also includes a transmitter component that receives a packet for forwarding to the receiver component, receives flow control data for the packet from the receiver component, and provides the packet and the flow control data for the packet to a fabric component. The fabric component performs a congestion management operation for the packet, and forwards the packet to the receiver component based on the flow control data and results of the congestion management operation.

Abstract: In general, techniques are described for summarizing label mappings and thereby enabling longest-prefix match within Multi-Protocol Label Switching (MPLS) networks. More specifically, a first router included within a first area of a network comprises a control unit that maintains a label space defining labels available for mapping to a plurality of addresses assigned to network devices within the network. The control unit reserves a contiguous set of the labels of the label space and maps the contiguous set of labels to first area addresses. The first area addresses include those addresses of the plurality of addresses available for assignment to network devices within the first area. The first router also includes an interface card that transmits, to a second router of a second area of the network, an advertisement that advertises a summarized version of the mapping between the contiguous set of labels and the first area addresses.

Abstract: A chassis shelf may include an upper guide adapted to receive a first edge of a first card and a lower guide adapted to receive a first edge of a second card. The chassis shelf may include an alignment device adapted to align the chassis shelf with respect to a chassis. The chassis shelf may include an attachment device for removably coupling the chassis shelf to the chassis.

Abstract: A device may include a group of requestors issuing requests, a memory that includes a set of memory banks, and a control block. The control block may receive a request from one of the requestors, where the request includes a first address. The control block may perform a logic operation on a high order bit and a low order bit of the first address to form a second address, identify one of the memory banks based on the second address, and send the request to the identified memory bank.

Abstract: A chassis may include a front section that contains a first electronic circuit board oriented in a first plane, a rear section that contains a second electronic circuit board oriented in a second plane, where the first plane and the second plane are substantially orthogonal, a midplane dividing the front and the rear sections, and a fan tray assembly including a plurality of fans to cool both the first electronic circuit board of the front section and the second electronic circuit board of the rear section.

Abstract: A device stores forwarding information associated with fragments of a first data unit, stores information common to the fragments of the first data unit, receives fragments of a second data unit, and forwards the fragments of the second data unit based on the forwarding information of the first data unit and the information common to the first data unit.

Abstract: A network device for processing data packets includes input logic, a register, route lookup logic and output processing logic. The input logic receives a data packet having at least one multi-protocol label switching (MPLS) tag, stores the packet and forwards a portion of the packet including the MPLS tag. The route lookup logic receives the portion of the packet, generates next hop information based on the MPLS tag and determines whether at least one MPLS tag is to be removed from the packet before the packet is to be output by the network device. The route lookup logic also modifies a start offset value in the register for each MPLS tag that is to be removed and forwards the start offset. The output processing logic receives the start offset and begins processing the data packet for output at a location identified by the start offset.

Abstract: A method performed by a primary server includes receiving integrity criteria and sending a health check request to a secondary server based on the received integrity criteria. The method also includes receiving integrity information from the secondary server and checking the integrity information against the integrity criteria. The method further includes initiating a non-compliance action if the integrity information does not comply with the integrity criteria.

Abstract: In general, techniques are described for simultaneously testing connectivity to same or different remote maintenance endpoints of the same maintenance association. Specifically, a network device may include a control unit that simultaneously executes both a first and a second maintenance session. The control unit maintains first and second session identifiers that uniquely identifies the first and second maintenance sessions. The control unit receives via the first maintenance session input that specifies parameters for a maintenance message and generates the maintenance message in accordance with the parameters such that the maintenance message includes the first session identifier. The network device also includes an interface card that forwards the maintenance message to another network device in order to determine connectivity between these two network devices.

Abstract: A device may include an interconnect module that includes a number of ports, where each port is configured to receive both an alternating current (AC) power supply and a direct current (DC) power supply; where the interconnect module provides power from the received power supplies to a plurality of field replaceable units (FRUs).

Abstract: A router may be tested using a packet-based testing technique in which the test packets are generated by the router. In one implementation, a forwarding plane in a router may include a first component to process header information of packets to determine forwarding information, and a memory component to store payload data for the packets. A control plane of the router may generate test packets, insert the test packets into the forwarding plane, receive a second set of packets from the forwarding plane, analyze the second set of packets to determine whether the second set of packets correspond to the inserted plurality of test packets, and output, based on the analysis, test results, relating to the operation of the routing device.

Abstract: A method for detecting data frame mode mismatch errors may include receiving a data frame that includes an overhead byte. It may be determined whether a value associated with the overhead byte indicates that a transmitting device operating mode matches a receiving device operating mode. In an additional implementation, it may be determined whether a value associated with the overhead byte indicates that a transmitting device output port matches a receiving device input port. An alarm may be generated when it is determined that the value associated with the overhead byte indicates that either the transmitting device operating mode does not match the receiving device operating mode or the transmitting device output port does not match the receiving device input port.

Abstract: A system includes a first device connected to a second device The first device includes a second node connected to a first node and the second device via a link, and includes a backup second node connected to the first node and the second device via another link. The first node is configured to receive, via the link or the other link, a group of packets (i.e., “packets”), from the second device; display a first notification that the second node can be removed when the packets are received via only the other link; display a second notification indicating that the backup second node can be removed when the packets are received via only the link; and display a third notification indicating that neither the second node nor the backup second node can be removed when the packets are not received via only the link and via only the other link.

Abstract: A device may include logic configured to receive a data unit intended for a destination device and to obtain information from the data unit. The logic may be configured to identify a window using the obtained information, where the window has a range determined by a lower boundary and an upper boundary. The logic may be configured to forward the data unit to the destination device when a portion of the data unit information is within the window.

Abstract: A system allocates upstream resources to multiple cable modems subsequent to a cable modem termination system (CMTS) re-boot. The system groups the multiple cable modems into multiple groups. The system orders, subsequent to the CMTS re-boot, allocation of upstream resources to each of the multiple cable modems based on the group to which each of the cable modems belongs. The system allocates upstream resources to each of the cable modems based on the ordering.

Abstract: A network device includes a processor that executes a software module above an operating system of a network device, wherein the software module is configured to create a set of forwarding structures for use in forwarding network traffic with the network device without regard to limitations of an underlying architecture of the forwarding plane. The network device also includes a forwarding structure control module operative within or below the operating system of the network device, wherein the forwarding structure control module is configured to create a set of derived forwarding structures based on the set of forwarding structures provided by the software module for installation in the forwarding information of the forwarding plane. The derived set of forwarding structures is created in accordance with the limitations of the underlying architecture of the forwarding plane.

Abstract: Principles of the invention are described for providing virtual private local area network service (VPLS) multicast instances across a public network by utilizing multicast trees. In particular, the VPLS multicast instances transport layer two (L2) multicast traffic, such as Ethernet packets, between customer networks via the public network. The principles described herein enable VPLS multicast instances to handle high bandwidth multicast traffic. The principles also reduce the state and the overhead of maintaining the state in the network by removing the need to perform snooping between routers within the network.