Patents by Inventor Pascal Thubert

Pascal Thubert has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 10389619
    Abstract: In one embodiment, a method comprises promiscuously detecting, by a network device in a wireless data network, a wireless data packet comprising a source route header specifying a hop-by-hop path for reaching a destination device in the wireless data network; determining, by the network device, that the network device is identified in the hop-by-hop path as following a first next-hop device targeted for reception of the wireless data packet; and executing intercepted forwarding of the wireless data packet, by the network device, to a second next-hop device successively following the network device in the hop-by-hop path.
    Type: Grant
    Filed: November 23, 2016
    Date of Patent: August 20, 2019
    Assignee: CISCO TECHNOLOGY, INC.
    Inventors: Patrick Wetterwald, Pascal Thubert, Eric Michel Levy-Abegnoli, Jean-Philippe Vasseur
  • Publication number: 20190253452
    Abstract: In one embodiment, a device maintains a journal of uncommitted changes to a file system of the device in a layer that is hot-swappable with a writable container layer. The device augments the journal with metadata regarding a particular uncommitted change to the file system of the device. The device applies, within a sandbox environment of the device, a machine learning-based anomaly detector to the particular uncommitted change to the file system and the metadata regarding the change, to determine whether the particular uncommitted change to the file system is indicative of a destruction of service attack on the device. The device causes performance of a mitigation action when the machine learning-based anomaly detector determines that the particular uncommitted change to the file system is indicative of a destruction of service attack on the device.
    Type: Application
    Filed: February 14, 2018
    Publication date: August 15, 2019
    Inventors: Hugo Latapie, Enzo Fenoglio, Pascal Thubert, Jean-Philippe Vasseur
  • Patent number: 10382397
    Abstract: In one embodiment, a device in a network determines whether a destination address of a packet received by the device is within a neighbor discovery (ND) cache of the device. The device determines whether the destination address is not in a set of addresses used to generate an address lookup array or possibly in the set of addresses used to generate the address lookup array, in response to determining that the destination address of the packet is not within the ND cache. The device performs address resolution for the destination address of the packet, in response to determining that the destination address of the packet is possibly in the set of addresses used to generate the address lookup array.
    Type: Grant
    Filed: July 19, 2017
    Date of Patent: August 13, 2019
    Assignee: Cisco Technology, Inc.
    Inventors: Pascal Thubert, Eric Levy-Abegnoli, Patrick Wetterwald
  • Patent number: 10367623
    Abstract: In one embodiment, a supervisory device in a network forms a virtual access point (VAP) for a node in the network whereby a plurality of access points (APs) in the network are mapped to the VAP as part of a VAP mapping. The node treats the APs in the VAP mapping as a single AP for purposes of communicating with the network. The supervisory device determines a data traffic management strategy for the node based on traffic associated with the node. The supervisory device instructs the APs in the VAP mapping to implement the data traffic management strategy for the node.
    Type: Grant
    Filed: April 27, 2017
    Date of Patent: July 30, 2019
    Assignee: Cisco Technology, Inc.
    Inventors: Pascal Thubert, Jean-Philippe Vasseur, Patrick Wetterwald, Eric Levy-Abegnoli
  • Patent number: 10356124
    Abstract: In one embodiment, a device in a network inserts a profile tag into an address request sent by an endpoint node in the network to a lookup service. The lookup service is configured to identify one or more addresses with which the endpoint node is authorized to communicate based on a profile for the endpoint node associated with the inserted profile tag. The device receives an address response sent from the lookup service to the endpoint node that indicates the set of one or more addresses with which the endpoint node is authorized to communicate. The device determines whether a communication between the endpoint node and a particular network address is authorized using the set of one or more addresses with which the endpoint node is authorized to communicate. The device blocks the communication based on a determination that the particular network address is not in the set of one or more addresses with which the endpoint node is authorized to communicate.
    Type: Grant
    Filed: March 1, 2017
    Date of Patent: July 16, 2019
    Assignee: Cisco Technology, Inc.
    Inventors: Pascal Thubert, Eric Levy-Abegnoli, Eliot Lear, Brian E. Weis
  • Publication number: 20190215704
    Abstract: In one embodiment, a supervisory device in a network forms a first virtual access point (VAP) for a first node in the network. A plurality of access points (APs) in the network are mapped to the first VAP as part of a VAP mapping and the first node treats the APs in the VAP mapping as a single AP for purposes of communicating with the network. The supervisory device determines a communication schedule for the first node based on a radio chain of at least one of the APs in the VAP mapping for the first VAP being shared by the first VAP and a second VAP for a second node in the network. The supervisory device, according to the communication schedule for the first node, causes one or more of the APs in the VAP mapping for the first VAP to instruct the first node to stop transmitting for a period of time.
    Type: Application
    Filed: January 8, 2018
    Publication date: July 11, 2019
    Inventors: Pascal Thubert, Jerome Henry
  • Publication number: 20190215838
    Abstract: In one embodiment, a supervisory device in a network classifies mobility and traffic characteristics of a first node in the network. The supervisory device identifies wireless channels supported by access points (APs) in the network. The supervisory device selects one of the wireless channels for use by the first node based on the classified mobility and traffic characteristics of the first node. The supervisory device forms a first virtual access point (VAP) for the first node on the selected wireless channel. A plurality of the access points (APs) in the network that support the selected channel are mapped to the first VAP as part of a VAP mapping. The first node treats the APs in the VAP mapping as a single AP for purposes of communicating with the network.
    Type: Application
    Filed: January 11, 2018
    Publication date: July 11, 2019
    Inventors: Jerome Henry, Pascal Thubert
  • Patent number: 10348481
    Abstract: In one embodiment, a device in a network receives a plurality of packets from one or more neighbors of the device. Each of the packets has a scheduled delivery time interval according to a deterministic communication schedule. The device determines an amount of clock drift for each of the one or more neighbors of the device by comparing arrival times of the received packets to their scheduled delivery time intervals according to the deterministic communication schedule. The device calculates a clock adjustment based on the amount of clock drift for each of the one or more neighbors. The device adjusts a clock of the device using the calculated clock adjustment.
    Type: Grant
    Filed: April 30, 2018
    Date of Patent: July 9, 2019
    Assignee: Cisco Technology, Inc.
    Inventors: Patrick Wetterwald, Pascal Thubert, Eric Levy-Abegnoli
  • Patent number: 10348611
    Abstract: In one embodiment, a method comprises creating, in a computing network, a loop-free routing topology comprising a plurality of routing arcs for reaching a destination device, each routing arc comprising a first network device as a first end of the routing arc, a second network device as a second end of the routing arc, and at least a third network device configured for routing any network traffic along the routing arc toward the destination device via any one of the first or second ends of the routing arc; and causing the network traffic to be forwarded along at least one of the routing arcs to the destination device.
    Type: Grant
    Filed: July 18, 2016
    Date of Patent: July 9, 2019
    Inventors: Pascal Thubert, Patrice Bellagamba, Dirk Anteunis, Eric Michel Levy-Abegnoli
  • Patent number: 10349335
    Abstract: In one illustrative example, one or more controllers may be configured to perform a path selection procedure for selecting a connection path for multi-hop device-to-device (D2D) communications. Identifiers of candidate D2D device pairings from D2D peer discovery performed by a plurality of UEs served in a plurality of base stations and link quality data associated with each candidate D2D device pairings are obtained. D2D network topology map data including a plurality of link-state relationships are generated based on the identifiers of candidate D2D device pairings. A plurality of connection paths of UEs are computed based on the generated link-state relationships and the link quality data, where each computed connection path includes UEs indicated as required nodes and at least one UE indicated as a candidate relay node. An optimal connection path that satisfies a latency parameter is selected from the plurality of computed connection paths (e.g. based on a shortest path first or SPF algorithm).
    Type: Grant
    Filed: October 27, 2017
    Date of Patent: July 9, 2019
    Assignee: Cisco Technology, Inc.
    Inventors: Pascal Thubert, Patrick Wetterwald, Eric Levy-Abegnoli
  • Publication number: 20190199626
    Abstract: In one embodiment, a cloud-based service instructs one or more networking devices in a local area network (LAN) to form a virtual network overlay in the LAN that redirects traffic associated with a particular node in the LAN to a first isolation application instance hosted by the service. The first isolation application instance receives the redirected traffic associated with the particular node. The first isolation application instance determines a routing path for the traffic that comprises one or more other isolation application instances hosted by the cloud-based service. The first isolation application instance tags the traffic to indicate the determined routing path. The first isolation application forwards the tagged traffic to a second isolation application instance along the determined routing path.
    Type: Application
    Filed: December 26, 2017
    Publication date: June 27, 2019
    Inventors: Pascal Thubert, Eric Levy-Abegnoli, Jean-Philippe Vasseur, Patrick Wetterwald
  • Publication number: 20190190729
    Abstract: In one embodiment, a cloud-based service instructs one or more networking devices in a local area network (LAN) to form a virtual network overlay in the LAN that redirects traffic associated with a particular node in the LAN to the service. The service receives multicast or broadcast traffic sent by the particular node in the LAN and redirected to the service via the virtual network overlay. The service identifies a group of nodes in the network that are to receive the traffic sent by the particular node, based in part by profiling the traffic associated with the particular node. The service sends the traffic sent by the particular node to at least one networking device in the LAN with an indication of the identified group of nodes in the network that are to receive the traffic sent by the particular node. The at least one networking device forwards the traffic sent by the particular node to the nodes in the identified group.
    Type: Application
    Filed: December 18, 2017
    Publication date: June 20, 2019
    Inventors: Eric Levy-Abegnoli, Patrick Wetterwald, Pascal Thubert, Jean-Philippe Vasseur
  • Publication number: 20190190815
    Abstract: In one embodiment, a controller in a network trains a deep reinforcement learning-based agent to predict traffic flows in the network. The controller determines one or more resource requirements for the predicted traffic flows. The controller assigns, using the deep reinforcement learning-based agent, paths in the network to the flows based on the determined one or more resource requirements, to avoid fragmentation of a flow during transmission of the flow through the network. The controller sends, to nodes in the network, assignment instructions that cause the flows to traverse the network via their assigned paths.
    Type: Application
    Filed: December 18, 2017
    Publication date: June 20, 2019
    Inventors: Pascal Thubert, Enzo Fenoglio, Jean-Philippe Vasseur, Hugo Latapie
  • Patent number: 10320659
    Abstract: In one embodiment, a method comprises receiving, by a network device in a deterministic data network, one or more deterministic schedules for reaching a destination network device along one or more deterministic paths in the deterministic data network; generating, by the network device, a deterministic source-route path for reaching the destination network device based on the deterministic schedules allocated for the deterministic paths, the deterministic source-route path comprising, for each specified hop, a corresponding deterministic start time; and outputting, by the network device, a source routed deterministic packet comprising the deterministic source-route path for deterministic forwarding of the source routed deterministic packet to the destination network device.
    Type: Grant
    Filed: November 28, 2016
    Date of Patent: June 11, 2019
    Assignee: CISCO TECHNOLOGY, INC.
    Inventors: Patrick Wetterwald, Pascal Thubert, Eric Michel Levy-Abegnoli
  • Patent number: 10320652
    Abstract: In one embodiment, a method comprises promiscuously detecting, by a network device in a wireless data network having a tree-based topology for reaching a root device, a wireless data packet transmitted by a source network device and specifying a destination device in the wireless data network; determining, by the network device, that the destination device is within a first sub-topology provided by the network device to reach the root device, wherein the source network device is within a second distinct sub-topology provided by a parent device of the source network device to reach the root device; and causing installation of a bypass path, bypassing the root device, based on the network device generating and transmitting an instruction to the parent device to install a route entry causing a data packet destined for the destination device to be routed by the parent device directly to the network device.
    Type: Grant
    Filed: January 9, 2017
    Date of Patent: June 11, 2019
    Assignee: CISCO TECHNOLOGY, INC.
    Inventors: Pascal Thubert, Patrick Wetterwald, Eric Michel Levy-Abegnoli, Jean-Philippe Vasseur
  • Patent number: 10320657
    Abstract: In one embodiment, a device in a network receives a notification from a neighbor of the device indicative of a child node of the device requesting a parent change from the device to the neighbor. The device updates an existing routing path from the device to the child node to be routed through the neighbor, in response to receiving the notification from the neighbor. The device receives an instruction to remove the updated routing path from the device to the child node through the neighbor. The device removes the updated routing path from the device to the child node, in response to receiving the instruction to remove the updated routing path.
    Type: Grant
    Filed: November 15, 2017
    Date of Patent: June 11, 2019
    Assignee: Cisco Technology, Inc.
    Inventors: Pascal Thubert, Eric Levy-Abegnoli, Patrick Wetterwald, Jean-Philippe Vasseur
  • Publication number: 20190166547
    Abstract: In one embodiment, a supervisory device in a network receives from a plurality of access points (APs) in the network data regarding a network availability request broadcast by a node seeking to access the network and received by the APs in the plurality. The supervisory device uniquely associates the node with a virtual access point (VAP) for the node and forms a VAP mapping between the VAP for the node and a set of the APs in the plurality selected based on the received data regarding the network availability request. One of the APs in the mapping is designated as a primary access point for the node. The supervisory device instructs the primary AP to send a network availability response to the node that includes information for the VAP. The node uses the information for the VAP to access the network via the set of APs in the VAP mapping.
    Type: Application
    Filed: January 15, 2019
    Publication date: May 30, 2019
    Inventors: Pascal Thubert, Jean-Philippe Vasseur, Patrick Wetterwald, Eric Levy-Abegnoli
  • Publication number: 20190163548
    Abstract: In one embodiment, a supervisory device in a network receives a help request from a first node in the network indicative of a problem in the network detected by the first node. The supervisory device identifies a second node in the network that is hosting a repair walker agent able to address the detected problem. The supervisory device determines a network path via which the second node is to send repair walker agent to the first node. The supervisory device instructs the second node to send the repair walker agent to the first node via the determined path.
    Type: Application
    Filed: November 29, 2017
    Publication date: May 30, 2019
    Inventors: Patrick Wetterwald, Pascal Thubert, Eric Levy-Abegnoli, Jean-Philippe Vasseur
  • Patent number: 10299265
    Abstract: In one embodiment, a network of nodes is configured to communicate according to a configuration of a vertical ladder topology as well as monitoring communication in the network, and/or selectively controls whether or not provisioned particular links will be used. One embodiment colors nodes of the network (e.g., a wireless deterministic network) along different paths through the network and marks packets with the color of each traversed node to track a path taken by a packet. One embodiment sends a particular packet through the network and marks over which links the packet traverses and aggregates these traversed links of other copies of the particular packet. One embodiment controls whether or not the provisioned time slots are used based on flooding a control packet through the network with enable or disable information for each of these links.
    Type: Grant
    Filed: September 26, 2016
    Date of Patent: May 21, 2019
    Assignee: Cisco Technology, Inc.
    Inventors: Pascal Thubert, Jean-Philippe Vasseur, Patrick Wetterwald
  • Patent number: 10298542
    Abstract: In one embodiment, a networking device in a local area network (LAN) establishes a virtual network overlay in the LAN to redirect traffic associated with a particular node in the LAN to a server for analysis. The networking device receives an indication from the server that at least a portion of the traffic associated with the particular node is trusted for local sending within the LAN and adjusts the virtual network overlay to locally send the trusted portion of the traffic associated with the particular node to one or more other nodes in the LAN without redirection to the server. The networking device collects characteristic information regarding the trusted portion of the traffic sent locally within the LAN via the adjusted virtual network overlay and sends the collected characteristic information to the server for analysis.
    Type: Grant
    Filed: April 12, 2017
    Date of Patent: May 21, 2019
    Assignee: Cisco Technology, Inc.
    Inventors: Pascal Thubert, Jean-Philippe Vasseur, Patrick Wetterwald, Eric Levy-Abegnoli