Patents by Inventor Varagur Chandrasekaran
Varagur Chandrasekaran has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11936726Abstract: Methods and systems for implementing traffic mirroring for network telemetry are disclosed. An embodiment of a method for implementing traffic mirroring for network telemetry involves identifying network traffic at a network appliance that is to be subjected to traffic mirroring for network telemetry, and selecting from available options of transmitting enhanced mirrored network traffic from the network appliance to a collector, wherein the enhanced mirrored network traffic is generated at the network appliance by at least one of compressing and encrypting the network traffic, and transmitting mirrored network traffic from the network appliance to the collector without compressing or encrypting the network traffic.Type: GrantFiled: October 12, 2021Date of Patent: March 19, 2024Assignee: Pensando Systems Inc.Inventors: Varagur Chandrasekaran, Sameer Kittur Subrahmanya, Balakrishnan Raman, Tuyen Quoc, Murty Subba Rama Chandra Kotha
-
Patent number: 11706152Abstract: Inbound packets can be received by a network device that determines a receive pipeline latency metric based on a plurality of receive pipeline residency times of the inbound packets and determines a receive queue latency metric based on a plurality of receive queue residency times of the inbound packets. The receive queue latency metric and the receive pipeline latency metric can be reported to a data collector. The network appliance may also receive a plurality of outbound packets on a transmit queue, determine a transmit queue latency metric based on the transmit queue residency times of the outbound packets, and determine a transmit pipeline latency metric based on the transmit pipeline residency times of the outbound packets. The outbound packets may be transmitted toward their destination. The transmit queue latency metric and the transmit pipeline latency metric can be reported to the data collector.Type: GrantFiled: June 15, 2021Date of Patent: July 18, 2023Assignee: Pensando Systems Inc.Inventors: Varagur Chandrasekaran, Allen Hubbe, Shrikant Vaidya
-
Publication number: 20230111744Abstract: Methods and systems for implementing traffic mirroring for network telemetry are disclosed. An embodiment of a method for implementing traffic mirroring for network telemetry involves identifying network traffic at a network appliance that is to be subjected to traffic mirroring for network telemetry, and selecting from available options of transmitting enhanced mirrored network traffic from the network appliance to a collector, wherein the enhanced mirrored network traffic is generated at the network appliance by at least one of compressing and encrypting the network traffic, and transmitting mirrored network traffic from the network appliance to the collector without compressing or encrypting the network traffic.Type: ApplicationFiled: October 12, 2021Publication date: April 13, 2023Inventors: Varagur Chandrasekaran, Sameer Kittur Subrahmanya, Balakrishnan Raman, Tuyen Quoc, Murty Subba Rama Chandra Kotha
-
Publication number: 20230069844Abstract: Synchronizing the databases maintained by network appliances can support high availability or high throughput topologies, but also consumes the devices' processing resources. To address that resource consumption, the network appliance's packet processing pipeline circuits can process synchronization packets to thereby synchronize the databases. A local data structure can be in a first local state. Processing a network packet can result in changing the local data structure to a second local state. A state sync packet can include state transition data that indicates a state difference between the first local state and the second local state. The state sync packet can be sent to a peer device that is configured to process the state transition data using the peer device's packet processing pipeline circuit. The peer device's packet processing pipeline can use the state transition data to update a peer device data structure that is in the peer device.Type: ApplicationFiled: August 25, 2021Publication date: March 9, 2023Inventors: Varagur Chandrasekaran, Akshaya Nadahalli, Balakrishnan Raman, Chandrasekaran Swaminathan, John Cruz, Maruthi Ram Namburu, Pirabhu Raman, Vijay Sampath, Vipin Jain
-
Publication number: 20230006807Abstract: Tenants in data centers may want access to high precision clocks without having to run their own PTP stacks or reference clocks. Furthermore, different tenants may want their workloads synchronized to their own secured clock domain. PTP, the currently dominant synchronization protocol, allows for only 256 clock domains (CDs). Virtual CDs (vCDs) virtualize the concept of clock domains by maintaining a hardware clock within a host computer, receiving a network clock domain packet that includes a clock domain identifier and an origin timestamp produced by a reference clock, using the network clock domain packet to synchronize the hardware clock to the reference clock, and using the hardware clock to provide a hardware timestamp value to a virtual machine (VM) running on the host computer or to a process running on the host computer, wherein the hardware clock is secured from manipulation by the VM or by the process.Type: ApplicationFiled: June 30, 2021Publication date: January 5, 2023Inventors: Allen Hubbe, Varagur Chandrasekaran, Shrikant Vaidya
-
Publication number: 20220400083Abstract: Inbound packets can be received by a network device that determines a receive pipeline latency metric based on a plurality of receive pipeline residency times of the inbound packets and determines a receive queue latency metric based on a plurality of receive queue residency times of the inbound packets. The receive queue latency metric and the receive pipeline latency metric can be reported to a data collector. The network appliance may also receive a plurality of outbound packets on a transmit queue, determine a transmit queue latency metric based on the transmit queue residency times of the outbound packets, and determine a transmit pipeline latency metric based on the transmit pipeline residency times of the outbound packets. The outbound packets may be transmitted toward their destination. The transmit queue latency metric and the transmit pipeline latency metric can be reported to the data collector.Type: ApplicationFiled: June 15, 2021Publication date: December 15, 2022Inventors: Varagur Chandrasekaran, Allen Hubbe, Shrikant Vaidya
-
Patent number: 11374844Abstract: A network appliance having a control plane and a data plane can process substantially every input packet at wire speed in a programmable packet processing pipeline of the data plane. Sensors, which can be processes implemented within the pipeline, can measure parameters of the network traffic flows and of the network appliance in accordance with monitoring policies. Reporting policies can be triggered when any one of many criteria are met by the parameters. The reporting policy can result in a report being sent to an outside recipient. Alternatively, the reporting policy can result in the network appliance implementing additional monitoring or reporting policies.Type: GrantFiled: August 11, 2020Date of Patent: June 28, 2022Assignee: Pensando Systems, Inc.Inventors: Varagur Chandrasekaran, Vipin Jain, Swaminathan Narayanan, Raghava Kodigenahalli Sivaramu, Venkatesh Srinivasan
-
Publication number: 20220052936Abstract: A network appliance having a control plane and a data plane can process substantially every input packet at wire speed in a programmable packet processing pipeline of the data plane. Sensors, which can be processes implemented within the pipeline, can measure parameters of the network traffic flows and of the network appliance in accordance with monitoring policies. Reporting policies can be triggered when any one of many criteria are met by the parameters. The reporting policy can result in a report being sent to an outside recipient. Alternatively, the reporting policy can result in the network appliance implementing additional monitoring or reporting policies.Type: ApplicationFiled: August 11, 2020Publication date: February 17, 2022Inventors: Varagur CHANDRASEKARAN, Vipin JAIN, Swaminathan NARAYANAN, Raghava Kodigenahalli SIVARAMU, Venkatesh SRINIVASAN
-
Patent number: 11146468Abstract: Methods and systems for exporting network information from an exporter to a collector are disclosed. Embodiments of the present technology may include updating a non-key field of a flow entry in a flow cache that corresponds to a flow, setting a field in a context-bitmap of the flow entry in response to updating the non-key field of the flow entry, identifying an export policy using the context-bitmap, and exporting information related to the flow to a collector according to the export policy.Type: GrantFiled: March 8, 2021Date of Patent: October 12, 2021Assignee: PENSANDO SYSTEMS INC.Inventors: Varagur Chandrasekaran, Swaminathan Narayanan
-
Patent number: 10644983Abstract: Control plane analytics and policing may be provided. First, packets that traverse a port may be parsed. Next, based on the parsed packets, metrics for each of a plurality of hosts on a per-protocol basis may be created. The created metrics may then be analyzed and at least one restriction on at least one of the plurality of hosts may be applied based on the analysis.Type: GrantFiled: July 28, 2017Date of Patent: May 5, 2020Assignee: Cisco Technology, Inc.Inventors: Varagur Chandrasekaran, Srinivas Pitta, Ashok Ganesan, Naoshad Mehta
-
Patent number: 10505918Abstract: In one example, a security application that interfaces one or more cloud application clients in an enterprise network and one or more cloud applications detects a request made by one of the one or more cloud application clients to access a cloud application. The security application sends one or more prompts to the cloud application for one or more responses reflecting current empirical data obtained from the cloud application. The security application receives, from the cloud application, the one or more responses, and generates an application fingerprint that includes the one or more responses.Type: GrantFiled: June 28, 2017Date of Patent: December 10, 2019Assignee: Cisco Technology, Inc.Inventors: Deep Chand Patel, Varagur Chandrasekaran, Srinivas Pitta, Shrawan Chittoor Surender
-
Publication number: 20190036806Abstract: Control plane analytics and policing may be provided. First, packets that traverse a port may be parsed. Next, based on the parsed packets, metrics for each of a plurality of hosts on a per-protocol basis may be created. The created metrics may then be analyzed and at least one restriction on at least one of the plurality of hosts may be applied based on the analysis.Type: ApplicationFiled: July 28, 2017Publication date: January 31, 2019Applicant: Cisco Technology, Inc.Inventors: Varagur Chandrasekaran, Srinivas Pitta, Ashok Ganesan, Naoshad Mehta
-
Publication number: 20190007394Abstract: In one example, a security application that interfaces one or more cloud application clients in an enterprise network and one or more cloud applications detects a request made by one of the one or more cloud application clients to access a cloud application. The security application sends one or more prompts to the cloud application for one or more responses reflecting current empirical data obtained from the cloud application. The security application receives, from the cloud application, the one or more responses, and generates an application fingerprint that includes the one or more responses.Type: ApplicationFiled: June 28, 2017Publication date: January 3, 2019Inventors: Deep Chand Patel, Varagur Chandrasekaran, Srinivas Pitta, Shrawan Chittoor Surender
-
Patent number: 9455948Abstract: In one embodiment, the processing by a packet switching device of a received network-to-link-layer address resolution request message (e.g., Address Resolution Protocol [ARP] Request message, Neighbor Discovery Protocol [NDP] Neighbor Solicitation message) is dependent upon whether or not its target IP address corresponds to a network gateway packet switching device. When the target IP address of a received ARP Request/NDP Neighbor Solicitation message corresponds to a network gateway, then the packet switching device responds effectively on behalf of the network gateway, rather than forwarding the message to the network gateway. When the target IP address of a received ARP Request/NDP Neighbor Solicitation message does not correspond to a network gateway and the Media Access Control (MAC) address corresponding to the target IP address is known, then the packet switching device transforms then sends the broadcast or multicast frame into a unicast frame.Type: GrantFiled: August 10, 2012Date of Patent: September 27, 2016Assignee: Cisco Technology, Inc.Inventors: Ramkumar Sankar, Varagur Chandrasekaran, Murali Basavaiah
-
Patent number: 9229749Abstract: In one embodiment, a method includes receiving at a network device, resource information comprising attributes for compute and storage resources in a network, identifying a need for provisioning a virtual element, and selecting one of the compute and storage resources for use in provisioning the virtual element. Selection of the compute or storage resource includes analyzing the resource information for the compute resources and the storage resources in the network. An apparatus is also disclosed.Type: GrantFiled: October 31, 2011Date of Patent: January 5, 2016Assignee: Cisco Technology, Inc.Inventor: Varagur Chandrasekaran
-
Publication number: 20140003426Abstract: In one embodiment, the processing by a packet switching device of a received network-to-link-layer address resolution request message (e.g., Address Resolution Protocol [ARP] Request message, Neighbor Discovery Protocol [NDP] Neighbor Solicitation message) is dependent upon whether or not its target IP address corresponds to a network gateway packet switching device. When the target IP address of a received ARP Request/NDP Neighbor Solicitation message corresponds to a network gateway, then the packet switching device responds effectively on behalf of the network gateway, rather than forwarding the message to the network gateway. When the target IP address of a received ARP Request/NDP Neighbor Solicitation message does not correspond to a network gateway and the Media Access Control (MAC) address corresponding to the target IP address is known, then the packet switching device transforms then sends the broadcast or multicast frame into a unicast frame.Type: ApplicationFiled: August 10, 2012Publication date: January 2, 2014Applicant: Cisco Technology, Inc., a corporation of CaliforniaInventors: Ramkumar Sankar, Varagur Chandrasekaran, Murali Basavaiah
-
Publication number: 20130111471Abstract: In one embodiment, a method includes receiving at a network device, resource information comprising attributes for compute and storage resources in a network, identifying a need for provisioning a virtual element, and selecting one of the compute and storage resources for use in provisioning the virtual element. Selection of the compute or storage resource includes analyzing the resource information for the compute resources and the storage resources in the network. An apparatus is also disclosed.Type: ApplicationFiled: October 31, 2011Publication date: May 2, 2013Applicant: CISCO TECHNOLOGY, INC.Inventor: Varagur Chandrasekaran
-
Patent number: 7890655Abstract: According to the present invention, methods and apparatus are provided for improving data transfers between hosts and targets connected through fiber channel switches. A host connected intelligent port and a target connected intelligent port associated with fiber channel edge switches are configured to snoop frames from the host and target and establish flows for acceleration. The host connected intelligent port and the target connect intelligent port preemptively respond to host and target transmissions to reduce data transfer latency.Type: GrantFiled: February 16, 2006Date of Patent: February 15, 2011Assignee: Cisco Technology, Inc.Inventor: Varagur Chandrasekaran
-
Patent number: 7877466Abstract: Methods and apparatus are provided for improving the configuration and allocation of storage resources in a fiber channel fabric. Network topology information and loop topology information is used to increase data availability and data access efficiency. For example, devices in different loops are selected for striping and devices connected to a host through different ports and switches are selected for mirroring. Link speed, quality of service, credits, and the availability of trunking links can also be considered.Type: GrantFiled: January 11, 2005Date of Patent: January 25, 2011Assignee: Cisco Technology, Inc.Inventor: Varagur Chandrasekaran
-
Patent number: 7774548Abstract: Disclosed are apparatus and methods for facilitating caching in a storage area network (SAN). In general, data transfer traffic between one or more hosts and one or more memory portions in one or more storage device(s) is redirected to one or more cache modules. One or more network devices (e.g., switches) of the SAN can be configured to redirect data transfer for a particular memory portion of one or more storage device(s) to a particular cache module. As needed, data transfer traffic for any number of memory portions and storage devices can be identified for or removed from being redirected to a particular cache module. Also, any number of cache modules can be utilized for receiving redirected traffic so that such redirected traffic is divided among such cache modules in any suitable proportion for enhanced flexibility.Type: GrantFiled: July 10, 2008Date of Patent: August 10, 2010Assignee: Cisco Technology Inc.Inventors: Raghavendra J. Rao, Murali Basavaiah, Urshit Parikh, Varagur Chandrasekaran