Patents by Inventor Douglas Alan Gourlay
Douglas Alan Gourlay has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11895154Abstract: A method and system for maintaining persistent network policies for a virtual machine (VM) that includes determining a name of the VM executing on a first host connected to a first network device; binding the name of the VM to a network policy for the VM on the first network device; acquiring from VM management software, using the name of the VM, a universally unique identifier (UUID) of the VM; associating the UUID to the network policy on the first network device; applying the network policy for the VM on the first network device; subscribing to receive notifications from the VM management software of changes to the configuration of the VM corresponding to the UUID; receiving notification from the VM management software of a configuration change made to the VM corresponding to the UUID; and updating the network policy of the VM to reflect the configuration change of the VM.Type: GrantFiled: July 9, 2021Date of Patent: February 6, 2024Assignee: Arista Networks, Inc.Inventors: Douglas Alan Gourlay, Kenneth James Duda
-
Publication number: 20230412601Abstract: A method for managing a network includes obtaining network flow data corresponding to a network device in the network, determining, based on the network flow data, configuration coverage associated with forwarding control configuration of the network device, identifying, using the configuration coverage and the forwarding control configuration, non-coverage, generating a plurality of synthetic packets based on the non-coverage, transmitting the plurality of synthetic packets to the network device, obtaining a set of results associated with the plurality of synthetic packets, making a determination, based on the set of results, that the network device is not implementing at least a portion of the non-coverage correctly, and based on the determination, performing a remediation action on the network device.Type: ApplicationFiled: May 24, 2022Publication date: December 21, 2023Inventors: Douglas Alan Gourlay, Kenneth James Duda, Fred Lo-Tze Hsu
-
Publication number: 20230063253Abstract: Packets in a network may be dropped from time to time. Although network devices are able to provide counters specifying the number of dropped packets, these network devices are unable to provide additional context about the dropped packets. However, users of a network wish to know more about dropped packets; such as why the packets were dropped. Therefore, methods for capturing and storing the dropped packets are provided. This way, users can analyze the dropped packets to determine why these packets were dropped.Type: ApplicationFiled: February 1, 2022Publication date: March 2, 2023Inventors: Douglas Alan Gourlay, Udayakumar Srinivasan, Fred Hsu
-
Publication number: 20230063515Abstract: A method for remotely configuring a network device using a user device and a network management service is provided. The user device includes a first communication interface and a second communication interface, and the method includes: initiating, by the user device, a communication channel with the network device using the second communication interface; after the communication channel is established: obtaining, by the user device via the first communication interface, configuration information for the network device from the network management service; and sending, by the user device, the configuration information to the network device via the communication channel. The user device is in communication with the network management service via the first communication interface, and the user device is configured as a pass-through device that relays the configuration information from the network management service to the network device.Type: ApplicationFiled: January 25, 2022Publication date: March 2, 2023Inventors: Ethan Barnett Rahn, Udayakumar Srinivasan, Aparna Sushrut Karanjkar, Douglas Alan Gourlay, Kim Ringeisen
-
Publication number: 20220231918Abstract: A method and system for enforcing network topology. The method includes receiving, at a first port on a first switch, a second role associated with a second switch, where the second switch is connected to the first switch using the first port, and where the first switch is associated with a first role. The method further includes making a first determination, using the first role, the second role, and a network topology policy, that the first switch should not be connected to the second switch. Sending, in response to the first determination, a first alert to an alert recipient, where the first alert specifies that the first switch is improperly connected to the second switch.Type: ApplicationFiled: April 6, 2022Publication date: July 21, 2022Inventors: Douglas Alan Gourlay, Andre Henri Joseph Pech, Benoit Sigoure
-
Patent number: 11329881Abstract: A method and system for enforcing network topology. The method includes receiving, at a first port on a first switch, a second role associated with a second switch, where the second switch is connected to the first switch using the first port, and where the first switch is associated with a first role. The method further includes making a first determination, using the first role, the second role, and a network topology policy, that the first switch should not be connected to the second switch. Sending, in response to the first determination, a first alert to an alert recipient, where the first alert specifies that the first switch is improperly connected to the second switch.Type: GrantFiled: January 10, 2018Date of Patent: May 10, 2022Assignee: Arista Networks, Inc.Inventors: Douglas Alan Gourlay, Andre Henri Joseph Pech, Benoit Sigoure
-
Publication number: 20210336997Abstract: A method and system for maintaining persistent network policies for a virtual machine (VM) that includes determining a name of the VM executing on a first host connected to a first network device; binding the name of the VM to a network policy for the VM on the first network device; acquiring from VM management software, using the name of the VM, a universally unique identifier (UUID) of the VM; associating the UUID to the network policy on the first network device; applying the network policy for the VM on the first network device; subscribing to receive notifications from the VM management software of changes to the configuration of the VM corresponding to the UUID; receiving notification from the VM management software of a configuration change made to the VM corresponding to the UUID; and updating the network policy of the VM to reflect the configuration change of the VM.Type: ApplicationFiled: July 9, 2021Publication date: October 28, 2021Inventors: Douglas Alan Gourlay, Kenneth James Duda
-
Patent number: 11075948Abstract: A method and system for maintaining persistent network policies for a virtual machine (VM) that includes determining a name of the VM executing on a first host connected to a first network device; binding the name of the VM to a network policy for the VM on the first network device; acquiring from VM management software, using the name of the VM, a universally unique identifier (UUID) of the VM; associating the UUID to the network policy on the first network device; applying the network policy for the VM on the first network device; subscribing to receive notifications from the VM management software of changes to the configuration of the VM corresponding to the UUID; receiving notification from the VM management software of a configuration change made to the VM corresponding to the UUID; and updating the network policy of the VM to reflect the configuration change of the VM.Type: GrantFiled: January 9, 2015Date of Patent: July 27, 2021Assignee: ARISTA NETWORKS, INC.Inventors: Douglas Alan Gourlay, Kenneth James Duda
-
Patent number: 10484256Abstract: A method for determining that a defect applies to a network device that includes receiving, at a monitoring module, network device information from the network device. The network device information includes state information for the network device and does not include hardware and software version information. The method includes storing, in a network device database, the network device information from the network device and receiving, at the monitoring module, defect information about a defect. The defect information includes network device criteria specifying what state information is required for a network device to be affected by the defect. The method includes storing the defect information in a defect database, determining that the defect applies to the network device based on analyzing the network device information and the defect information from their respective databases, and, based on the determination, informing a defect alert recipient that the defect applies to the network device.Type: GrantFiled: August 12, 2014Date of Patent: November 19, 2019Assignee: Arista Networks, Inc.Inventors: Douglas Alan Gourlay, Kenneth James Duda, Andre Henri Joseph Pech
-
Publication number: 20180131569Abstract: A method and system for enforcing network topology. The method includes receiving, at a first port on a first switch, a second role associated with a second switch, where the second switch is connected to the first switch using the first port, and where the first switch is associated with a first role. The method further includes making a first determination, using the first role, the second role, and a network topology policy, that the first switch should not be connected to the second switch. Sending, in response to the first determination, a first alert to an alert recipient, where the first alert specifies that the first switch is improperly connected to the second switch.Type: ApplicationFiled: January 10, 2018Publication date: May 10, 2018Inventors: Douglas Alan Gourlay, Andre Henri Joseph Pech, Benoit Sigoure
-
Patent number: 9900217Abstract: A method and system for enforcing network topology. The method includes receiving, at a first port on a first switch, a second role associated with a second switch, where the second switch is connected to the first switch using the first port, and where the first switch is associated with a first role. The method further includes making a first determination, using the first role, the second role, and a network topology policy, that the first switch should not be connected to the second switch. Sending, in response to the first determination, a first alert to an alert recipient, where the first alert specifies that the first switch is improperly connected to the second switch.Type: GrantFiled: March 26, 2014Date of Patent: February 20, 2018Assignee: Arista Networks, Inc.Inventors: Douglas Alan Gourlay, Andre Henri Joseph Pech, Benoit Sigoure
-
Patent number: 9729578Abstract: A method and system for applying a network policy in a virtual extensible local area network (VXLAN) environment. The method includes receiving, at a network device, a VXLAN frame that includes a source VXLAN network identifier (VNI). The network device includes a first network policy. The method also includes examining the VXLAN frame to determine the source VNI; obtaining, based on the source VNI, the first network policy; and processing the VXLAN frame based on the application of the first network policy.Type: GrantFiled: January 9, 2015Date of Patent: August 8, 2017Assignee: Arista Networks, Inc.Inventors: Douglas Alan Gourlay, Kenneth James Duda
-
Patent number: 9705930Abstract: A method and system for securing a VXLAN environment, including configuring a default network policy, associated with interfaces of the network device, for dropping all VXLAN frames including a VXLAN attribute; obtaining, by the network device, registered VTEP identifiers; determining, using the registered VTEP identifiers, that an interface of the network device is operatively connected to a registered VTEP associated with a registered VTEP identifier; disassociating the default network policy from the interface based on the determination; receiving, at the interface, a frame; performing a first verification that the frame is a VXLAN frame by examining the frame to determine that the frame includes the VXLAN attribute; performing a second verification to determine that the VXLAN frame includes a registered VTEP identifier; allowing, based on the first verification and the second verification, the network device to process the VXLAN frame; and processing the VXLAN frame.Type: GrantFiled: May 16, 2016Date of Patent: July 11, 2017Assignee: Arista Networks, Inc.Inventors: Douglas Alan Gourlay, Kenneth James Duda
-
Patent number: 9621511Abstract: A non-transitory computer readable medium includes instructions, which, when executed by a processor, perform a method on a network device. The method includes receiving, from a configuration server, a master configuration script that includes an instruction set, a network topology for network devices, and a dictionary. The dictionary includes network device specific configuration scripts for the network devices. The method also includes executing the instruction set on the network device to configure the network device.Type: GrantFiled: September 10, 2013Date of Patent: April 11, 2017Assignee: Arista Networks, Inc.Inventors: Ariff Premji, Andre Henri Joseph Pech, Douglas Alan Gourlay
-
Patent number: 9621419Abstract: An adjunct network device includes several ports, an uplink interface, and an adjunct forwarding engine coupled to the ports and the uplink interface. A first port is configured to receive a packet, which includes a destination address. The adjunct forwarding engine is configured to send the packet to the uplink interface if the destination address is not associated with any of the ports. The packet is sent to one of the ports if the destination address is associated with the one of the ports.Type: GrantFiled: February 18, 2011Date of Patent: April 11, 2017Assignee: Cisco Technology, Inc.Inventors: Michael R. Smith, Douglas Alan Gourlay, Jeffrey Ym Wang, Ali Golshan
-
Patent number: 9509603Abstract: A system and method for route health injection using virtual tunnel endpoints. The method includes detecting, by a virtual tunnel endpoint (VTEP), that a new host is connected to the VTEP, where the VTEP is executing on the network device. The method further includes, based on the detecting, generating by the VTEP, a new route for the new host, where the new route is at least a longer match for the new host than currently existing routes for the new host, and providing the new route to a default gateway for the new host.Type: GrantFiled: March 31, 2014Date of Patent: November 29, 2016Assignee: Arista Networks, Inc.Inventors: Kenneth James Duda, Douglas Alan Gourlay
-
Publication number: 20160323319Abstract: A method and system for securing a VXLAN environment, including configuring a default network policy, associated with interfaces of the network device, for dropping all VXLAN frames including a VXLAN attribute; obtaining, by the network device, registered VTEP identifiers; determining, using the registered VTEP identifiers, that an interface of the network device is operatively connected to a registered VTEP associated with a registered VTEP identifier; disassociating the default network policy from the interface based on the determination; receiving, at the interface, a frame; performing a first verification that the frame is a VXLAN frame by examining the frame to determine that the frame includes the VXLAN attribute; performing a second verification to determine that the VXLAN frame includes a registered VTEP identifier; allowing, based on the first verification and the second verification, the network device to process the VXLAN frame; and processing the VXLAN frame.Type: ApplicationFiled: May 16, 2016Publication date: November 3, 2016Inventors: Douglas Alan Gourlay, Kenneth James Duda
-
Patent number: 9442742Abstract: A method for maintaining a switch. The method includes identifying a first phase to enter in a boot-up process for the switch, where the boot-up process includes a number of phases and the first phase is one of the phases. The method further includes determining a phase exit condition from a first snapshot of the switch, where the first snapshot includes state information for each of the of phases. The method further includes transitioning to the first phase and after transitioning to the first phase: starting a first countdown timer for the first phase, and executing, on the switch, a first networking protocol for the first phase. The method further includes determining, in response to the executing, that a first current state of the switch satisfies the phase exit condition, and exiting the first phase, where the first countdown timer is not expired when exiting the first phase.Type: GrantFiled: September 18, 2014Date of Patent: September 13, 2016Assignee: Arista Networks, Inc.Inventors: Douglas Alan Gourlay, Hua Zhong
-
Patent number: 9350608Abstract: A method and system for securing a VXLAN environment, including configuring a default network policy, associated with interfaces of the network device, for dropping all VXLAN frames including a VXLAN attribute; obtaining, by the network device, registered VTEP identifiers; determining, using the registered VTEP identifiers, that an interface of the network device is operatively connected to a registered VTEP associated with a registered VTEP identifier; disassociating the default network policy from the interface based on the determination; receiving, at the interface, a frame; performing a first verification that the frame is a VXLAN frame by examining the frame to determine that the frame includes the VXLAN attribute; performing a second verification to determine that the VXLAN frame includes a registered VTEP identifier; allowing, based on the first verification and the second verification, the network device to process the VXLAN frame; and processing the VXLAN frame.Type: GrantFiled: January 9, 2015Date of Patent: May 24, 2016Assignee: Arista Networks, Inc.Inventors: Douglas Alan Gourlay, Kenneth James Duda
-
Publication number: 20160085560Abstract: A method for maintaining a switch. The method includes identifying a first phase to enter in a boot-up process for the switch, where the boot-up process includes a number of phases and the first phase is one of the phases. The method further includes determining a phase exit condition from a first snapshot of the switch, where the first snapshot includes state information for each of the of phases. The method further includes transitioning to the first phase and after transitioning to the first phase: starting a first countdown timer for the first phase, and executing, on the switch, a first networking protocol for the first phase. The method further includes determining, in response to the executing, that a first current state of the switch satisfies the phase exit condition, and exiting the first phase, where the first countdown timer is not expired when exiting the first phase.Type: ApplicationFiled: September 18, 2014Publication date: March 24, 2016Inventors: Douglas Alan Gourlay, Hua Zhong