Patents by Inventor Tapraj Singh
Tapraj Singh has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11917262Abstract: A method is performed by a first provider edge (PE) of a redundancy group including provider edges configured with an Ethernet virtual private network (EVPN) segment identifier (EVI) and an Ethernet segment identifier (ESI) and that are multi-homed to a customer edge (CE). The method includes, upon receiving from the CE a join request including a group address for a multicast stream, electing a designated forwarder (DF) for the multicast stream. The electing includes: computing for each PE a respective affinity for the DF as a function of a respective address of the PE, the EVI, and the group address; and determining which PE has a largest affinity. The method further includes, if the first PE has the largest affinity or does not have the largest affinity, configuring the first PE as the designated forwarder or not configuring the first PE as the designated forwarder for the multicast stream, respectively.Type: GrantFiled: May 23, 2022Date of Patent: February 27, 2024Assignee: CISCO TECHNOLOGY, INC.Inventors: Ali Sajassi, Samir Thoria, Tapraj Singh, Mankamana Prasad Mishra
-
Patent number: 11824757Abstract: A pseudo-active/active firewall configuration handles firewall switchover events without traffic disruption. A passive firewall is set to an active state, and an active firewall is switched to a pseudo-active state wherein it continues to process ingress and egress traffic according to traffic handling protocols for its active state. An Internet protocol address binding linking the now pseudo-active firewall to an Internet gateway that forwards traffic to the firewalls is updated in a network address translation (NAT) table to route traffic to the newly active firewall. Once a pseudo-active timer expires and the binding is successfully updated to route traffic to the newly active firewall, the pseudo-active firewall is set to a passive state.Type: GrantFiled: May 13, 2022Date of Patent: November 21, 2023Assignee: Palo Alto Networks, Inc.Inventors: Tapraj Singh, Nazanin Magharei, Rimu Bhardwaj, Harshavardhan Parandekar, Vikram Guleria
-
Publication number: 20230370357Abstract: A pseudo-active/active firewall configuration handles firewall switchover events without traffic disruption. A passive firewall is set to an active state, and an active firewall is switched to a pseudo-active state wherein it continues to process ingress and egress traffic according to traffic handling protocols for its active state. An Internet protocol address binding linking the now pseudo-active firewall to an Internet gateway that forwards traffic to the firewalls is updated in a network address translation (NAT) table to route traffic to the newly active firewall. Once a pseudo-active timer expires and the binding is successfully updated to route traffic to the newly active firewall, the pseudo-active firewall is set to a passive state.Type: ApplicationFiled: May 13, 2022Publication date: November 16, 2023Inventors: Tapraj Singh, Nazanin Magharei, Rimu Bhardwaj, Harshavardhan Parandekar, Vikram Guleria
-
Publication number: 20230370422Abstract: A pseudo-active/active firewall configuration handles firewall switchover events with minimized session disconnection. A passive firewall is set to an active state, and an active firewall is switched to a pseudo-active state wherein it continues to process ingress and egress traffic according to traffic handling protocols for its active state. During updating of a corresponding Network Address Translation (NAT) table to route traffic to the now-active firewall, the pseudo-active firewall enters a forwarding state wherein it forwards ingress network sessions to the now-active firewall and processes the ingress network sessions according to its active state. The now-active firewall receives the ingress network sessions and records session states prior to discarding them. After updating the NAT table, when traffic is routed to the now-active firewall, the recorded session states are used to maintain active sessions.Type: ApplicationFiled: May 13, 2022Publication date: November 16, 2023Inventors: Tapraj Singh, Harshavardhan Parandekar, Nazanin Magharei, Rimu Bhardwaj, Vikram Guleria
-
Patent number: 11669432Abstract: This disclosure describes techniques to compile source code corresponding to a portion of a software program. The techniques include generating first object code by processing the source code. Based at least in part on processing the source code, generating second object code, wherein the second object code, when executed by one or more processors, causes the one or more processors to perform an operation unconditionally bound to a unique identifier of the operation. The described techniques further include generating an indication of a mapping of the unique identifier to the portion of the software program.Type: GrantFiled: July 17, 2020Date of Patent: June 6, 2023Assignee: Cisco Technology, Inc.Inventors: Harshavardhan Parandekar, Pratap Pereira, Tapraj Singh, Jeffrey yi dar Lo, Zhijian Zhang
-
Publication number: 20220286752Abstract: A method is performed by a first provider edge (PE) of a redundancy group including provider edges configured with an Ethernet virtual private network (EVPN) segment identifier (EVI) and an Ethernet segment identifier (ESI) and that are multi-homed to a customer edge (CE). The method includes, upon receiving from the CE a join request including a group address for a multicast stream, electing a designated forwarder (DF) for the multicast stream. The electing includes: computing for each PE a respective affinity for the DF as a function of a respective address of the PE, the EVI, and the group address; and determining which PE has a largest affinity. The method further includes, if the first PE has the largest affinity or does not have the largest affinity, configuring the first PE as the designated forwarder or not configuring the first PE as the designated forwarder for the multicast stream, respectively.Type: ApplicationFiled: May 23, 2022Publication date: September 8, 2022Inventors: Ali Sajassi, Samir Thoria, Tapraj Singh, Mankamana Prasad Mishra
-
Patent number: 11388084Abstract: Techniques for routing traffic across different virtual local area networks (VLANs) within a single bridge domain are described. One technique includes receiving at a first network device a packet from a second network device on a first interface of multiple interfaces within a bridge domain at the first network device. Attachment circuit information associated with the packet is determined. An information element that includes an indication of the attachment circuit information is generated. The information element is transmitted to the third network device.Type: GrantFiled: July 17, 2019Date of Patent: July 12, 2022Assignee: Cisco Technology, Inc.Inventors: Ali Sajassi, Mankamana P. Mishra, Samir Thoria, Patrice Brissette, Mei Zhang, Tapraj Singh
-
Patent number: 11381883Abstract: A method is performed by a first provider edge (PE) of a redundancy group including provider edges configured with an Ethernet virtual private network (EVPN) segment identifier (EVI) and an Ethernet segment identifier (ESI) and that are multi-homed to a customer edge (CE). The method includes, upon receiving from the CE a join request including a group address for a multicast stream, electing a designated forwarder (DF) for the multicast stream. The electing includes: computing for each PE a respective affinity for the DF as a function of a respective address of the PE, the EVI, and the group address; and determining which PE has a largest affinity. The method further includes, if the first PE has the largest affinity or does not have the largest affinity, configuring the first PE as the designated forwarder or not configuring the first PE as the designated forwarder for the multicast stream, respectively.Type: GrantFiled: April 8, 2020Date of Patent: July 5, 2022Assignee: CISCO TECHNOLOGY, INC.Inventors: Ali Sajassi, Samir Thoria, Tapraj Singh, Mankamana Prasad Mishra
-
Patent number: 10999126Abstract: Techniques are described for avoiding traffic black-holing in a multi-homed Ethernet virtual private networks (EVPNs) in which a customer device (CE) is multi-homed to a plurality of multi-homing provider edge devices (PEs) via respective links of an Ethernet segment. An overlay network is created over the Ethernet segment, and the multi-homing PEs of the EVPN are configured with a common anycast IP address for respective virtual network interfaces. Upon election as active designated forwarder (DF) for the EVPN, the DF PE of the multi-homing PEs advertises toward the customer network an IGP metric for the anycast IP address that is lower than the IGP metric(s) advertised by any of the non-DF standby PE routers segment to direct the CE to forward network packets from the customer network to the DF PE over the respective link of the Ethernet segment.Type: GrantFiled: May 22, 2020Date of Patent: May 4, 2021Assignee: Juniper Networks, Inc.Inventors: Tapraj Singh, Wen Lin, SelvaKumar Sivaraj, Rukesh Dorai, Sunesh Rustagi
-
Publication number: 20210021509Abstract: Techniques for routing traffic across different virtual local area networks (VLANs) within a single bridge domain are described. One technique includes receiving at a first network device a packet from a second network device on a first interface of multiple interfaces within a bridge domain at the first network device. Attachment circuit information associated with the packet is determined. An information element that includes an indication of the attachment circuit information is generated. The information element is transmitted to the third network device.Type: ApplicationFiled: July 17, 2019Publication date: January 21, 2021Inventors: Ali SAJASSI, Mankamana P. MISHRA, Samir THORIA, Patrice BRISSETTE, Mei ZHANG, Tapraj SINGH
-
Patent number: 10862783Abstract: A method and network device to execute an Ethernet Virtual Private Network (EVPN) protocol to configure the network device to participate as one of a plurality of customer edge (CE) routers that provide an active-active configuration for an Ethernet segment coupling the CE routers to a plurality of provider edge (PE) routers, wherein the processor is configured to determine whether a packet that is to be forwarded is an operations, administration, and management (OAM) packet; in response to determining that the packet comprises an OAM packet, replicate the OAM packet for one or more interface links of an Ethernet segment associated with the CE router; configure forwarding instructions to the one or more interface links of the Ethernet segment associated with the CE router; and forward the OAM packet and the replicated OAM packets to the PE routers.Type: GrantFiled: March 5, 2019Date of Patent: December 8, 2020Assignee: Juniper Networks, Inc.Inventors: Rukesh Dorai, Tapraj Singh, Sunesh Rustagi
-
Publication number: 20200287780Abstract: Techniques are described for avoiding traffic black-holing in a multi-homed Ethernet virtual private networks (EVPNs) in which a customer device (CE) is multi-homed to a plurality of multi-homing provider edge devices (PEs) via respective links of an Ethernet segment. An overlay network is created over the Ethernet segment, and the multi-homing PEs of the EVPN are configured with a common anycast IP address for respective virtual network interfaces. Upon election as active designated forwarder (DF) for the EVPN, the DF PE of the multi-homing PEs advertises toward the customer network an IGP metric for the anycast IP address that is lower than the IGP metric(s) advertised by any of the non-DF standby PE routers segment to direct the CE to forward network packets from the customer network to the DF PE over the respective link of the Ethernet segment.Type: ApplicationFiled: May 22, 2020Publication date: September 10, 2020Inventors: Tapraj Singh, Wen Lin, SelvaKumar Sivaraj, Rukesh Dorai, Sunesh Rustagi
-
Publication number: 20200236444Abstract: A method is performed by a first provider edge (PE) of a redundancy group including provider edges configured with an Ethernet virtual private network (EVPN) segment identifier (EVI) and an Ethernet segment identifier (ESI) and that are multi-homed to a customer edge (CE). The method includes, upon receiving from the CE a join request including a group address for a multicast stream, electing a designated forwarder (DF) for the multicast stream. The electing includes: computing for each PE a respective affinity for the DF as a function of a respective address of the PE, the EVI, and the group address; and determining which PE has a largest affinity. The method further includes, if the first PE has the largest affinity or does not have the largest affinity, configuring the first PE as the designated forwarder or not configuring the first PE as the designated forwarder for the multicast stream, respectively.Type: ApplicationFiled: April 8, 2020Publication date: July 23, 2020Inventors: Ali Sajassi, Samir Thoria, Tapraj Singh, Mankamana Prasad Mishra
-
Patent number: 10681425Abstract: A method is performed by a first provider edge (PE) of a redundancy group including provider edges configured with an Ethernet virtual private network (EVPN) segment identifier (EVI) and an Ethernet segment identifier (ESI) and that are multi-homed to a customer edge (CE). The method includes, upon receiving from the CE a join request including a group address for a multicast stream, electing a designated forwarder (DF) for the multicast stream. The electing includes: computing for each PE a respective affinity for the DF as a function of a respective address of the PE, the EVI, and the group address; and determining which PE has a largest affinity. The method further includes, if the first PE has the largest affinity or does not have the largest affinity, configuring the first PE as the designated forwarder or not configuring the first PE as the designated forwarder for the multicast stream, respectively.Type: GrantFiled: November 30, 2017Date of Patent: June 9, 2020Assignee: Cisco Technology, Inc.Inventors: Ali Sajassi, Samir Thoria, Tapraj Singh, Mankamana Prasad Mishra
-
Patent number: 10666500Abstract: Techniques are described for avoiding traffic black-holing in a multi-homed Ethernet virtual private networks (EVPNs) in which a customer device (CE) is multi-homed to a plurality of multi-homing provider edge devices (PEs) via respective links of an Ethernet segment. An overlay network is created over the Ethernet segment, and the multi-homing PEs of the EVPN are configured with a common anycast IP address for respective virtual network interfaces. Upon election as active designated forwarder (DF) for the EVPN, the DF PE of the multi-homing PEs advertises toward the customer network an IGP metric for the anycast IP address that is lower than the IGP metric(s) advertised by any of the non-DF standby PE routers segment to direct the CE to forward network packets from the customer network to the DF PE over the respective link of the Ethernet segment.Type: GrantFiled: March 30, 2016Date of Patent: May 26, 2020Assignee: Juniper Networks, Inc.Inventors: Tapraj Singh, Wen Lin, SelvaKumar Sivaraj, Rukesh Dorai, Sunesh Rustagi
-
Patent number: 10469361Abstract: In general, techniques are described for reducing forwarding loops for layer (L2) traffic that traverses an EVPN or PBB-EVPN instance (EVI) by deterministically determining an access-facing logical interface to block from respective access-facing logical interfaces of PE devices that switch the L2 traffic using the EVI. A provider edge (PE) network device may detect an L2 forwarding loop on an L2 forwarding path that includes the access-facing logical interface. In response to detecting an L2 forwarding loop and based at least on comparing an identifier for the local PE device and an identifier for a remote PE device that implements the EVPN instance, the PE device may block the access-facing logical interface to block L2 traffic from the local customer network.Type: GrantFiled: September 20, 2016Date of Patent: November 5, 2019Assignee: Juniper Networks, Inc.Inventors: Candida M. Bayross, SelvaKumar Sivaraj, Tapraj Singh, Sunesh Rustagi
-
Publication number: 20190222496Abstract: A method and network device to execute an Ethernet Virtual Private Network (EVPN) protocol to configure the network device to participate as one of a plurality of customer edge (CE) routers that provide an active-active configuration for an Ethernet segment coupling the CE routers to a plurality of provider edge (PE) routers, wherein the processor is configured to determine whether a packet that is to be forwarded is an operations, administration, and management (OAM) packet; in response to determining that the packet comprises an OAM packet, replicate the OAM packet for one or more interface links of an Ethernet segment associated with the CE router; configure forwarding instructions to the one or more interface links of the Ethernet segment associated with the CE router; and forward the OAM packet and the replicated OAM packets to the PE routers.Type: ApplicationFiled: March 5, 2019Publication date: July 18, 2019Inventors: Rukesh Dorai, Tapraj Singh, Sunesh Rustagi
-
Publication number: 20190166407Abstract: A method is performed by a first provider edge (PE) of a redundancy group including provider edges configured with an Ethernet virtual private network (EVPN) segment identifier (EVI) and an Ethernet segment identifier (ESI) and that are multi-homed to a customer edge (CE). The method includes, upon receiving from the CE a join request including a group address for a multicast stream, electing a designated forwarder (DF) for the multicast stream. The electing includes: computing for each PE a respective affinity for the DF as a function of a respective address of the PE, the EVI, and the group address; and determining which PE has a largest affinity. The method further includes, if the first PE has the largest affinity or does not have the largest affinity, configuring the first PE as the designated forwarder or not configuring the first PE as the designated forwarder for the multicast stream, respectively.Type: ApplicationFiled: November 30, 2017Publication date: May 30, 2019Inventors: Ali Sajassi, Samir Thoria, Tapraj Singh, Mankamana Prasad Mishra
-
Patent number: 10243821Abstract: A method and network device to execute an Ethernet Virtual Private Network (EVPN) protocol to configure the network device to participate as one of a plurality of customer edge (CE) routers that provide an active-active configuration for an Ethernet segment coupling the CE routers to a plurality of provider edge (PE) routers, wherein the processor is configured to determine whether a packet that is to be forwarded is an operations, administration, and management (OAM) packet; in response to determining that the packet comprises an OAM packet, replicate the OAM packet for one or more interface links of an Ethernet segment associated with the CE router; configure forwarding instructions to the one or more interface links of the Ethernet segment associated with the CE router; and forward the OAM packet and the replicated OAM packets to the PE routers.Type: GrantFiled: December 30, 2015Date of Patent: March 26, 2019Assignee: Juniper Networks, Inc.Inventors: Rukesh Dorai, Tapraj Singh, Sunesh Rustagi
-
Patent number: 10148566Abstract: Techniques are described to provide split-horizon packet forwarding so as to ensure that packets from the customer network that are injected into the provider backbone bridging Ethernet Virtual Private Network (PBB-EVPN) by one of the provider edge (PE) devices of the multi-homed Ethernet segment are not forwarded back toward the customer network by a different PE device connected to the same multi-homed Ethernet segment. For example, a method may comprise receiving a packet via a core-facing interface of a first PE device, determining the Ethernet segment associated with the PE devices by a lookup operation based on keys of the packet; in response to determining the Ethernet segment, supplanting the core-facing interface of the first PE device with a virtual interface associated with the keys, and forwarding the packet to a second CE device without forwarding the received packet back to the Ethernet segment associated with the first PE device.Type: GrantFiled: February 26, 2016Date of Patent: December 4, 2018Assignee: Juniper Networks, Inc.Inventors: Babu Singarayan, Tapraj Singh, Vikas Vidyalal Patel, Swamy Sadashivaiah Renu Kananda