Patents by Inventor Atri Indiresan
Atri Indiresan has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20210226879Abstract: This disclosure describes various methods, systems, and devices related to identifying an issue in a network using a probe packet. An example method includes identifying an expired data packet transmitted in a network and addressed to a destination; generating a probe packet addressed to the destination; and forwarding the probe packet. When the probe packet is received, a report indicating a routing loop in the network can be transmitted to an administrator.Type: ApplicationFiled: January 16, 2020Publication date: July 22, 2021Inventors: Atri Indiresan, Frank Brockners, Akshay Dorwat
-
Publication number: 20210218674Abstract: A controller device for a network provides data associated with pipeline capabilities of a programmable switch. The programmable switch receives data associated with pipeline capabilities of the programmable switch. The pipeline capabilities include a plurality of flow tables and allowable table transitions for each of the flow tables. The programmable switch determines that a first flow table and a second flow table are mutually independent based on the allowable table transitions for each of the flow tables. The programmable switch configures a pipeline for data flow in the computing device, the pipeline comprising a plurality of pipeline stages, a particular pipeline stage comprising the first flow table and the second flow table.Type: ApplicationFiled: January 14, 2020Publication date: July 15, 2021Inventors: Atri Indiresan, Manas Pati, Chunjen Wang, Christophe Rene
-
Publication number: 20210144075Abstract: Presented herein is an exemplified system and method that provides visibility, for traffic analytics, into secured encapsulated packet (e.g., secure VXLAN-GPE packet, a secure metadata-GPE packet or other GPE standards). The exemplified system and method facilitate encryption of traffic in a granular manner that also facilitate the monitoring of said secure traffic in a fabric network in an end-to-end manner throughout the network. Such monitoring can be beneficially used for analytics, performance analysis, and network debugging/troubleshooting.Type: ApplicationFiled: January 22, 2021Publication date: May 13, 2021Inventors: Atri Indiresan, Linda Tin-Wen Cheng, Melvin Tsai, Peter Geoffrey Jones, Da-Yuan Tung, David John Zacks
-
Publication number: 20210126864Abstract: This disclosure describes various methods, systems, and devices related to identifying path changes of data flows in a network. An example method includes receiving, at a node, a packet including a first path signature. The method further includes generating a second path signature by inputting the first path signature and one or more node details into a hash function. The method includes replacing the first path signature with the second path signature in the packet. The packet including the second path signature is forwarded by the node.Type: ApplicationFiled: October 23, 2019Publication date: April 29, 2021Inventors: Atri Indiresan, Frank Brockners, Shwetha Subray Bhandari
-
Patent number: 10992654Abstract: A method is performed by an access router of an enterprise network including a first edge router to communicate with a second edge router over a wide area network (WAN). The method includes receiving a packet from a first endpoint, receiving from a mapping service a network location of a second edge router for which the packet is destined and a security association (SA) to encrypt the packet from the access router to the second edge router, and generating for the first edge router one or more path selectors for WAN path selection. The method includes encrypting the packet using the SA, and adding to the encrypted IP packet, in clear text, the path selectors and outer encapsulation including the network location, to produce an encrypted tunnel packet. The method also includes forwarding the encrypted tunnel packet to the second edge router via the first edge router and the WAN.Type: GrantFiled: August 17, 2018Date of Patent: April 27, 2021Assignee: CISCO TECHNOLOGY, INC.Inventors: Syed Khalid Raza, Mosaddaq Hussain Turabi, Fabio Rodolfo Maino, Vina Ermagan, Atri Indiresan
-
Publication number: 20210075728Abstract: In one embodiment, a method comprises receiving traffic to send from a router to a host in the fabric edge network, wherein the fabric edge network comprises a plurality of switches and an inter-switch link (ISL); and sending the traffic from the router to the host via at least one of the switches based on the downlink connectivity of the host. Sending the traffic from the router to the host is performed without sending the traffic through the ISL. Sending the traffic from the router to the host comprises sending the traffic through the ISL when there is a link failure on a path between the router and the host.Type: ApplicationFiled: September 11, 2019Publication date: March 11, 2021Inventors: Atri Indiresan, Roberto Mitsuo Kobo, Sanjay Kumar Hooda, Anton Smirnov
-
Patent number: 10938685Abstract: Presented herein is an exemplified system and method that provides visibility, for traffic analytics, into secured encapsulated packet (e.g., secure VXLAN-GPE packet, a secure metadata-GPE packet or other GPE standards). The exemplified system and method facilitate encryption of traffic in a granular manner that also facilitate the monitoring of said secure traffic in a fabric network in an end-to-end manner throughout the network. Such monitoring can be beneficially used for analytics, performance analysis, and network debugging/troubleshooting.Type: GrantFiled: July 24, 2018Date of Patent: March 2, 2021Assignee: Cisco Technology, Inc.Inventors: Atri Indiresan, Linda Tin-Wen Cheng, Melvin Tsai, Peter Geoffrey Jones, Da-Yuan Tung, David John Zacks
-
Patent number: 10798195Abstract: The embodiments herein push notifications to network devices used by a shared service to which a roaming host in a network fabric is subscribed. For example, a network fabric controller can access a VN policy table which stores the relationships between the virtual networks in the network fabric. Using this table, the controller can identify what shared service VNs (i.e., extranets) can communicate with the host's VN. The controller can push out notifications to the network devices used by the shared service VNs to store the new location of the host. That is, the network devices that locally store a location of the host can update their routing caches to point to the new location of the host. In this manner, the network fabric can reduce the time needed to reconverge on the new location of the host by updating the network devices used by the shared service VNs.Type: GrantFiled: December 7, 2017Date of Patent: October 6, 2020Assignee: Cisco Technology, Inc.Inventors: Sanjay K. Hooda, Prakash Jain, Marc P. Comeras, Victor M. Moreno, Atri Indiresan
-
Publication number: 20200177447Abstract: In one embodiment, a method is performed at a controller of a fabric that is connected to a first seed device in the fabric. The method includes obtaining a connectivity graph of the fabric including the first seed device. The method further includes causing the first seed device to send a first request to a first neighboring device in the connectivity graph via a first interface of the first seed device connectable to the first neighboring device. The method also includes assigning fabric component properties to devices in the fabric based at least in part on a first message from the first seed device, where the first seed device generates the first message based at least in part on a first response from the first neighboring device received via the first interface. The method additionally includes converting the first neighboring device to a second seed device in the fabric.Type: ApplicationFiled: November 29, 2018Publication date: June 4, 2020Inventors: Sanjay Kumar Hooda, Atri Indiresan, Jerish Sam David, Anand Pulicat Gopalakrishnan
-
Patent number: 10673737Abstract: Multi-VRF universal device Internet Protocol (IP) address for fabric edge devices may be provided. This address may be used to send and receive packets in a connectivity message for all VRFs on a fabric edge device. First, a request packet may be created by a first network device in response to receiving a connectivity message. The request packet may have a source address corresponding to an address of the first network device and a destination address corresponding to an address of a first client device. Next, the first network device may encapsulate the request packet. The first network device may then forward the encapsulated request packet to a second network device associated with the first client device.Type: GrantFiled: April 17, 2018Date of Patent: June 2, 2020Assignee: Cisco Technology, Inc.Inventors: Atri Indiresan, Roberto Kobo, Sanjay Kumar Hooda, Akshay Sunil Dorwat
-
Patent number: 10581738Abstract: In embodiments disclosed herein involve receiving a first packet, where the first packet originated from a first device on a first virtual local area network (VLAN) in a first plurality of VLANs, where routing is enabled among each of the first plurality of VLANs. A first temporary value is assigned to a first VLAN identifier associated with the first packet, where the first temporary value corresponds to the first plurality of VLANs. Additionally, the first packet is processed based on a plurality of flow tables. Further, a first destination value is assigned to the first VLAN identifier, where the first destination value corresponds to a second VLAN in the first plurality of VLANs, and the first packet is transmitted to a second device on the second VLAN.Type: GrantFiled: April 18, 2018Date of Patent: March 3, 2020Assignee: Cisco Technology, Inc.Inventors: Atri Indiresan, Manas Pati, Christophe Rene
-
Publication number: 20200059457Abstract: A method is performed by an access router of an enterprise network including a first edge router to communicate with a second edge router over a wide area network (WAN). The method includes receiving a packet from a first endpoint, receiving from a mapping service a network location of a second edge router for which the packet is destined and a security association (SA) to encrypt the packet from the access router to the second edge router, and generating for the first edge router one or more path selectors for WAN path selection. The method includes encrypting the packet using the SA, and adding to the encrypted IP packet, in clear text, the path selectors and outer encapsulation including the network location, to produce an encrypted tunnel packet. The method also includes forwarding the encrypted tunnel packet to the second edge router via the first edge router and the WAN.Type: ApplicationFiled: August 17, 2018Publication date: February 20, 2020Inventors: Syed Khalid Raza, Mosaddaq Hussain Turabi, Fabio Rodolfo Maino, Vina Ermagan, Atri Indiresan
-
Publication number: 20200036610Abstract: Presented herein is an exemplified system and method that provides visibility, for traffic analytics, into secured encapsulated packet (e.g., secure VXLAN-GPE packet, a secure metadata-GPE packet or other GPE standards). The exemplified system and method facilitate encryption of traffic in a granular manner that also facilitate the monitoring of said secure traffic in a fabric network in an end-to-end manner throughout the network. Such monitoring can be beneficially used for analytics, performance analysis, and network debugging/troubleshooting.Type: ApplicationFiled: July 24, 2018Publication date: January 30, 2020Inventors: Atri Indiresan, Linda Tin-Wen Cheng, Melvin Tsai, Peter Geoffrey Jones, Da-Yuan Tung, David John Zacks
-
Patent number: 10547467Abstract: A method including determining that network traffic being transmitted is unicast or multicast; mapping to which virtual network and locator address each host belongs; generating leaking data for unicast and multicast traffic, wherein the leaking data indicates that a first virtual network leaks traffic to a second virtual network; receiving a request from the second virtual network to receive traffic from a host in the first virtual network; determining, based on the leaking data and the type of traffic being transmitted, if the first virtual network leaks traffic to the second virtual network; if the first virtual network leaks traffic to the second virtual network, determining a locator address for the host in the first virtual network using the mapping data; and transmitting the locator address for the host to the second virtual network to enable traffic leaking from the host to the second virtual network is disclosed.Type: GrantFiled: October 24, 2017Date of Patent: January 28, 2020Assignee: Cisco TechnologyInventors: Sanjay Kumar Hooda, Prakash C. Jain, Rishabh Parekh, Atri Indiresan, Satish Kondalam, Victor Moreno
-
Patent number: 10454882Abstract: Address support and network address transparency may be provided. First, a border device may receive a processed network configuration parameter request having an address of a subnet to which a client device is associated and information data in an information field of the network configuration parameter request. The information data may comprise an address of a network device and an identifier of the subnet to which the client device is associated. Next, the border device may encapsulate the processed network configuration parameter request with the information data extracted from the processed network configuration parameter request. The border device may then forward the encapsulated network configuration parameter response to the network device.Type: GrantFiled: June 30, 2017Date of Patent: October 22, 2019Assignee: Cisco Technology, Inc.Inventors: Sanjay Kumar Hooda, Aniket Ghule, Vimarsh Puneet, Atri Indiresan
-
Publication number: 20190319871Abstract: Multi-VRF universal device Internet Protocol (IP) address for fabric edge devices may be provided. This address may be used to send and receive packets in a connectivity message for all VRFs on a fabric edge device. First, a request packet may be created by a first network device in response to receiving a connectivity message. The request packet may have a source address corresponding to an address of the first network device and a destination address corresponding to an address of a first client device. Next, the first network device may encapsulate the request packet. The first network device may then forward the encapsulated request packet to a second network device associated with the first client device.Type: ApplicationFiled: April 17, 2018Publication date: October 17, 2019Applicant: Cisco Technology, Inc.Inventors: Atri Indiresan, Roberto Kobo, Sanjay Kumar Hooda, Akshay Sunil Dorwat
-
Patent number: 10432578Abstract: Client address based forwarding of dynamic host configuration protocol response packets may be provided. First, a first relay agent on a first network device may receive a first discovery message associated with a first client device. The first discovery message may include a first discovery message identifier field comprising a first identifier corresponding to the first client device. The first client device may be associated with a subnet. Then the first relay agent may register, with a map server, the first identifier with an address of the first network device and add a gateway address corresponding to the first relay agent to the first discovery message. Next, the first relay agent may encapsulate the first discovery message and forward the encapsulated first discovery message over a network to a border device.Type: GrantFiled: September 27, 2016Date of Patent: October 1, 2019Assignee: Cisco Technology, Inc.Inventors: Sanjay Kumar Hooda, Sandesh Kumar Narappa Bheemanakone, Shivangi Sharma, Atri Indiresan, Kaushik Kumar Dam
-
Patent number: 10397141Abstract: In one embodiment a network device includes a plurality of ports. The network device is adapted to receive at least one configuring instruction, and adapted, after receipt of any of the at least one configuring instruction, to configure one or more access ports, of the plurality of ports, for endpoint virtual local area network (VLAN) assignment that is in accordance with at least one VLAN assignment algorithm. The at least one VLAN assignment algorithm allows at least two endpoints to be assigned to at least two different respective VLANs of a plurality of VLANs in a network, the at least one VLAN assignment algorithm enabling the at least two endpoints to connect to a same access port of the one or more access ports and provide data which is not VLAN tagged when received at the same access port.Type: GrantFiled: October 1, 2017Date of Patent: August 27, 2019Assignee: Cisco Technology, Inc.Inventors: Sanjay Kumar Hooda, Atri Indiresan, Da-Yuan Tung, Kaushik Kumar Dam, Anand Pulicat Gopalakrishnan
-
Patent number: 10367691Abstract: Semantic checking of multi-device and protocol configurations based on an extensible rules database for a variety of devices and operating systems may be provided. First, a configuration may be received. Then parent-child hierarchical relationships in the configuration may be determined. Next, a set of rules may be applied to the configuration based upon the determined parent-child hierarchical relationships. A report of errors found and corrective suggestions may then be produced in response to applying the set of rules.Type: GrantFiled: March 17, 2017Date of Patent: July 30, 2019Assignee: Cisco Technology, Inc.Inventors: Atri Indiresan, Aniket Ghule, Himanshu Jain, Mariam Zaim
-
Publication number: 20190230034Abstract: In embodiments disclosed herein involve receiving a first packet, where the first packet originated from a first device on a first virtual local area network (VLAN) in a first plurality of VLANs, where routing is enabled among each of the first plurality of VLANs. A first temporary value is assigned to a first VLAN identifier associated with the first packet, where the first temporary value corresponds to the first plurality of VLANs. Additionally, the first packet is processed based on a plurality of flow tables. Further, a first destination value is assigned to the first VLAN identifier, where the first destination value corresponds to a second VLAN in the first plurality of VLANs, and the first packet is transmitted to a second device on the second VLAN.Type: ApplicationFiled: April 18, 2018Publication date: July 25, 2019Inventors: Atri INDIRESAN, Manas PATI, Christophe RENE