Patents by Inventor Dinesh Ranjit
Dinesh Ranjit has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11362883Abstract: Presented herein are methodologies for tracking a link state of a physical network connection and selectively reporting the link state to virtual machines that rely on the physical network connection. A method includes receiving an indication, at a hypervisor, which is running on a host computer and which instantiates a virtual switch, that a physical link interconnecting the host computer to a network has failed; determining that the physical link serves the virtual switch; determining whether link state tracking is enabled for the physical link; and when link state tracking is enabled for the physical link, notifying a virtual machine, which is running on the host computer and which is being served by the virtual switch, that a connection between the virtual machine and the network has failed.Type: GrantFiled: March 12, 2021Date of Patent: June 14, 2022Assignee: CISCO TECHNOLOGY, INC.Inventors: Dinesh Ranjit, Ramanathan Lakshmikanthan, Vijay Padmanabhan
-
Patent number: 11063856Abstract: The subject disclosure relates to methods for monitoring virtual network functions (VNFs) using mirror-ports provided on a virtual switch. A method of the technology can include steps for detecting an instantiation of a virtual network function (VNF), receiving a plurality of operating parameters for the VNF, connecting the VNF with a virtual switch, and automatically discovering an Internet Protocol (IP) address of the VNF. In some aspects, the method can further include operations for instantiating a mirror-port on the virtual switch, the mirror-port configured to provide a communications interface for monitoring the VNF based on a monitoring parameter. Systems and computer-readable media are also provided.Type: GrantFiled: August 24, 2017Date of Patent: July 13, 2021Assignee: CISCO TECHNOLOGY, INC.Inventors: Dinesh Ranjit, Jim French, Nagi Swaminathan
-
Patent number: 11050640Abstract: Systems, methods, and computer-readable media for providing throughput assurance in a virtual service chain. A virtual service chain formed by a plurality of stitched virtualized network functions running on a plurality of virtual nodes can be monitored. An inline statistics agent can generate inline statistics of the operation of the virtual service chain. Further, an actual throughput of the virtual service chain can be identified from the inline statistics. As follows, throughput assurance for the virtual service chain can be provided by comparing the actual throughput of the virtual service chain with an expected throughput of the virtual service chain.Type: GrantFiled: December 13, 2019Date of Patent: June 29, 2021Assignee: CISCO TECHNOLOGY, INC.Inventors: Dinesh Ranjit, Pradeep Kanavihalli Subramanyasetty, Shiva Prasad Rao, Dhanashree Somnath Gosavi, Colt Ashton Campbell, Prafulla Harpanhalli
-
Publication number: 20210184945Abstract: Systems, methods, and computer-readable media for providing throughput assurance in a virtual service chain. A virtual service chain formed by a plurality of stitched virtualized network functions running on a plurality of virtual nodes can be monitored. An inline statistics agent can generate inline statistics of the operation of the virtual service chain. Further, an actual throughput of the virtual service chain can be identified from the inline statistics. As follows, throughput assurance for the virtual service chain can be provided by comparing the actual throughput of the virtual service chain with an expected throughput of the virtual service chain.Type: ApplicationFiled: December 13, 2019Publication date: June 17, 2021Inventors: Dinesh Ranjit, Pradeep Kanavihalli Subramanyasetty, Shiva Prasad Rao, Dhanashree Somnath Gosavi, Colt Ashton Campbell, Prafulla Harpanhalli
-
Patent number: 10992515Abstract: Presented herein are methodologies for tracking a link state of a physical network connection and selectively reporting the link state to virtual machines that rely on the physical network connection. A method includes receiving an indication, at a hypervisor, which is running on a host computer and which instantiates a virtual switch, that a physical link interconnecting the host computer to a network has failed; determining that the physical link serves the virtual switch; determining whether link state tracking is enabled for the physical link; and when link state tracking is enabled for the physical link, notifying a virtual machine, which is running on the host computer and which is being served by the virtual switch, that a connection between the virtual machine and the network has failed.Type: GrantFiled: June 10, 2019Date of Patent: April 27, 2021Assignee: CISCO TECHNOLOGY, INC.Inventors: Dinesh Ranjit, Ramanathan Lakshmikanthan, Vijay Padmanabhan
-
Publication number: 20190068476Abstract: The subject disclosure relates to methods for monitoring virtual network functions (VNFs) using mirror-ports provided on a virtual switch. A method of the technology can include steps for detecting an instantiation of a virtual network function (VNF), receiving a plurality of operating parameters for the VNF, connecting the VNF with a virtual switch, and automatically discovering an Internet Protocol (IP) address of the VNF. In some aspects, the method can further include operations for instantiating a mirror-port on the virtual switch, the mirror-port configured to provide a communications interface for monitoring the VNF based on a monitoring parameter. Systems and computer-readable media are also provided.Type: ApplicationFiled: August 24, 2017Publication date: February 28, 2019Inventors: Dinesh Ranjit, Jim French, Nagi Swaminathan
-
Publication number: 20170317936Abstract: A classifier network element in a service function chain system receives a classification policy and an access policy from a controller of the service function chain system. The classification policy identifies which service function path network traffic flows will traverse through the service function chain system. The access policy defines criteria for determining whether network traffic flows will be sent along a service function path of the service function chain system. The classifier network element receives an initial packet of a network traffic flow from a source endpoint directed to a destination endpoint. Responsive to a determination that the initial packet of the network traffic flow satisfies the criteria of the access policy, the classifier network element applies the access policy to the network traffic flow.Type: ApplicationFiled: April 28, 2016Publication date: November 2, 2017Inventors: Nagarajan Swaminathan, Dinesh Ranjit, Daniel Freedman
-
Patent number: 9137139Abstract: A network device receives packets sent over a network from another network device. Each packet contains a source identifier that identifies a device that is the source of the packet, a destination identifier that identifies a device that is the intended destination of the packet, a sender identifier that identifies a network device that encrypted and sent the packet and a sequence number associated with the packet. The network device stores data indicating source identifier, destination identifier, sender identifier and sequence number for packets received over time. The network device rejects a newly received packet when it is determined that the sequence number of the newly received packet is less than the last sequence number stored for a matching packet flow (same source identifier, destination identifier and sender identifier) and falls outside of the counter-based window with respect to the last sequence number stored for the matching packet flow.Type: GrantFiled: December 18, 2009Date of Patent: September 15, 2015Assignee: Cisco Technology, Inc.Inventors: Tanya Roosta, Kavitha Kamarthy, Dinesh Ranjit
-
Patent number: 8750507Abstract: A technique for dynamically creating and deleting groups to support secure group communication sessions is provided herein. A request for creation of a dynamic group that enables group members to participate in a secure group communication session is received by a network authentication device such as a key server. Creation of the dynamic group includes generating a lifetime attribute indicating when the dynamic group is to exist based on timing information provided in the request, along with security policies required for generating the keys, and generating a unique group ID associated with the dynamic group for distribution to the group members. The keys for the secure group communication session are supplied, along with security policies, in response to a request containing the unique group ID identifying the dynamic group. The dynamic group is deleted in response to determining from the lifetime attribute that the secure group communication session has expired.Type: GrantFiled: January 25, 2010Date of Patent: June 10, 2014Assignee: Cisco Technology, Inc.Inventors: Tanya Roosta, Kavitha Kamarthy, Dinesh Ranjit
-
Patent number: 8656170Abstract: Techniques are provided for determining freshness of control messages in a network. At a first device that is to enter into a secure communication session with a second device, timestamp information and time window size information are sent to the second device in a control message during a first exchange between a first device and a second device. At the first device, timestamp information and time window size information are obtained from a control message received from the second device by the first device during the first exchange. At the first device, the freshness of a control message is tested based on the timestamp information of the control message during a second exchange and the time window size information received from the second device during the first exchange.Type: GrantFiled: May 28, 2010Date of Patent: February 18, 2014Assignee: Cisco Technology, Inc.Inventors: Kavitha Kamarthy, Sheela D. Rowles, Dinesh Ranjit, Tanya Roosta, Warren S. Wainner
-
Publication number: 20110296185Abstract: Techniques are provided for determining freshness of control messages in a network. At a first device that is to enter into a secure communication session with a second device, timestamp information and time window size information are sent to the second device in a control message during a first exchange between a first device and a second device. At the first device, timestamp information and time window size information are obtained from a control message received from the second device by the first device during the first exchange. At the first device, the freshness of a control message is tested based on the timestamp information of the control message during a second exchange and the time window size information received from the second device during the first exchange.Type: ApplicationFiled: May 28, 2010Publication date: December 1, 2011Applicant: CISCO TECHNOLOGY, INC.Inventors: Kavitha Kamarthy, Sheela D. Rowles, Dinesh Ranjit, Tanya Roosta, Warren S. Wainner
-
Publication number: 20110182426Abstract: A technique for dynamically creating and deleting groups to support secure group communication sessions is provided herein. A request for creation of a dynamic group that enables group members to participate in a secure group communication session is received by a network authentication device such as a key server. Creation of the dynamic group includes generating a lifetime attribute indicating when the dynamic group is to exist based on timing information provided in the request, along with security policies required for generating the keys, and generating a unique group ID associated with the dynamic group for distribution to the group members. The keys for the secure group communication session are supplied, along with security policies, in response to a request containing the unique group ID identifying the dynamic group. The dynamic group is deleted in response to determining from the lifetime attribute that the secure group communication session has expired.Type: ApplicationFiled: January 25, 2010Publication date: July 28, 2011Applicant: CISCO TECHNOLOGY, INC.Inventors: Tanya Roosta, Kavitha Kamarthy, Dinesh Ranjit
-
Publication number: 20110153862Abstract: Techniques are provided for more robust counter-based anti-replay protection with respect to packets sent between network devices. A network device receives packets sent over a network from another network device. Each packet contains a source identifier that identifies a device that is the source of the packet, a destination identifier that identifies a device that is the intended destination of the packet, a sender identifier that identifies a network device that encrypted and sent the packet and a sequence number associated with the packet. The network device stores data indicating source identifier, destination identifier, sender identifier and sequence number for packets received over time.Type: ApplicationFiled: December 18, 2009Publication date: June 23, 2011Applicant: CISCO TECHNOLOGY, INC.Inventors: Tanya Roosta, Kavitha Kamarthy, Dinesh Ranjit