Patent application number | Description | Published |
20090260083 | SYSTEM AND METHOD FOR SOURCE IP ANTI-SPOOFING SECURITY - A system and method that provides for using source IP addresses and MAC addresses in a network to provide security against attempts by users of the network to use false source IP addresses in data packets. The system and method provide for analyzing MAC addresses and source IP addresses at the datalink (layer 2) level, and to use the information derived from such analysis to block access through a port where a host device is using a false, or spoofed, source IP address in transmitted data packets. Further, the system and method provide for validating initially learned source IP addresses, and for determining whether the number of unsuccessful attempts to validate new source IP addresses exceeds a threshold level, and where the number does exceed the threshold number the system and method can provide for operation in a possible attack mode. | 10-15-2009 |
20100046556 | Priority Aware MAC Flow Control - Solutions are provided that allow a network device to apply flow control on the MAC layer while taking into account the priority of the frame of traffic. This may be accomplished by generating a frame indicating that traffic flow should be paused, while utilizing a new opcode value, or alternatively by utilizing a new type/length value (possibly combined with a new opcode value). A receiving device may then examine the fields of the frame to determine whether it should it should use priority-based pausing, and then examine other fields to determine which priority-levels to pause and for how long. This allows for improved efficiency in flow control on the MAC layer. | 02-25-2010 |
20100238804 | FLOW CONTROL FOR MULTI-HOP NETWORKS - Solutions are provided that allow a network device to apply flow control on the MAC layer while taking into account the priority of the frame of traffic. This may be accomplished by generating a frame indicating that traffic flow should be paused, while utilizing a new opcode value, or alternatively by utilizing a new type/length value (possibly combined with a new opcode value). A receiving device may then examine the fields of the frame to determine whether it should it should use priority-based pausing, and then examine other fields to determine which priority-levels to pause and for how long. This allows for improved efficiency in flow control at the MAC layer. Additionally, the tagged pause frames can be forwarded over multiple hops on Local Area Networks across a Metropolitan Area Network or Wide Area Network. | 09-23-2010 |
20100238927 | METHOD AND SYSTEM FOR INTELLIGENTLY FORWARDING MULTICAST PACKETS - A routing system utilizes a layer 2 switch interconnecting several routers to intelligently forward multicast packets throughout an interne exchange carrying multicast content. The layer 2 switch performs protocol snooping to extract a lookup key that is based on network layer protocol information. The lookup key is uniquely formulated to support either shared or explicit source distribution trees. The lookup key is used to query a forwarding memory that returns an outgoing port index. The outgoing port index points to one or more outgoing ports that are eligible to receive the multicast packet. The outgoing ports are also connected to the neighboring device(s) that are designated to receive the multicast packet. The routing system also supports real time maintenance and updating of the forwarding memory based on the periodic exchange of control messages. The routing system is configured to support PIM routers operating in PIM SM or PIM SSM modes. However, the routing system can also support other multicast protocols and/or standards. | 09-23-2010 |
20110064078 | METHOD AND SYSTEM FOR INTELLIGENTLY FORWARDING MULTICAST PACKETS - A routing system utilizes a layer 2 switch interconnecting several routers to intelligently forward multicast packets throughout an internet exchange carrying multicast content. The layer 2 switch performs protocol snooping to extract a lookup key that is based on network layer protocol information. The lookup key is uniquely formulated to support either shared or explicit source distribution trees. The lookup key is used to query a forwarding memory that returns an outgoing port index. The outgoing port index points to one or more outgoing ports that are eligible to receive the multicast packet. The outgoing ports are also connected to the neighboring device(s) that are designated to receive the multicast packet. The routing system also supports real time maintenance and updating of the forwarding memory based on the periodic exchange of control messages. The routing system is configured to support PIM routers operating in PIM SM or PIM SSM modes. However, the routing system can also support other multicast protocols and/or standards. | 03-17-2011 |
20120147747 | PRIORITY AWARE MAC FLOW CONTROL - Solutions are provided that allow a network device to apply flow control on the MAC layer while taking into account the priority of the frame of traffic. This may be accomplished by generating a frame indicating that traffic flow should be paused, while utilizing a new opcode value, or alternatively by utilizing a new type/length value (possibly combined with a new opcode value). A receiving device may then examine the fields of the frame to determine whether it should use priority-based pausing, and then examine other fields to determine which priority-levels to pause and for how long. This allows for improved efficiency in flow control on the MAC layer. | 06-14-2012 |
20130188514 | MANAGING A CLUSTER OF SWITCHES USING MULTIPLE CONTROLLERS - One embodiment of the present invention provides a computing system. The computing system includes a discovery module, a high-availability management module, and a controlling module. The discovery module determines local switch-specific information associated with a switch based on a discovery response packet. The high-availability management module determines remote switch-specific information about the same switch with respect to a remote computing system. The controlling module determines whether the computing system is to manage the switch based on a metric derived from the local and remote switch-specific information. | 07-25-2013 |
20130188521 | MANAGING A LARGE NETWORK USING A SINGLE POINT OF CONFIGURATION - One embodiment of the present invention provides a computing system. The switch includes a discovery module, a device management module, and a logical group management module. The discovery module constructs a multicast query message for a first multicast group to which the computing system is registered. The device management module extracts information about a remote switch from a query response message from the remote switch and constructs a client database, wherein a first entry in the client database contains the information extracted from the query response message. The logical group management module associates the remote switch with a second multicast group. | 07-25-2013 |
20130301409 | Flow Control For Multi-Hop Networks - Solutions are provided that allow a network device to apply flow control on the MAC layer while taking into account the priority of the frame of traffic. This may be accomplished by generating a frame indicating that traffic flow should be paused, while utilizing a new opcode value, or alternatively by utilizing a new type/length value (possibly combined with a new opcode value). A receiving device may then examine the fields of the frame to determine whether it should use priority-based pausing, and then examine other fields to determine which priority-levels to pause and for how long. This allows for improved efficiency in flow control at the MAC layer. Additionally, the tagged pause frames can be forwarded over multiple hops on Local Area Networks across a Metropolitan Area Network or Wide Area Network. | 11-14-2013 |
20140003285 | EFFICIENT LAYER-2 MULTICAST TOPOLOGY CONSTRUCTION | 01-02-2014 |
20140348022 | EFFICIENT MULTICAST TOPOLOGY CONSTRUCTION IN A ROUTED NETWORK - One embodiment of the present invention provides a layer-3 forwarding device. The layer-3 forwarding device includes a processor and a computer-readable storage medium. The computer-readable storage medium stores instructions which when executed by the processor cause the processor to perform a method. The method comprises determining whether the layer-3 forwarding device is a leaf layer-3 forwarding device of a multicast distribution tree of a multicast group in a routed network based on a multicast topology discovery message from a root layer-3 forwarding device of the multicast distribution tree. If the layer-3 forwarding device is the leaf layer-3 forwarding device, the method comprises constructing a multicast topology report message. This multicast topology report message includes topology information of the multicast group in the routed network associated with the layer-3 forwarding device. | 11-27-2014 |