Patent application number | Description | Published |
20110066551 | Method and System for Providing Risk Information in Connection with Transaction Processing - A system for providing real-time risk mitigation for an authorization system. The system receives authorization requests from multiple merchants (or their respective acquirers) and processes such requests. Each processed request is then forwarded to its corresponding issuer for further authorization. Each processed request includes an authorization message. The authorization message can include a risk score, a number of reason codes, and a number of condition codes. The use of the risk score, reason codes and condition codes allows issuers to make better informed decisions with respect to providing authorizations. | 03-17-2011 |
20110106659 | Encryption Switch Processing - A method for delivering non-financial electronic data through a secure communications channel between a payment processing network and an access device is disclosed. One embodiment of the invention is directed to a method comprising receiving, at a payment processing network, a request to establish a secure communications channel between a consumer device and the payment processing network. Upon establishing a secure communications channel with the consumer device, the payment processor network receives non-financial electronic content from a merchant at the payment processing network where the non-financial electronic content is selected at the merchant by a user associated with the consumer device. The non-financial electronic content is sent to the consumer device from the payment processing network via the secure communications channel between the consumer device and the payment processing network. | 05-05-2011 |
20110112954 | Method and System for Providing Risk Information in Connection with Transaction Processing - A system for providing real-time risk mitigation for an authorization system. The system receives authorization requests from multiple merchants (or their respective acquirers) and processes such requests. Each processed request is then forwarded to its corresponding issuer for further authorization. Each processed request includes an authorization message. The authorization message can include a risk score, a number of reason codes, and a number of condition codes. The use of the risk score, reason codes and condition codes allows issuers to make better informed decisions with respect to providing authorizations. | 05-12-2011 |
20110187505 | Access Using a Mobile Device with an Accelerometer - Embodiments of the present invention are directed to systems, apparatuses and methods for using a mobile device with an accelerometer to gain access into a secured or restricted area. A first device and a second device interact by making physical contact with each other thereby generating interaction data that is representative of the physical interaction between the first and second device. The first and second device may be mobile phones. The second device may be a point of sale terminal, access point device, or any other stationary (i.e., in a fixed position) device positioned at a line, door, gate, or entrance. A server computer determines, based on interaction data, that the first device and the second device made physical contact. After determining that the first device and the second device made contact, communications may be initiated between the devices. Communications may relate an access transaction comprising an exchange of information, such as credentials, between a prospective entrant (operating the first device) and a gatekeeper (operating the second device) to verify that the prospective entrant is permitted or is not permitted access to a particular area that is secured or restricted by the gatekeeper. Other embodiments are direct to confirmation transactions. Access transaction and confirmation transactions may be combined with a financial transaction using a payment processing network. | 08-04-2011 |
20110187642 | Interaction Terminal - Embodiments of the present invention are directed to systems, apparatuses and methods for using a mobile device with an accelerometer to conduct a financial transaction by making contact with an interaction terminal, thereby generating interaction data that is representative of the physical contact between the mobile device and the interaction terminal. The mobile device may be a mobile phone. The interaction terminal may be a point of sale terminal, access point device, or any other stationary (i.e., in a fixed position) device positioned at a line, door, gate, or entrance. A mobile device with an accelerometer physically contacts the interaction terminal. The interaction terminal flexes, recoils, or moves and generates interaction data (e.g., accelerometer, location, time data, etc.) representative of the physical interaction between the mobile device and the interaction terminal. A server computer determines, based on interaction data, that the mobile device and the interaction terminal made physical contact. After determining that the mobile device and the interaction terminal made contact, communication may be initiated between the devices. Communications may relate to processing a payment transaction using a payment processing network. | 08-04-2011 |
20110189981 | Transaction Using A Mobile Device With An Accelerometer - Embodiments of the invention may use a first accelerometer to measure first acceleration data of a first device. Other interaction data, including time data and geographic location data, generated by the first device may also be recorded. First acceleration data is compared by a remote server computer to second acceleration data generated by a second accelerometer in a second device. If the first and second accelerometer data are substantially equal, it can be determined that the devices have interacted and communications can be initiated. After communications are initiated, a financial transaction is conducted. Accelerometer data may be stored and/or used as part of the authentication process in a payment processing network. Other embodiments of the invention use the accelerometer to generate movement security data to make financial transaction more secure. Accelerometer data is used for authentication, security, encryption, session keys, non-repudiation, or fraud protection. | 08-04-2011 |
20110191237 | Information Access Device and Data Transfer - Embodiments of the present invention are directed to systems, apparatuses and methods for using a first device with an accelerometer to transfer data by making contact with a second device with an accelerometer, thereby generating interaction data that is representative of the physical contact between the mobile device and the second device. The first device may be a mobile phone. The second device may be a mobile phone or a stationary kiosk or terminal. A first device with an accelerometer physically contacts the second device. Each of the first and second devices generate interaction data (e.g., accelerometer, location, time data, etc.) representative of the physical interaction between the first and second device. A server computer determines, based on interaction data, that the first device and the second device physically contact each other. After determining that the mobile device and the second device made contact, communications may be initiated between the devices. Communications may include customer-provided information (e.g., shopping lists) and merchant-provided information (e.g., items in stock or on sale from the consumer's shopping list). In some embodiments, at least two independent interactions between three devices transfer data from a first computing device to a second computing device, after each of the first and second computing devices independently interacts with a mobile device. | 08-04-2011 |
20130066781 | ENCRYPTION SWITCH PROCESSING - A method for delivering non-financial electronic data through a secure communications channel between a payment processing network and an access device is disclosed. One embodiment of the invention is directed to a method comprising receiving, at a payment processing network, a request to establish a secure communications channel between a consumer device and the payment processing network. Upon establishing a secure communications channel with the consumer device, the payment processor network receives non-financial electronic content from a merchant at the payment processing network where the non-financial electronic content is selected at the merchant by a user associated with the consumer device. The non-financial electronic content is sent to the consumer device from the payment processing network via the secure communications channel between the consumer device and the payment processing network. | 03-14-2013 |
20130091000 | Systems and Methods to Provide Discount at Point of Sales Terminals - A system and method includes a transaction handler configured to modify the transaction amount, in the authorization request or the authorization response of a transaction, in accordance with an offer that is applicable to the transaction to apply the benefit of the offer to the transaction. | 04-11-2013 |
20130124287 | SYSTEMS AND METHODS TO PROVIDE DISCOUNT AT POINT OF SALES TERMINALS - A system and method configured to use a transaction handler to modify the transaction amount of a transaction between an acquirer processor and an issuer processor, during the processing of the authorization of the transaction, in accordance with an offer that is applicable to the transaction to apply the benefit of the offer to the transaction and to provide information of the offer as applied to the transaction in the authorization response transmitted to the acquirer processor. | 05-16-2013 |
20140188697 | METHOD AND SYSTEM FOR PROVIDING RISK INFORMATION IN CONNECTION WITH TRANSACTION PROCESSING - A system for providing real-time risk mitigation for an authorization system. The system receives authorization requests from multiple merchants (or their respective acquirers) and processes such requests. Each processed request is then forwarded to its corresponding issuer for further authorization. Each processed request includes an authorization message. The authorization message can include a risk score, a number of reason codes, and a number of condition codes. The use of the risk score, reason codes and condition codes allows issuers to make better informed decisions with respect to providing authorizations. | 07-03-2014 |
Patent application number | Description | Published |
20090313134 | RECOVERY OF TRANSACTION INFORMATION - Online transaction processing over a communication network involves receiving a transaction input comprising an authorization request message for a transaction conducted over a communication network between a consumer and a merchant using a portable consumer device having a memory, wherein the authorization request message contains data comprising a transaction total amount for the transaction and additional information not stored in the memory of the portable consumer device and related to the transaction. Issuer authorization processing is performed in response to the authorization request message data, and a decision output is produced in response to the transaction input and the issuer authorization processing. Thus, a decision output is produced in an efficient manner using additional information for the issuer authorization processing, and the additional information reduces the likelihood of declining a transaction that should otherwise be authorized. | 12-17-2009 |
20090319638 | GATEWAY SERVICE PLATFORM - A gateway service platform is disclosed that provides access to a payment processing system via an open network such as the internet. The gateway service platform also provides access to service systems that provide a variety of services and applications offered by or affiliated with the payment processing system. The gateway service platform allows the payment processing system to reach users and to facilitate transactions on a wide variety of devices that may not otherwise be able to connect to payment processing system. Other devices, such as payment terminal devices, can also interact with a payment processing system through the gateway service platform using the same network and protocol. Embodiments of the invention allow devices on these open networks to connect with the payment processing system without having to change the existing infrastructure of the payment processing system. | 12-24-2009 |
20100114776 | ONLINE CHALLENGE-RESPONSE - Embodiments of the invention enable cardholders conducting an online transaction to be authenticated in real-time using a challenge-response application. The challenge-response application can be administered by an issuer or by a third party on-behalf-of an issuer. A challenge question can be presented to the cardholder, and the cardholder's response can be verified. The challenge question presented can be selected based on an analysis of the risk of the transaction and potentially other factors. A variety of dynamic challenge questions can be used without the need for the cardholder to enroll into the program. Additionally, there are many flexible implementation options of the challenge-response application that can be adjusted based on factors such as the location of the merchant or the location of the consumer. | 05-06-2010 |
20100299267 | DEVICE INCLUDING ENCRYPTED DATA FOR EXPIRATION DATE AND VERIFICATION VALUE CREATION - In order to make it more difficult to obtain numbers that can be used to conduct fraudulent transactions, a portion of a real account number is encrypted. The encrypted portion of the account number is used to generate a new account number, a new expiration date, and a new verification value. This information can be determined using processor that may reside in a point of sale terminal, a smart card, or a computer operated by a user. The new account number, the new expiration date, and the new verification value can be used in a payment transaction. A server computer in a central payment processing network may determine that the new account information is not the real account information, and may subsequently generate a modified authorization request message using the real account information and may send it to an issuer for approval. The transmission of data is more secure, since real account information is not sent from the merchant to the payment processing network. | 11-25-2010 |
20110119155 | VERIFICATION OF PORTABLE CONSUMER DEVICES FOR 3-D SECURE SERVICES - Apparatuses, methods, and systems pertaining to the verification of portable consumer devices for 3-D Secure Systems are disclosed. In one implementation, a verification token is coupled to a computer by a USB connection so as to use the computer's networking facilities. The verification token reads identification information from a user's portable consumer device (e.g., credit card) and sends the information to a validation entry over a communications network using the computer's networking facilities. The validation entity applies one or more validation tests to the information that it receives from the verification token. If a selected number of tests are passed, the validation entity sends a 3-D Secure datum to the verification token. The verification token may enter the 3-D Secure datum into a hidden field of a Purchase Authentication Page appearing on the computer's display. | 05-19-2011 |
20120116976 | VERIFICATION OF PORTABLE CONSUMER DEVICE FOR 3-D SECURE SERVICES - Apparatuses, methods, and systems pertaining to the verification of portable consumer devices for 3-D Secure Systems are disclosed. In one implementation, a verification token is coupled to a computer by a USB connection so as to use the computer's networking facilities. The verification token reads identification information from a user's portable consumer device (e.g., credit card) and sends the information to a validation entry over a communications network using the computer's networking facilities. The validation entity applies one or more validation tests to the information that it receives from the verification token. If a selected number of tests are passed, the validation entity sends a 3-D Secure datum to the verification token. The verification token may enter the 3-D Secure datum into a hidden field of a Purchase Authentication Page appearing on the computer's display. | 05-10-2012 |
20130246150 | SYSTEMS AND METHODS TO APPLY THE BENEFIT OF OFFERS VIA A TRANSACTION HANDLER - A system includes a transaction handler configured to split a transaction, initiated between an acquirer processor representing a merchant and an issuer processor representing an account holder, into separate transactions with the issuer processor and at least one sponsor processor that is configured to provide the benefit of offers to applicable transactions. A portal is configured to notify the account holder of the award/redemption of the benefit of an offer using a communication channel separate from the transaction terminal that initiates and approves the transaction between the account holder and the merchant. | 09-19-2013 |
20130246273 | SYSTEMS AND METHODS TO GENERATE A RECEIPT FOR A TRANSACTION - A system includes a transaction terminal that is configured to examine an authorization response for an indicator, which, when set, causes the transaction terminal to communicate with a portal to obtain content relevant to the receipt for the transaction approved by the authorization response. The content may identify the benefit of an offer applied to the transaction, which is not reflected in the authorization response. The content may direct the user to select an option regarding the delivery of the receipt. Options presented for selection include suppression of the printing of the paper receipt in favor of an electronic receipt transmitted to a communication reference of the user, printing a mini paper receipt in addition to transmitting an electronic receipt, and/or printing the full paper receipt at the transaction terminal. | 09-19-2013 |
20130254008 | SYSTEMS AND METHODS TO APPLY BENEFIT OF OFFERS - To automate the redemption of offer benefits, data associating offers and payment accounts is stored in the data warehouse of a first transaction handler. If a payment account to which an offer is associated is in the payment processing network of a second transaction handler separate from the first transaction handler, the system uses a payment processor that is in both the payment processing network of the first transaction handler and the payment processing network of the second transaction handler to communicate with the first transaction handler to detect the authorization request in the payment account that satisfies the benefit redemption requirements of the respective offer and apply the offer benefit to the transaction when the authorization request is detected. | 09-26-2013 |
20130268333 | SYSTEMS AND METHODS TO PROCESS TRANSACTIONS AND OFFERS VIA A GATEWAY - A system, configured to integrate the processing of transactions and offers applicable to the transactions, includes: a data warehouse storing an offer in association with a financial payment account; a gateway configured to receive an authorization request that is transmitted from a transaction terminal without going through an acquirer processor, the gateway coupled with the data warehouse to determine whether the offer is applicable to the authorization request and if so, apply a benefit of the offer to the authorization request; and a transaction handler coupled with the gateway to process the authorization request submitted from the gateway, provide an authorization response corresponding to the authorization request, and communicate with the acquirer processor to credit funds according to the authorization request to a merchant account associated with the transaction terminal. | 10-10-2013 |
20130282461 | SYSTEMS AND METHODS TO USE TRANSACTION AUTHORIZATION COMMUNICATIONS TO PROCESS OFFERS - A system includes a transaction handler, a data warehouse storing data associating offers and consumer accounts, a transaction handler coupled with the data warehouse, and a transaction terminal configured to submit authorization requests to the transaction handler via an acquirer processor. After receiving account information identifying a consumer account for a payment transaction, the transaction terminal generates a first authorization request identifying the consumer account. The transaction handler identifies offer information relevant to the payment transaction and provides an authorization response containing the offer information, prior to communication with an issuer processor for the payment transaction. In response to the offer information provided in the authorization response, the transaction terminal modifies the first authorization request to generate a second authorization request, in response to which the transaction handler communicates with the issuer processor for the payment transaction. | 10-24-2013 |
20130282586 | SYSTEMS AND METHODS TO APPLY THE BENEFIT OF OFFERS VIA A TRANSACTION HANDLER - A system includes a transaction handler configured to split a transaction, initiated between an acquirer processor representing a merchant and an issuer processor representing an account holder, into separate transactions with the issuer processor and at least one sponsor processor that is configured to provide the benefit of offers to applicable transactions. A portal is configured to notify the account holder of the award/redemption of the benefit of an offer using a communication channel separate from the transaction terminal that initiates and approves the transaction between the account holder and the merchant. | 10-24-2013 |
20130339249 | ONLINE CHALLENGE-RESPONSE - Embodiments of the invention enable cardholders conducting an online transaction to be authenticated in real-time using a challenge-response application. The challenge-response application can be administered by an issuer or by a third party on-behalf-of an issuer. A challenge question can be presented to the cardholder, and the cardholder's response can be verified. The challenge question presented can be selected based on an analysis of the risk of the transaction and potentially other factors. A variety of dynamic challenge questions can be used without the need for the cardholder to enroll into the program. Additionally, there are many flexible implementation options of the challenge-response application that can be adjusted based on factors such as the location of the merchant or the location of the consumer. | 12-19-2013 |
20140040051 | SYSTEMS AND METHODS TO ENHANCE SECURITY IN TRANSACTIONS - A system includes a digital camera coupled with or integrated within a transaction terminal to capture an image during authorization of a transaction initiated at the transaction terminal. The system further includes a portal configured to receive the image and transmit the image to a communication reference associated with the account information of an account in which the transaction is made, based on a security preference associated with the account information. The image may be optionally analyzed to detect fraudulent use of the account. | 02-06-2014 |
20140040135 | SYSTEMS AND METHODS TO DIGITALLY SIGN TRANSACTIONS - A computing apparatus is configured to collect data about the account presentation device used to initiate a transaction on a transaction terminal, data about the user using the account presentation device at the transaction terminal, and/or data about the details of the transaction. The computing apparatus combine the collected data to generate a code as a substitute of the signature of the user. | 02-06-2014 |
20140344142 | Gateway Service Platform - A gateway service platform is disclosed that provides access to a payment processing system via an open network such as the internet. The gateway service platform also provides access to service systems that provide a variety of services and applications offered by or affiliated with the payment processing system. The gateway service platform allows the payment processing system to reach users and to facilitate transactions on a wide variety of devices that may not otherwise be able to connect to payment processing system. Other devices, such as payment terminal devices, can also interact with a payment processing system through the gateway service platform using the same network and protocol. Embodiments of the invention allow devices on these open networks to connect with the payment processing system without having to change the existing infrastructure of the payment processing system. | 11-20-2014 |
20150019435 | SYSTEMS AND METHODS TO GENERATE A RECEIPT FOR A TRANSACTION - A system includes a transaction terminal that is configured to examine an authorization response for an indicator, which, when set, causes the transaction terminal to communicate with a portal to obtain content relevant to the receipt for the transaction approved by the authorization response. The content may identify the benefit of an offer applied to the transaction, which is not reflected in the authorization response. The content may direct the user to select an option regarding the delivery of the receipt. Options presented for selection include suppression of the printing of the paper receipt in favor of an electronic receipt transmitted to a communication reference of the user, printing a mini paper receipt in addition to transmitting an electronic receipt, and/or printing the full paper receipt at the transaction terminal. | 01-15-2015 |
Patent application number | Description | Published |
20100246388 | REDUNDANT HOST CONNECTION IN A ROUTED NETWORK - One embodiment of the present invention provides a switch. The switch includes a management mechanism and a configuration mechanism. During operation, the management mechanism is configured to operate the switch in conjunction with the partner switch as a single logical switch. The configuration mechanism is configured to assign a virtual switch identifier to the logical switch. | 09-30-2010 |
20110280572 | CONVERGED NETWORK EXTENSION - One embodiment of the present invention provides a switch. The switch includes a first port configured to receive Transparent Interconnection of Lots of Links (TRILL) traffic; a second port configured to receive Fibre Channel (FC) traffic; and a third port configured to transmit received TRILL or FC traffic based on a Fibre Channel over IP (FCIP) protocol. | 11-17-2011 |
20110286357 | FABRIC FORMATION FOR VIRTUAL CLUSTER SWITCHING - One embodiment of the present invention provides a switch system. The switch includes a port to couple to a second switch and a control mechanism configured. During operation, the control mechanism receives from the second switch a set of configuration information. Based on the received configuration information, the control mechanism invites the second switch to join a virtual cluster switch. | 11-24-2011 |
20110292947 | DISTRIBUTED CONFIGURATION MANAGEMENT FOR VIRTUAL CLUSTER SWITCHING - One embodiment of the present invention provides a switch. The switch includes a port to couple to a second switch. The switch also includes a control mechanism configured to maintain a set of configuration information for a virtual cluster switch which includes a number of member switches. The set of configuration information includes global configuration information for the virtual cluster switch and switch-specific configuration information for one or more member switches. In addition, the set of configuration information is replicated and stored at each member switch. | 12-01-2011 |
20110299391 | TRAFFIC MANAGEMENT FOR VIRTUAL CLUSTER SWITCHING - One embodiment of the present invention provides a switch system. The switch includes one or more ports on the switch configured to transmit packets encapsulated based on a first protocol. The switch further includes a traffic management mechanism and a control mechanism. During operation, the control mechanism forms a logical switch based on a second protocol, receives an automatically assigned identifier for the logical switch without requiring manual configuration of the identifier, and joins a virtual cluster switch. | 12-08-2011 |
20110299402 | ADVANCED LINK TRACKING FOR VIRTUAL CLUSTER SWITCHING - One embodiment of the present invention provides a switch system. The switch includes a port that couples to a server hosting a number of virtual machines. The switch also includes a link tracking module. During operation, the link tracking module determines that reachability to at least one end host coupled to a virtual cluster switch of which the switch is a member is disrupted. The link tracking module then determines that at least one virtual machine coupled to the port is affected by the disrupted reachability, and communicates to the server hosting the affected virtual machine about the disrupted reachability. | 12-08-2011 |
20110299406 | PATH DETECTION IN TRILL NETWORKS - One embodiment of the present invention provides a system for detecting a path between two nodes. During operation, the system transmits a network-testing request frame, which includes a time-to-live (TTL) field within a Transparent Interconnection of Lots of Links (TRILL) header, from a source node to a destination node. In response to receiving a network-testing response frame sent from an intermediate node, the system increments the TTL value by 1 and re-transmits the network-testing frame to the destination node. In response to receiving a network-testing response frame sent from the destination node, the system determines a path between the source node and the destination node. The network-testing request or response frames is not processed on an Internet Protocol (IP) layer. | 12-08-2011 |
20110299409 | REACHABILITY DETECTION IN TRILL NETWORKS - One embodiment of the present invention provides a system for testing reachability between two nodes within a network. During operation, the system transmits a network-testing request frame from a source node to a destination node, and in response to receiving a network-testing response frame corresponding to the request frame, the system determines reachability of the destination node. The network-testing request or response frame is not processed on an Internet Protocol (IP) layer. | 12-08-2011 |
20110299413 | PORT PROFILE MANAGEMENT FOR VIRTUAL CLUSTER SWITCHING - One embodiment of the present invention provides a switch system. The switch includes a port profile which specifies a set of port configuration information. During operation, a control mechanism within the switch detects a source MAC address of an incoming frame and determines that the MAC address is associated with the port profile. The control mechanism then applies the port profile to a switch port on which the frame is received. | 12-08-2011 |
20110299414 | PRESERVING QUALITY OF SERVICE ACROSS TRILL NETWORKS - Systems and techniques for processing and/or forwarding packets are described. An ingress switch can use a QoS mapping mechanism to map a first set of Quality of Service (QoS) bits in a packet received from a customer to a second set of QoS bits for use in a Transparent Interconnection of Lots of Links (TRILL) packet which encapsulates the packet. The first set of QoS bits can be different from the second set of QoS bits. The TRILL packet can be processed and/or forwarded in the network based on the second set of QoS bits. At the egress switch, the TRILL packet can be decapsulated and the original packet with the original QoS bits (or QoS bits that are different from the original QoS bits) can be forwarded to the customer's network. In this manner, some embodiments of the present invention can preserve the QoS bits across a TRILL network. | 12-08-2011 |
20110299527 | SUPPORTING MULTIPLE MULTICAST TREES IN TRILL NETWORKS - Systems and techniques for supporting multiple multicast trees are described. Some embodiments provide a system that determines an internal multicast group identifier based on a source address, a multicast address, and a multicast tree identifier field associated with a multicast packet. The system can then forward the multicast packet based on the internal multicast group identifier. Specifically, the system can determine a first set of bits based on the source address and the multicast address of the multicast packet. The system can determine a second set of bits based on the multicast tree identifier field of the multicast packet. Next, the system can combine the first set of bits and the second set of bits to obtain the internal multicast group identifier. In some embodiments, the scope of an internal virtual network identifier does not extend beyond a switch or a forwarding module within a switch. | 12-08-2011 |
20110299528 | NETWORK LAYER MULTICASTING IN TRILL NETWORKS - Systems and techniques for performing network layer multicasting in a TRILL network are described. Some embodiments provide a system that receives multicast packet that includes a network-layer multicast-address. The multicast packet can be received on a first multicast tree associated with a first virtual network. Next, the system can determine, based on the network-layer multicast-address, a second multicast tree associated with a second virtual network over which the multicast packet is to be forwarded. The system can then forward the multicast packet on the first multicast tree associated with the first virtual network, and forward a copy of the multicast packet on the second multicast tree associated with the second virtual network. | 12-08-2011 |
20110299531 | FLOODING PACKETS ON A PER-VIRTUAL-NETWORK BASIS - Methods and techniques for flooding packets on a per-virtual-network basis are described. Some embodiments provide a method (e.g., a switch) which determines an internal virtual network identifier based on one or more fields in a packet's header. Next, the method performs a forwarding lookup operation based on the internal virtual network identifier. If the forwarding lookup operation succeeds, the method can process and forward the packet accordingly. However, if the forwarding lookup operation fails, the method can determine a set of egress ports based on the internal virtual network identifier. Next, for each egress port in the set of egress ports, the method can flood the packet if a virtual network identifier in the packet's header is associated with the egress port. Flooding packets on a per-virtual-network basis can substantially reduce the amount of resources required to flood the packet when a forwarding lookup operation fails. | 12-08-2011 |
20110299532 | REMOTE PORT MIRRORING - A switch that facilitates remote port mirroring is described. The switch can include an encapsulation mechanism and a forwarding mechanism. The encapsulation mechanism can be configured to encapsulate a copy of a first packet in a second packet, thereby preserving header information (e.g., a VLAN identifier and/or a TRILL header) of the first packet. The forwarding mechanism can be configured to forward the first packet using header information of the first packet, and forward the second packet using header information of the second packet. The second packet can be received at a destination switch which extracts the first packet from the second packet, and sends the first packet on a port which is coupled to a network analyzer. | 12-08-2011 |
20110299533 | INTERNAL VIRTUAL NETWORK IDENTIFIER AND INTERNAL POLICY IDENTIFIER - Systems and techniques for processing and forwarding packets are described. Some embodiments provide a system (e.g., a switch) which determines an internal virtual network identifier and/or an internal policy identifier for a packet based on a port on which the packet was received and/or one or more fields in the packet. The system can then process and forward the packet based on the internal virtual network identifier and/or internal policy identifier. In some embodiments, the system encapsulates the packet in a TRILL (Transparent Interconnection of Lots of Links) packet by adding a TRILL header to the packet. In some embodiments, the scope of an internal virtual network identifier and/or an internal policy identifier may not extend beyond a switch or a module within a switch. | 12-08-2011 |
20110299534 | VIRTUAL PORT GROUPING FOR VIRTUAL CLUSTER SWITCHING - One embodiment of the present invention provides a switch. The switch includes a port that couples to a server hosting a number of virtual machines. The switch also includes a set of virtual port grouping information and a virtual port grouping mechanism. During operation, the virtual port grouping mechanism determines whether a frame is traveling from a virtual port group to the same virtual port group. If the frame is not traveling to the same virtual port group, the virtual port grouping mechanism prevents the frame from being forwarded. | 12-08-2011 |
20110299535 | NAME SERVICES FOR VIRTUAL CLUSTER SWITCHING - One embodiment of the present invention provides a switch that facilitates name services in a virtual cluster switch. The switch includes a name service database indicating at least one media access control (MAC) address learned at a second switch. The switch also includes a control mechanism. During operation, the control mechanism distributes information on a locally learned MAC address to the second switch. In addition, the control mechanism receives information on a MAC address learned at the second switch. | 12-08-2011 |
20120106957 | Single Virtual Domain Fibre Channel over Ethernet Fabric - The entire FCoE fabric is a single virtual domain, even though there may be multiple FCFs and FDFs. The virtual domain is a different Domain_ID than any of the FCFs. In certain embodiments there are multiple FCFs, of which one is selected as the master or designated FCF. The master FCF performs normal fabric configuration in conjunction with the Fibre Channel fabric. The master FCF assigns the virtual domain FC node IDs and controls development of subdomain IDs. Virtual links are instantiated between the master FCF and other FCFs, between top level FDFs and the FCFs and between the FDFs at each of various levels. FDFs connected to ENodes proxy the master FCF for most FIP operations. FIP FLOGI and FDISC operations are handled by the master FDF, but the FDFs convert the FIP FLOGI requests to VD_FLOGI requests, which include information about the FDF handling the transaction. | 05-03-2012 |
20120163164 | METHOD AND SYSTEM FOR REMOTE LOAD BALANCING IN HIGH-AVAILABILITY NETWORKS - A system is provided for facilitating remote load balancing in a high-availability network. During operation, the system receives a plurality of data frames destined for a destination device, wherein the destination device is coupled to a network via a trunk link, the trunk link coupling the destination device to at least two separate egress switching devices. The system then forwards the data frames via at least two data paths, each of which leads to a respective egress switching device. | 06-28-2012 |
20120281700 | LAYER-3 SUPPORT IN TRILL NETWORKS - One embodiment of the present invention provides a switch. The switch includes an IP header processor and a forwarding mechanism. The IP header processor identifies a destination IP address in a packet encapsulated with an inner Ethernet header, a TRILL header, and an outer Ethernet header. The forwarding mechanism determines an output port and constructs a new header for the packet based on the destination IP address. The switch also includes a packet processor which determines whether (1) an inner destination media access control (MAC) address corresponds to a local MAC address assigned to the switch; (2) a destination RBridge identifier corresponds to a local RBridge identifier assigned to the switch; and (3) an outer destination MAC address corresponds to the local MAC address. | 11-08-2012 |
20130003733 | MULTICAST IN A TRILL NETWORK - One embodiment of the present invention provides a switch. A switch includes a storage and a multicast management mechanism. The storage is configured to store an entry indicating a multicast group membership learned at a remote switch. The multicast management mechanism is coupled to the storage and is configured to suppress flooding of packets destined for the multicast group. | 01-03-2013 |
20130003738 | TRILL BASED ROUTER REDUNDANCY - One embodiment of the present invention provides a switching system. The switching system includes a Transparent Interconnection of Lots of Links (TRILL) header processor and an Internet Protocol (IP) header processor. The TRILL header processor is configured to identify a virtual routing bridge (RBridge) identifier in a packet, and the IP header processor is configured to identify a virtual IP address in the packet. The virtual IP address is assigned to a virtual IP router associated with the virtual RBridge identifier. | 01-03-2013 |
20130003747 | EFFICIENT TRILL FORWARDING - One embodiment of the present invention provides a switch. The switch includes a storage and a lookup mechanism. The storage stores a first table that contains an entry corresponding to a media access control (MAC) address of a device and an identifier of a remote switch associated with the device. The storage also stores a second table that contains an entry indicating a local outgoing interface corresponding to the remote switch. The lookup mechanism identifies the local outgoing interface corresponding to the device based on the first table and the second table. | 01-03-2013 |
20130223449 | DYNAMIC SERVICE INSERTION IN A FABRIC SWITCH - One embodiment of the present invention provides a switch. The switch includes a service management module and a packet processor. During operation, the service management module identifies a service provided by an appliance coupled to the switch via a local port. The packet processor constructs a notification message for a remote switch. The notification message includes information about the service and the appliance. In this way, the switch allows the remote switch to request the service. | 08-29-2013 |