Extending routing rules from external services

US 9,509,549 B2
Filed: 03/15/2013
Issued: 11/29/2016
Est. Priority Date: 03/15/2013
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method to control network flow disposition in a multi-tenant environment, the computer-implemented method comprising:

receiving, from a first of a plurality of applications external to a software-defined networking (SDN)-enabled network, a request to modify a specified rule of a plurality of rules enforced by at least one network element of the SDN-enabled network, wherein each of the plurality of rules is modifiable by request from a respective one of the plurality of applications and governs disposition of a respective network flow specific to the respective application in the multi-tenant environment, the at least one network element having a presentation layer, a network abstraction layer, and a service implementation layer, the presentation layer providing a software development kit (SDK) associated with a predefined application programming interface (API);

marshalling the request by the SDK, wherein the marshalled request is transmitted via a predefined communications channel of the at least one network element, the predefined communications channel configured to expose the API to the first application;

un-marshalling the transmitted request upon receipt;

interpreting the un-marshalled request at the network abstraction layer of the at least one network element;

converting the interpreted request into one or more commands at the service implementation layer of the at least one network element; and

executing the one or more commands by operation of one or more computer processors, in order to modify the specified rule enforced by the at least one network element, responsive to the request from the first application external to the SDN-enabled network.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Techniques are disclosed to extend routing rules from external services. A request is received to modify a specified rule in a network element of a network. The specified rule governs disposition of a network flow specific to an application. The request is received via a communications channel configured to expose an application programming interface (API) to the application. The request is interpreted at a network abstraction layer of the network element. The request is converted into a command at a service implementation layer of the network element. The command is executed to modify the specified rule in the network element, responsive to the request.

26 Citations

View as Search Results

20 Claims

1. A computer-implemented method to control network flow disposition in a multi-tenant environment, the computer-implemented method comprising:
- receiving, from a first of a plurality of applications external to a software-defined networking (SDN)-enabled network, a request to modify a specified rule of a plurality of rules enforced by at least one network element of the SDN-enabled network, wherein each of the plurality of rules is modifiable by request from a respective one of the plurality of applications and governs disposition of a respective network flow specific to the respective application in the multi-tenant environment, the at least one network element having a presentation layer, a network abstraction layer, and a service implementation layer, the presentation layer providing a software development kit (SDK) associated with a predefined application programming interface (API);
  
  marshalling the request by the SDK, wherein the marshalled request is transmitted via a predefined communications channel of the at least one network element, the predefined communications channel configured to expose the API to the first application;
  
  un-marshalling the transmitted request upon receipt;
  
  interpreting the un-marshalled request at the network abstraction layer of the at least one network element;
  
  converting the interpreted request into one or more commands at the service implementation layer of the at least one network element; and
  
  executing the one or more commands by operation of one or more computer processors, in order to modify the specified rule enforced by the at least one network element, responsive to the request from the first application external to the SDN-enabled network.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The computer-implemented method of claim 1, wherein the API is configured to permit the first application to modify one or more management and runtime aspects of the at least one network element.
  - 3. The computer-implemented method of claim 2, wherein the API is configured to permit the first application to independently modify each individual management and runtime aspect selected from a plurality of management and runtime aspects including multiprotocol label switching (MPLS) tags, Layer-2 information, Layer-3 information, deep packet inspection (DPI), and routing tables.
  - 4. The computer-implemented method of claim 3, wherein the request is sent by the first application via the SDK, wherein the SDK is configured to communicate with a data path process via local inter-process communication, wherein the data path process is configured to access functionality of the at least one network element via virtual network service data path and generic routing encapsulation.
  - 5. The computer-implemented method of claim 4, wherein control of network flow disposition is facilitated in the multi-tenant environment with arbitrary, third-party code, wherein the first application includes the arbitrary, third-party code, wherein the one or more commands are specific to a platform type of the at least one network element, wherein the request is independent of the platform type of the at least one network element, wherein the predefined communications channel comprises a network-independent remote procedure call (RPC) channel;
    - wherein the plurality of management and runtime aspects further include discovery, topology, element, interface, external configuration, system log, tracing, routing, quality of service, access control list, external service, datapath policy, and authentication, authorization and accounting, wherein each individual management and runtime aspect is modifiable.
  - 6. The computer-implemented method of claim 5, wherein the at least one network element further comprises an application layer, a thrift layer and an operating system target layer, wherein the at least one network element comprises at least one hardware network element;
    - wherein the application layer includes the plurality of applications, each application of which is of a different application types, wherein the presentation layer includes a respective presentation interface for each application type, wherein the thrift layer includes the predefined communications channel and further includes a marshaling and transport component, wherein the network abstraction layer includes a network abstraction interface;
      
      wherein the service implementation layer includes code associated with the API and code for configuring the at least one network element, wherein the operating system target layer includes platform-dependent code specific to each of a plurality of different network element types;
      
      wherein the computer-implemented method further comprises;
      
      preventing the modified rule from affecting at least one network flow not associated with a provider of the first application.
  - 7. The computer-implemented method of claim 6, wherein the at least one network element is associated with a session manager having a service framework, wherein the predefined communications channel exposes the service framework to the first application, wherein the session manager has a corresponding module for each of a plurality of APIs supported by the at least one network element, wherein the service framework comprises a plurality of components including a session handler, a pluggable transport component, a session event/high availability component, a notification handler, a locking service, a version handler, an access control component, and a service registry component;
    - wherein each individual management and runtime aspect is modified, wherein the specified rule is modified by a management runtime of the at least one network element, wherein the specified rule is modifiable responsive to receiving the request from each of;
      
      (i) a first instance of the first application executing on a first of the at least one network element;
      
      (ii) a second instance of the first application executing on a blade server disposed within a same chassis as the first network element;
      
      (iii) a third instance of the first application executing on a computer operatively connected to the first network element, and(iv) a fourth instance of the first application executing on a virtual machine (VM) operatively connected to the first network element.
  - 8. The computer-implemented method of claim 1, wherein the API is configured to permit the first application to modify at least one aspect of the at least one network element, wherein the at least one aspect is selected from multiprotocol label switching (MPLS) tags, Layer-2 information, Layer-3 information, deep packet inspection (DPI), and routing tables.
  - 9. The computer-implemented method of claim 1, wherein the at least one network element further comprises at least one of an application layer and an operating system target layer.
  - 10. The computer-implemented method of claim 1, the at least one network element further having a thrift layer that includes the predefined communications channel.

11. A non-transitory computer readable medium containing a program which, when executed, performs an operation to control network flow disposition in a multi-tenant environment, the operation comprising:
- receiving, from a first of a plurality of applications external to a software-defined networking (SDN)-enabled network, a request to modify a specified rule of a plurality of rules enforced by at least one network element of the SDN-enabled network, wherein each of the plurality of rules is modifiable by request from a respective one of the plurality of applications and governs disposition of a respective network flow specific to the respective application in the multi-tenant environment, the at least one network element having a presentation layer, a network abstraction layer, and a service implementation layer, the presentation layer providing a software development kit (SDK) associated with a predefined application programming interface (API);
  
  marshalling the request by the SDK, wherein the marshalled request is transmitted via a predefined communications channel of the at least one network element, the predefined communications channel configured to expose the API to the first application;
  
  un-marshalling the transmitted request upon receipt;
  
  interpreting the un-marshalled request at the network abstraction layer of the at least one network element;
  
  converting the interpreted request into one or more commands at the service implementation layer of the at least one network element; and
  
  executing the one or more commands by operation of one or more computer processors when executing the program, in order to modify the specified rule enforced by the at least one network element, responsive to the request from the first application external to the SDN-enabled network.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The non-transitory computer readable medium of claim 11, wherein the API is configured to permit the first application to modify one or more management and runtime aspects of the at least one network element.
  - 13. The non-transitory computer readable medium of claim 11, wherein the API is configured to permit the first application to modify at least one aspect of the at least one network element, wherein the at least one aspect is selected from multiprotocol label switching (MPLS) tags, Layer-2 information, Layer-3 information, deep packet inspection (DPI), and routing tables.
  - 14. The non-transitory computer readable medium of claim 11, wherein the at least one network element further comprises at least one of an application layer and an operating system target layer.
  - 15. The non-transitory computer readable medium of claim 11, the at least one network element further having a thrift layer that includes the predefined communications channel.

16. A system to control network flow disposition in a multi-tenant environment, the system comprising:
- one or more computer processors;
  
  a memory containing a program which, when executed by the one or more computer processors, performs an operation comprising;
  
  receiving, from a first of a plurality of applications external to a software-defined networking (SDN)-enabled network, a request to modify a specified rule of a plurality of rules enforced by at least one network element of the SDN-enabled network, wherein each of the plurality of rules is modifiable by request from a respective one of the plurality of applications and governs disposition of a respective network flow specific to the respective application in the multi-tenant environment, the at least one network element having a presentation layer, a network abstraction layer, and a service implementation layer, the presentation layer providing a software development kit (SDK) associated with a predefined application programming interface (API);
  
  marshalling the request by the SDK, wherein the marshalled request is transmitted via a predefined communications channel of the at least one network element, the predefined communications channel configured to expose the API to the first application;
  
  un-marshalling the transmitted request upon receipt;
  
  interpreting the un-marshalled request at the network abstraction layer of the at least one network element;
  
  converting the interpreted request into one or more commands at the service implementation layer of the at least one network element; and
  
  executing the one or more commands;
  
  in order to modify the specified rule enforced by the at least one network element, responsive to the request from the first application external to the SDN-enabled network.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The system of claim 16, wherein the API is configured to permit the first application to modify one or more management and runtime aspects of the at least one network element.
  - 18. The system of claim 16, wherein the API is configured to permit the first application to modify at least one aspect of the at least one network element, wherein the at least one aspect is selected from multiprotocol label switching (MPLS) tags, Layer-2 information, Layer-3 information, deep packet inspection (DPI), and routing tables.
  - 19. The system of claim 16, wherein the at least one network element further comprises at least one of an application layer and an operating system target layer.
  - 20. The system of claim 16, the at least one network element further having a thrift layer that includes the predefined communications channel.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Inventors
Pruss, Richard M., McDowall, John Edward, Medved, Jan
Primary Examiner(s)
Patel, Dhairya A

Application Number

US13/842,786
Publication Number

US 20140280835A1
Time in Patent Office

1,355 Days
Field of Search

709/223, 709/224, 709/246, 709/395, 370/389, 370/392, 370/395, 370/396
US Class Current

1/1
CPC Class Codes

H04L 41/0226   Mapping or translating mult...

H04L 41/052   using standardised network ...

H04L 41/0813   characterised by the condit...

H04L 41/0895   Configuration of virtualise...

H04L 41/0896   Bandwidth or capacity manag...

H04L 41/342   between virtual entities, e...

H04L 41/40   using virtualisation of net...

H04L 43/028   by filtering

H04L 43/20   the monitoring system or th...

H04L 45/64   using an overlay routing layer

Extending routing rules from external services

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

26 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Extending routing rules from external services

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

26 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links