Validation of L3OUT configuration for communications outside a network
First Claim
Patent Images
1. A system for performing a network assurance check of proper deployment of a configuration in a fabric, comprising:
- at least one memory configured to store data; and
at least one processor operable to execute instructions associated with the data, which when executed by the at least one processor, causes the processor to;
receive, from a controller, a global logical model in a first format, the global logical model containing instructions on how endpoints connected to a network fabric communicate within the fabric;
receive, from one or more network devices within the fabric, a software model being at least a subset of instructions from the global logical model in a second format executable on the one or more network devices, the subset of instructions being instructions from the global logical model that are specific to operability of the one or more network devices;
create a local logical model in the first format, the local logical model being at least a portion of the received global logical model that is specific to operability of the one or more network devices;
convert at least a portion of Layer 3 out (L3out) content of the created local logical model and/or at least a portion of L3out content of the received software model into a common format; and
compare content of at least some L3out overlapping fields from the common format of the created local logical model and the common format of the received software model;
wherein a positive outcome of the comparison at least partially represents that the internal subnet has been properly leaked outside of the fabric.
1 Assignment
0 Petitions
Accused Products
Abstract
Disclosed are systems, methods, and computer-readable media for assuring tenant forwarding in a network environment. Network assurance can be determined in layer 1, layer 2 and layer 3 of the networked environment including, internal-internal (e.g., inter-fabric) forwarding and internal-external (e.g., outside the fabric) forwarding in the networked environment. The network assurance can be performed using logical configurations, software configurations and/or hardware configurations.
-
Citations
20 Claims
-
1. A system for performing a network assurance check of proper deployment of a configuration in a fabric, comprising:
-
at least one memory configured to store data; and at least one processor operable to execute instructions associated with the data, which when executed by the at least one processor, causes the processor to; receive, from a controller, a global logical model in a first format, the global logical model containing instructions on how endpoints connected to a network fabric communicate within the fabric; receive, from one or more network devices within the fabric, a software model being at least a subset of instructions from the global logical model in a second format executable on the one or more network devices, the subset of instructions being instructions from the global logical model that are specific to operability of the one or more network devices; create a local logical model in the first format, the local logical model being at least a portion of the received global logical model that is specific to operability of the one or more network devices; convert at least a portion of Layer 3 out (L3out) content of the created local logical model and/or at least a portion of L3out content of the received software model into a common format; and compare content of at least some L3out overlapping fields from the common format of the created local logical model and the common format of the received software model; wherein a positive outcome of the comparison at least partially represents that the internal subnet has been properly leaked outside of the fabric. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method for performing a network assurance check of lack of overlapping subnets deployed in a fabric, comprising:
-
receiving from a controller, a global logical model in a first format, the global logical model containing instructions on how endpoints connected to a network fabric communicate within the fabric; receiving from one or more network devices within the fabric, a software model being at least a subset of instructions from the global logical model in a second format executable on the one or more network devices, the subset of instructions being instructions from the global logical model that are specific to operability of the one or more network devices; creating a local logical model in the first format, the local logical model being at least a portion of the received global logical model that is specific to operability of the one or more of the network devices; converting at least a portion of Layer 3 out (L3out) content of the created local logical model and/or at least a portion of L3out content of the received software model into a common format; and comparing content of at least some L3out overlapping fields from the common format of the created local logical model and the common format of the received software model; wherein a positive outcome of the comparing at least partially represents that the internal subnet has been properly leaked outside of the fabric. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. At least one non-transitory computer readable medium in non-transitory media that includes code for performing a network assurance check of lack of overlapping subnets deployed in a fabric, and when executed by a processor is operable to perform operations comprising:
-
receive, from a controller, a global logical model in a first format, the global logical model containing instructions on how endpoints connected to a network fabric communicate within the fabric; receive, from one or more network devices within the fabric, a software model being at least a subset of instructions from the global logical model in a second format executable on the one or more network devices, the subset of instructions being instructions from the global logical model that are specific to operability of the one or more network devices; create a local logical model in the first format, the local logical model being at least a portion of the received global logical model that is specific to operability of the network device; convert at least a portion of Layer 3 out (L3out) content of the created local logical model and/or at least a portion of L3out content of the received software model into a common format; and compare content of at least some L3out overlapping fields from the common format of the created local logical model and the common format of the received software model; wherein a positive outcome of the comparison at least partially represents that the internal subnet has been properly leaked outside of the fabric. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification