Patent application number | Description | Published |
20110317703 | Asymmetric Network Address Encapsulation - A network component comprising a receiver configured to receive an outgoing frame from a local host, a logic circuit configured to map a destination address (DA) for a target host in the outgoing frame to a DA for a target location of the target host and encapsulate the outgoing frame using the DA for the target location, and a transmitter configured to receive a pre-encapsulated outgoing frame from a local switch, and send the pre-encapsulated outgoing frame to a gateway at a target location, wherein the transmitter does not encapsulate frames received from local switches and decapsulates an incoming frame from a remote gateway destined towards local hosts. | 12-29-2011 |
20120008528 | Layer Two Over Multiple Sites - An apparatus comprising a service network, and a plurality of Layer 2 sites connected by the service network via a plurality of gateways, wherein the gateways are configured to map a plurality of Internet Protocol (IP) addresses of a plurality of hosts under a plurality of virtual local area networks (VLANs) in a plurality of Layer 2 sites to a plurality of addresses (e.g. MAC or others) of the corresponding gateways inform the other gateways in the other Layer 2 sites of the mapped IP addresses under each of the VLANs in the local Layer 2 sites, and forward data frames originated from the hosts in the local Layer 2 sites to the other gateways in the other Layer 2 sites when the data frames' destinations are residing in the other Layer 2 sites. | 01-12-2012 |
20120014387 | Virtual Layer 2 and Mechanism to Make it Scalable - An apparatus comprising a service network and a plurality of Layer 2 networks at a plurality of different physical locations coupled to the service network via a plurality of edge nodes at the Layer 2 networks, wherein the edge nodes are configured to maintain a plurality of Internet Protocol (IP) addresses of a plurality of hosts across the Layer 2 networks, and wherein the IP addresses of the hosts in each of the Layer 2 networks are mapped by the other Layer 2 networks to a Media Access Control (MAC) address of each of the edge nodes in the same Layer 2 networks of the hosts. | 01-19-2012 |
20150078387 | Asymmetric Network Address Encapsulation - A network component comprising a receiver configured to receive an outgoing frame from a local host, a logic circuit configured to map a destination address (DA) for a target host in the outgoing frame to a DA for a target location of the target host and encapsulate the outgoing frame using the DA for the target location, and a transmitter configured to receive a pre-encapsulated outgoing frame from a local switch, and send the pre-encapsulated outgoing frame to a gateway at a target location, wherein the transmitter does not encapsulate frames received from local switches and decapsulates an incoming frame from a remote gateway destined towards local hosts. | 03-19-2015 |
20150222534 | Layer Two Over Multiple Sites - An apparatus including a service network and a plurality of Layer 2 sites connected by the service network via a plurality of gateways is provided. The gateways are configured to map a plurality of Internet Protocol (IP) addresses of a plurality of hosts under a plurality of virtual local area networks (VLANs) in a plurality of Layer 2 sites to a plurality of addresses (e.g., MAC or others) of the corresponding other gateways, inform the other gateways in other Layer 2 sites of the IP addresses mapped under each of the VLANs in the local Layer 2 sites, and forward data frames originated from the hosts in the local Layer 2 sites to the other gateways in the other Layer 2 sites when destinations of the data frames are residing in the other Layer 2 sites. | 08-06-2015 |
20150229618 | System and Method for Securing Source Routing Using Public Key based Digital Signature - Embodiments are provided for securing source routing using public key based digital signature. If a protected source route is tampered with, a public key based method allows a downstream node to detect the tampering. The method is based on using digital signatures to protect the integrity of source routes. When creating a source route for a traffic flow, a designated network component computes a digital signature and adds the digital signature to the packets. When the packets are received at a node on the route, the node uses the digital signature and a public key to verify the source route and determines accordingly whether the source route has been tampered with. If tampering is detected, the receiving node stops the forwarding of the packets. | 08-13-2015 |
20150244583 | System and Method for Creating Service Chains and Virtual Networks in the Cloud - Embodiments are provided herein for creating virtual networks with service chains, such as n-tier networks, in the cloud. In an embodiment, a network diagram for a virtual network is received from a user via a graphical user interface. The network diagram comprises elements that represent virtual or physical network components. The network components include switches, routers, firewalls, links, service appliances, virtual machines, servers, or other network components. Upon successfully validating the network diagram, via a validation step, the network diagram is compiled into application programming interface (API) calls ready for execution. The executed APIs are used to establish the virtual network on a physical network infrastructure. The virtual network comprises virtual network components corresponding to the elements or the network diagram. | 08-27-2015 |
20150326470 | System and Method for Loop Suppression in Transit Networks - An embodiment method of loop suppression in a layer-two transit network with multiprotocol label switching (MPLS) encapsulation includes receiving a packet at a provider edge (PE) router for the layer-two transit network. The packet is stored in a non-transitory memory on the PE router. The packet is stored according to a packet data structure having an MPLS label field and a layer-two header. A time-to-live (TTL) attribute is then determined for the packet. The TTL attribute is written to the non-transitory memory in the MPLS label field. The packet is then routed according to information in the layer-two header. | 11-12-2015 |