公开(公告)号：WO2020206100A1

公开(公告)日：2020-10-08

申请号：PCT/US2020/026358

申请日：2020-04-02

Applicant: CISCO TECHNOLOGY, INC.

Inventor： CLAD, Francois ,  GARVIA, Pablo, Camarillo ,  FILSFILS, Clarence

IPC: G06F21/57 ,  H04L12/24 ,  H04L12/751 ,  H04L29/06 ,  H04L12/723

Abstract: In one embodiment, a method by an apparatus of a segment routing (SR) network includes receiving a data packet and accessing an attestation token for the apparatus. The method further includes determining a location within a header of the received data packet for the attestation token and creating an updated header by encoding the attestation token in the determined location of the header. The method further includes sending the updated header with the encoded attestation token to another apparatus of the SR network.

公开(公告)号：WO2020131481A1

公开(公告)日：2020-06-25

申请号：PCT/US2019/065370

申请日：2019-12-10

Applicant: CISCO TECHNOLOGY, INC.

Inventor： ALI, Zafar ,  FILSFILS, Clarence ,  CLAD, Francois ,  IQBAL, Faisal ,  HAFEEZ, Mohmad, Saleem

IPC: H04L12/26 ,  H04L12/727 ,  H04L12/723

Abstract: In one illustrative example, a network node (e.g. a router or switch) may receive a data packet and timestamp a copy of the data packet. The node may also compute a signature for the copy and insert the signature in a header of the copy. The node may send the copy to a controller for correlation with one or more other timestamped data packet copies of the data packet from one or more other network nodes having the same signature and for the computation of delay. The original data packet may be forwarded to a next network node without any timestamp or other metadata added to it. The processing of the data packets may be performed as part of a function for punting the timestamped data packet copy and forwarding, or as a function for forwarding and punting the timestamped data packet copy.

公开(公告)号：WO2020086570A1

公开(公告)日：2020-04-30

申请号：PCT/US2019/057424

申请日：2019-10-22

Applicant: CISCO TECHNOLOGY, INC.

Inventor： FILSFILS, Clarence ,  AGRAWAL, Swadesh ,  ALI, Zafar ,  CAMARILLO GARVIA, Pablo ,  CLAD, Francois

IPC: H04L12/715 ,  H04L12/723 ,  H04L12/781

Abstract: In one embodiment, a network comprises a first forwarding domain using a first data plane forwarding protocol and a second forwarding domain using a second data plane forwarding protocol different than the first data forwarding plane forwarding protocol. The first forwarding domain includes a first path node and a particular border node. The second forwarding domain includes a second path node and the particular border node. The particular border node performs Segment Routing or other protocol interworking between the different data plane forwarding domains, such as for transporting packets through a different forwarding domain or translating a packet to use a different data forwarding protocol. These forwarding domains typically include Segment Routing (SR) and SR-Multiprotocol Label Switching (SR-MPLS). Paths through the network are determined by a Path Computation Engine and/or based on route advertisements such associated with Binding Segment Identifiers (BSIDs) (e.g., labels, Internet Protocol addresses).

公开(公告)号：WO2020005710A1

公开(公告)日：2020-01-02

申请号：PCT/US2019/038246

申请日：2019-06-20

Applicant: CISCO TECHNOLOGY, INC.

Inventor： FILSFILS, Clarence ,  CAMARILLO GARVIA, Pablo ,  CLAD, Francois

IPC: H04L12/46 ,  H04L29/06 ,  H04L12/721

Abstract: In one embodiment, a Segment Routing network node provides processing and network efficiencies in protecting Internet Protocol version 6 (IPv6) Segment Routing (SRv6) packets and functions using Security Segment Identifiers, which are included in Segment Lists of a Segment Routing Header of a SRv6 packet. The Security Segment Identifier provides, inter alia, origin authentication, integrity of information in one or more headers of the packet, and/or anti-replay protection. In one embodiment, a Security Segment Identifier includes a value determined based on a secured portion of the packet. A typically secured portion includes the Source and Destination Addresses, one or more Segment Identifiers in a Segment List and the Segments Left value. In one embodiment, the Destination Address and/or a Segment Identifier in the Segment List includes and an anti-replay value (e.g., sequence number or portion thereof) which is also in the secured portion of the packet.

公开(公告)号：EP4371285A1

公开(公告)日：2024-05-22

申请号：EP22751527.7

申请日：2022-07-08

Applicant: Cisco Technology, Inc.

Inventor： FILSFILS, Clarence ,  ALI, Zafar ,  CLAD, Francois ,  DUVIVIER, Bertrand Herbert Guy ,  KOLDYCHEV, Mikhail ,  GANDHI, Rakesh ,  SONI, Sagar

IPC: H04L45/00

CPC classification number: H04L45/22 ,  H04L45/28 ,  H04L45/42 ,  H04L47/724

公开(公告)号：EP3900269A1

公开(公告)日：2021-10-27

申请号：EP19832784.3

申请日：2019-12-10

Applicant: Cisco Technology, Inc.

Inventor： ALI, Zafar ,  FILSFILS, Clarence ,  CLAD, Francois ,  IQBAL, Faisal ,  HAFEEZ, Mohmad, Saleem

IPC: H04L12/26 ,  H04L12/727 ,  H04L12/723

公开(公告)号：EP3874694A1

公开(公告)日：2021-09-08

申请号：EP19801168.6

申请日：2019-10-22

Applicant: Cisco Technology, Inc.

Inventor： FILSFILS, Clarence ,  ALI, Zafar ,  GARVIA, Pablo Camarillo ,  CLAD, Francois

IPC: H04L12/725 ,  H04L12/721

公开(公告)号：EP4256770A1

公开(公告)日：2023-10-11

申请号：EP21859373.9

申请日：2021-12-01

Applicant: Cisco Technology, Inc.

Inventor： FILSFILS, Clarence ,  CAMARILLO GARVIA, Pablo ,  ABDELSALAM, Ahmed Mohamed Ahmed ,  CLAD, Francois

IPC: H04L45/00 ,  H04L45/741

公开(公告)号：EP3948615A1

公开(公告)日：2022-02-09

申请号：EP20722738.0

申请日：2020-04-02

Applicant: Cisco Technology, Inc.

Inventor： CLAD, Francois ,  GARVIA, Pablo, Camarillo ,  FILSFILS, Clarence

IPC: G06F21/57 ,  H04L12/24 ,  H04L12/751 ,  H04L29/06 ,  H04L12/723

公开(公告)号：EP4256769A1

公开(公告)日：2023-10-11

申请号：EP21827511.3

申请日：2021-11-24

Applicant: Cisco Technology, Inc.

Inventor： FILSFILS, Clarence ,  ABDELSALAM, Ahmed Mohamed Ahmed ,  GANDHI, Rakesh ,  CAMARILLO GARVIA, Pablo ,  CLAD, Francois

IPC: H04L43/0811 ,  H04L43/0852 ,  H04L43/106 ,  H04L45/02 ,  H04L45/00 ,  H04L69/22