Address Resolution (e.g., Arp, Or Nhrp) Patents (Class 370/395.54)
  • Patent number: 12074844
    Abstract: An apparatus in an illustrative embodiment comprises at least one processing device including a processor and a memory. The at least one processing device is configured to implement a management controller for a network device, the management controller being configured to communicate with at least one management server external to the network device. The at least one processing device is further configured to obtain network configuration information for one or more network interfaces of the network device, to deploy a network address server at least in part on the management controller, and to utilize the network address server deployed at least in part on the management controller to assign at least one network address to each of one or more of the network interfaces of the network device.
    Type: Grant
    Filed: January 9, 2023
    Date of Patent: August 27, 2024
    Assignee: Dell Products L.P.
    Inventors: Naman Goel, Ravishankar Kanakapura Nanjundaswamy, Ravikanth Chaganti
  • Patent number: 12041080
    Abstract: Leveraging non-transient or persistent device identifiers to enforce device quarantine instead of IP addresses accommodates the transient associations of IP addresses to devices without compromising the effectiveness of quarantine. When a device has been determined to be compromised and is quarantined, the quarantine of the device is enforced using the IP address of the device. However, IP address assignment is transient. With each connection, a device can be assigned a different IP address. After a connection is established, a gateway can collect a device identifying value(s) that persists across network connections (e.g., host identifier (hostid) and device serial number). With a persistent device identifier, a quarantine list can be enforced in a data/forwarding plane regardless of a compromised device being assigned different network addresses.
    Type: Grant
    Filed: January 30, 2020
    Date of Patent: July 16, 2024
    Assignee: Palo Alto Networks, Inc.
    Inventors: Li Meng, Sarveshwar Meta Rao, Soundarya Sivaramakrishnan, Xin Yao
  • Patent number: 12041027
    Abstract: A communication apparatus which terminates an L2 tunnel and an L3 tunnel includes a table storage unit which stores an ARP table where a broadcast MAC address is set as a destination MAC address linked to a destination IP address, and a transmission unit which acquires the broadcast MAC address as a destination MAC address corresponding to a destination IP address of an IP packet received via the L3 tunnel by referring to the ARP table and transmits a frame to which the broadcast MAC address is added as a destination MAC address, via the L2 tunnel.
    Type: Grant
    Filed: February 5, 2020
    Date of Patent: July 16, 2024
    Assignee: Nippon Telegraph and Telephone Corporation
    Inventors: Hiroki Kano, Katsuma Miyamoto, Akihiro Kimura
  • Patent number: 11949708
    Abstract: A system and method for accelerating a threat mitigation of malicious cybersecurity activity includes: identifying, via one or more processors, a cybersecurity event associated with a third-party application or a third-party service of a subscriber; generating, via the one or more processors, a service-proposed remediation action for the cybersecurity event based on the identifying of the cybersecurity event; automatically assessing, via the one or more processors, the service-proposed remediation action against automated remediation criteria of the subscriber based on the generation of the service-proposed remediation action; automatically constructing, via the one or more processors, a remediation action application programming interface (API) request for the service-proposed remediation action based on the service-proposed remediation action satisfying the automated remediation criteria of the subscriber; and automatically executing, via the one or more processors, the remediation action API request to rem
    Type: Grant
    Filed: October 4, 2023
    Date of Patent: April 2, 2024
    Assignee: Expel, Inc.
    Inventor: Nabeel Zafar
  • Patent number: 11943132
    Abstract: Multicast and unicast communication among computing devices across different local area networks (LANs) and without static IP addresses is supported by assigning an instant-share (InS) address to an individual computing device. The InS address is recognizable by a dedicated router located in the Internet and enables the dedicated router to communicate with the individual computing device. The individual computing device embeds an InS address of a destination computing device in a data message to form an extended data message, and sends the extended data message to the dedicated router. The dedicated router then forwards the extended data message to the destination computing device. A group member contact synchronization among different computing devices in a group without Internet connectivity is also supported. Local lists of group members from different computing devices are collected. The most-recent one is used to update the local list of group members of a computing device.
    Type: Grant
    Filed: November 11, 2021
    Date of Patent: March 26, 2024
    Assignee: InstantShare Technology Limited
    Inventor: Hung Lun Alan Lau
  • Patent number: 11902245
    Abstract: Some embodiments of the invention provide a method of sending data in a network that includes at least one worker node executing one or more sets of containers and a virtual switch, the virtual switch including a gateway interface, a virtual local area network (VLAN) tunnel interface, and a set of virtual Ethernet interfaces associated with the one or more sets of containers. The method configures the gateway interface of the worker node to associate the gateway interface with multiple subnets that are each associated with a namespace. The worker node executes at least (1) first and second sets of containers of a first namespace, and (2) a third set of containers of a second namespace. The method sends data between the first and second sets of containers through a first virtual Ethernet interface associated with the first set of containers and a second virtual Ethernet interface associated with the second set of containers.
    Type: Grant
    Filed: March 1, 2022
    Date of Patent: February 13, 2024
    Assignee: VMware LLC
    Inventors: Qiang Tang, Zhaoqian Xiao
  • Patent number: 11831412
    Abstract: Rapid channel failure detection and recovery in wireless communication networks is needed in order to meet, among other things, carrier class Ethernet channel standards. Thus, resilient wireless packet communications is provided using a physical layer link aggregation protocol with a hardware-assisted rapid channel failure detection algorithm and load balancing, preferably in combination. This functionality may be implemented in a Gigabit Ethernet data access card with an engine configured accordingly. In networks with various topologies, these features may be provided in combination with their existing protocols.
    Type: Grant
    Filed: January 6, 2023
    Date of Patent: November 28, 2023
    Assignee: Aviat Networks, Inc.
    Inventors: Sergio Licardie, Chaoming Zeng
  • Patent number: 11825406
    Abstract: A User Equipment (UE) device, such as a cellular telephone, configured to store Higher Priority Public Land Mobile Network (HPPLMN) timer setting values and enterprise geofence information associated with the entries on its Equivalent Home Public Land Mobile Network (EHPLMN) list is disclosed. When the UE is camped on an EHPLMN, the UE may search/scan for higher priority EHPLMNs using the HPPLMN timer setting values associated with the entries on the list that have higher priority than the current EHPLMN. The rate of the scans may be set based on the shortest HPPLMN timer entry of the higher priority entries on the EHPLMN list. The UE may also or instead be configured to search for geofenced EHPLMNs on the list for which entrance criteria are currently satisfied, even when the current EHPLMN has higher priority than the geofenced EHPLMNs.
    Type: Grant
    Filed: April 23, 2021
    Date of Patent: November 21, 2023
    Assignee: Celona, Inc.
    Inventors: Srinivasan Balasubramanian, Mehmet Yavuz
  • Patent number: 11811819
    Abstract: A system and method for accelerating a threat mitigation of malicious cybersecurity activity includes: identifying, via one or more processors, a cybersecurity event associated with a third-party application or a third-party service of a subscriber; generating, via the one or more processors, a service-proposed remediation action for the cybersecurity event based on the identifying of the cybersecurity event; automatically assessing, via the one or more processors, the service-proposed remediation action against automated remediation criteria of the subscriber based on the generation of the service-proposed remediation action; automatically constructing, via the one or more processors, a remediation action application programming interface (API) request for the service-proposed remediation action based on the service-proposed remediation action satisfying the automated remediation criteria of the subscriber; and automatically executing, via the one or more processors, the remediation action API request to rem
    Type: Grant
    Filed: March 17, 2023
    Date of Patent: November 7, 2023
    Assignee: Expel, Inc.
    Inventor: Nabeel Zafar
  • Patent number: 11765081
    Abstract: Systems and methods of offloading multicast virtual network packet processing to a network interface card are provided. In an example implementation, a network interface card can route packets in a virtual network. The network interface card can be configured to receive a data packet having a multicast header for transmission to a plurality of destination virtual machines. The network interface card can retrieve a list of next hop destinations for the data packet. The network interface card can replicate the packet for each next hop destination. The network interface card can encapsulate each replicated packet with a unicast header that includes a next hop destination virtual IP address indicating the next hop destination and a source virtual IP address, and transmit the encapsulated packets.
    Type: Grant
    Filed: August 18, 2022
    Date of Patent: September 19, 2023
    Assignee: Google LLC
    Inventors: Prashant R. Chandra, Balakrishna Raghunath, Uday Ramakrishna Naik, Michael Dalton
  • Patent number: 11757961
    Abstract: A system and a method for media streaming from multiple sources are disclosed. A content requesting client device accesses a server to receive a list of available sources that may include multiple Content Delivery Networks (CDNs) and independent servers. Based on a pre-set criteria, such as the source delivery performance and cost, the client device partitions the content into parts, allocates a source to each part, and simultaneously receives media streams of the content parts from the allocated sources. The server may be a Video-on-Demand (VOD) server, and the content may be a single file of a video data, such as a movie. The delivery performance of the used sources is measured during the streaming for updating the partition or the allocation. The updated measured performance may be stored locally at the client device, or at a server for use by other clients. The client actions may be implemented as a client-side script.
    Type: Grant
    Filed: June 15, 2021
    Date of Patent: September 12, 2023
    Assignee: BRIGHT DATA LTD.
    Inventors: Derry Shribman, Ofer Vilenski
  • Patent number: 11742990
    Abstract: The present disclosure discloses apparatuses, systems, and methods of wireless communication that use an adaptive hybrid automatic repeat request (HARQ) procedure and a multi-threaded HARQ procedure for improving HARQ buffer utilization and management. A user equipment (UE) can transmit a reset NACK to reduce the amount of HARQ buffers needed for concurrent HARQ processes. A base station can transmit different redundancy data in a HARQ retransmission depending on the types of NACK the UE transmitted. The base station can communicate with the UE using multiple light HARQ processes or threads that use less HARQ buffers than a typical HARQ procedure. Other aspects, features, and embodiments are also claimed and described.
    Type: Grant
    Filed: September 28, 2020
    Date of Patent: August 29, 2023
    Assignee: QUALCOMM Incorporated
    Inventors: Arumugam Chendamarai Kannan, Xiaoxia Zhang, Vinay Chande, Tao Luo, Srinivas Yerramalli
  • Patent number: 11588626
    Abstract: This application provides a key distribution method, an apparatus, and a system, includes: determining, by an identity management server based on AAA authentication information, whether AAA authentication on the terminal succeeds; if the AAA authentication succeeds, sending the ID of the terminal to a key management server; and generating, by the key management server, a private key of the terminal and returning the private key to the management server. After negotiating with the terminal to generate a first key, the identity management server encrypts the ID and the private key of the terminal, and sends an encrypted ID and an encrypted private key to the terminal. The terminal obtains the ID and the private key of the terminal. According to the key distribution method, apparatus, and system provided in this application, communication security performance of the terminal during ID-based registration authentication is improved.
    Type: Grant
    Filed: July 11, 2020
    Date of Patent: February 21, 2023
    Assignee: HUAWEI TECHNOLOGIES CO., LTD.
    Inventor: Rongfei Wan
  • Patent number: 11558285
    Abstract: Rapid channel failure detection and recovery in wireless communication networks is needed in order to meet, among other things, carrier class Ethernet channel standards. Thus, resilient wireless packet communications is provided using a physical layer link aggregation protocol with a hardware-assisted rapid channel failure detection algorithm and load balancing, preferably in combination. This functionality may be implemented in a Gigabit Ethernet data access card with an engine configured accordingly. In networks with various topologies, these features may be provided in combination with their existing protocols.
    Type: Grant
    Filed: December 10, 2019
    Date of Patent: January 17, 2023
    Assignee: Aviat U.S., Inc.
    Inventors: Sergio Licardie, Chaoming Zeng
  • Patent number: 11539659
    Abstract: Some embodiments of the invention provide a method for managing logical forwarding elements (LFEs) implemented by multiple physical forwarding elements (PFEs) operating on multiple devices, each LFE including multiple logical ports. On a host computer executing a particular machine connected to the LFE and a PFE implementing the LFE, the method identifies an address discovery message associating a particular network address of the particular machine with another network address of the particular machine. The method identifies an LFE logical port associated with the particular machine, stores in an encapsulation header an identifier that identifies this port, and then forwards the encapsulated message to a set of one or more devices implementing the LFE for the devices to use in processing data messages associated with the particular machine.
    Type: Grant
    Filed: August 30, 2021
    Date of Patent: December 27, 2022
    Assignee: VMWARE, INC.
    Inventors: Sami Boutros, W. Andrew Lambeth, Jayant Jain, Mani Kancherla
  • Patent number: 11496439
    Abstract: Systems and methods are described for communications between computing devices via a stateless high-volume network address translation (“NAT”) service. The stateless high-volume NAT service manages high volumes of connections between networks by encoding at least part of the information needed to manage a connection in an encoded IPv6 address, which is then used by a NAT device or application as its sending address when relaying data from a source to a destination. The encoded IPv6 address may contain information such as the IPv4 address of the source, the IPv4 address of the destination, the protocol used to communicate, the source and destination ports, and the like. When the destination sends a response to the encoded IPv6 address, the NAT device decodes the IPv6 address to obtain the encoded information, and then uses that information to deliver the response to the source.
    Type: Grant
    Filed: March 23, 2021
    Date of Patent: November 8, 2022
    Assignee: Amazon Technologies, Inc.
    Inventors: Hardeep Singh Uppal, Junzhi Wang
  • Patent number: 11463354
    Abstract: Systems and methods of offloading multicast virtual network packet processing to a network interface card are provided. In an example implementation, a network interface card can route packets in a virtual network. The network interface card can be configured to receive a data packet having a multicast header for transmission to a plurality of destination virtual machines. The network interface card can retrieve a list of next hop destinations for the data packet. The network interface card can replicate the packet for each next hop destination. The network interface card can encapsulate each replicated packet with a unicast header that includes a next hop destination virtual IP address indicating the next hop destination and a source virtual IP address, and transmit the encapsulated packets.
    Type: Grant
    Filed: December 11, 2020
    Date of Patent: October 4, 2022
    Assignee: Google LLC
    Inventors: Prashant Chandra, Balakrishna Raghunath, Uday Ramakrishna Naik, Michael Dalton
  • Patent number: 11354076
    Abstract: A management server connected, to a plurality of image forming devices and an information processing device having a printer driver is provided. The server manages, for each location, network information and information of print performance of an image forming device belonging to the location; identifies a location to which the information processing device belongs, based on the network information, upon receiving from the information processing device a notification that network setting of the information processing device has been changed; and transmits, to the information processing device, a device setting of the printer driver based on information of print performance corresponding to an image forming device belonging to the location being identified.
    Type: Grant
    Filed: July 6, 2020
    Date of Patent: June 7, 2022
    Assignee: CANON KABUSHIKI KAISHA
    Inventor: Hirofumi Mochizuki
  • Patent number: 11297038
    Abstract: A method for rotating internet protocol (IP) addresses in a virtual private network (VPN), the method comprising receiving, at a first VPN server during an established VPN connection, a first data request and a second data request from a user device, retrieving first data associated with the first data request using a first exit IP address, and retrieving second data associated with the second data request using a second exit IP address, different from the first exit IP address. Various other aspects are contemplated.
    Type: Grant
    Filed: July 3, 2021
    Date of Patent: April 5, 2022
    Assignee: Oversec, UAB
    Inventors: Tomas Kolaitis, Vytautas Neubauer
  • Patent number: 11178002
    Abstract: A method for controlling a wireless lighting control network includes determining, by a first network device, whether a message is received from a control device during a first time interval; in response to determining that the message was not received, transmitting, by the first network device, a message to other network devices to determine whether another network device received the message from the control device; in response to determining, during a second time interval, that the first network device did not receive the message from the control device and did not receive an indication from another network device that the message from the control device was received, transmitting a message to the other network devices to indicate that the first network device is a substitute control device; and periodically transmitting messages to the other network devices indicating that the first network device is an active substitute control device.
    Type: Grant
    Filed: July 10, 2020
    Date of Patent: November 16, 2021
    Assignee: ABL IP Holding LLC
    Inventor: Gomez Sam Selvaraj
  • Patent number: 11108728
    Abstract: Some embodiments of the invention provide a method for implementing a logical network with one or more logical forwarding elements (LFEs), each with multiple logical ports. Each LFE in some embodiments is implemented by several physical forwarding elements (PFEs) operating on several devices. On a host computer executing a particular machine connected to a PFE implementing a particular LFE, the method identifies an address discovery message associating a particular network address (e.g., a layer 2 (L2) address or media access control (MAC) address) of the particular machine with a another network address (e.g., a layer 3 (L3) or an Internet Protocol (IP) address) of the particular machine.
    Type: Grant
    Filed: July 24, 2020
    Date of Patent: August 31, 2021
    Assignee: VMWARE, INC.
    Inventors: Sami Boutros, W. Andrew Lambeth, Jayant Jain, Mani Kancherla
  • Patent number: 10725942
    Abstract: An integrated circuit (IC) includes a first kernel circuit implemented in programmable circuitry, a second kernel circuit implemented in programmable circuitry, and a stream traffic manager circuit coupled to the first kernel circuit and the second kernel circuit. The stream traffic manager circuit is configured to control data streams exchanged between the first kernel circuit and the second kernel circuit.
    Type: Grant
    Filed: November 9, 2018
    Date of Patent: July 28, 2020
    Assignee: Xilinx, Inc.
    Inventors: Chandrasekhar S. Thyamagondlu, Ravi N. Kurlagunda, Kenneth K. Chan, Ravi Sunkavalli
  • Patent number: 10728162
    Abstract: Embodiments of the present invention provide a method and an apparatus for controlling a service data flow. The method includes: acquiring, by a controller, index information related to a UE, where the index information includes at least a user information index, a PDN connection index, a bearer index, and a service data flow table index that are related to the UE; sending, by the controller, the index information to a forwarder by using an entry notification message; when a first control event of a service data flow is triggered, acquiring, by the controller, a first instruction index according to the first control event, where the first instruction index includes at least one type of the index information related to the UE; and sending, by the controller, the first instruction index to the forwarder by using first control signaling.
    Type: Grant
    Filed: December 16, 2016
    Date of Patent: July 28, 2020
    Assignee: HUAWEI TECHNOLOGIES CO., LTD.
    Inventors: Shiyong Tan, Hui Cai
  • Patent number: 10320838
    Abstract: Systems, methods, and computer-readable media for preventing man-in-the-middle attacks within network, without the need to maintain trusted/un-trusted port listings on each network device. The solutions disclosed herein leverage a host database which can be present on controllers, thereby providing a centralized database instead of a per-node DHCP binding database. Systems configured according to this disclosure (1) use a flood list only for ARP packets received from the controller 116; and (2) unicast ARP packets to the controller before communicating the packets to other VTEPs.
    Type: Grant
    Filed: July 20, 2016
    Date of Patent: June 11, 2019
    Assignee: CISCO TECHNOLOGY, INC.
    Inventors: Venkatesh Srinivasan, Ambrish Niranjan Mehta, Anand Kumar Singh, Anulekha Chodey, Natarajan Manthiramoorthy, Swaminathan Narayanan
  • Patent number: 9973427
    Abstract: A method for determining a management domain, the method comprising: receiving, by a second network device, a first packet sent by a first network device, where the first packet includes a domain ID of a first management domain and a first IP address set corresponding to the domain ID of the first management domain, and the first IP address set includes an IP address of a network device in the first management domain; and when the second network device determines that the first IP address set includes an IP address of the second network device, determining that the second network device belongs to the first management domain, and storing the domain ID of the first management domain.
    Type: Grant
    Filed: June 14, 2017
    Date of Patent: May 15, 2018
    Assignee: Huawei Technologies Co., Ltd.
    Inventor: Jun Wang
  • Patent number: 9882921
    Abstract: A computer-implemented method for detecting cache-poisoning attacks in networks using SDPs may include maintaining a cache of service information that identifies services provided by client devices connected to a network using an SDP. The method may also include detecting a cache-poisoning attack by (1) receiving, from a client device connected to the network, an SDP message related to a service allegedly provided via the network, (2) identifying, within the SDP message, an attribute of the service allegedly provided via the network, and then (3) determining that the client device is attempting to corrupt the cache of service information by determining that the identified attribute of the service suggests that the service is illegitimate. Finally, the method may include performing a security action to mitigate the cache-poisoning attack in response to detecting the cache-poisoning attack. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: January 30, 2016
    Date of Patent: January 30, 2018
    Assignee: Juniper Networks, Inc.
    Inventors: Anil Kaushik, Vineet Verma, Stephen Grau, Sreenivas Voruganti, Abhishek Kumar
  • Patent number: 9774916
    Abstract: An information concentrating center, is disclosed, wherein the information concentrating center comprises: at least one module for concentrating information from at least one information source; and at least one module coupling to the Internet, for establishing a P2P connection with a remote client device through the Internet, wherein at least one portion of the information is delivered to the remote client device on the P2P connection.
    Type: Grant
    Filed: January 7, 2015
    Date of Patent: September 26, 2017
    Assignees: ThroughTek Technology (ShenZhen) Co., Ltd., ThroughTek Co., Ltd.
    Inventors: Chi-Ming Kuo, Yu-Li Kao, Bai-Jian Xiao, Cheng-Wei Li
  • Patent number: 9609001
    Abstract: Systems and methods for adding context to prevent data leakage over a computer network are disclosed. Data is classified and contextual information of the data is determined. A transmission policy is determined in response to the classification and contextual information. The data is either transmitted or blocked in response to the classification and the contextual information.
    Type: Grant
    Filed: January 19, 2015
    Date of Patent: March 28, 2017
    Assignee: Websense, LLC
    Inventor: Daniel Lyle Hubbard
  • Patent number: 9467989
    Abstract: The present invention is designed to provide a base station apparatus, a mobile terminal apparatus, a communication system and a communication method that cope with the shortage of downlink control channel capacity. For a mobile terminal apparatus that receives downlink signals using a resource region for downlink control signals and a resource region for downlink data signals, a base station apparatus is configured to set a plurality of virtual resources for downlink control signals in a plurality of physical resources that are arranged in a frequency direction in the resource region for downlink data signals, and allocate the downlink control signals, in a distributed manner, between virtual resources of a relatively low frequency band side and virtual resources of a relatively high frequency band side in a plurality of virtual resources.
    Type: Grant
    Filed: February 9, 2012
    Date of Patent: October 11, 2016
    Assignee: NTT DOCOMO, INC.
    Inventors: Yoshihisa Kishiyama, Kazuaki Takeda, Satoshi Nagata, Tetsushi Abe
  • Patent number: 9413438
    Abstract: Provided is a wireless communication device and a wireless communication method which can maintain compatibility with a plurality of communication schemes and send a response signal back within the allowed time specified by each communication scheme. The wireless communication device includes a radio receiving unit (120) that receives a packet having a format conforming to a first communication scheme and including a second format portion conforming to a second communication scheme using a higher frequency band than the first communication scheme and a first format portion excluding the second format portion, and a processing unit (160) that, outputs a response signal at completion of demodulation and decoding of the first format portion, regardless of whether demodulation and decoding of the second format portion are completed or not.
    Type: Grant
    Filed: January 18, 2010
    Date of Patent: August 9, 2016
    Assignee: Sony Corporation
    Inventor: Hiroaki Takano
  • Patent number: 9398109
    Abstract: Certain example embodiments relate to techniques for managing communication between a plurality of Open Services Gateway initiative (OSGi) environments. A system includes a messaging broker configured to receive a message from one of the OSGi environments, with the message including a call of a service provided by one of the other OSGi environments. The broker may be further configured to transfer the message to the other OSGi environment. The plural OSGi environments communicate only via the messaging broker.
    Type: Grant
    Filed: March 1, 2013
    Date of Patent: July 19, 2016
    Assignee: SOFTWARE AG
    Inventor: Peter Peev
  • Patent number: 9398121
    Abstract: Techniques are disclosed for determining a virtual networking framework for computing nodes to use where they are part of a plurality of computing nodes that have heterogeneous virtual networking framework capabilities. Each node may report its capabilities to a mapping server, which serves as a centrally-managed selector of policy capabilities for the two computing nodes to use in communications with each other. The mapping server selects virtual networking framework capabilities for the two computing nodes to use in communicating with each other, instructs the nodes of these selected capabilities, and the two nodes then communicate according to these selected capabilities.
    Type: Grant
    Filed: June 24, 2013
    Date of Patent: July 19, 2016
    Assignee: Amazon Technologies, Inc.
    Inventor: Eric Jason Brandwine
  • Patent number: 9282115
    Abstract: A computer-implemented method for detecting cache-poisoning attacks in networks using SDPs may include maintaining a cache of service information that identifies services provided by client devices connected to a network using an SDP. The method may also include detecting a cache-poisoning attack by (1) receiving, from a client device connected to the network, an SDP message related to a service allegedly provided via the network, (2) identifying, within the SDP message, an attribute of the service allegedly provided via the network, and then (3) determining that the client device is attempting to corrupt the cache of service information by determining that the identified attribute of the service suggests that the service is illegitimate. Finally, the method may include performing a security action to mitigate the cache-poisoning attack in response to detecting the cache-poisoning attack. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: January 3, 2014
    Date of Patent: March 8, 2016
    Assignee: Juniper Networks, Inc.
    Inventors: Anil Kaushik, Vineet Verma, Stephen Grau, Sreenivas Voruganti, Abhishek Kumar
  • Patent number: 9246804
    Abstract: An example of network routing comprising a host route injection that can include injecting a host route and a next hop of the host route into a routing table. The host route can be injected into a top of rack network device and transferred to an Aggregation network device routing table. The routing entry can be updated by sharing routing updates from the compute host through the top of rack network device.
    Type: Grant
    Filed: November 30, 2012
    Date of Patent: January 26, 2016
    Assignee: Hewlett Packard Enterprise Development LP
    Inventors: Vincent M. Muir, Eric Hagedorn
  • Patent number: 9246514
    Abstract: Forward Error Correction (FEC) techniques that generate independently decodable resource blocks are beneficial for Successive Interference Cancellation (SIC) demodulation. One FEC technique for generating independently decodable resource blocks includes mapping locally decodable FEC codeblocks into unique resource blocks such that substantially all of the bits of the FEC codeblock are carried within a single resource block. The locally decodable FEC codeblocks can be generated from different FEC encoding modules or from a common FEC encoding module. Another technique for generating independently decodable resource blocks includes encoding a stream of information bits into low-density parity-check (LDPC) codeblocks having high ratios of inward peering parity bits. These high ratios of inward peering parity bits allow substantial portions of each LDPC codeblock to be decoded independently from information carried by other LDPC codeblocks.
    Type: Grant
    Filed: March 6, 2013
    Date of Patent: January 26, 2016
    Assignee: Huawei Technologies Co., Ltd.
    Inventors: Aaron Callard, Mohammadhadi Baligh
  • Patent number: 9235518
    Abstract: An apparatus and system are disclosed for reducing network traffic using a shared network response cache. A request filter module intercepts a network request to prevent the network request from entering a data network. The network request is sent by a client and is intended for one or more recipients on the data network. A cache check module checks a shared response cache for an entry matching the network request. A local response module sends a local response to the client in response to an entry in the shared response cache matching the network request. The local response satisfies the network request based on information from the matching entry in the shared response cache.
    Type: Grant
    Filed: May 17, 2012
    Date of Patent: January 12, 2016
    Assignee: International Business Machines Corporation
    Inventors: Edgar O. Cantu, Seth Daniel Jennings
  • Patent number: 9229867
    Abstract: A method is disclosed for reducing network traffic using a shared network response cache. The method intercepts a network request to prevent the network request from entering a data network. The network request is sent by a client and is intended for one or more recipients on the data network. The method checks a shared response cache for an entry matching the network request. The method sends a local response to the client in response to an entry in the shared response cache matching the network request. The local response satisfies the network request based on information from the matching entry in the shared response cache.
    Type: Grant
    Filed: June 16, 2011
    Date of Patent: January 5, 2016
    Assignee: International Business Machines Corporation
    Inventors: Edgar O. Cantu, Seth D. Jennings
  • Patent number: 9100303
    Abstract: The embodiments of the present disclosure provide a method, a device and a network system for allocating an IP address. The allocating method comprises: allocating a first IP address to a first server; allocating a second IP address to a client connected to the first server; monitoring the client allocated with the second IP address; allocating a third IP address to the first server when a monitoring result indicates that an IP address conflict exists between the first IP address and a current IP address of a second server; wherein the second server is connected to the client allocated with the second IP address. The method may reallocate the IP address automatically when a subnet conflict occurs.
    Type: Grant
    Filed: November 30, 2011
    Date of Patent: August 4, 2015
    Assignees: Beijing Lenovo Software Ltd., Lenovo (Beijing) Limited
    Inventors: Bin Li, Sheng Wang, Chao Xu
  • Patent number: 9100369
    Abstract: Establishing a connection is disclosed. A first communication link with a perimeter gateway located external to a private network firewall but behind a perimeter network firewall is initiated. A request to allow the connection from a requestor that has requested the connection to an internal server via the perimeter gateway is received. A second communication link with the internal server protected by the private network firewall is initiated. The connection is allowed at least in part by associating together the first communication link with the second communication link.
    Type: Grant
    Filed: August 27, 2012
    Date of Patent: August 4, 2015
    Assignee: Kaazing Corporation
    Inventors: John R. Fallows, Christopher M. E. Barrow
  • Patent number: 9036640
    Abstract: An encapsulation apparatus for encapsulating data includes an input to receive the data, a machine to generate information related to the encapsulation of data and a logic coupled to the machine. A processing machine is coupled to the input and the logic.
    Type: Grant
    Filed: January 7, 2013
    Date of Patent: May 19, 2015
    Assignee: Lantiq Beteiligungs-GmbH & Co. KG
    Inventors: Chung Feng Hu, Jia Xiang Shi, Ingo Volkenring
  • Patent number: 9025606
    Abstract: In accordance with an embodiment of the present invention, a network node is presented which is configured to associate each of a plurality of MAC addresses with an IP address on a network level. The network node is configured to, upon reception of a link level message comprising a target IP address and destined to multiple network nodes, compare the target IP address with associated MAC/IP addresses on a network level, and to selectively send the received link level message to at least one other network node on a link level based on the network level comparison. A method and a computer program product are also presented, according to embodiments of the present invention.
    Type: Grant
    Filed: April 1, 2010
    Date of Patent: May 5, 2015
    Assignee: Telefonaktiebolaget L M Ecrisson (publ)
    Inventors: Tomas Thyni, Mats Forsman
  • Patent number: 8989196
    Abstract: A method is implemented in a host node for communicating with a corresponding node. The host node has connections to a plurality of networks, where each of the plurality of networks includes a network address translation 64 (NAT64) node, each NAT64 node utilizes a distinct prefix to generate virtual Internet Protocol version 6 (IPv6) addresses, each of the plurality of networks is an IPv6 network, but the corresponding node is an Internet protocol version 4 (IPv4) node. The host node implementing this method is able to maintain connectivity with the corresponding node despite having connections to the plurality of networks that each have NAT64 nodes that utilize distinct prefixes for virtual IPv6 addresses.
    Type: Grant
    Filed: May 28, 2013
    Date of Patent: March 24, 2015
    Assignee: Telefonaktiebolaget L M Ericsson (publ)
    Inventor: Wassim Haddad
  • Patent number: 8964761
    Abstract: A method of a first DNS which can update server information in real time without necessarily using a TTL (Time To Live) by recording a network address of the first DNS, which has previously obtained server address information from a second DNS, in a notification list, by the second DNS, and transmitting the changed information from the second DNS to the first DNS recorded in the notification list when the previously obtained/requested server address changes, and updating the server address by the first DNS as provided by the second DNS. A DNS updating server address method may further include providing a first DNS with server address information corresponding to a domain, recording a network address of the first DNS in a notification list, corresponding to the domain and/or the server address information, and transmitting a changed server address information to the first DNS based on the notification list.
    Type: Grant
    Filed: October 13, 2006
    Date of Patent: February 24, 2015
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Soon Churl Shin, Woo Jin Yang, Sang Moon Lee
  • Patent number: 8964602
    Abstract: The present invention filters packets and reduces traffic when communication is performed with a device on a network utilizing the IPv6 protocol. To achieve this, a printer driver operating in a personal computer correlates and stores the name of the communicating party and an address for which communication actually succeeded from among addresses that have undergone name resolution, and uses the stored address in communicating with the same communicating party from then onward.
    Type: Grant
    Filed: February 13, 2012
    Date of Patent: February 24, 2015
    Assignee: Canon Kabushiki Kaisha
    Inventor: Takayuki Matsuo
  • Patent number: 8954548
    Abstract: A system includes a name server, an edge cache server, and a local cache server. The name server is configured to provide an anycast IP address in response to a request for an IP address of an origin hostname from a client system. The edge cache server is configured to respond to the anycast IP address and a unicast IP address and to retrieve content from an origin. The local cache server includes a storage and is configured to respond to the anycast IP address, to retrieve content from the edge cache server, and provide the content to a client system.
    Type: Grant
    Filed: August 27, 2008
    Date of Patent: February 10, 2015
    Assignee: AT&T Intellectual Property II, L.P.
    Inventor: Alan Glasser
  • Patent number: 8953617
    Abstract: An information handling system includes a server having a management system module. The management system module broadcasts an address resolution protocol request including a unique identifier in the information handling system. The management system module also receives multiple address resolution protocol responses to the address resolution protocol request. Each of the multiple address resolution protocol responses includes a different media access control address associated with the unique identifier. The management system module also creates a unique identifier table correlating each of the media access control addresses with the unique identifier.
    Type: Grant
    Filed: January 11, 2013
    Date of Patent: February 10, 2015
    Assignee: Dell Products, LP
    Inventors: Cuong T. Nguyen, Charles Terrence Perusse, Rabah Hamdi
  • Patent number: 8929379
    Abstract: A method of routing internal network traffic within a computing system comprises receiving a network packet at a configurable logic device (CLD), parsing the network packet to obtain a destination address, searching a predetermined range of a routing table wherein each row of the routing table specifies a range of possible destination addresses and routing information, identifying a matching row of the routing table wherein the destination address falls within the range of possible destination addresses of the matching row, and routing the packet according to the routing information.
    Type: Grant
    Filed: June 21, 2012
    Date of Patent: January 6, 2015
    Assignee: Breakingpoint Systems, Inc.
    Inventors: Jonathan Stroud, Michael Moriarty, Brent Aaron Cook
  • Patent number: 8924574
    Abstract: In a system and method for establishing communications in a communications network, a network service provider can assign IP addresses to mobile devices dynamically to conserve IP address resources. A network service provider can also implement network address translation to further conserve IP address resources and to provide improved security. If a requestor seeks to obtain an IP address of a mobile device and the address is a local address, the system determines if the mobile device has a network address translation (NAT) binding that associates the IP address of the mobile device with a public IP address. If the mobile device does not have a NAT binding, the system creates a NAT binding that associates the IP address of the mobile device with a public IP address.
    Type: Grant
    Filed: January 15, 2014
    Date of Patent: December 30, 2014
    Assignee: Cisco Technology, Inc.
    Inventors: Arun C. Alex, Rajesh Ramankutty, Stinson Mathai
  • Patent number: 8917601
    Abstract: Mechanisms are provided to improve efficiency of systems operating on internet protocol (IP) over Infiniband (IB) networks. One mechanism includes multicasting a first ARP request from a source node, the first ARP request including an IP address of a source port of the source node, and performing load-balancing of host traffic across a plurality of ports of a plurality of nodes by sending a reply from a destination node corresponding to the IP address included in the first ARP request, the reply being sent over the source port to the source node.
    Type: Grant
    Filed: February 27, 2013
    Date of Patent: December 23, 2014
    Assignee: International Business Machines Corporation
    Inventors: Constantine Gavrilov, Zorik Machulsky, Leah Shalev
  • Patent number: 8867541
    Abstract: A method for use by a subscriber device associated with a LAN in a wireless network, to enable provisioning of services to another subscriber device associated with that LAN. The method includes (i) at the first subscriber device, receiving an outgoing packet generated by the other subscriber device associated, wherein that outgoing packet has been tagged with a VLAN label; (ii) forwarding the outgoing packet towards a source MAC address of the subscriber device; (iii) associating a DSCP value with the outgoing packet; (iv) removing VLAN label and Ethernet MAC layer from the outgoing packet and forwarding the remaining IP packet to a MAC convergence sub-layer; (v) at the MAC convergence sub-layer, forwarding the outgoing packet to a service flow determined by using a DSCP value associated with the outgoing packet; and forwarding the outgoing packet along an air-link service flow connection.
    Type: Grant
    Filed: December 14, 2009
    Date of Patent: October 21, 2014
    Assignee: Sparkmotion Inc.
    Inventor: Izhak Duenyas