Abstract: A network device may receive a redundant identifier certificate associated with a redundant routing module, and may provide, to a bootstrap device, a primary identifier certificate associated with a primary routing module associated with the network device. The network device may establish a secure connection with the bootstrap device based on the bootstrap device verifying an authenticity of the primary routing module via the primary identifier certificate. The network device may provide, to the bootstrap device via the secure connection, a redundant routing module identifier associated with the redundant routing module and may receive, from the bootstrap device via the secure connection, a signed certificate chain associated with the redundant routing module. The network device may verify the signed certificate chain and may verify the redundant identifier certificate, associated with the redundant routing module, based on verifying the signed certificate chain.

Abstract: A network device may receive a redundant identifier certificate associated with a redundant routing module, and may provide, to a bootstrap device, a primary identifier certificate associated with a primary routing module associated with the network device. The network device may establish a secure connection with the bootstrap device based on the bootstrap device verifying an authenticity of the primary routing module via the primary identifier certificate. The network device may provide, to the bootstrap device via the secure connection, a redundant routing module identifier associated with the redundant routing module and may receive, from the bootstrap device via the secure connection, a signed certificate chain associated with the redundant routing module. The network device may verify the signed certificate chain and may verify the redundant identifier certificate, associated with the redundant routing module, based on verifying the signed certificate chain.

Abstract: A network device may receive a redundant identifier certificate associated with a redundant routing module, and may provide, to a bootstrap device, a primary identifier certificate associated with a primary routing module associated with the network device. The network device may establish a secure connection with the bootstrap device based on the bootstrap device verifying an authenticity of the primary routing module via the primary identifier certificate. The network device may provide, to the bootstrap device via the secure connection, a redundant routing module identifier associated with the redundant routing module and may receive, from the bootstrap device via the secure connection, a signed certificate chain associated with the redundant routing module. The network device may verify the signed certificate chain and may verify the redundant identifier certificate, associated with the redundant routing module, based on verifying the signed certificate chain.

Abstract: Techniques are disclosed for performing secure remote bootstrapping operations of a network device such that sensitive configuration resides in volatile memory or is inaccessible upon power loss. In one example, a network device performs a first request for onboarding information. In response to determining that a first initialization of the network device has not occurred, the network device performs the first initialization by configuring, with the onboarding information, the network device to mount a portion of a file system to a volatile memory and not a non-volatile memory. After rebooting, the network device performs a second request for the onboarding information. In response to determining that the first initialization of the network device has occurred, the network device performs a bootstrapping operation of the network device. The bootstrapping operation may configure the network device for remote management such that any subsequent configuration obtained remotely is not retained on power loss.

Abstract: Techniques are disclosed for performing secure remote bootstrapping operations of a network device such that sensitive configuration resides in volatile memory or is inaccessible upon power loss. In one example, a network device performs a first request for onboarding information. In response to determining that a first initialization of the network device has not occurred, the network device performs the first initialization by configuring, with the onboarding information, the network device to mount a portion of a file system to a volatile memory and not a non-volatile memory. After rebooting, the network device performs a second request for the onboarding information. In response to determining that the first initialization of the network device has occurred, the network device performs a bootstrapping operation of the network device. The bootstrapping operation may configure the network device for remote management such that any subsequent configuration obtained remotely is not retained on power loss.

Abstract: A dispatching technique dispatches packets to a plurality of service control engines (SCEs) which in aggregate may be configured to handle traffic produced by a high-speed high-capacity data link. Upstream and downstream packets that are associated with a data flow between a subscriber and a destination node in a communication network are received from by a dispatcher which is located in a path used by the data flow. For each packet, the dispatcher identifies an SCE from among a plurality of SCEs that is to receive the packet based upon an address contained in the packet. The packet is then dispatched by the dispatcher to the identified SCE which processes the packet accordingly. After processing the packet, the SCE returns the packet to the dispatcher which further processes the packet including transferring the packet onto the communication network towards its destination.

Abstract: A port adapter for connecting zero or more network interfaces to a host system having a SPI-4 bus is disclosed. The port adapter comprises zero or more network interfaces; a SPI-4 bus coupled to a host system to provide a communication channel between the host and the network interfaces; a control bus coupled to the host system for controlling and monitoring the port adapter; and interface logic that interfaces the SPI-4 bus and the control bus to the network interfaces. Methods are provided for selecting and using one of a small plurality of different packet formats for various networking technologies, so that the port adapter can hide details of the technology that it handles from the host system, and for operating the host system's SPI-4 bus at one of several speeds based on bandwidth requirements of the port adapter.

Abstract: A dispatching technique dispatches packets to a plurality of service control engines (SCEs) which in aggregate may be configured to handle traffic produced by a high-speed high-capacity data link. Upstream and downstream packets that are associated with a data flow between a subscriber and a destination node in a communication network are received from by a dispatcher which is located in a path used by the data flow. For each packet, the dispatcher identifies an SCE from among a plurality of SCEs that is to receive the packet based upon an address contained in the packet. The packet is then dispatched by the dispatcher to the identified SCE which processes the packet accordingly. After processing the packet, the SCE returns the packet to the dispatcher which further processes the packet including transferring the packet onto the communication network towards its destination.

Abstract: A port adapter for connecting zero or more network interfaces to a host system having a SPI-4 bus is disclosed. The port adapter comprises zero or more network interfaces; a SPI-4 bus coupled to a host system to provide a communication channel between the host and the network interfaces; a control bus coupled to the host system for controlling and monitoring the port adapter; and interface logic that interfaces the SPI-4 bus and the control bus to the network interfaces. Methods are provided for selecting and using one of a small plurality of different packet formats for various networking technologies, so that the port adapter can hide details of the technology that it handles from the host system, and for operating the host system's SPI-4 bus at one of several speeds based on bandwidth requirements of the port adapter.

Abstract: A port adapter for connecting zero or more network interfaces to a host system having a SPI-4 bus is disclosed. The port adapter comprises zero or more network interfaces; a SPI-4 bus coupled to a host system to provide a communication channel between the host and the network interfaces; a control bus coupled to the host system for controlling and monitoring the port adapter; and interface logic that interfaces the SPI-4 bus and the control bus to the network interfaces. Methods are provided for selecting and using one of a small plurality of different packet formats for various networking technologies, so that the port adapter can hide details of the technology that it handles from the host system, and for operating the host system's SPI-4 bus at one of several speeds based on bandwidth requirements of the port adapter.

Abstract: A port adapter for connecting zero or more network interfaces to a host system having a SPI-4 bus is disclosed. The port adapter comprises zero or more network interfaces; a SPI-4 bus coupled to a host system to provide a communication channel between the host and the network interfaces; a control bus coupled to the host system for controlling and monitoring the port adapter; and interface logic that interfaces the SPI-4 bus and the control bus to the network interfaces. Methods are provided for selecting and using one of a small plurality of different packet formats for various networking technologies, so that the port adapter can hide details of the technology that it handles from the host system, and for operating the host system's SPI-4 bus at one of several speeds based on bandwidth requirements of the port adapter.

Abstract: Presently disclosed is an apparatus and method for returning control of bandwidth allocation and packet scheduling to the routing engine in a network communications device containing an ATM interface. Virtual circuit (VC) flow control is augmented by the addition of a second flow control feedback signal from each virtual path (VP). VP flow control is used to suspend scheduling of all VCs on a given VP when traffic has accumulated on enough VCs to keep the VP busy. A new packet segmenter is employed to segment traffic while preserving the first in, first out (FIFO) order in which packet traffic was received. Embodiments of the invention may be implemented using a two-level (per-VC and per-VP) scheduling hierarchy or may use as many levels of flow control feedback-derived scheduling as may be necessitated by multilevel scheduling hierarchies.

Abstract: A port adapter for connecting zero or more network interfaces to a host system having a SPI-4 bus is disclosed. The port adapter comprises zero or more network interfaces; a SPI-4 bus coupled to a host system to provide a communication channel between the host and the network interfaces; a control bus coupled to the host system for controlling and monitoring the port adapter; and interface logic that interfaces the SPI-4 bus and the control bus to the network interfaces. Methods are provided for selecting and using one of a small plurality of different packet formats for various networking technologies, so that the port adapter can hide details of the technology that it handles from the host system, and for operating the host system's SPI-4 bus at one of several speeds based on bandwidth requirements of the port adapter.

Abstract: A network node destination module for ensuring proper reception and transmission of information over a network having an optional network reference clock including an input stage for receiving the information, a synchronous residual time stamp (SRTS) timing control stage for implementing digital phase comparison techniques utilizing the network reference clock, and a clock generation stage for generating a transmit clock in response to a control value generated by the SRTS timing control stage. The SRTS timing control stage maintains a constant phase offset between the receive clock of the source node and the transmit clock of the destination node. The SRTS timing control stage includes an RTS sample generator for generating a local RTS sample for comparison with the source RTS sample to determine a current phase offset between the source and clocks. The current phase offset is then compared to a target phase offset stored in a phase register to generate a control value.

Abstract: A network node destination module for ensuring proper reception and transmission of information over a network having an optional network reference clock including an input stage for receiving the information, a synchronous residual time stamp (SRTS) timing control stage for implementing digital phase comparison techniques utilizing the network reference clock, and a clock generation stage for generating a transmit clock in response to a control value generated by the SRTS timing control stage. The SRTS timing control stage maintains a constant phase offset between the receive clock of the source node and the transmit clock of the destination node. The SRTS timing control stage includes an RTS sample generator for generating a local RTS sample for comparison with the source RTS sample to determine a current phase offset between the source and clocks. The current phase offset is then compared to a target phase offset stored in a phase register to generate a control value.