Patents by Inventor Xuanming Dong
Xuanming Dong has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20230344923Abstract: A packet classifier for packet classification in computer networking is provided. The packet classifier includes a packet parser, an extended key crafting logic, a match and action table, and a rule parser configured to parse predetermined rules and to identify at least one commutable matching tuple. When the rule parser identifies the at least one commutable matching tuple in the predetermined rules, the rule parser actuates the extended key crafting logic and programs the match and action table based on the identified commutable matching tuple.Type: ApplicationFiled: July 3, 2023Publication date: October 26, 2023Inventor: Xuanming Dong
-
Patent number: 10097378Abstract: Various systems and methods for implementing efficient TCAM resource sharing are described herein. Entries are allocated across a plurality of ternary content addressable memories (TCAMs), with the plurality of TCAMs including a primary TCAM and a secondary TCAM, where the entries are allocated by sequentially accessing a plurality of groups of value-mask-result (VMR) entries, with each group having at least one VMR entry associated with the group, and iteratively analyzing the VMR entries associated with each group to determine a result set of VMR entries, with the result set being a subset of VMR entries from the plurality of groups of VMR entries, and the result set to be stored in the primary TCAM.Type: GrantFiled: September 7, 2012Date of Patent: October 9, 2018Assignee: Cisco Technology, Inc.Inventors: Xuanming Dong, Vijaya Kumar Kulkarni, Cesare Cantù
-
Publication number: 20170126573Abstract: An example method for providing a self-stretching policer in a Quality of Service (QoS) community including a root node and one or more agent nodes can include maintaining and enforcing a policer policy in the root node. The policer policy can include at least one packet classification rule and corresponding police action, and the policer policy can be enforced by taking the corresponding police action if a traffic flow violates the packet classification rule. The method can include collecting policer statistics and determining if the traffic flow violates the packet classification rule by greater than a predetermined threshold using the policer statistics. If the traffic flow violates the packet classification rule by greater than the predetermined threshold, the method can include transmitting the policer policy to one or more of the agent nodes.Type: ApplicationFiled: October 11, 2016Publication date: May 4, 2017Inventors: Xuanming Dong, Cesare Cantu'
-
Patent number: 9497129Abstract: An example method for providing a self-stretching policer in a Quality of Service (QoS) community including a root node and one or more agent nodes can include maintaining and enforcing a policer policy in the root node. The policer policy can include at least one packet classification rule and corresponding police action, and the policer policy can be enforced by taking the corresponding police action if a traffic flow violates the packet classification rule. The method can include collecting policer statistics and determining if the traffic flow violates the packet classification rule by greater than a predetermined threshold using the policer statistics. If the traffic flow violates the packet classification rule by greater than the predetermined threshold, the method can include transmitting the policer policy to one or more of the agent nodes.Type: GrantFiled: April 10, 2013Date of Patent: November 15, 2016Assignee: Cisco Technology, Inc.Inventors: Xuanming Dong, Cesare Cantu′
-
Patent number: 9083633Abstract: An example method for a distributed NetFlow exporter with a single IP endpoint in a network environment is provided and includes configuring a network protocol stack of an exporter with switched virtual interface (SVI) state information of an SVI associated with a switch in a network, retrieving flow data from a NetFlow cache, and communicating the flow data to a collector according to the configured network protocol stack. Although the communication bypasses the SVI, the collector perceives the flow records as being communicated by the SVI. The SVI state information includes a public Internet Protocol (IP) address and a Media Access Control (MAC) address of the SVI, where the exporter executes on an adaptor of a server in the network. The method also includes configuring a destination IP address and a destination MAC address on the exporter according to a NetFlow policy.Type: GrantFiled: February 4, 2013Date of Patent: July 14, 2015Assignee: CISCO TECHNOLOGY, INC.Inventors: Cesare Cantu', Xuanming Dong, Anant Deepak, Satish Ashok, Mohan Ayalasomayajula
-
Patent number: 9065767Abstract: A an example method includes building a dictionary between an exporter and a collector by encoding a first data record of a flow according to a dictionary template and exporting the first data record to the collector via a network communication. The method can also include compressing a second data record of the flow using the dictionary, where the compressing comprises encoding the second data record according to an encoding template; and exporting the second data record to the collector to be decompressed using the dictionary.Type: GrantFiled: April 3, 2012Date of Patent: June 23, 2015Assignee: CISCO TECHNOLOGY, INC.Inventors: Xuanming Dong, Cesare Cantu′, Jeffrey Y M Wang
-
Publication number: 20140307544Abstract: An example method for providing a self-stretching policer in a Quality of Service (QoS) community including a root node and one or more agent nodes can include maintaining and enforcing a policer policy in the root node. The policer policy can include at least one packet classification rule and corresponding police action, and the policer policy can be enforced by taking the corresponding police action if a traffic flow violates the packet classification rule. The method can include collecting policer statistics and determining if the traffic flow violates the packet classification rule by greater than a predetermined threshold using the policer statistics. If the traffic flow violates the packet classification rule by greater than the predetermined threshold, the method can include transmitting the policer policy to one or more of the agent nodes.Type: ApplicationFiled: April 10, 2013Publication date: October 16, 2014Applicant: Cisco Technology, Inc.Inventors: Xuanming Dong, Cesare Cantu´
-
Publication number: 20140219086Abstract: An example method for a distributed NetFlow exporter with a single IP endpoint in a network environment is provided and includes configuring a network protocol stack of an exporter with switched virtual interface (SVI) state information of an SVI associated with a switch in a network, retrieving flow data from a NetFlow cache, and communicating the flow data to a collector according to the configured network protocol stack. Although the communication bypasses the SVI, the collector perceives the flow records as being communicated by the SVI. The SVI state information includes a public Internet Protocol (IP) address and a Media Access Control (MAC) address of the SVI, where the exporter executes on an adaptor of a server in the network. The method also includes configuring a destination IP address and a destination MAC address on the exporter according to a NetFlow policy.Type: ApplicationFiled: February 4, 2013Publication date: August 7, 2014Applicant: CISCO TECHNOLOGY, INC.Inventors: Cesare Cantu', Xuanming Dong, Anant Deepak, Satish Ashok, Mohan Ayalasomayajula
-
Publication number: 20140075108Abstract: Various systems and methods for implementing efficient TCAM resource sharing are described herein. Entries are allocated across a plurality of ternary content addressable memories (TCAMs), with the plurality of TCAMs including a primary TCAM and a secondary TCAM, where the entries are allocated by sequentially accessing a plurality of groups of value-mask-result (VMR) entries, with each group having at least one VMR entry associated with the group, and iteratively analyzing the VMR entries associated with each group to determine a result set of VMR entries, with the result set being a subset of VMR entries from the plurality of groups of VMR entries, and the result set to be stored in the primary TCAM.Type: ApplicationFiled: September 7, 2012Publication date: March 13, 2014Applicant: Cisco Technology, Inc.Inventors: Xuanming Dong, Vijaya Kumar Kulkarni, Cesare Cantú
-
Publication number: 20130262703Abstract: A an example method includes building a dictionary between an exporter and a collector by encoding a first data record of a flow according to a dictionary template and exporting the first data record to the collector via a network communication. The method can also include compressing a second data record of the flow using the dictionary, where the compressing comprises encoding the second data record according to an encoding template; and exporting the second data record to the collector to be decompressed using the dictionary.Type: ApplicationFiled: April 3, 2012Publication date: October 3, 2013Inventors: Xuanming Dong, Cesare Cantú, Jeffrey YM Wang
-
Patent number: 8155003Abstract: In one embodiment, a method comprises calculating a corresponding data packet arrival rate for each of a plurality of data sources supplying data packets destined for a prescribed destination, the prescribed destination within a machine and the prescribed destination having a bandwidth capacity; calculating a guaranteed shared bandwidth rate for each data source based on assigning a corresponding selected portion of the bandwidth capacity relative to the corresponding data packet arrival rate; selectively passing each data packet from the corresponding data source as a passed data packet, or dropping the corresponding data packet, according to a calculated probability that the corresponding data packet arrival rate does not exceed the corresponding guaranteed shared bandwidth rate; and selectively filtering the supply of aggregated passed data packets, aggregated only from among the passed data packets supplied by the data sources, to the prescribed destination according to the bandwidth capacity of the prescType: GrantFiled: October 23, 2009Date of Patent: April 10, 2012Assignee: Cisco Technology, Inc.Inventors: Xuanming Dong, Vijaya Kulkarni, Sameer Merchant
-
Publication number: 20110096674Abstract: In one embodiment, a method comprises calculating a corresponding data packet arrival rate for each of a plurality of data sources supplying data packets destined for a prescribed destination, the prescribed destination within a machine and the prescribed destination having a bandwidth capacity; calculating a guaranteed shared bandwidth rate for each data source based on assigning a corresponding selected portion of the bandwidth capacity relative to the corresponding data packet arrival rate; selectively passing each data packet from the corresponding data source as a passed data packet, or dropping the corresponding data packet, according to a calculated probability that the corresponding data packet arrival rate does not exceed the corresponding guaranteed shared bandwidth rate; and selectively filtering the supply of aggregated passed data packets, aggregated only from among the passed data packets supplied by the data sources, to the prescribed destination according to the bandwidth capacity of the prescType: ApplicationFiled: October 23, 2009Publication date: April 28, 2011Applicant: CISCO TECHNOLOGY, INC.Inventors: Xuanming DONG, Vijaya KULKARNI, Sameer MERCHANT