Patents by Inventor Ramana Rao Kompella
Ramana Rao Kompella has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20210258281Abstract: Systems, methods, and computer-readable media relate to providing a network management service. A system is configured to request first network information from a first component of a network using a public IP address for the first component, wherein the first network information includes private IP addresses for a second component in the network and translate, based on a mapping information for a private IP address space to a public IP address space, the private IP address for a second component to a public IP address for the second component. The system is further configured to request second network information from the second component using the public IP address and provide a network management service for the network based on the second network information.Type: ApplicationFiled: May 3, 2021Publication date: August 19, 2021Inventors: Vivek Balamurugan, Chandra Nagarajan, Divjyot Sethi, Chaitanya Velpula, Manvesh Vyas, Ramana Rao Kompella, Pradhap Muthuraman
-
Patent number: 11044273Abstract: Systems, methods, and computer-readable media for configuring and verifying compliance requirements in a network.Type: GrantFiled: December 12, 2018Date of Patent: June 22, 2021Assignee: CISCO TECHNOLOGY, INC.Inventors: Advait Dixit, Navneet Yadav, Navjyoti Sharma, Ramana Rao Kompella, Kartik Mohanram
-
Patent number: 11019027Abstract: Systems, methods, and computer-readable media relate to providing a network management service. A system is configured to request first network information from a first component of a network using a public IP address for the first component, wherein the first network information includes private IP addresses for a second component in the network and translate, based on a mapping information for a private IP address space to a public IP address space, the private IP address for a second component to a public IP address for the second component. The system is further configured to request second network information from the second component using the public IP address and provide a network management service for the network based on the second network information.Type: GrantFiled: October 26, 2018Date of Patent: May 25, 2021Assignee: CISCO TECHNOLOGY, INC.Inventors: Vivek Balamurugan, Chandra Nagarajan, Divjyot Sethi, Chaitanya Velpula, Manvesh Vyas, Ramana Rao Kompella, Pradhap Muthuraman
-
Publication number: 20210152607Abstract: In some examples, a system creates a requirement including EPG selectors representing EPG pairs, a traffic selector, and a communication operator; determines that EPGs in distinct pairs are associated with different network contexts and, for each pair, which network context(s) contains associated policies; creates first data representing the pair, operator, and traffic selector; when only one network context contains the associated policies, creates second data representing a network model portion associated with the only network context and determines whether the first data is contained in the second data to yield a first check; when both network contexts contain the associated policies, also creates third data representing a network model portion associated with a second network context, and determines whether the first data is contained in the second and/or third data to yield a second check; and determines whether policies for the pairs comply with the requirement based on the checks.Type: ApplicationFiled: January 25, 2021Publication date: May 20, 2021Inventors: Advait Dixit, Navneet Yadav, Navjyoti Sharma, Ramana Rao Kompella, Kartik Mohanram
-
Publication number: 20210144069Abstract: Systems, methods, and computer-readable media for receiving one or more models of network intents, comprising a plurality of contracts between providers and consumers, each contract containing entries with priority values. Each contract is flattened into a listing of rules and a new priority value is calculated. The listing of rules encodes the implementation of the contract between the providers and the consumers. Each entry is iterated over and added to a listing of entries if it is not already present. For each rule, the one or more entries associated with the contract from which the rule was flattened are identified, and for each given entry a flat rule comprising the combination of the rule and the entry is generated, wherein a flattened priority is calculated based at least in part on the priority value of the given one of given entry and the priority value of the rule.Type: ApplicationFiled: January 20, 2021Publication date: May 13, 2021Inventors: Advait Dixit, Ramana Rao Kompella, Kartik Mohanram, Sundar Iyer, Shadab Nazar, Chandra Nagarajan
-
Publication number: 20210092023Abstract: Systems, methods, and computer-readable media for emulating a state of a network environment for purposes of re-executing a network assurance appliance in the emulated state of the network environment. In some embodiments, a method can include receiving snapshot data for a network environment corresponding to a specific time in the network environment and including network events occurring in the network environment generated by a network assurance appliance. A state of the network environment at the specific time can be emulated using the snapshot data to create an emulated state of the network environment. Subsequently, the network assurance appliance can be re-executed in the emulated state of the network environment corresponding to the specific time and the network assurance appliance can be debugged outside of the network environment based on re-execution of the network assurance appliance in the emulated state of the network environment.Type: ApplicationFiled: December 4, 2020Publication date: March 25, 2021Inventors: Divjyot Sethi, Chandra Nagarajan, Advait Dixit, John Thomas Monk, Gabriel Cheukbun Ng, Ramana Rao Kompella, Sundar Iyer
-
Patent number: 10911495Abstract: In some examples, a system creates a requirement including EPG selectors representing EPG pairs, a traffic selector, and a communication operator; determines that EPGs in distinct pairs are associated with different network contexts and, for each pair, which network context(s) contains associated policies; creates first data representing the pair, operator, and traffic selector; when only one network context contains the associated policies, creates second data representing a network model portion associated with the only network context and determines whether the first data is contained in the second data to yield a first check; when both network contexts contain the associated policies, also creates third data representing a network model portion associated with a second network context, and determines whether the first data is contained in the second and/or third data to yield a second check; and determines whether policies for the pairs comply with the requirement based on the checks.Type: GrantFiled: December 12, 2018Date of Patent: February 2, 2021Assignee: CISCO TECHNOLOGY, INC.Inventors: Advait Dixit, Navneet Yadav, Navjyoti Sharma, Ramana Rao Kompella, Kartik Mohanram
-
Patent number: 10904101Abstract: Systems, methods, and computer-readable media for receiving one or more models of network intents, comprising a plurality of contracts between providers and consumers, each contract containing entries with priority values. Each contract is flattened into a listing of rules and a new priority value is calculated. The listing of rules encodes the implementation of the contract between the providers and the consumers. Each entry is iterated over and added to a listing of entries if it is not already present. For each rule, the one or more entries associated with the contract from which the rule was flattened are identified, and for each given entry a flat rule comprising the combination of the rule and the entry is generated, wherein a flattened priority is calculated based at least in part on the priority value of the given one of given entry and the priority value of the rule.Type: GrantFiled: August 31, 2017Date of Patent: January 26, 2021Assignee: CISCO TECHNOLOGY, INC.Inventors: Advait Dixit, Ramana Rao Kompella, Kartik Mohanram, Sundar Iyer, Shadab Nazar, Chandra Nagarajan
-
Publication number: 20210021457Abstract: Systems, methods, and computer-readable media for localizing faults in a network policy are disclosed. In some examples, a system or method can obtain TCAM rules across a network and use the TCAM rules to perform an equivalency check between the logical model and the hardware model of the network policy. One or more risk models are annotated with output from the equivalency check and the risk models are used to identify a set of policy objects of the network policy that are likely responsible for the faults. The identified set of policy objects are correlated with various logs of the network. Based on the correlation, specific policy objects of the set of policy objects that are associated with physical-level causes of the fault.Type: ApplicationFiled: September 30, 2020Publication date: January 21, 2021Inventors: Praveen Tammana, Chandra Nagarajan, Pavan Mamillapalli, Ramana Rao Kompella
-
Patent number: 10873509Abstract: Systems, methods, and computer-readable media for emulating a state of a network environment for purposes of re-executing a network assurance appliance in the emulated state of the network environment. In some embodiments, a method can include receiving snapshot data for a network environment corresponding to a specific time in the network environment and including network events occurring in the network environment generated by a network assurance appliance. A state of the network environment at the specific time can be emulated using the snapshot data to create an emulated state of the network environment. Subsequently, the network assurance appliance can be re-executed in the emulated state of the network environment corresponding to the specific time and the network assurance appliance can be debugged outside of the network environment based on re-execution of the network assurance appliance in the emulated state of the network environment.Type: GrantFiled: January 17, 2018Date of Patent: December 22, 2020Assignee: CISCO TECHNOLOGY, INC.Inventors: Divjyot Sethi, Chandra Nagarajan, Advait Dixit, John Thomas Monk, Gabriel Cheukbun Ng, Ramana Rao Kompella, Sundar Iyer
-
Patent number: 10826788Abstract: Systems, methods, and computer-readable media for assurance of quality-of-service configurations in a network. In some examples, a system obtains a logical model of a software-defined network, the logical model including rules specified for the software-defined network, the logical model being based on a schema defining manageable objects and object properties for the software-defined network. The system also obtains, for each node in the software-defined network, a respective hardware model, the respective hardware model including rules rendered at the node based on a respective node-specific representation of the logical model. Based on the logical model and the respective hardware model, the system can perform an equivalency check between the rules in the logical model and the rules in the respective hardware model to determine whether the logical model and the respective hardware model contain configuration inconsistencies.Type: GrantFiled: August 31, 2017Date of Patent: November 3, 2020Assignee: CISCO TECHNOLOGY, INC.Inventors: Chandra Nagarajan, Kartik Mohanram, Ramana Rao Kompella, Divjyot Sethi, Sundar Iyer
-
Patent number: 10812318Abstract: Systems, methods, and computer-readable media for localizing faults in a network policy are disclosed. In some examples, a system or method can obtain TCAM rules across a network and use the TCAM rules to perform an equivalency check between the logical model and the hardware model of the network policy. One or more risk models are annotated with output from the equivalency check and the risk models are used to identify a set of policy objects of the network policy that are likely responsible for the faults. The identified set of policy objects are correlated with various logs of the network. Based on the correlation, specific policy objects of the set of policy objects that are associated with physical-level causes of the fault.Type: GrantFiled: September 28, 2017Date of Patent: October 20, 2020Assignee: CISCO TECHNOLOGY, INC.Inventors: Praveen Tammana, Chandra Nagarajan, Pavan Mamillapalli, Ramana Rao Kompella
-
Publication number: 20200252297Abstract: Systems, methods, and computer-readable media analyzing memory usage in a network node. A network assurance appliance may be configured to query a node in the network fabric for a number of hardware level entries, stored in memory for the node, that are associated with a concrete level network rule. The network assurance appliance may identify a logical level network intent associated with the concrete level network rule, identify a logical level component of the logical level network intent, and attribute the number of hardware level entries to the logical level component.Type: ApplicationFiled: April 24, 2020Publication date: August 6, 2020Inventors: Ramana Rao Kompella, Chandra Nagarajan, John Thomas Monk, Purna Mani Kumar Ghantasala
-
Publication number: 20200228395Abstract: Systems, methods, and computer-readable media for localizing faults in a network policy are disclosed. In some examples, a system or method can obtain TCAM rules across a network and use the TCAM rules to perform an equivalency check between the logical model and the hardware model of the network policy. One or more risk models are annotated with output from the equivalency check and the risk models are used to identify a set of policy objects of the network policy that are likely responsible for the faults.Type: ApplicationFiled: March 25, 2020Publication date: July 16, 2020Inventors: Praveen Tammana, Chandra Nagarajan, Pavan Mamillapalli, Ramana Rao Kompella
-
Patent number: 10686669Abstract: Systems, methods, and computer-readable media for collecting node information from a fabric and generating models based on the node information. In some examples, a system can obtain, from one or more controllers in a software-defined network (SDN), a logical model of the SDN, the logical model containing objects configured for the SDN from a hierarchical management information tree (MIT) associated with the SDN and representing configurations of the objects, the hierarchical MIT defining manageable objects and object properties for the SDN, the objects corresponding to the manageable objects. The system can obtain a topological model of a fabric associated with the SDN and, based on the topological model, poll nodes in the fabric for respective configurations at the nodes. Based on the respective configurations, the system can generate a node-specific representation of the logical model, the node-specific representation projecting the logical model on each node.Type: GrantFiled: July 28, 2017Date of Patent: June 16, 2020Assignee: CISCO TECHNOLOGY, INC.Inventors: Chandra Nagarajan, Divjyot Sethi, Ramana Rao Kompella
-
Publication number: 20200186426Abstract: Systems, methods, and computer-readable media for static network policy analysis for a network. In one example, a system obtains a logical model based on configuration data stored in a controller on a software-defined network, the logical model including a declarative representation of respective configurations of objects in the software-defined network, the objects including one or more endpoint groups, bridge domains, contexts, or tenants. The system defines rules representing respective conditions of the objects according to a specification corresponding to the software-defined network, and determines whether the respective configuration of each of the objects in the logical model violates one or more of the rules associated with that object. When the respective configuration of an object in the logical model violates one or more of the rules, the system detects an error in the respective configuration associated with that object.Type: ApplicationFiled: February 10, 2020Publication date: June 11, 2020Inventors: Kartik Mohanram, Chandra Nagarajan, Sundar Iyer, Shadab Nazar, Ramana Rao Kompella
-
Publication number: 20200177456Abstract: Systems, methods, and computer-readable media analyzing memory usage in a network node. A network assurance appliance may be configured to obtain reference concrete level rules for a node in the network, obtain implemented concrete level rules for the node from the node in the network, compare the reference concrete level rules with the implemented concrete level rules, and determining that the implemented concrete level rules are not appropriately configured based on the comparison.Type: ApplicationFiled: January 28, 2020Publication date: June 4, 2020Inventors: Ramana Rao Kompella, Chandra Nagarajan, John Thomas Monk, Purna Mani Kumar Ghantasala
-
Publication number: 20200162590Abstract: Systems, methods, and computer-readable media for receiving an indication of an equivalence failure, the equivalence failure corresponding to one or more models of network intents. The indication of the equivalence failure is analyzed and one or more constituent intents that caused the equivalence failure are identified, wherein the one or more constituent intents are associated with a model of the one or more models of network intents. The granularity of the equivalence failure and the identified one or more constituent intents is determined, and an event for external consumption is generated, the event based at least in part on the equivalence failure, the granularity of the equivalence failure, and the identified one or more constituent intents.Type: ApplicationFiled: January 24, 2020Publication date: May 21, 2020Inventors: Advait Dixit, Ramana Rao Kompella
-
Patent number: 10652102Abstract: Systems, methods, and computer-readable media analyzing memory usage in a network node. A network assurance appliance may be configured to query a node in the network fabric for a number of hardware level entries, stored in memory for the node, that are associated with a concrete level network rule. The network assurance appliance may identify a logical level network intent associated with the concrete level network rule, identify a logical level component of the logical level network intent, and attribute the number of hardware level entries to the logical level component.Type: GrantFiled: July 27, 2017Date of Patent: May 12, 2020Assignee: CISCO TECHNOLOGY, INC.Inventors: Ramana Rao Kompella, Chandra Nagarajan, John Thomas Monk, Purna Mani Kumar Ghantasala
-
Patent number: 10623264Abstract: In some examples, a system obtains a network logical model and, for each node in a network, a node-level logical, concrete, and hardware model. The system identifies a service function chain, and determines a respective set of service function chain rules. For each node, the system determines whether the respective set of service function chain rules is correctly captured in the node-level logical model and/or concrete model to yield a node containment check result. Based on a comparison of policy actions in the concrete model, hardware model, and at least one of the node-level logical model or network logical model, the system determines whether the respective set of service function chain rules is correctly rendered on each node to yield a node rendering check result. Based on the node containment check result and node rendering check result, the system determines whether the service function chain is correctly configured.Type: GrantFiled: August 31, 2017Date of Patent: April 14, 2020Assignee: CISCO TECHNOLOGY, INC.Inventors: Ramana Rao Kompella, Kartik Mohanram, Advait Dixit, Sundar Iyer