Configuration of a software defined network

US 9,923,779 B2
Filed: 07/20/2015
Issued: 03/20/2018
Est. Priority Date: 07/20/2015
Status: Active Grant

First Claim

Patent Images

1. A system operable to configure a software defined network (SDN), the system comprising:

a first communication host;

a second communication host;

a network in communication with the first communication host and the second communication host, the network comprising a plurality of network devices, the plurality of network devices configured to;

selectively operate in each of an open mode and an SDN operating mode; and

identify a discovered path between the first communication host and the second communication host to forward data through the network in the open mode,wherein the plurality of network devices are configured to implement an allow-by-default communication security policy using at least one automated communication protocol in the open mode;

an SDN controller in communication with the network, the SDN controller comprising;

a mode selection subsystem configured to cause the plurality of network devices to transition between the open mode and the SDN operating mode;

an analysis subsystem configured to identify a communication flow corresponding to the discovered path between the first communication host and the second communication host; and

a traffic routing subsystem configured to create a communication flow corresponding to the discovered path, the communication flow operable to allow communication between the first communication host and the second communication host in the SDN operating mode;

wherein the plurality of network devices are configured to implement a deny-by-default communication security policy in the SDN operating mode.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present disclosure pertains to systems and method for configuration of communication flows in a software defined network (“SDN”). In one embodiment, a system is operable to configure a communication flow between a first host and a second host. A mode selection subsystem is configured to cause a plurality of network devices in a network connecting the first communication host and the second communication host to transition between an open mode and an SDN operating mode. In the open mode, the network devices may discover a communication path between the first host and the second host. An analysis subsystem may receive information from the plurality of network devices information about the discovered path, and a topology discovery subsystem may be configured to create a communication flow corresponding to the discovered path. The communication flow may allow communication between the first host and the second host in the SDN operating mode.

Citations

17 Claims

1. A system operable to configure a software defined network (SDN), the system comprising:
- a first communication host;
  
  a second communication host;
  
  a network in communication with the first communication host and the second communication host, the network comprising a plurality of network devices, the plurality of network devices configured to;
  
  selectively operate in each of an open mode and an SDN operating mode; and
  
  identify a discovered path between the first communication host and the second communication host to forward data through the network in the open mode,wherein the plurality of network devices are configured to implement an allow-by-default communication security policy using at least one automated communication protocol in the open mode;
  
  an SDN controller in communication with the network, the SDN controller comprising;
  
  a mode selection subsystem configured to cause the plurality of network devices to transition between the open mode and the SDN operating mode;
  
  an analysis subsystem configured to identify a communication flow corresponding to the discovered path between the first communication host and the second communication host; and
  
  a traffic routing subsystem configured to create a communication flow corresponding to the discovered path, the communication flow operable to allow communication between the first communication host and the second communication host in the SDN operating mode;
  
  wherein the plurality of network devices are configured to implement a deny-by-default communication security policy in the SDN operating mode.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The system of claim 1, wherein the SDN controller further comprises a user confirmation subsystem configured to receive user confirmation of the communication flow.
  - 3. The system of claim 1, wherein the plurality of network devices are operable to identify the discovered path between the first communication host and the second communication host without user intervention.
  - 4. The system of claim 3, wherein each of the plurality of network devices are configured to communicate using a plurality of automated protocols in the open mode.
  - 5. The system of claim 4, wherein the plurality of automated protocols comprise at least one of a routing information protocol, an open shortest path first protocol, a spanning tree protocol, address resolution protocol, ping, and passive monitoring.
  - 6. The system of claim 1, wherein each of the plurality of network devices are configured to collect topology information and statistical information relating to the discovered path.
  - 7. The system of claim 6, wherein the analysis subsystem is further configured to analyze the topology information and statistical information to identify the path between the first communication host and the second communication host.

8. A method of configuring a software defined network (SDN), comprising:
- operating the SDN in an open mode at a first time;
  
  identifying a plurality of communication paths between a plurality of communicating hosts using a plurality of network devices, the plurality of communicating hosts including a first communication host and a second communication host, and the plurality of communication paths comprising a discovered path between the first communication host and the second communication host, wherein the plurality of network devices are configured to implement an allow-by-default communication security policy using at least one automated communication protocol in the open mode;
  
  creating a plurality of communication flows using an SDN controller based on at least a subset of the plurality of communication paths, the plurality of communication flows comprising a communication flow corresponding to the discovered path between the first communication host and the second communication host;
  
  transitioning the SDN to an SDN operating mode at a second time, wherein the plurality of network devices are configured to implement a deny-by-default communication security policy in the SDN operating mode; and
  
  routing traffic in the SDN between the first communication host and the second communication host based on the plurality of communication flows.
- View Dependent Claims (9, 10, 11, 12)
- - 9. The method of claim 8, further comprising receiving user confirmation of the communication flow prior to allowing traffic between the first communication host and the second communication host based on the communication flow.
  - 10. The method of claim 8, wherein the plurality of communication paths between communicating devices are identified without user intervention.
  - 11. The method of claim 8, further comprising:
    - communicating the path between the first communication host and the second communication host discovered while the SDN is operating in the open mode to an SDN controller, and wherein the SDN controller creates the communication flow corresponding to the path between the first communication host and the second communication host.
  - 12. The method of claim 11, wherein communicating the path between the first communication host and the second communication host created while the SDN is operating in the open mode comprises:
    - transmitting topology information and statistical information relating to the plurality of communication paths from the plurality of devices to the SDN controller;
      
      analyzing topology information and statistical information to identify the path between the first communication host and the second communication host.

13. A system operable to configure a communication flow between a first communication host and a second communication host in a software defined network (SDN), the system comprising:
- a mode selection subsystem configured to cause a plurality of network devices in a network connecting the first communication host and the second communication host to transition between an open mode and an SDN operating mode, wherein the plurality of network devices are configured to discover a path between the first communication host and the second communication host in the open mode, wherein the plurality of network devices are configured to implement an allow-by-default communication security policy using at least one automated communication protocol in the open mode;
  
  an analysis subsystem configured to receive information from the plurality of network devices about the discovered path between the first communication host and the second communication host; and
  
  a topology subsystem configured to create a communication flow corresponding to the discovered path between the first communication host and the second communication host, the communication flow operable to allow communication between the first communication host and the second communication host in the SDN operating mode, wherein the plurality of network devices are configured to implement a deny-by-default communication security policy in the SDN operating mode.
- View Dependent Claims (14, 15, 16, 17)
- - 14. The system of claim 13, wherein the system further comprises a user confirmation subsystem configured to receive user confirmation of the communication flow.
  - 15. The system of claim 13, wherein each of the plurality of network devices are operable to identify the discovered path between the first communication host and the second communication host without user intervention.
  - 16. The system of claim 13, wherein each of the plurality of network devices are configured to communicate using a plurality of automated topology discovery protocols in the open mode.
  - 17. The system of claim 16, wherein the automated routing protocols comprise at least one of a routing information protocol, an open shortest path first protocol, a spanning tree protocol, address resolution protocol, ping, and passive monitoring.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Schweitzer Engineering Laboratories, Incorporated
Original Assignee
Schweitzer Engineering Laboratories, Incorporated
Inventors
Berner, Marc Ryan, Smith, Rhett, Dearien, Jason A., Powers, Josh, Boomer, Grant O.
Primary Examiner(s)
Thier, Michael
Assistant Examiner(s)
Cox, Brian P

Application Number

US14/803,786
Publication Number

US 20170026243A1
Time in Patent Office

974 Days
Field of Search
US Class Current
CPC Class Codes

H04L 41/0883   Semiautomatic configuration...

H04L 41/0886   Fully automatic configuration

H04L 41/12   Discovery or management of ...

H04L 41/122   of virtualised topologies, ...

H04L 45/02   Topology update or discovery

H04L 45/42   Centralised routing

H04L 47/2483   involving identification of...

Y04S 40/00   Systems for electrical powe...

Configuration of a software defined network

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Configuration of a software defined network

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links