Patents by Inventor Murtuza Attarwala
Murtuza Attarwala has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11943107Abstract: A router architecture that facilitates cloud exchange point routing is disclosed. The architecture relies upon B-nodes to connect branch network to cloud, S-nodes to connect services, and V-nodes to connect cloud to cloud. The nodes can be essentially stateless with node configuration stored outside a router, which facilitates ripping and replacement of nodes. Multiple virtual private clouds can be implemented with respective pluralities of Kubernetes pods and a master Kubernetes cluster. Consumer premises equipment is coupled to a first virtual private cloud that forms a virtual extensible local area network with a second private cloud.Type: GrantFiled: December 5, 2022Date of Patent: March 26, 2024Assignee: ALKIRA, INC.Inventors: Himanshu Shah, Atif Khan, Murtuza Attarwala
-
Patent number: 11658898Abstract: A method may include identifying an address within a packet of a traffic flow associated with a network device. The method may also include comparing the address within the packet with a stored address, the stored address associated with a route for an alternative traffic path, where the alternative traffic path may be different from a default route of traffic passing through the network device. The method may additionally include, based on the address within the packet matching the stored address, routing the packet along the alternative traffic path instead of the default route of traffic.Type: GrantFiled: August 12, 2020Date of Patent: May 23, 2023Assignee: Cisco Technology, Inc.Inventors: Himanshu Shah, Murtuza Attarwala, Linus Aranha
-
Publication number: 20230094339Abstract: A router architecture that facilitates cloud exchange point routing is disclosed. The architecture relies upon B-nodes to connect branch network to cloud, S-nodes to connect services, and V-nodes to connect cloud to cloud. The nodes can be essentially stateless with node configuration stored outside a router, which facilitates ripping and replacement of nodes. Multiple virtual private clouds can be implemented with respective pluralities of Kubernetes pods and a master Kubernetes cluster. Consumer premises equipment is coupled to a first virtual private cloud that forms a virtual extensible local area network with a second private cloud.Type: ApplicationFiled: December 5, 2022Publication date: March 30, 2023Inventors: Himanshu Shah, Atif Khan, Murtuza Attarwala
-
Publication number: 20230090829Abstract: In some examples, an example method to provide a virtualized Carrier-grade Network Address Translation (CGN) at a first customer edge router may include establishing a tunnel between the first customer edge router and each aggregation router among one or more aggregation routers, performing a Network Address Translation (NAT) on a first data packet to create a NAT'ed first data packet, selecting a first aggregation router from amongst the one or more aggregation routers to send the NAT'ed first data packet to, encapsulating the NAT'ed first data packet with overlay information corresponding to a tunnel established between the first customer edge router and a first aggregation router, and sending the encapsulated NAT'ed first data packet through the tunnel to the first aggregation router.Type: ApplicationFiled: November 29, 2022Publication date: March 23, 2023Inventors: Syed Khalid Raza, Murtuza Attarwala
-
Patent number: 11546213Abstract: A router architecture that facilitates cloud exchange point routing is disclosed. The architecture relies upon B-nodes to connect branch network to cloud, S-nodes to connect services, and V-nodes to connect cloud to cloud. The nodes can be essentially stateless with node configuration stored outside a router, which facilitates ripping and replacement of nodes. Multiple virtual private clouds can be implemented with respective pluralities of Kubernetes pods and a master Kubernetes cluster. Consumer premises equipment is coupled to a first virtual private cloud that forms a virtual extensible local area network with a second private cloud.Type: GrantFiled: December 31, 2019Date of Patent: January 3, 2023Assignee: Alkira, Inc.Inventors: Himanshu Shah, Atif Khan, Murtuza Attarwala
-
Patent number: 11522828Abstract: In some examples, an example method to provide a virtualized Carrier-grade Network Address Translation (CGN) at a first customer edge router may include establishing a tunnel between the first customer edge router and each aggregation router among one or more aggregation routers, performing a Network Address Translation (NAT) on a first data packet to create a NAT'ed first data packet, selecting a first aggregation router from amongst the one or more aggregation routers to send the NAT'ed first data packet to, encapsulating the NAT'ed first data packet with overlay information corresponding to a tunnel established between the first customer edge router and a first aggregation router, and sending the encapsulated NAT'ed first data packet through the tunnel to the first aggregation router.Type: GrantFiled: July 31, 2017Date of Patent: December 6, 2022Assignee: Cisco Technology, Inc.Inventors: Syed Khalid Raza, Murtuza Attarwala
-
Patent number: 11509639Abstract: In some examples, an example method to provide an IPsec anti-replay window with quality of service (QoS) at a first network endpoint may include configuring a multiple number of anti-replay windows, generating a first security association (SA), and establishing the first SA with a second network endpoint. The first SA may include a first multiple number of security parameter indexes (SPIs), where each of the first multiple number of SPIs may be assigned to a specific QoS level, and each of the first multiple number of SPIs may be assigned to one of the multiple number of anti-replay windows. Establishing the first SA with the second network endpoint may include assigning the first SA to a first encryption key, and providing the first encryption key to the second network endpoint.Type: GrantFiled: September 16, 2020Date of Patent: November 22, 2022Assignee: Cisco Technology, Inc.Inventors: Praveen Raju Kariyanahalli, Mosaddaq Hussain Turabi, Murtuza Attarwala
-
Publication number: 20220078074Abstract: A router architecture that facilitates cloud exchange point routing is disclosed. The architecture relies upon B-nodes to connect branch network to cloud, S-nodes to connect services, and V-nodes to connect cloud to cloud. The nodes can be essentially stateless with node configuration stored outside a router, which facilitates ripping and replacement of nodes. Multiple virtual private clouds can be implemented with respective pluralities of Kubernetes pods and a master Kubernetes cluster. Consumer premises equipment is coupled to a first virtual private cloud that forms a virtual extensible local area network with a second private cloud.Type: ApplicationFiled: December 31, 2019Publication date: March 10, 2022Applicant: Alkira, Inc.Inventors: Himanshu Shah, Atif Khan, Murtuza Attarwala
-
Patent number: 11201817Abstract: A method may include an instruction to route the data to a destination. The method may additionally include inspecting the data to identify metadata associated with the data. The method may further include identifying, based on the metadata, a first routing path and a second routing path that both lead to the destination. The first routing path may include a first communication link associated with a first link classification, and the second routing path may include a second communication link associated with a second link classification. The method may also include selecting the first routing path based on a configuration preference and based on the first routing path including the first communication link associated with the first link classification. The method may additionally include transmitting the data along the first routing path via the first communication link.Type: GrantFiled: April 17, 2017Date of Patent: December 14, 2021Assignee: Cisco Technology, Inc.Inventors: Linus Aranha, Murtuza Attarwala
-
Publication number: 20210243095Abstract: A method may include receiving a domain name system (DNS) query at a network device, where the DNS query may be associated with a traffic flow identified for rerouting through an alternative path utilizing an alternative network device instead of a default path. The method may also include rewriting the DNS query such that the DNS query is routed through the alternative network device along the alternative path and to a DNS server associated with the alternative path. The method may additionally include receiving a DNS response from the DNS server, where a resource identified in the DNS response may be based on the DNS query coming through the alternative network device.Type: ApplicationFiled: April 23, 2021Publication date: August 5, 2021Inventors: Murtuza Attarwala, Lars Olof Stefan Olofsson, Himanshu Shah
-
Publication number: 20210006545Abstract: In some examples, an example method to provide an IPsec anti-replay window with quality of service (QoS) at a first network endpoint may include configuring a multiple number of anti-replay windows, generating a first security association (SA), and establishing the first SA with a second network endpoint. The first SA may include a first multiple number of security parameter indexes (SPIs), where each of the first multiple number of SPIs may be assigned to a specific QoS level, and each of the first multiple number of SPIs may be assigned to one of the multiple number of anti-replay windows. Establishing the first SA with the second network endpoint may include assigning the first SA to a first encryption key, and providing the first encryption key to the second network endpoint.Type: ApplicationFiled: September 16, 2020Publication date: January 7, 2021Inventors: Praveen Raju Kariyanahalli, Mosaddaq Hussain Turabi, Murtuza Attarwala
-
Publication number: 20200374215Abstract: A method may include identifying an address within a packet of a traffic flow associated with a network device. The method may also include comparing the address within the packet with a stored address, the stored address associated with a route for an alternative traffic path, where the alternative traffic path may be different from a default route of traffic passing through the network device. The method may additionally include, based on the address within the packet matching the stored address, routing the packet along the alternative traffic path instead of the default route of traffic.Type: ApplicationFiled: August 12, 2020Publication date: November 26, 2020Inventors: Himanshu Shah, Murtuza Attarwala, Linus Aranha
-
Patent number: 10798071Abstract: In some examples, an example method to provide an IPsec anti-replay window with quality of service (QoS) at a first network endpoint may include configuring a multiple number of anti-replay windows, generating a first security association (SA), and establishing the first SA with a second network endpoint. The first SA may include a first multiple number of security parameter indexes (SPIs), where each of the first multiple number of SPIs may be assigned to a specific QoS level, and each of the first multiple number of SPIs may be assigned to one of the multiple number of anti-replay windows. Establishing the first SA with the second network endpoint may include assigning the first SA to a first encryption key, and providing the first encryption key to the second network endpoint.Type: GrantFiled: June 26, 2018Date of Patent: October 6, 2020Assignee: CISCO TECHNOLOGY, INC.Inventors: Praveen Raju Kariyanahalli, Mosaddaq Hussain Turabi, Murtuza Attarwala
-
Patent number: 10771375Abstract: A method may include identifying an address within a packet of a traffic flow associated with a network device. The method may also include comparing the address within the packet with a stored address, the stored address associated with a route for an alternative traffic path, where the alternative traffic path may be different from a default route of traffic passing through the network device. The method may additionally include, based on the address within the packet matching the stored address, routing the packet along the alternative traffic path instead of the default route of traffic.Type: GrantFiled: May 9, 2017Date of Patent: September 8, 2020Assignee: Cisco Technology, Inc.Inventors: Himanshu Shah, Murtuza Attarwala, Linus Aranha
-
Publication number: 20200112495Abstract: A method of routing network traffic may include routing traffic from a local network device, through a remote network location, to a third party network resource along a first path. The method may also include determining a first ranking for the first path, and determining a second ranking for a second path from the local network device to the third party network resource along a second path, the second path excluding the remote network location. The method may additionally include, based on the second ranking exceeding the first ranking by a threshold amount, rerouting the traffic along the second path.Type: ApplicationFiled: December 9, 2019Publication date: April 9, 2020Inventors: Murtuza Attarwala, Lars Olof Stefan Olofsson, Himanshu Shah
-
Patent number: 10511507Abstract: A method of routing network traffic may include routing traffic from a local network device, through a remote network location, to a third party network resource along a first path. The method may also include determining a first ranking for the first path, and determining a second ranking for a second path from the local network device to the third party network resource along a second path, the second path excluding the remote network location. The method may additionally include, based on the second ranking exceeding the first ranking by a threshold amount, rerouting the traffic along the second path.Type: GrantFiled: May 9, 2017Date of Patent: December 17, 2019Assignee: Cisco Technology, Inc.Inventors: Murtuza Attarwala, Lars Olof Stefan Olofsson, Himanshu Shah
-
Patent number: 10439950Abstract: A computer-implemented method for facilitating communications between two peer nodes in a network. The method comprises (a) configuring a first of the peer nodes to transmit a Path Maximum Transmission Unit (PMTU) request to a second of the peer nodes; wherein the PMTU request comprises a PMTU test value; (b) configuring the second peer node to transmit a PMTU reply responsive to receiving the PMTU request; said PMTU reply comprising a PMTU value set to match the PMTU test value in PMTU request; and (c) configuring the first peer node to determine a PMTU for the network based on determinations of fragmentation in connection with the PMTU reply.Type: GrantFiled: March 1, 2018Date of Patent: October 8, 2019Assignee: CISCO TECHNOLOGY, INC.Inventors: Murtuza Attarwala, Venu Hemige
-
Patent number: 10412122Abstract: A method for establishing a communication sessions based on a Network Address Translation (NAT) device is provided. The method comprises configuring the NAT device with policy to control the creation of NAT translation entries to support communications between devices residing behind the NAT device, and devices residing outside the NAT device; wherein said policy allows the NAT device to establish multiple communications sessions, each with a dynamic NAT traversal behavior; and configuring the NAT device to maintain a control plane session with an orchestrator device whereby the NAT device learns parameters required to establish a translation entry for each communications session.Type: GrantFiled: January 22, 2016Date of Patent: September 10, 2019Assignee: CISCO TECHNOLOGY, INC.Inventors: Lars Olof Stefan Olofsson, Syed Khalid Raza, Murtuza Attarwala
-
Publication number: 20190141019Abstract: In some examples, an example method to provide an IPsec anti-replay window with quality of service (QoS) at a first network endpoint may include configuring a multiple number of anti-replay windows, generating a first security association (SA), and establishing the first SA with a second network endpoint. The first SA may include a first multiple number of security parameter indexes (SPIs), where each of the first multiple number of SPIs may be assigned to a specific QoS level, and each of the first multiple number of SPIs may be assigned to one of the multiple number of anti-replay windows. Establishing the first SA with the second network endpoint may include assigning the first SA to a first encryption key, and providing the first encryption key to the second network endpoint.Type: ApplicationFiled: June 26, 2018Publication date: May 9, 2019Inventors: Praveen Raju KARIYANAHALLI, Mosaddaq Hussain TURABI, Murtuza ATTARWALA
-
Publication number: 20190036814Abstract: A method may include identifying, based on metadata, a first routing path that leads to the destination and a second routing path that leads to the destination. The method may further include identifying, based on the metadata, a configuration preference for the data to be routed along the first routing path. The configuration preference may indicate a first priority for the first routing path and a second priority for the second routing path. The method may also include selecting the first routing path based on the first priority being higher than the second priority. The method may additionally include transmitting the data along the first routing path via the first communication link.Type: ApplicationFiled: June 30, 2018Publication date: January 31, 2019Inventors: Linus Ryan Aranha, Murtuza Attarwala