Patent application number | Description | Published |
20100027543 | LAYER TWO MAC FLUSHING/RE-ROUTING - A method may include receiving a packet including a destination address, identifying a destination address entry based on the destination address, the destination address entry including an address identifier, comparing the address identifier to an event identifier, determining whether an event occurred based on the comparison, and forwarding the packet on an alternate path if it is determined that the event occurred. | 02-04-2010 |
20100165995 | ROUTING FRAMES IN A COMPUTER NETWORK USING BRIDGE IDENTIFIERS - Methods, apparatus, and products for routing frames in a network using bridge identifiers, wherein the network includes a plurality of bridge nodes. At least one of the bridge nodes operates as an ingress bridge node through which frames are received into the network. At least one of the bridge nodes operates as an egress bridge node through which frames are transmitted out of the network. One of the bridge nodes receives, from the ingress bridge node, a frame for transmission to a destination node. The destination node connects to the network through the egress bridge node. The frame includes an ingress bridge identifier and an egress bridge identifier. The bridge that received the frame then routes the frame to the egress bridge node through which the destination node connects to the network in dependence upon the ingress bridge identifier and the egress bridge identifier included in the frame. | 07-01-2010 |
20100226381 | ROUTING FRAMES IN A TRILL NETWORK USING SERVICE VLAN IDENTIFIERS - Methods, apparatus, and products are disclosed for routing frames in a TRILL network using service VLAN identifiers by: receiving a frame from an ingress bridge node for transmission through the TRILL network to a destination node that connects to the TRILL network through an egress node, the received frame including a customer VLAN identifier, a service VLAN identifier uniquely assigned to the ingress bridge node, and a destination node address for the destination node, the received frame not having mac-in-mac encapsulation; adding, in dependence upon the service VLAN identifier and the destination node address, a TRILL header conforming to the TRILL protocol, the TRILL header including an ingress bridge nickname and an egress bridge nickname; and routing, to the egress bridge node through which the destination node connects to the network, the frame in dependence upon the ingress bridge nickname and the egress bridge nickname. | 09-09-2010 |
20100309912 | FORWARDING FRAMES IN A COMPUTER NETWORK USING SHORTEST PATH BRIDGING - Methods, apparatus, and products are disclosed for forwarding frames in a computer network using shortest path bridging (‘SPB’). The network includes multiple bridges, and each edge bridge is assigned a unique service virtual local area network (‘VLAN’) identifier. One of the bridges receives a frame for transmission to a destination node. The received frame includes a service VLAN identifier for the ingress bridge through which the frame entered the network and a customer VLAN identifier. The one bridge identifies an SPB forwarding tree in dependence upon the service VLAN identifier. The SPB forwarding tree specifies a shortest route in the network from the ingress bridge through the one bridge to the other bridges in the network. The one bridge then forwards the received frame to the egress bridge without MAC-in-MAC encapsulation in dependence upon the SPB forwarding tree and the customer VLAN identifier. | 12-09-2010 |
20110019678 | ROUTING FRAMES IN A SHORTEST PATH COMPUTER NETWORK FOR A MULTI-HOMED LEGACY BRIDGE NODE - Methods, apparatus, and products for routing frames in a shortest path computer network for a multi-homed legacy bridge, wherein the network includes a plurality of bridges. At least two of the plurality of bridges operate as edge bridges through which the frames ingress and egress the network. A first edge bridge identifies a legacy bridge nickname for a legacy bridge connected to the network through the first edge bridge and a second edge bridge using active-active link aggregation. The first bridge receives a frame from the legacy bridge and determines, in dependence upon the frame's destination node address, an egress bridge nickname for a third bridge through which a destination node connects to the network. The first bridge then adds the legacy bridge nickname and the egress bridge nickname to the frame and routes the frame to the third bridge in dependence upon the egress bridge nickname. | 01-27-2011 |
20110235595 | BREAKOUT GATEWAY FOR MOBILE DATA TRAFFIC - In general, the invention is directed to techniques for breaking out mobile data traffic from a mobile service provider network to a packet data network. For example, as described herein, a breakout gateway device (BGW) receives a first service request and data traffic for a data session associated with the requested service from a mobile device in a radio access network, wherein the first service request is addressed to a serving node of a mobile core network of the mobile service provider network, and wherein the data traffic is destined for the PDN. A control packet analysis module forwards the first service request from the breakout gateway device to the serving node. A breakout module of the BGW bypasses the serving node by sending the data traffic from the breakout gateway device to the PDN on a data path from the radio access network to the PDN. | 09-29-2011 |
20110292937 | POINT-TO-MULTIPOINT SERVICE IN A LAYER TWO ETHERNET NETWORK - Techniques are described for providing point-to-multipoint (P2MP) Ethernet service in a L2 network. Routers providing the Ethernet service allow an administrator to classify local attachment circuits as either “leaf” attachment circuits or “root” attachment circuits to define a tree-like architecture for forwarding Ethernet frames within a VPLS domain. Based on the classifications, each of router constructs flood domains, referred to herein as mesh groups, that control switching behavior between attachment circuits and pseudowires that transport the L2 communications through the VPLS domain. The routers utilize the mesh groups when switching L2 communications to enforce the requirements of E-TREE service or other L2 services in which L2 traffic is constrained within the L2 VPN to tree-like connectivity. | 12-01-2011 |
20120170522 | PARTIAL FAILURE MESSAGING - A system is configured to: receive a message from a gateway device; identify one or more sessions corresponding to an identifier included in the message; and clear the one or more corresponding sessions. The identifier may correspond to a part of the gateway device where a session is stored or maintained for a mobile device to connect to a server device. | 07-05-2012 |
20130003727 | HYBRID PORT RANGE ENCODING - In general, techniques are described for encoding port ranges. In one example, a method includes generating an encoded value that represents a specified port range including a first element storing an identifier that identifies a frequently occurring port range stored in an associative data structure of most frequently occurring port ranges, a second element storing an index that represents a dynamically-learned port range specifying at least a part of the specified port range, the dynamically-learned port range represented in a tree-structure of dynamically-learned port ranges and identified by the index, and applying, by a forwarding plane of the computing device, one or more filters associated with the encoded value to a packet that specifies a port included in the specified port range. | 01-03-2013 |
20130003736 | VARIABLE-BASED FORWARDING PATH CONSTRUCTION FOR PACKET PROCESSING WITHIN A NETWORK DEVICE - In general, this disclosure describes techniques for applying, with a network device, subscriber-specific packet processing using an internal processing path that includes service objects that are commonly applied to multiple packet flows associated with multiple subscribers. In one example, a network device control plane creates subscriber records that include, for respective subscribers, one or more variable values that specify service objects as well as an identifier for a packet processing template. A forwarding plane of the network device receives and maps subscriber packets to an associated subscriber record and then processes the packet by executing the packet processing template specified by the subscriber record. When the forwarding plane reaches a variable while executing the specified packet processing template, the forwarding plane reads the associated variable value from the subscriber record to identify and then apply the subscriber-specific service object specified by the variable. | 01-03-2013 |
20130007237 | MOBILE GATEWAY HAVING DECENTRALIZED CONTROL PLANE FOR ANCHORING SUBSCRIBER SESSIONS - In general, techniques are described for decentralizing handling of subscriber sessions within a gateway device of a mobile network. A mobile network gateway comprises a data plane having a plurality of forwarding components to receive session requests from a mobile service provider network in which the mobile network gateway resides. A control plane comprises a plurality of distributed subscriber management service units coupled by a switch fabric to the data plane. Each of the subscriber management service units serve as anchors for communication sessions for mobile devices that are accessing one or more packet data network by the mobile service provider network. A request delegation module within each of the forwarding components directs the session requests to the subscriber management service units unit to provide management services for the sessions requested by the mobile device. | 01-03-2013 |
20130007257 | FILTER SELECTION AND RESUSE - In general, techniques are described for selectively applying and reusing filters stored in a router. In one example, a method includes receiving a network access request from a first user. The method also includes selecting a candidate rule group associated with the packet flow, wherein the candidate rule group comprises one or more currently deployed rules of an existing rule group on the computing device that are currently installed within a forwarding plane and are being applied by the forwarding plane to network traffic associated with a second user. The method also includes installing a new rule group comprising the one or more currently deployed rules of the existing rule group and one or more new rules associated with the first user and not currently installed within a forwarding plane. The method also includes applying each rule of the new rule group to network traffic associated with the first user. | 01-03-2013 |
20130007286 | USER SESSION ROUTING BETWEEN MOBILE NETWORK GATEWAYS - In general, techniques are described for dynamically redirecting session requests received with a mobile network gateway to another gateway of the mobile network. Heterogeneous static and dynamic capabilities among gateways of the mobile network lead some gateways unable to service a particular session requested by a wireless device attached to the mobile network. A set of policies configured within the gateways by a mobile network operator and applied by the gateway enable the gateway to identify and offload session requests to another gateway of the mobile network that has the present capability to service the session. The policies may define conditions and actions to provide flexible routing of the user session to an appropriate gateway. | 01-03-2013 |
20130031271 | VIRTUAL PRIVATE NETWORKING WITH MOBILE COMMUNICATION CONTINUITY - In general, a mobile virtual private network (VPN) is described in which service provider networks cooperate to dynamically extend a virtual routing area of a home service provider network to the edge of a visited service provider network and thereby enable IP address continuity for a roaming wireless device. In one example, a home service provider network allocates an IP address to a wireless device and establishes a mobile VPN. The home service provider network dynamically provisions a visited service provider network with the mobile VPN, when the wireless device attaches to an access network served by the visited service provider network, to enable the wireless device to exchange network traffic with the visited service provider network using the IP address allocated by the home service provider network. | 01-31-2013 |
20130301522 | INLINE NETWORK ADDRESS TRANSLATION WITHIN A MOBILE GATEWAY ROUTER - Techniques are described for performing inline NAT functions in a forwarding element of a mobile gateway router or other device in which subscriber sessions of a mobile access network are distributed across a plurality of session management cards. The session management cards pre-allocate a public network address and port range for subscribers at the time a network connection is established in response to connection request prior to receiving any data traffic associated with the subscriber. NAT profiles are programmed into hardware forwarding elements of the mobile gateway router for inline NAT when routing subscriber traffic for the mobile access network. | 11-14-2013 |
20140092899 | NETWORK ADDRESS TRANSLATION FOR APPLICATION OF SUBSCRIBER-AWARE SERVICES - In general, techniques are described for informing services nodes of private network address information in order to apply subscriber-aware services with the services node. In some examples, a services node includes an Authentication, Authorization, and Accounting (AAA) interface to receive a AAA message, wherein the AAA message has been extended from a AAA protocol to specify a private network address of a subscriber device authenticated to an access network by the AAA server and assigned the private network address that is not routable external to the access network. A mapping module associates the public network address of subscriber data traffic with the private network address received by the AAA message. One or more service modules select one or more of a plurality of subscriber policies using the associated private network address and apply services to the subscriber data traffic in accordance with the selected subscriber policies. | 04-03-2014 |
20140198794 | CONNECTING MULTIPLE CUSTOMER SITES OVER A WIDE AREA NETWORK USING AN OVERLAY NETWORK - A method and apparatus for connecting multiple customer sites over a wide area network (WAN) using an overlay network is described. In one embodiment of the invention, each one of multiple customer edge (CE) routers establishes a Border Gateway Protocol (BGP) session with one or more BGP route reflectors and announces their private IP network prefixes and one or more transport IP addresses to reach that CE router. The BGP route reflector(s) reflect those IP network prefixes and the one or more transport IP addresses to reach that specific CE router to the other CE routers. The CE routers receive those reflected IP network prefixes and the corresponding transport IP address(es) to reach that CE router in which those IP network prefixes belong and register them in their corresponding routing/forwarding data structures. In this way, the CE routers learn how to reach each other. | 07-17-2014 |
20150071225 | INLINE NETWORK ADDRESS TRANSLATION WITHIN A MOBILE GATEWAY ROUTER - Techniques are described for performing inline NAT functions in a forwarding element of a mobile gateway router or other device in which subscriber sessions of a mobile access network are distributed across a plurality of session management cards. The session management cards pre-allocate a public network address and port range for subscribers at the time a network connection is established in response to connection request prior to receiving any data traffic associated with the subscriber. NAT profiles are programmed into hardware forwarding elements of the mobile gateway router for inline NAT when routing subscriber traffic for the mobile access network. | 03-12-2015 |