BFD over VxLAN on vPC uplinks

US 10,142,163 B2
Filed: 03/07/2016
Issued: 11/27/2018
Est. Priority Date: 03/07/2016
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

receiving, by a primary virtual port channel (vPC) node, a packet from a remote node;

determining, by the primary vPC node, the packet includes a media access control (MAC) address corresponding to either the primary vPC node or a secondary vPC node and at least one inner packet identifier;

identifying, by the primary vPC node, an access control list (ACL) entry from a set of access control list entries based on the at least one inner packet identifier;

based on an identified access control list (ACL) entry, generating, by the primary vPC node, a copy of the packet; and

based on the determined MAC address and after generating a copy of the packet, transmitting, by the primary vPC node to the secondary vPC node, the packet;

receiving, by the primary vPC node, a second packet;

authorizing, by the primary vPC node in response to determining the secondary vPC node generated a copy of the second packet, receipt of the second packet;

restricting by the primary vPC node in response to determining the secondary vPC node did not generate a copy of the second packet, receipt of the second packet.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed are systems, methods, and computer-readable storage media for synchronizing the secondary vPC node to the primary vPC node in a BFD protocol over a VxLAN channel with a remote node. In some embodiments of the present technology a primary vPC node can receive a packet from the remote node. The primary vPC node can then determine the packet includes either a MAC address corresponding to the primary vPC node or a secondary vPC node, and at least one inner packet identifier. Additionally, the primary networking switch can identify an access control list (ACL) entry from a set of ACL entries based on the at least one inner packet identifier. Subsequently, based on the ACL entry, the primary vPC node can generate a copy of the packet. After which, the primary vPC node can transmit the packet to the secondary vPC node.

Citations

14 Claims

1. A method, comprising:
- receiving, by a primary virtual port channel (vPC) node, a packet from a remote node;
  
  determining, by the primary vPC node, the packet includes a media access control (MAC) address corresponding to either the primary vPC node or a secondary vPC node and at least one inner packet identifier;
  
  identifying, by the primary vPC node, an access control list (ACL) entry from a set of access control list entries based on the at least one inner packet identifier;
  
  based on an identified access control list (ACL) entry, generating, by the primary vPC node, a copy of the packet; and
  
  based on the determined MAC address and after generating a copy of the packet, transmitting, by the primary vPC node to the secondary vPC node, the packet;
  
  receiving, by the primary vPC node, a second packet;
  
  authorizing, by the primary vPC node in response to determining the secondary vPC node generated a copy of the second packet, receipt of the second packet;
  
  restricting by the primary vPC node in response to determining the secondary vPC node did not generate a copy of the second packet, receipt of the second packet.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, further comprising:
    - determining, by the secondary vPC node, the primary vPC node generated a copy of the packet.
  - 3. The method of claim 1, wherein the primary vPC node and the secondary vPC node include MAC addresses of both the primary vPC node and the secondary vPC node.
  - 4. The method of claim 1, further comprising:
    - receiving, by the primary vPC node and from a second remote node, a second packet;
      
      determining, by the primary vPC node, the second packet includes the MAC address corresponding to either the primary vPC node or the secondary vPC node and an inner user datagram protocol (UDP) destination address;
      
      identifying, by the primary vPC node, the ACL entry from a set of ACL entries based on the inner UDP destination address, the access control list entry including an instruction to copy the second packet;
      
      based on the identified ACL entry, generating, by the primary vPC node, a copy of the second packet; and
      
      based on the determined MAC address and after generating a copy of the second packet, transmitting, by the primary vPC node to the secondary vPC node, the packet.
  - 5. The method of claim 1, wherein the inner packet identifier includes at least one of an inner destination internet protocol (IP) address, an inner user datagram protocol (UDP) destination port address and an inner IP time to live (TTL).

6. A non-transitory computer-readable medium containing instructions that, when executed by a primary vPC node, cause the primary vPC node to:
- receive a packet from a remote node;
  
  determine the packet includes a media access control (MAC) address corresponding to either the primary vPC node or a secondary vPC node, and at least one inner packet identifier;
  
  identify an access control list (ACL) entry from a set of access control list entries based on the at least one inner packet identifier, the access control list entry including an instruction to copy the packet;
  
  based on the identified access control list (ACL), generate a copy of the packet; and
  
  based on the determined MAC address and after generating a copy of the packet transmit the packet to the secondary vPC node;
  
  receive, by the primary vPC node, a second packet;
  
  authorize, by the primary vPC node in response to determining the secondary vPC node generated a copy of the second packet, receipt of the second packet;
  
  restrict by the primary vPC node in response to determining the secondary vPC node did not generate a copy of the second packet, receipt of the second packet.
- View Dependent Claims (7, 8)
- - 7. The non-transitory computer readable medium of claim 6, wherein the instructions further cause the primary vPC node to:
    - determine a failover of the primary vPC node; and
      
      transmit instructions to the node to initialize communications between the node and the secondary vPC node.
  - 8. The non-transitory computer readable medium of claim 7, wherein the inner packet identifier includes at least one an inner destination internet protocol (IP) address, an inner user datagram protocol (UDP) destination port address and an inner IP time to live (TTL).

9. A computing system comprising:
- a remote node;
  
  a dual-homed virtual tunnel endpoint (VTEP), the dual-homed VTEP including a primary network switch and a secondary network switch;
  
  a processor; and
  
  memory containing instructions that, when executed by the processor, cause the secondary network switch to;
  
  receive a packet from the remote node;
  
  determine the packet includes a media access control (MAC) address corresponding to either the primary network switch or the secondary network switch and at least one inner packet identifier;
  
  identify an access control list (ACL) entry from a set of access control list entries based on the at least one inner packet identifier, the access control list entry including an instruction to copy the packet;
  
  based on the identified ACL entry, generate a copy of the packet; and
  
  based on the determined MAC address and after generating a copy of the packet, transmit the packet to the primary network switch;
  
  receive, by the primary vPC node, a second packet;
  
  authorize, by the primary vPC node in response to determining the secondary vPC node generated a copy of the second packet, receipt of the second packet;
  
  restrict by the primary vPC node in response to determining the secondary vPC node did not generate a copy of the second packet, receipt of the second packet.
- View Dependent Claims (10, 11, 12, 13, 14)
- - 10. The computing system of claim 9, wherein the instructions further cause the secondary network switch to:
    - receive from the primary network switch or the node, a copy of an initial packet, the initial packet including a discriminator;
      
      determine the discriminator is associated with a bidirectional forwarding detection (BFD) protocol between the secondary network switch and the node; and
      
      configure the secondary network switch to be a hot-standby.
  - 11. The computing system of claim 10, wherein the instructions further cause the secondary network switch to:
    - determine a failover of the primary network switch; and
      
      transmit instructions to the node to initialize communications between the node and the secondary network switch.
  - 12. The computing system of claim 9, wherein primary network switch and the secondary network switch both include MAC addresses of the primary network switch and the secondary network.
  - 13. The computing system of claim 9, wherein the inner packet identifier includes at least one of an inner destination internet protocol (IP) address, an inner user datagram protocol (UDP) destination port address and an inner IP time to live (TTL).
  - 14. The computing system of claim 9, wherein the remote node and the dual-homed VTEP have initialized a BFD session over VxLAN.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Inventors
Govindan, Vengada Prasad, Banerjee, Ayan, Mahajan, Mehak, Gidwani, Abhayraj Kuldip, Mallik, Mudigonda Jwala
Primary Examiner(s)
Mesfin, Yemane
Assistant Examiner(s)
Elmejjarmi, Abdelillah

Application Number

US15/063,288
Publication Number

US 20170257260A1
Time in Patent Office

995 Days
Field of Search
US Class Current
CPC Class Codes

H04L 12/4633   Interconnection of networks...

H04L 41/0654   using network fault recover...

H04L 41/0659   by isolating or reconfiguri...

BFD over VxLAN on vPC uplinks

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

BFD over VxLAN on vPC uplinks

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links