Network feedback in software-defined networks

Description

BACKGROUND

Field

The present disclosure relates to network management. More specifically, the present disclosure relates to a method and system for facilitating network feedback in a software-defined network.

Related Art

The exponential growth of the Internet has made it a popular delivery medium for heterogeneous data flows. Such heterogeneity has caused an increasing demand for bandwidth. As a result, equipment vendors race to build larger and faster switches with versatile capabilities, such as defining data flows using software, to move more traffic efficiently. However, the complexity of a switch cannot grow infinitely. It is limited by physical space, power consumption, and design complexity, to name a few factors. Furthermore, switches with higher and more versatile capability are usually more complex and expensive.

Software-defined flow is a new paradigm in data communication networks. Any network supporting software-defined flows can be referred to as software-defined network. An example of a software-defined network can be an OpenFlow network, wherein a network administrator can configure how a switch behaves based on flow definitions that can be defined across different layers of network protocols. A software-defined network separates the intelligence needed for controlling individual network devices (e.g., routers and switches) and offloads the control mechanism to a remote controller device (often a standalone server or end device). Therefore, a software-defined network provides complete control and flexibility in managing data flow in the network.

While support for software-defined flows brings many desirable features to networks, some issues remain unsolved in facilitating network feedback for generating and managing flow definitions in a software-defined network.

SUMMARY

One embodiment of the present invention provides a computing system capable of providing feedback to a controller in a software-defined network. The computing system includes a policy management module and a communication module coupled to the policy management module. During operation, the policy management module recognizes a local policy indicating how a data flow is to be processed and identifies a data flow associated with the policy. The communication module constructs a request for a flow definition from a controller in a software-defined network. A flow definition indicates how the data flow is processed in the software-defined network.

In a variation on this embodiment, the communication module identifies a packet as belonging to the data traffic flow. The policy management module then determines whether the packet matches the policy and instructs the communication module to construct the feedback message in response to the packet matching the policy.

In a variation on this embodiment, the software-defined network is an OpenFlow-enabled network.

In a variation on this embodiment, the computing system is an appliance providing a service to the software-defined network, and the policy is associated with the service.

In a variation on this embodiment, the computing system also includes a policy enforcement module coupled to the policy management module. The policy enforcement module marks the request as enforced, which indicates compulsory enforcement of the request.

In a further variation, the computing system also includes a scripting engine coupled to the policy enforcement module. The scripting engine receives a policy, which is in a format recognizable by the scripting engine.

In a further variation, the computing system also includes a control module which operates the computing system as a controller of the software-defined network.

BRIEF DESCRIPTION OF THE FIGURES

FIG. 1A illustrates an exemplary software-defined network with network feedback support, in accordance with an embodiment of the present invention.

FIG. 1B illustrates a data flow offloading in a software-defined network in conjunction with the example in FIG. 1A, in accordance with an embodiment of the present invention.

FIG. 2A presents a flowchart illustrating the process of an intelligent networking device providing feedback to a controller in a software-defined network, in accordance with an embodiment of the present invention.

FIG. 3 illustrates an exemplary software-defined network with policy-enforcement via an intelligent networking device, in accordance with an embodiment of the present invention.

FIG. 5 illustrates an exemplary software-defined network with an intelligent networking device operating as a controller, in accordance with an embodiment of the present invention.

FIG. 7 illustrates an exemplary computing system capable of providing feedback to a controller in a software-defined network, in accordance with an embodiment of the present invention.

In the figures, like reference numerals refer to the same figure elements.

DETAILED DESCRIPTION

The following description is presented to enable any person skilled in the art to make and use the invention, and is provided in the context of a particular application and its requirements. Various modifications to the disclosed embodiments will be readily apparent to those skilled in the art, and the general principles defined herein may be applied to other embodiments and applications without departing from the spirit and scope of the present invention. Thus, the present invention is not limited to the embodiments shown, but is to be accorded the widest scope consistent with the claims.

Overview

In embodiments of the present invention, the problem of generating flow definitions in a software-defined network based on network conditions and policy is solved by: (1) providing feedback regarding network conditions to a controller in the software-defined network, thereby allowing the controller to generate flow definitions based on the feedback; and (2) enforcing network policy on the controller by one or more intelligent networking devices.

A controller provides the forwarding intelligence (i.e., the control plane) in a software-defined network by generating flow definitions comprising rules and corresponding actions. The switches in the software-defined network are typically passive entities operating based on the flow definitions. It is often desirable to allow the controller to control the switches based on the condition of the software-defined network. Ideally, a controller, which is a standalone device, should provide flow definitions (such as those defined using OpenFlow) which can adapt to the network conditions. However, with the existing technologies, the controller typically generates flow definitions based on the local configurations and policies without making use of the information or status available in the software-defined network. Hence, a controller's effectiveness can be limited and may not capture the current conditions of the network.

The solutions described herein to the above problem are twofold. First, in a software-defined network, one or more intelligent networking devices, which are capable of making decisions regarding network conditions, can provide feedback to the controller regarding the current networking conditions. Such feedback is in a format recognizable and analyzable by the controller. Upon receiving the feedback, the controller analyzes the feedback and makes more intelligent decisions based on the network conditions indicated by the feedback. To support network feedback, the controller is also capable of receiving feedback messages from intelligent networking devices and generating flow definitions accordingly.

Second, in addition to allowing intelligent network devices to provide feedback, a controller can assist in enforcing specific configurations and policies. Many intelligent networking devices require the expression of complex network scenarios, which is often not possible via simple network feedback. In embodiments of the present invention, the intelligent networking devices implement local configurations or policies to capture intricate network conditions, especially involving complex scenarios, and enforce the controller to generate flow definitions reflecting the configurations and policies. In some embodiments, if an intelligent networking device has sufficient capability (e.g., processing and memory capacity), the device can operate as a controller, thereby eliminating the requirement for a separate device operating as the controller in the software-defined network.

In this disclosure, the term “software-defined network” refers to a network that facilitates control over a respective data flow by specifying the action associated with the flow in a flow definition. A controller, which can be a server, coupled to the software-defined network provides a respective switch in the software-defined network with the flow definitions. A flow definition can include a priority value, a rule that specifies a flow, and an action (e.g., a forwarding port or “drop”) for the flow. The rule of a flow definition can specify, for example, any value combination in the ten-tuple of {in-port, virtual local area network (VLAN) identifier, media access control (MAC) source and destination addresses, Ethertype, Internet Protocol (IP) source and destination addresses, Internet Protocol, Transmission Control Protocol (TCP) source and destination ports}. Other packet header fields can also be included in the flow rule. Depending on its specificity, a flow rule can correspond to one or more flows in the network. Upon matching a respective packet to a rule, the switch in the software-defined network takes the action included in the corresponding flow definition. An example of a software-defined network includes, but is not limited to, OpenFlow, as described in Open Networking Foundation (ONF) specification “OpenFlow Switch Specification,” available at http://www.openflow.org/documents/openflow-spec-v1.1.0.pdf, which is incorporated by reference herein.

In this disclosure, a switch in a software-defined network and capable of processing software-defined flows is referred to as a “software-definable” switch. Such a software-definable switch can include both ports that process software-defined flows and ports reserved for conventional packet forwarding (e.g., layer-2/Ethernet switching, or IP routing), which are referred to as “regular ports” in this disclosure. A flow definition typically includes one or more software-definable in-ports to which the definition is applicable. Any flow arriving via any port can potentially be a match for the generic flow definition.

The term “policy” is used in a generic sense, and can refer to any operation or group of operations providing specific action to a data flow associated with any network layer. Any action associated with the decision making of a networking device for a data flow can be referred to as a “policy.” The term “intelligent networking device” is also used in a generic sense, and can refer to any device in a network capable of making decisions, perceiving network conditions, and/or implementing a policy. An “intelligent networking device” can be a device separate from a switch, or a hardware or software module running in the switch. An “intelligent networking device” capable of providing a service (i.e., a specific functionality required by a network) can also be referred to as an appliance. In this disclosure, the terms “intelligent networking device” and “appliance” are used interchangeably.

In some embodiments, the software-defined network is a fabric switch and a respective switch in the software-defined network is a member switch of the fabric switch. The fabric switch can be an Ethernet fabric switch. In an Ethernet fabric switch, any number of switches coupled in an arbitrary topology may logically operate as a single switch. Any new switch may join or leave the fabric switch in “plug-and-play” mode without any manual configuration. A fabric switch appears as a single logical switch to the end device.

Although the present disclosure is presented using examples based on OpenFlow, embodiments of the present invention are not limited to networks defined using OpenFlow or a particular Open System Interconnection Reference Model (OSI reference model) layer. In this disclosure, the term “software-defined network” is used in a generic sense, and can refer to any network which facilitates switching of data flows based on software-defined rules by a controller. The term “flow definition” is also used in a generic sense, and can refer to any rule which identifies a data frame belonging to a specific flow and/or dictates how a switch should process the frame.

The term “end device” can refer to a host, a conventional layer-2 switch, or any other type of network device. Additionally, an end device can be coupled to other switches or hosts further away from a network. An end device can also be an aggregation point for a number of network devices to enter the network.

The term “message” refers to a group of bits that can be transported together across a network. “Message” should not be interpreted as limiting embodiments of the present invention to any specific networking layer. “Message” can be replaced by other terminologies referring to a group of bits, such as “frame,” “packet,” “cell,” or “datagram.” The term “frame” is used in a generic sense and should not be interpreted as limiting embodiments of the present invention to layer-2 networks. “Frame” can be replaced by other terminologies referring to a group of bits, such as “packet,” “cell,” or “datagram.”

The term “switch” is used in a generic sense, and it can refer to any standalone or fabric switch operating in any network layer. “Switch” should not be interpreted as limiting embodiments of the present invention to layer-2 networks. Any device that can forward traffic to an end device can be referred to as a “switch.” Examples of a “switch” include, but are not limited to, a layer-2 switch, a layer-3 router, a Transparent Interconnection of Lots of Links (TRILL) Routing Bridge (RBridge), an FC router, or an FC switch.

The term “Ethernet fabric switch” refers to a number of interconnected physical switches which form a single, scalable logical switch. In a fabric switch, any number of switches can be connected in an arbitrary topology, and the entire group of switches functions together as one single, logical switch. This feature makes it possible to use many smaller, inexpensive switches to construct a large fabric switch, which can be viewed as a single logical switch externally.

Network Architecture

FIG. 1A illustrates an exemplary software-defined network with network feedback support, in accordance with an embodiment of the present invention. A software-defined network 100 includes software-definable switches 101, 102, 103, 104, 105, and 106, which are capable of processing software-defined flows. Controller 120 is logically coupled to all software-definable switches in network 100. The logical connection between controller 120 and a respective switch in network 100 can include one or more physical links. End devices 112 and 118 are coupled to switches 104 and 101, respectively. End device 112 can be a physical host machine running virtual machines 114 and 116. Intelligent networking device 130 is coupled to switch 103. In some embodiments, device 130 is an appliance providing a service (e.g., firewall protection, load balancing, intrusion detection/protection, network/device virtualization, etc.) to network 100.

In some embodiments, virtual machine 116 operates as a virtual security device with necessary intelligence to detect specific network conditions, such as a security attack on network 100. During operation, virtual machine 116 detects an attack on one or more switches in network 100. However, because virtual machine 116 is a virtual device, and shares physical resources with other virtual machines, such as virtual machine 114, virtual machine 116 does not have enough capacity (e.g., processing and/or memory requirements) to protect the entire network against the attack. Furthermore, virtual machine 116 does not have a global view of network 100. For example, virtual machine 116 is unaware of device 130.

To solve this problem, upon detecting an attack, virtual machine 116 constructs a feedback message comprising the detected attack and sends the message to controller 120. This feedback message is in a format known to controller 120. Virtual machine 116 can establish a logical connection 132 with controller 120 via one or more physical links to exchange information. In some embodiments, controller 120 includes a software/hardware module capable of receiving and processing feedback from networking devices, thereby allowing the controller to make more intelligent decisions and address the issues indicated by the feedback. Controller 120 receives the feedback message and recognizes the current network condition (e.g., recognizes the detected attack). Controller 120 then generates one or more flow definitions to counter the attack and distributes the flow definitions to switches associated with the attack.

For example, if virtual machine 116 detects an attack from end device 118, virtual machine 116 includes this information in the feedback message. As a result, controller 120 is also aware of the association of the detected attack from end device 118. Controller 120, in response, distributes the flow definitions countering the attack to switch 101. Switch 101 uses a data structure (e.g., a linked-list) to store the flow definitions and incorporate the flow definitions in lookup information in hardware (e.g., in a content addressable memory or CAM). Examples of such a flow definition can include, but are not limited to, dropping all traffic received from an IP address associated with the detected attack (in this example, IP address of end device 118), redirection of a specific class of traffic for further inspection, forwarding potentially harmful traffic to a screening or filtering device, and any combination of these actions.

In addition to virtual machine 116, controller 120 can receive feedback from device 130. Device 130 can establish a logical connection 134 with controller 120 via one or more physical links to exchange information. Because virtual machine 116 and device 130 provide feedback to controller 120 independently, the feedback is not coordinated. For example, controller 120 can receive two interrelated feedback messages from virtual machine 116 and device 130 at different point of time. These feedback messages can affect the generation of flow definitions reflecting the same policy. Hence, controller 120 can make the final decision whether to generate a flow definition based on one particular feedback message. Upon receiving the feedback message from virtual machine 116, controller 120 can wait for a period of time to receive feedback messages from other networking devices, namely device 130. Once controller 120 receives feedback messages from both virtual machine 116 and device 130, controller 120 processes the feedback and decides whether to generate a flow definition. Note that the feedback from virtual machine 116 and device 130 can correspond to related (i.e., interdependent) or unrelated events.

Intelligent networking devices, such as device 130, are often expensive. For example, with the existing technologies, the per-port cost of device 130 can be significantly higher than a standard switch, such as switches 101 and 105. Typically, the greater the traffic flows passing through device 130, the greater the incurred cost. For example, a large number of traffic flows passing through device 130 requires device 130 to be equipped with a large number of expensive processor and more memory. As a result, offloading flows from expensive devices, such as device 130, to relatively less expensive switches, such as switches 101 and 105, can lead to significant cost savings.

FIG. 1B illustrates a data flow offloading in a software-defined network in conjunction with the example in FIG. 1A, in accordance with an embodiment of the present invention. During operation, virtual machine 114 in end device 112 initiates a bidirectional data communication 140 with end device 118. In this example, end device 118 can be a data server. Upstream data flow path 142 and downstream data flow path 144-1 of data communication 140 pass through device 130 to receive specific services provided by device 130. Offloading downstream flow path 144-1 from expensive device 130 to relatively less expensive switches 101 and 105 can lead to significant cost savings.

With existing technologies, network 100 can allow intelligent networking devices, such as device 130, to operate only on the traffic of the upstream flow. For example, if device 130 is a load balancing appliance, network 100 allows device 130 to load balance the traffic in network 100 by inspecting only the traffic of upstream flow path 142. However, though offloading data traffic from device 130 can offer significant cost savings, inspecting traffic from only upstream flow path 142 can lead to some limitations. By not inspecting the traffic from downstream flow path 144-1, device 130 cannot perform content-based load balancing (which typically requires inspection of parts of downstream flow 144-1 as well) or implement advanced security features, such as “SYN attack” protection. For example, if end device 118 is a video server, traffic of downstream flow path 144-1 comprises the streaming video toward virtual machine 114. Content-based load balancing can be performed only by inspecting parts of downstream flow path 144-1. Hence, with existing technologies, attaining cost savings via offloading all downstream traffic restricts the services that can be provided to network 100.

To solve this problem, device 130 provides feedback to controller 120 for partially or fully offloading selective downstream flow. For example, device 130 first inspects a few packets of the downstream traffic and provides services associated with downstream traffic. Afterward, if the traffic of downstream flow path 144-1 is bandwidth intensive (e.g., video streaming or large file sharing), device 130 can construct a feedback message requesting controller 120 to generate flow definitions for offloading traffic from device 130. Device 130 can identify the traffic of downstream flow path 144-1 as bandwidth intensive by identifying the port number associated with the flow path (e.g., all video streaming corresponding to port number 8080) or examining the header of the data packets belonging to the traffic of downstream flow path 144-1. After device 130 has identified downstream flow path 144-1 as a candidate for offloading, device 130 creates a corresponding feedback message. In some embodiments, the feedback message identifies downstream flow path 144-1 and can comprise one or more desired actions (e.g., network address translation or NAT) to be performed on the traffic of downstream flow path 144-1.

Upon receiving the feedback message, controller 120 detects downstream flow path 144-1 to be a candidate for offloading. In some embodiments, controller 120 further identifies a more suitable path for data communication 140 between virtual machine 114 and end device 118. Examples of a more suitable path can include, but are not limited to, a data path with a shorter distance, a fewer number of hops, lower congestion, higher/lower utilization, and lower delay. In the example in FIG. 1B, a most suitable path for downstream flow path 144-1 can be a path via switches 101 and 105, bypassing switch 102. Controller 120 generates a flow definition instructing switch 101 to forward traffic toward switch 105 via downstream flow path 144-2, which is the offloaded downstream flow path corresponding to downstream flow path 144-1. Controller 120 may generate another flow definition instructing switch 105 to forward traffic toward end device 112 via downstream flow path 144-2. Controller 120 sends these flow definitions to switches 101 and 105, respectively. Consequently, switches 101 and 105 offload traffic from device 130 and redirect the traffic via downstream flow path 144-2. Though the example in FIG. 1B describes offloading of downstream data flow path 144-1, based on network feedback, controller 120 can generate flow definitions, if needed, for offloading upstream data flow path 142, or both upstream data flow path 142 and downstream data flow path 144-1.

Offloading traffic from intelligent networking devices can allow deployment of a plurality of smaller and less expensive intelligent networking devices, instead of an expensive and high-capability device, to provide a service in a distributed way. For example, if intelligent networking device 130 is a firewall, device 130 can leverage flow offloading. Offloading bandwidth intensive data flows from device 130 provides high scalability. Under such a scenario, intelligent, but lower capacity firewalls can be more suitable for network 100 than less intelligent, but higher throughput firewalls. As a result, the feedback mechanism and the intelligence of device 130 allows network 100 to receive a service without requiring an expensive and high-capacity device.

Because device 130 does not inspect the traffic of downstream flow path 144-2, the control messages of downstream flow path 144-2 also bypass device 130. However, switches 101 and 105 need to remove the corresponding flow definition entries upon termination of data communication 140. Furthermore, device 130 needs to clear the states associated with data communication 140. Hence, device 130 needs to receive the control messages to be aware of the current state of data communication 140. To achieve this, when device 130 sends the feedback message to controller 120, device 130 can indicate that only the data packets (i.e., not the control packets) of data communication 140 require offloading from device 130. As a result, downstream data packets follow downstream flow path 144-2 while downstream control packets follow downstream flow path 144-1.

When device 130 detects the termination of data communication 140, device 130 constructs a notification message indicating the termination of data communication 140. Device 130 sends the message to controller 120. Controller 120 then generates instruction messages for switches 101, and 105, comprising instructions for removing the flow definitions associated with data communication 140. For example, when switch 101 receives the instruction message, switch 101 removes the flow definitions associated with flow paths 142, 144-1, and 144-2. By inspecting the control messages, device 130 can facilitate other services, exception handling (e.g., a server failure), during an ongoing communication.

Network Feedback

In the example in FIG. 1B, intelligent networking device 130 provides feedback to controller 120. Upon receiving the feedback, controller 120 generates flow definitions based on the feedback. FIG. 2A presents a flowchart illustrating the process of an intelligent networking device providing feedback to a controller in a software-defined network, in accordance with an embodiment of the present invention. The device first identifies a data flow associated with the device (operation 202) and checks whether the flow requires a service offered by the device (operation 204). Note that the device may not provide any service.

If the flow requires a service offered by the device, the device performs the service on the data flow (operation 206). For example, if the device is a firewall, in operation 206, the device checks whether the data flow is permitted to continue. The device can optionally check whether the flow is a valid flow based on the service (operation 208). Some services, such as load balancing, do not require a validity check. If the identified flow is invalid, the device takes action prescribed for the invalid flow (operation 220). For example, if the device is an intrusion protection device, the device checks validity of the flow by checking whether the flow is an intrusive flow. If so, the prescribed action can be dropping the intrusive flow.

If the identified flow is valid, the device checks whether a policy is invoked for the flow (operation 210). For example, if the data flow is a video stream, the policy for the data flow can be offloading of the data flow from the device, as described in conjunction with FIG. 1B. If a policy is invoked, the device generates a request for a flow definition based on the policy (operation 212) and constructs a feedback message comprising the request (operation 214). The device then sends the feedback message to a controller of the software-defined network (operation 216). This feedback message can be in a format recognizable and analyzable by the controller. If a policy is not invoked (operation 210) or after sending the message to controller (operation 216), the device forwards the flow traffic based on its forwarding tables (operation 218).

FIG. 2B presents a flowchart illustrating the process of a controller in a software-defined network generating flow definitions based on a feedback from an intelligent networking device, in accordance with an embodiment of the present invention. Upon receiving a feedback message from an intelligent networking device requesting a flow definition (operation 252), the controller checks whether the controller has any other related request(s) (operation 254). This operation ensures that the controller considers all interrelated requests to generate flow definitions, as described in conjunction with FIG. 1A. If the controller has any other related requests, the controller retrieves the related request(s) (operation 256). If the controller does not have any other related request(s) (operation 254) or after retrieving the request(s) (operation 256), the controller analyzes the request(s) to generate flow definitions (operation 258).

The controller then checks whether the request is currently addressable (operation 260). Because the controller has a global view of the network, the controller can decide whether a request from a device can be addressable. For example, if the request is for changing the path of a data flow and the changed flow path diverts traffic from another device providing an essential service to the flow, the controller can deem the request to be unaddressable. If the request is not currently addressable, the controller can optionally store the request for future evaluation (operation 270). Otherwise, the controller generates one or more flow definitions based on the request(s) (operation 262). The controller identifies the switch(es) associated with the flow definition(s) (operation 264), constructs notification message(s) comprising the flow definition(s) (operation 266), and sends a respective notification message to the corresponding identified switch(es) (operation 268).

Policy Enforcement

In the example in FIG. 1B, intelligent networking device 130 can request controller 120 to generate a flow definition. However, the enforcement point of the request is controller 120, wherein controller 120 decides whether to address the request. However, device 130 in software-defined network 100 can also operate as the enforcement point for network policies, wherein device 130 can enforce controller 120 to generate a flow definition. FIG. 3 illustrates an exemplary software-defined network with policy-enforcement via an intelligent networking device, in accordance with an embodiment of the present invention.

A software-defined network 300 includes software-definable switches 301, 302, 303, 304, 305, and 306, which are capable of processing software-defined flows. Controller 320 is logically coupled to all software-definable switches in network 300. The logical connection between controller 320 and a respective switch in network 300 can include one or more physical links. End devices 312 and 314 are coupled to switches 305 and 301, respectively. Intelligent networking devices 330 and 340 are coupled to switches 302 and 304, respectively. In some embodiments, one or both of devices 330 and 340 are appliances providing a service (e.g., firewall protection, load balancing, intrusion detection/protection, network/device virtualization, etc.) to network 300.

In some embodiments, device 330 can operate as the point of policy enforcement. Device 330 allows a network administrator to express one or more policies in a flexible way. Based on these policies, device 330 explicitly enforces controller 320 to generate one or more flow definitions. Device 330 can establish a logical connection 332 with controller 320 via one or more physical links to exchange information. Note that, though network 300 includes a plurality of intelligent networking devices, not all devices need to be the point of enforcement. For example, network 300 includes devices 330 and 340. However, device 340 does not operate as a point of enforcement and operates as a regular intelligent networking device in a software-defined network, such as device 130 in the example in FIG. 1B.

In the example in FIG. 3, the network administrator can express a specific policy to device 330. For example, the policy can instruct device 330 to monitor all accesses to a specific e-mail account. Since a user can access the e-mail account from any location with Internet access, any traffic accessing the e-mail account requires monitoring. Device 330 can maintain states for a respective access. With the existing technologies, this level of intensive and large-scale inspection is beyond the scope of a typical controller 320. Hence, device 330 is more suitable for such policy enforcement than controller 320. In some embodiments, the network administrator uses an application scripting engine (e.g., OpenScript) to express the policy.

If device 330 detects any access to the malicious e-mail account from an IP address, it can be desirable to monitor all activities associated with that IP address (e.g., which other e-mail accounts or services are accessed from that IP address). However, other traffic from that IP address may not pass through device 330. Moreover, device 330 may not be able to facilitate such additional monitoring. As a result, an additional network-level policy is needed to monitor all traffic from that IP address. To facilitate network-wide monitoring, device 330 enforces controller 320 to generate one or more flow definitions for the switches in network 300 to provide such monitoring.

Suppose that device 330 detects a policy match (e.g., malicious access to an e-mail account from a malicious IP address) for a flow from end device 314. As a result, device 330 invokes a second policy (e.g., monitor all traffic from the malicious IP address). Device 330 instructs controller 320 to generate flow definitions corresponding to this second policy. Upon receiving the instruction, controller 320 generates the flow definitions and sends the flow definitions to one or more corresponding switches in network 300. In some embodiments, network 300 can further include a monitoring device 350. The flow definitions corresponding to the second policy can specify a respective switch to forward all traffic associated with the malicious IP address to monitoring device 350. As a result, if switch 305 detects a data flow from the malicious IP address, switch 305 forwards the flow to switch 306, which in turn forwards the flow to monitoring device 350. Monitoring device 350 can examine the received flow and collect information about all the malicious activity.

FIG. 4A presents a flowchart illustrating the process of an intelligent networking device providing policy-enforced feedback to a controller in a software-defined network, in accordance with an embodiment of the present invention. The device identifies a respective local flow (operation 402). The device then examines the received data traffic associated with the flow (operation 404) and compares the flow characteristics with an expressed enforced policy (operation 406). This policy can be expressed by a network administrator using an application scripting engine. The device checks whether a policy, which can be a different policy than the expressed policy, has been triggered for the flow (operation 410), as described in conjunction with FIG. 3.

If no policy has been triggered, the device continues to examine the traffic (operation 404). Otherwise, the device generates a request for a flow definition based on the triggered policy (operation 412) and marks the request as “enforced” (operation 414). The device then constructs a feedback message comprising the request (operation 416) and sends the feedback message to a controller of the software-defined network (operation 418). In this way, the controller recognizes the request to be from a point of enforcement. In some embodiments, the device marks the feedback message as “enforced.” The device can optionally check whether the flow is a valid flow based on a service provided by the device (operation 420). If the identified flow is invalid, the device takes action prescribed for the invalid flow (operation 424). If the identified flow is valid, the device forwards the flow traffic to the local switch from which the flow traffic is received (operation 426). Note that the device can also provide non-enforced feedback to the controller, as described in conjunction with FIG. 2A.

FIG. 4B presents a flowchart illustrating the process of a controller in a software-defined network generating flow definitions based on a policy-enforced feedback from an intelligent networking device, in accordance with an embodiment of the present invention. Upon receiving a feedback message from an intelligent networking device requesting a flow definition (operation 452), the controller checks whether the request is enforced (operation 454). Either the received feedback message or the request can indicate the enforcement. If the request is not enforced, the controller checks whether the controller has any other related request(s) (operation 456). If the controller has any other related request(s), the controller retrieves the related request(s) (operation 460). If the controller does not have any other related request(s) (operation 456) or after retrieving the request(s) (operation 460), the controller analyzes the request(s) to generate flow definitions (operation 462).

The controller then checks whether the request is currently addressable (operation 464). If the request is not currently addressable, the controller can optionally store the request for future evaluation (operation 466). If the request is enforced (operation 454) or the request is currently addressable (operation 464), the controller generates one or more flow definitions based on the request(s) (operation 470). The controller identifies the switch(es) associated with the flow definition(s) (operation 472), constructs notification message(s) comprising the flow definition(s) (operation 474), and sends a respective notification message to the corresponding identified switch(es) (operation 476).

Integrated Controller

In some embodiments, an intelligent networking device can operate as the controller of a software-defined network instead of a separate controller. FIG. 5 illustrates an exemplary software-defined network with an intelligent networking device operating as a controller, in accordance with an embodiment of the present invention. A network 500 includes two software-defined networks 552 and 554. Network 552 includes software-definable switches 501, 502, 503, and 504. Intelligent networking device 532 operates as the controller for network 552. Though device 532 is physically coupled only to switch 504, device 532 is logically coupled to all software-definable switches in network 552. The logical connection between device 532 and a respective switch in network 552 can include one or more physical links. End devices 512 and 514 are coupled to switches 501 and 502, respectively.

Similarly, network 554 includes software-definable switches 505, 506, 507, and 508. Intelligent networking device 534 operates as the controller for network 554. Though device 534 is physically coupled only to switch 505, device 534 is logically coupled to all software-definable switches in network 554. The logical connection between device 534 and a respective switch in network 554 can include one or more physical links. End device 516 is coupled to switch 507. Network 554 also includes another intelligent networking device 536. Though device 536 is not the controller, device 536 can still operate as the point of enforcement for one or more policies.

As described in conjunction with FIG. 3, devices 532 and 534 are capable of receiving expressed policies. In some embodiments, devices 532 and 534 support an application scripting engine for expressing the policy. Devices 532 and 534 operate as the point of policy enforcement and use their respective spare capability (e.g., processing and memory) to operate as controllers. Because of the co-location, devices 532 and 534 do not need to explicitly instruct a controller to generate any flow definition. Instead, based on the policy, devices 532 and 534 can locally generate the corresponding flow definitions.

Though traditional controllers can offer flexibility based on one or more applications running on the controller, such traditional controllers are typically equipped to handle only exception packets. Furthermore, a single controller managing a large network often cannot scale to handle intensive traffic volume. If intelligent networking devices 532 and 534 have sufficient capability, devices 532 and 534 can overcome such limitations by providing flexible policy enforcement and dividing a large network (e.g., network 500) into separately controlled smaller networks (e.g., networks 552 and 554). In this way, devices 532 and 534 offer a flexible platform to deploy policies in a network and are suitable for operating as controllers.

FIG. 6 presents a flowchart illustrating the process of generating flow definitions by an intelligent networking device operating as a controller based on local policy enforcement in a software-defined network, in accordance with an embodiment of the present invention. The device identifies a respective local flow (operation 602). The device then examines the received data traffic associated with the flow (operation 604) and compares the flow characteristics with an expressed enforced policy (operation 606). This policy can be expressed by a network administrator using an application scripting engine. The device checks whether a policy, which can be a different policy than the expressed policy, has been triggered for the flow (operation 610), as described in conjunction with FIG. 3.

If no policy has been triggered, the device continues to examine the traffic (operation 604). Otherwise, the device generates one or more flow definitions based on the policy (operation 612). The device identifies the switch(es) associated with the flow definition(s) (operation 614), constructs notification message(s) comprising the flow definition(s) (operation 616), and sends a respective notification message to the corresponding identified switch(es) (operation 618). The device can operationally check whether the flow is a valid flow based on a service provided by the device (operation 620). If the identified flow is invalid, the device takes action prescribed for the invalid flow (operation 622). If the identified flow is valid, the device forwards the flow traffic to the local switch from which the flow traffic is received (operation 624).

Exemplary Switch

FIG. 7 illustrates an exemplary computing system capable of providing feedback to a controller in a software-defined network, in accordance with an embodiment of the present invention. In this example, a computing system 700 includes a general purpose processor 712, a memory 714, a number of communication ports 702, a policy management module 720, a communication module 740 which is coupled to policy management module 720, a packet processor 710, and a storage 750. Memory 714 can be a non-transitory memory which stores instructions that when executed by processor 712 cause computing system 700 to provide feedback to the controller, enforce the provided feedback, and/or operate the computing system as a controller. Computing system 700 can have a logical connection with the controller similar to the logical connections between a software-definable switch and the controller in the software-defined network. In some embodiments, the software-defined network is an OpenFlow-enabled network.

Policy management module 720 can be a module that is based on software, hardware, or a combination thereof. For example policy management module 720 can be a set of instructions stored in a storage device and when executed by a processor perform the aforementioned methods. Policy management module 720 can also be partly or entirely implemented in hardware, such as application-specific integrated circuit (ASIC) or field programmable gate array (FPGA). Policy management module 720 recognizes a local policy indicating how a data traffic flow is to be processed. This policy can be a security, operational, or data forwarding policy. During operation, policy management module 720 identifies a data traffic flow associated with the policy. Based on the identification, communication module 740 constructs a feedback message comprising a request for a flow definition from the controller. This flow definition indicates how the data traffic flow is processed in the software-defined network. Packet processor 710 transmits the message via one of the communication ports 702. Upon receiving a packet belonging to the data traffic flow, communication module 740 identifies the packet's association with the data traffic flow.

Policy management module 720 determines whether the packet matches the policy. If the packet matches the policy, policy management module 720 instructs communication module 740 to construct the feedback message, as described in conjunction with FIG. 1A. Policy management module 720 also distinguishes between a data packet and a control packet, and matches the packet with the policy accordingly, as described in conjunction with FIG. 1B. In some embodiments, computing system 700 includes a service module 760, which operates computing system 700 as an appliance. Service module 760 provides a service associated with the policy to the software-defined network.

In some embodiments, computing system 700 also includes a policy enforcement module 730, which is coupled to policy management module 720. Policy enforcement module 730 marks the request in the feedback message as enforced, which indicates compulsory enforcement of the request. Computing system 700 can also include a scripting engine 732, which is associated with policy enforcement module 730. Scripting engine 732 is capable of receiving an expressed policy in a recognizable format. For example, if scripting engine 732 is an OpenScript-based application scripting engine, any policy expressed in scripting code of OpenScript format is recognized by scripting engine 732.

In some embodiments, computing system 700 also includes a control module 760, which operates computing system 700 as a controller of the software-defined network. Control module 760 provides to computing system 700 all the necessary functionalities required by a controller. For example, control module 760 generates a respective flow definition for the software-defined network. Note that such generation is independent from any other controller (i.e., the switches controlled by computing system 700 are not actively controlled by any other controller). Control module 760 identifies one or more switches in the software-defined network associated with the flow definition. Communication module 740 then constructs a notification message comprising the flow definition for the switches.

Note that the above-mentioned modules can be implemented in hardware as well as in software. In one embodiment, these modules can be embodied in computer-executable instructions stored in a memory which is coupled to one or more processors in computing system 700. When executed, these instructions cause the processor(s) to perform the aforementioned functions.

In summary, embodiments of the present invention provide a computing system and a method for providing feedback to a controller in a software-defined network. In one embodiment, the computing system includes a policy management module and a communication module coupled to the policy management module. During operation, the policy management module recognizes a local policy indicating how a data flow is to be processed and identifies a data flow associated with the policy. The communication module constructs a request for a flow definition from a controller in a software-defined network. A flow definition indicates how the data flow is processed in the software-defined network.

The methods and processes described herein can be embodied as code and/or data, which can be stored in a computer-readable non-transitory storage medium. When a computer system reads and executes the code and/or data stored on the computer-readable non-transitory storage medium, the computer system performs the methods and processes embodied as data structures and code and stored within the medium.

The methods and processes described herein can be executed by and/or included in hardware modules or apparatus. These modules or apparatus may include, but are not limited to, an application-specific integrated circuit (ASIC) chip, a field-programmable gate array (FPGA), a dedicated or shared processor that executes a particular software module or a piece of code at a particular time, and/or other programmable-logic devices now known or later developed. When the hardware modules or apparatus are activated, they perform the methods and processes included within them.

The foregoing descriptions of embodiments of the present invention have been presented only for purposes of illustration and description. They are not intended to be exhaustive or to limit this disclosure. Accordingly, many modifications and variations will be apparent to practitioners skilled in the art. The scope of the present invention is defined by the appended claims.

Claims

1. A computing system, comprising: management circuitry configured to: inspect a packet belonging to a data flow for providing a service; anddetermine whether the data flow is a candidate for offloading from the computing system to a new data path, which is different from a current data path of the data flow, based on the inspection and a bandwidth requirement of the data flow;
2. The computing system of claim 1, wherein the current data path is a downstream data path of the data flow, and wherein the feedback message identifies the downstream flow path.
3. The computing system of claim 1, wherein the management circuitry is further configured to determine the bandwidth requirement of the data flow based on one or more of: a port number associated with the data flow; anda header of the packet.
4. The computing system of claim 1, wherein the feedback message further indicates that the offloading is for payload packets, which are distinct from control packets, of the data flow, thereby precluding the controller from offloading the control packets of the data flow from the computing system.
5. The computing system of claim 1, wherein the computing system further comprising enforcement circuitry configured to facilitate additional services based on inspecting a packet belonging to a downstream data path of the data flow.
6. The computing system of claim 1, wherein the management circuitry is further configured to detect a termination of the data flow; and wherein the communication circuitry is further configured to construct a notification message, which is destined for the controller and indicates a termination of the data flow, thereby requesting a flow definition for terminating the offloaded data flow.
7. The computing system of claim 1, wherein the management circuitry is further configured to clear states associated with the data flow in response to detecting a termination of the data flow.
8. A computer-executable method, comprising: inspecting, by a computer system, a packet belonging to a data flow for providing a service; anddetermining whether the data flow is a candidate for offloading from the computing system to a new data path, which is different from a current data path of the data flow, based on the inspection and a bandwidth requirement of the data flow; andin response to determining that the data flow is a candidate for offloading, construct a feedback message requesting a flow definition for offloading the data flow from the computer system to the new data path, wherein the flow definition indicates how the data flow is processed in a software-defined network.
9. The method of claim 8, wherein the current data path is a downstream data path of the data flow, and wherein the feedback message identifies the downstream flow path.
10. The method of claim 8, further comprising determining the bandwidth requirement of the data flow based on one or more of: a port number associated with the data flow; anda header of the packet.
11. The method of claim 8, wherein the feedback message further indicates that the offloading is for payload packets, which are distinct from control packets, of the data flow, thereby precluding the controller from offloading the control packets of the data flow from the computer system.
12. The method of claim 8, further comprising facilitating additional services based on inspecting a packet belonging to a downstream data path of the data flow.
13. The method of claim 8, further comprising: detecting a termination of the data flow; andconstructing a notification message, which is destined for the controller and indicates a termination of the data flow, thereby requesting a flow definition for terminating the offloaded data flow.
14. The method of claim 8, further comprising clearing states associated with the data flow in response to detecting a termination of the data flow.
15. A non-transitory computer-readable storage medium storing instructions that when executed by a computer cause the computer to perform a method, the method comprising: inspecting, by a computer system, a packet belonging to a data flow for providing a service; anddetermining whether the data flow is a candidate for offloading from the computing system to a new data path, which is different from a current data path of the data flow, based on the inspection and a bandwidth requirement of the data flow; andin response to determining that the data flow is a candidate for offloading, construct a feedback message requesting a flow definition for offloading the data flow from the computer system to the new data path, wherein the flow definition indicates how the data flow is processed in a software-defined network.
16. The non-transitory computer-readable storage medium of claim 15, wherein the current data path is a downstream data path of the data flow, and wherein the feedback message identifies the downstream flow path.
17. The non-transitory computer-readable storage medium of claim 15, wherein the method further comprises determining the bandwidth requirement of the data flow based on one or more of: a port number associated with the data flow; anda header of the packet.
18. The non-transitory computer-readable storage medium of claim 15, wherein the feedback message further indicates that the offloading is for payload packets, which are distinct from control packets, of the data flow, thereby precluding the controller from offloading the control packets of the data flow from the computer system.
19. The non-transitory computer-readable storage medium of claim 15, wherein the method further comprises: detecting a termination of the data flow; andconstructing a notification message, which is destined for the controller and indicates a termination of the data flow, thereby requesting a flow definition for terminating the offloaded data flow.
20. The non-transitory computer-readable storage medium of claim 15, wherein the method further comprises clearing states associated with the data flow in response to detecting a termination of the data flow.

RELATED APPLICATIONS

This application is a continuation application of application Ser. No. 13/890,150, titled “Network Feedback in Software-Defined Networks,” by inventor Mani Prasad Kancherla, filed on 8 May 2013, which claims the benefit of U.S. Provisional Application No. 61/649,034, titled “Software Defined Networks,” by inventor Mani Prasad Kancherla, filed 18 May 2012, the disclosures of which are incorporated by reference herein. The present disclosure is related to U.S. patent application Ser. No. 13/669,313, titled “System and Method for Flow Management in Software-Defined Networks,” by inventors Kashyap Tavarekere Ananthapadmanabha, Vivek Agarwal, and Eswara S. P. Chinthalapati, filed 5 Nov. 2012, the disclosure of which is incorporated by reference herein.

US Referenced Citations (558)

Number	Name	Date	Kind
829529	Keathley	Aug 1906	A
5390173	Spinney	Feb 1995	A
5802278	Isfeld	Sep 1998	A
5878232	Marimuthu	Mar 1999	A
5959968	Chin	Sep 1999	A
5973278	Wehrill, III	Oct 1999	A
5983278	Chong	Nov 1999	A
6041042	Bussiere	Mar 2000	A
6085238	Yuasa	Jul 2000	A
6104696	Kadambi	Aug 2000	A
6185214	Schwartz	Feb 2001	B1
6185241	Sun	Feb 2001	B1
6331983	Haggerty	Dec 2001	B1
6438106	Pillar	Aug 2002	B1
6498781	Bass	Dec 2002	B1
6542266	Phillips	Apr 2003	B1
6633761	Singhal	Oct 2003	B1
6771610	Seaman	Aug 2004	B1
6870840	Hill	Mar 2005	B1
6873602	Ambe	Mar 2005	B1
6920503	Nanji	Jul 2005	B1
6937576	DiBenedetto	Aug 2005	B1
6956824	Mark	Oct 2005	B2
6957269	Williams	Oct 2005	B2
6975581	Medina	Dec 2005	B1
6975864	Singhal	Dec 2005	B2
7016352	Chow	Mar 2006	B1
7061877	Gummalla	Jun 2006	B1
7097308	Kim et al.	Aug 2006	B2
7173934	Lapuh	Feb 2007	B2
7197308	Singhal	Mar 2007	B2
7206288	Cometto	Apr 2007	B2
7310664	Merchant	Dec 2007	B1
7313637	Tanaka	Dec 2007	B2
7315545	Chowdhury et al.	Jan 2008	B1
7316031	Griffith	Jan 2008	B2
7330897	Baldwin	Feb 2008	B2
7380025	Riggins	May 2008	B1
7397768	Betker	Jul 2008	B1
7397794	Lacroute	Jul 2008	B1
7430164	Bare	Sep 2008	B2
7453888	Zabihi	Nov 2008	B2
7477894	Sinha	Jan 2009	B1
7480258	Shuen	Jan 2009	B1
7508757	Ge	Mar 2009	B2
7558195	Kuo	Jul 2009	B1
7558273	Grosser	Jul 2009	B1
7571447	Ally	Aug 2009	B2
7599901	Mital	Oct 2009	B2
7653056	Dianes	Jan 2010	B1
7688736	Walsh	Mar 2010	B1
7688960	Aubuchon	Mar 2010	B1
7690040	Frattura	Mar 2010	B2
7706255	Kondrat et al.	Apr 2010	B1
7716370	Devarapalli	May 2010	B1
7720076	Dobbins	May 2010	B2
7729296	Choudhary	Jun 2010	B1
7787480	Mehta	Aug 2010	B1
7792920	Istvan	Sep 2010	B2
7796593	Ghosh	Sep 2010	B1
7808992	Homchaudhuri	Oct 2010	B2
7836332	Hara	Nov 2010	B2
7843906	Chidambaram et al.	Nov 2010	B1
7843907	Abou-Emara	Nov 2010	B1
7860097	Lovett	Dec 2010	B1
7898959	Arad	Mar 2011	B1
7912091	Krishnan	Mar 2011	B1
7924837	Shabtay	Apr 2011	B1
7937438	Miller	May 2011	B1
7937756	Kay	May 2011	B2
7945941	Sinha	May 2011	B2
7949638	Goodson	May 2011	B1
7957386	Aggarwal	Jun 2011	B1
8018938	Fromm	Sep 2011	B1
8027354	Portolani	Sep 2011	B1
8054832	Shukla	Nov 2011	B1
8068442	Kompella	Nov 2011	B1
8078704	Lee	Dec 2011	B2
8090805	Chawla	Jan 2012	B1
8102781	Smith	Jan 2012	B2
8102791	Tang	Jan 2012	B2
8116307	Thesayi	Feb 2012	B1
8125928	Mehta	Feb 2012	B2
8134922	Elangovan	Mar 2012	B2
8155150	Chung	Apr 2012	B1
8160063	Maltz	Apr 2012	B2
8160080	Arad	Apr 2012	B1
8170038	Belanger	May 2012	B2
8175107	Yalagandula	May 2012	B1
8095774	Lambeth	Jun 2012	B1
8194674	Pagel	Jun 2012	B1
8195774	Lambeth	Jun 2012	B2
8204061	Sane	Jun 2012	B1
8213313	Doiron	Jul 2012	B1
8213336	Smith	Jul 2012	B2
8230069	Korupolu	Jul 2012	B2
8239960	Frattura	Aug 2012	B2
8249069	Raman	Aug 2012	B2
8270401	Barnes	Sep 2012	B1
8295291	Ramanathan	Oct 2012	B1
8295921	Wang	Oct 2012	B2
8301686	Appajodu	Oct 2012	B1
8339994	Gnanasekaran	Dec 2012	B2
8351352	Eastlake	Jan 2013	B1
8369335	Jha	Feb 2013	B2
8369347	Xiong	Feb 2013	B2
8392496	Linden	Mar 2013	B2
8451717	Srikrishnan	May 2013	B2
8462774	Page	Jun 2013	B2
8465774	Page	Jun 2013	B2
8467375	Blair	Jun 2013	B2
8520595	Yadav	Aug 2013	B2
8553710	White	Oct 2013	B1
8595479	Radhakrishnan	Nov 2013	B2
8599850	Ha	Dec 2013	B2
8599864	Chung	Dec 2013	B2
8615008	Natarajan	Dec 2013	B2
8619788	Sankaran	Dec 2013	B1
8625616	Vobbilisetty	Jan 2014	B2
8705526	Hasan	Apr 2014	B1
8706905	McGlaughlin	Apr 2014	B1
8717895	Koponen	May 2014	B2
8724456	Hong	May 2014	B1
8792501	Rustagi	Jul 2014	B1
8798055	An	Aug 2014	B1
8804732	Hepting	Aug 2014	B1
8804736	Drake	Aug 2014	B1
8806031	Kondur	Aug 2014	B1
8812727	Sorenson, III	Aug 2014	B1
8826385	Congdon	Sep 2014	B2
8918631	Kumar	Dec 2014	B1
8937865	Kumar	Jan 2015	B1
8948181	Kapadia	Feb 2015	B2
8971173	Choudhury	Mar 2015	B1
8995272	Agarwal	Mar 2015	B2
9019976	Gupta	Apr 2015	B2
9178793	Marlow	Nov 2015	B1
9231890	Vobbilisetty	Jan 2016	B2
9401818	Venkatesh	Jul 2016	B2
9438447	Basso	Sep 2016	B2
9524173	Guntaka	Dec 2016	B2
9626255	Guntaka	Apr 2017	B2
9628407	Guntaka	Apr 2017	B2
20010005527	Vaeth	Jun 2001	A1
20010055274	Hegge	Dec 2001	A1
20020019904	Katz	Feb 2002	A1
20020021701	Lavian	Feb 2002	A1
20020027885	Ben-Ami	Mar 2002	A1
20020039350	Wang	Apr 2002	A1
20020054593	Morohashi	May 2002	A1
20020087723	Williams	Jul 2002	A1
20020091795	Yip	Jul 2002	A1
20030026290	Umayabashi	Feb 2003	A1
20030041085	Sato	Feb 2003	A1
20030097470	Lapuh	May 2003	A1
20030123393	Feuerstraeter	Jul 2003	A1
20030147385	Montalvo	Aug 2003	A1
20030152075	Hawthorne	Aug 2003	A1
20030174706	Shankar	Sep 2003	A1
20030189905	Lee	Oct 2003	A1
20030208616	Laing	Nov 2003	A1
20030216143	Roese	Nov 2003	A1
20040001433	Gram	Jan 2004	A1
20040003094	See	Jan 2004	A1
20040010600	Baldwin	Jan 2004	A1
20040047349	Fujita	Mar 2004	A1
20040049699	Griffith	Mar 2004	A1
20040057430	Paavolainen	Mar 2004	A1
20040081171	Finn	Apr 2004	A1
20040117508	Shimizu	Jun 2004	A1
20040120326	Yoon	Jun 2004	A1
20040156313	Hofmeister et al.	Aug 2004	A1
20040165595	Holmgren	Aug 2004	A1
20040165596	Garcia	Aug 2004	A1
20040205234	Barrack	Oct 2004	A1
20040213232	Regan	Oct 2004	A1
20040225725	Enomoto	Nov 2004	A1
20050007951	Lapuh	Jan 2005	A1
20050025179	McLaggan	Feb 2005	A1
20050036488	Kalkunte	Feb 2005	A1
20050044199	Shiga	Feb 2005	A1
20050074001	Mattes	Apr 2005	A1
20050094568	Judd	May 2005	A1
20050094630	Valdevit	May 2005	A1
20050111352	Ho	May 2005	A1
20050122979	Gross	Jun 2005	A1
20050152335	Lodha	Jul 2005	A1
20050157645	Rabie et al.	Jul 2005	A1
20050157751	Rabie	Jul 2005	A1
20050169188	Cometto	Aug 2005	A1
20050195813	Ambe	Sep 2005	A1
20050207423	Herbst	Sep 2005	A1
20050213561	Yao	Sep 2005	A1
20050220096	Friskney	Oct 2005	A1
20050265330	Suzuki	Dec 2005	A1
20050265356	Kawarai	Dec 2005	A1
20050278565	Frattura	Dec 2005	A1
20060007869	Hirota	Jan 2006	A1
20060018302	Ivaldi	Jan 2006	A1
20060023707	Makishima	Feb 2006	A1
20060029055	Perera	Feb 2006	A1
20060034292	Wakayama	Feb 2006	A1
20060036765	Weyman	Feb 2006	A1
20060039366	Ghosh	Feb 2006	A1
20060059163	Frattura	Mar 2006	A1
20060062187	Rune	Mar 2006	A1
20060072550	Davis	Apr 2006	A1
20060083254	Ge	Apr 2006	A1
20060092860	Higashitaniguchi	May 2006	A1
20060093254	Mozdy	May 2006	A1
20060098589	Kreeger	May 2006	A1
20060126511	Youn	Jun 2006	A1
20060140130	Kalkunte	Jun 2006	A1
20060155828	Ikeda	Jul 2006	A1
20060168109	Warmenhoven	Jul 2006	A1
20060184937	Abels	Aug 2006	A1
20060206655	Chappell	Sep 2006	A1
20060221960	Borgione	Oct 2006	A1
20060227776	Chandrasekaran	Oct 2006	A1
20060235995	Bhatia	Oct 2006	A1
20060242311	Mai	Oct 2006	A1
20060245439	Sajassi	Nov 2006	A1
20060251067	DeSanti	Nov 2006	A1
20060256767	Suzuki	Nov 2006	A1
20060265515	Shiga	Nov 2006	A1
20060285499	Tzeng	Dec 2006	A1
20060291388	Amdahl	Dec 2006	A1
20060291480	Cho	Dec 2006	A1
20070036178	Hares	Feb 2007	A1
20070053294	Ho	Mar 2007	A1
20070061817	Atkinson	Mar 2007	A1
20070083625	Chamdani	Apr 2007	A1
20070086362	Kato	Apr 2007	A1
20070094464	Sharma	Apr 2007	A1
20070097968	Du	May 2007	A1
20070098006	Parry	May 2007	A1
20070116224	Burke	May 2007	A1
20070116422	Reynolds	May 2007	A1
20070121617	Kanekar	May 2007	A1
20070156659	Lim	Jul 2007	A1
20070177525	Wijnands	Aug 2007	A1
20070177597	Ju	Aug 2007	A1
20070183313	Narayanan	Aug 2007	A1
20070206762	Chandra	Sep 2007	A1
20070211712	Fitch	Sep 2007	A1
20070226214	Smits	Sep 2007	A1
20070230472	Jesuraj	Oct 2007	A1
20070258449	Bennett	Nov 2007	A1
20070274234	Kubota	Nov 2007	A1
20070289017	Copeland, III	Dec 2007	A1
20080052487	Akahane	Feb 2008	A1
20080056135	Lee	Mar 2008	A1
20080056300	Williams	Mar 2008	A1
20080065760	Damm	Mar 2008	A1
20080075078	Watanabe	Mar 2008	A1
20080080517	Roy	Apr 2008	A1
20080095160	Yadav	Apr 2008	A1
20080101386	Gray	May 2008	A1
20080112400	Dunbar et al.	May 2008	A1
20080133760	Berkvens	Jun 2008	A1
20080159260	Vobbilisetty	Jul 2008	A1
20080159277	Vobbilisetty	Jul 2008	A1
20080165705	Umayabashi	Jul 2008	A1
20080172492	Raghunath	Jul 2008	A1
20080181196	Regan	Jul 2008	A1
20080181243	Vobbilisetty	Jul 2008	A1
20080186968	Farinacci	Aug 2008	A1
20080186981	Seto	Aug 2008	A1
20080205377	Chao	Aug 2008	A1
20080219172	Mohan	Sep 2008	A1
20080225852	Raszuk	Sep 2008	A1
20080225853	Melman	Sep 2008	A1
20080228897	Ko	Sep 2008	A1
20080240129	Elmeleegy	Oct 2008	A1
20080253380	Cazares	Oct 2008	A1
20080267179	Lavigne	Oct 2008	A1
20080285458	Lysne	Nov 2008	A1
20080285555	Ogasahara	Nov 2008	A1
20080298248	Roeck	Dec 2008	A1
20080304498	Jorgensen	Dec 2008	A1
20080304519	Koenen	Dec 2008	A1
20080310342	Kruys	Dec 2008	A1
20090022069	Khan	Jan 2009	A1
20090037607	Farinacci	Feb 2009	A1
20090037977	Gai	Feb 2009	A1
20090041046	Hirata	Feb 2009	A1
20090042270	Dolly	Feb 2009	A1
20090044270	Shelly	Feb 2009	A1
20090067422	Poppe	Mar 2009	A1
20090067442	Killian	Mar 2009	A1
20090079560	Fries	Mar 2009	A1
20090080345	Gray	Mar 2009	A1
20090083445	Ganga	Mar 2009	A1
20090092042	Yuhara	Apr 2009	A1
20090092043	Lapuh	Apr 2009	A1
20090106405	Mazarick	Apr 2009	A1
20090116381	Kanda	May 2009	A1
20090129384	Regan	May 2009	A1
20090129389	Halna DeFretay	May 2009	A1
20090138577	Casado	May 2009	A1
20090138752	Graham	May 2009	A1
20090161584	Guan	Jun 2009	A1
20090161670	Shepherd	Jun 2009	A1
20090168647	Holness	Jul 2009	A1
20090199177	Edwards	Aug 2009	A1
20090204965	Tanaka	Aug 2009	A1
20090213783	Moreton	Aug 2009	A1
20090222879	Kostal	Sep 2009	A1
20090225752	Mitsumori	Sep 2009	A1
20090232031	Vasseur	Sep 2009	A1
20090245137	Hares	Oct 2009	A1
20090245242	Carlson	Oct 2009	A1
20090246137	Hadida	Oct 2009	A1
20090252049	Ludwig	Oct 2009	A1
20090252061	Small	Oct 2009	A1
20090260083	Szeto	Oct 2009	A1
20090279558	Davis	Nov 2009	A1
20090279701	Moisand	Nov 2009	A1
20090292858	Lambeth	Nov 2009	A1
20090316721	Kanda	Dec 2009	A1
20090323698	LeFaucheur	Dec 2009	A1
20090323708	Ihle	Dec 2009	A1
20090327392	Tripathi	Dec 2009	A1
20090327462	Adams	Dec 2009	A1
20100027420	Smith	Feb 2010	A1
20100027429	Jorgens	Feb 2010	A1
20100046471	Hattori	Feb 2010	A1
20100054260	Pandey	Mar 2010	A1
20100061269	Banerjee	Mar 2010	A1
20100074175	Banks	Mar 2010	A1
20100085981	Gupta	Apr 2010	A1
20100097941	Carlson	Apr 2010	A1
20100103813	Allan	Apr 2010	A1
20100103939	Carlson	Apr 2010	A1
20100131636	Suri	May 2010	A1
20100158024	Sajassi	Jun 2010	A1
20100165877	Shukla	Jul 2010	A1
20100165995	Mehta	Jul 2010	A1
20100168467	Johnston	Jul 2010	A1
20100169467	Shukla	Jul 2010	A1
20100169948	Budko	Jul 2010	A1
20100182920	Matsuoka	Jul 2010	A1
20100189119	Sawada	Jul 2010	A1
20100192225	Ma	Jul 2010	A1
20100195489	Zhou	Aug 2010	A1
20100195529	Liu	Aug 2010	A1
20100214913	Kompella	Aug 2010	A1
20100215042	Sato	Aug 2010	A1
20100215049	Raza	Aug 2010	A1
20100220724	Rabie	Sep 2010	A1
20100226368	Mack-Crane	Sep 2010	A1
20100226381	Mehta	Sep 2010	A1
20100246388	Gupta	Sep 2010	A1
20100246580	Kaganoi	Sep 2010	A1
20100257263	Casado	Oct 2010	A1
20100258263	Douxchamps	Oct 2010	A1
20100265849	Harel	Oct 2010	A1
20100271960	Krygowski	Oct 2010	A1
20100272107	Papp	Oct 2010	A1
20100281106	Ashwood-Smith	Nov 2010	A1
20100284414	Agarwal	Nov 2010	A1
20100284418	Gray	Nov 2010	A1
20100287262	Elzur	Nov 2010	A1
20100287548	Zhou	Nov 2010	A1
20100290464	Assarpour	Nov 2010	A1
20100290472	Raman	Nov 2010	A1
20100290473	Enduri	Nov 2010	A1
20100299527	Arunan	Nov 2010	A1
20100303071	Kotalwar	Dec 2010	A1
20100303075	Tripathi	Dec 2010	A1
20100303083	Belanger	Dec 2010	A1
20100309820	Rajagopalan	Dec 2010	A1
20100309912	Mehta	Dec 2010	A1
20100316055	Belanger	Dec 2010	A1
20100329110	Rose	Dec 2010	A1
20100329265	Lapuh	Dec 2010	A1
20110019678	Mehta	Jan 2011	A1
20110032945	Mullooly	Feb 2011	A1
20110035489	McDaniel	Feb 2011	A1
20110035498	Shah	Feb 2011	A1
20110044339	Kotalwar	Feb 2011	A1
20110044352	Chaitou	Feb 2011	A1
20110051723	Rabie	Mar 2011	A1
20110058547	Waldrop	Mar 2011	A1
20110064086	Xiong	Mar 2011	A1
20110064089	Hidaka	Mar 2011	A1
20110072208	Gulati	Mar 2011	A1
20110085560	Chawla	Apr 2011	A1
20110085562	Bao	Apr 2011	A1
20110085563	Kotha	Apr 2011	A1
20110110266	Li	May 2011	A1
20110134802	Rajagopalan	Jun 2011	A1
20110134803	Dalvi	Jun 2011	A1
20110134924	Hewson	Jun 2011	A1
20110134925	Safrai	Jun 2011	A1
20110142053	VanDerMerwe	Jun 2011	A1
20110142062	Wang	Jun 2011	A1
20110161494	McDysan	Jun 2011	A1
20110161695	Okita	Jun 2011	A1
20110176412	Stine	Jul 2011	A1
20110188373	Saito	Aug 2011	A1
20110194403	Sajassi	Aug 2011	A1
20110194563	Shen	Aug 2011	A1
20110225540	d'Entremont	Sep 2011	A1
20110228780	Ashwood-Smith	Sep 2011	A1
20110231570	Altekar	Sep 2011	A1
20110231574	Saunderson	Sep 2011	A1
20110235523	Jha	Sep 2011	A1
20110243133	Villait	Oct 2011	A9
20110243136	Raman	Oct 2011	A1
20110246669	Kanada	Oct 2011	A1
20110255538	Srinivasan	Oct 2011	A1
20110255540	Mizrahi	Oct 2011	A1
20110261828	Smith	Oct 2011	A1
20110268120	Vobbilisetty	Nov 2011	A1
20110268125	Vobbilisetty	Nov 2011	A1
20110273988	Tourrilhes	Nov 2011	A1
20110274114	Dhar	Nov 2011	A1
20110280572	Vobbilisetty	Nov 2011	A1
20110286457	Ee	Nov 2011	A1
20110055274	Hegge	Dec 2011	A1
20110296052	Guo	Dec 2011	A1
20110299391	Vobbilisetty	Dec 2011	A1
20110299413	Chatwani	Dec 2011	A1
20110299414	Yu	Dec 2011	A1
20110299527	Yu	Dec 2011	A1
20110299528	Yu	Dec 2011	A1
20110299531	Yu	Dec 2011	A1
20110299532	Yu	Dec 2011	A1
20110299533	Yu	Dec 2011	A1
20110299534	Koganti	Dec 2011	A1
20110299535	Vobbilisetty	Dec 2011	A1
20110299536	Cheng	Dec 2011	A1
20110307500	Li	Dec 2011	A1
20110317559	Kern	Dec 2011	A1
20110317703	Dunbar et al.	Dec 2011	A1
20120011240	Hara	Jan 2012	A1
20120014261	Salam	Jan 2012	A1
20120014387	Dunbar	Jan 2012	A1
20120020220	Sugita	Jan 2012	A1
20120027017	Rai	Feb 2012	A1
20120033663	Guichard	Feb 2012	A1
20120033665	Jacob	Feb 2012	A1
20120033668	Humphries	Feb 2012	A1
20120033669	Mohandas	Feb 2012	A1
20120033672	Page	Feb 2012	A1
20120039163	Nakajima	Feb 2012	A1
20120063363	Li	Mar 2012	A1
20120075991	Sugita	Mar 2012	A1
20120099567	Hart	Apr 2012	A1
20120099602	Nagapudi	Apr 2012	A1
20120106339	Mishra	May 2012	A1
20120117438	Shaffer	May 2012	A1
20120131097	Baykal	May 2012	A1
20120131289	Taguchi	May 2012	A1
20120134266	Roitshtein	May 2012	A1
20120136999	Roitshtein	May 2012	A1
20120147740	Nakash	Jun 2012	A1
20120158997	Hsu	Jun 2012	A1
20120163164	Terry	Jun 2012	A1
20120163224	Long	Jun 2012	A1
20120170491	Kern	Jul 2012	A1
20120177039	Berman	Jul 2012	A1
20120210416	Mihelich	Aug 2012	A1
20120230225	Matthews	Sep 2012	A1
20120243359	Keesara	Sep 2012	A1
20120243539	Keesara	Sep 2012	A1
20120250502	Brolin	Oct 2012	A1
20120275297	Subramanian	Nov 2012	A1
20120275347	Banerjee	Nov 2012	A1
20120278804	Narayanasamy	Nov 2012	A1
20120281700	Koganti	Nov 2012	A1
20120287785	Kamble	Nov 2012	A1
20120294192	Masood	Nov 2012	A1
20120294194	Balasubramanian	Nov 2012	A1
20120230800	Kamble	Dec 2012	A1
20120320800	Kamble	Dec 2012	A1
20120320926	Kamath et al.	Dec 2012	A1
20120327766	Tsai et al.	Dec 2012	A1
20120327937	Melman et al.	Dec 2012	A1
20130003535	Sarwar	Jan 2013	A1
20130003549	Matthews	Jan 2013	A1
20130003608	Lei	Jan 2013	A1
20130003737	Sinicrope	Jan 2013	A1
20130003738	Koganti	Jan 2013	A1
20130028072	Addanki	Jan 2013	A1
20130034015	Jaiswal	Feb 2013	A1
20130034021	Jaiswal	Feb 2013	A1
20130034094	Cardona	Feb 2013	A1
20130044629	Biswas	Feb 2013	A1
20130058354	Casado	Mar 2013	A1
20130067466	Combs	Mar 2013	A1
20130070762	Adams	Mar 2013	A1
20130083693	Himura	Apr 2013	A1
20130097345	Munoz	Apr 2013	A1
20130114595	Mack-Crane	May 2013	A1
20130124707	Ananthapadmanabha	May 2013	A1
20130124750	Anumala	May 2013	A1
20130127848	Joshi	May 2013	A1
20130136123	Ge	May 2013	A1
20130145008	Kannan	Jun 2013	A1
20130148546	Eisenhauer	Jun 2013	A1
20130148663	Xiong	Jun 2013	A1
20130194914	Agarwal	Aug 2013	A1
20130201992	Masaki	Aug 2013	A1
20130205002	Wang	Aug 2013	A1
20130219473	Schaefer	Aug 2013	A1
20130223221	Xu	Aug 2013	A1
20130250951	Koganti	Sep 2013	A1
20130250958	Watanabe	Sep 2013	A1
20130259037	Natarajan	Oct 2013	A1
20130272135	Leong	Oct 2013	A1
20130294451	Li	Nov 2013	A1
20130301425	Udutha et al.	Nov 2013	A1
20130301642	Radhakrishnan	Nov 2013	A1
20130315125	Ravishankar	Nov 2013	A1
20130322427	Stiekes	Dec 2013	A1
20130346583	Low	Dec 2013	A1
20140013324	Zhang	Jan 2014	A1
20140025736	Wang	Jan 2014	A1
20140029419	Jain	Jan 2014	A1
20140044126	Sabhanatarajan	Feb 2014	A1
20140056298	Vobbilisetty	Feb 2014	A1
20140059225	Gasparakis	Feb 2014	A1
20140071987	Janardhanan	Mar 2014	A1
20140086253	Yong	Mar 2014	A1
20140092738	Grandhi	Apr 2014	A1
20140105034	Huawei	Apr 2014	A1
20140112122	Kapadia	Apr 2014	A1
20140140243	Ashwood-Smith	May 2014	A1
20140169368	Grover	Jun 2014	A1
20140192804	Ghanwani	Jul 2014	A1
20140241147	Rajagopalan	Aug 2014	A1
20140258446	Bursell	Sep 2014	A1
20140269701	Kaushik	Sep 2014	A1
20140269720	Srinivasan	Sep 2014	A1
20140269733	Venkatesh	Sep 2014	A1
20140355477	Velayudhar et al.	Dec 2014	A1
20140362854	Addanki	Dec 2014	A1
20140362859	Addanki	Dec 2014	A1
20150009992	Zhang	Jan 2015	A1
20150010007	Matsuhira	Jan 2015	A1
20150016300	Devireddy	Jan 2015	A1
20150030031	Zhou	Jan 2015	A1
20150092593	Kompella	Apr 2015	A1
20150110111	Song	Apr 2015	A1
20150110487	Fenkes	Apr 2015	A1
20150117256	Sabaa	Apr 2015	A1
20150139234	Hu	May 2015	A1
20150143369	Zheng	May 2015	A1
20150172098	Agarwal	Jun 2015	A1
20150188753	Anumala	Jul 2015	A1
20160087885	Tripathi	Mar 2016	A1
20160139939	Bosch	May 2016	A1
20160182458	Shatzkamer	Jun 2016	A1
20160344640	Soderund et al.	Nov 2016	A1
20170026197	Venkatesh	Jan 2017	A1
20170097841	Chang	Apr 2017	A1

Foreign Referenced Citations (38)

Number	Date	Country
1735062	Feb 2006	CN
1777149	May 2006	CN
101064682	Oct 2007	CN
101459618	Jun 2009	CN
101471899	Jul 2009	CN
101548511	Sep 2009	CN
101645880	Feb 2010	CN
102098237	Jun 2011	CN
102148749	Aug 2011	CN
102301663	Dec 2011	CN
102349268	Feb 2012	CN
102378176	Mar 2012	CN
102404181	Apr 2012	CN
102415065	Apr 2012	CN
102415065	Apr 2012	CN
102801599	Nov 2012	CN
102801599	Nov 2012	CN
102088388	Apr 2014	CN
0579567	May 1993	EP
0579567	Jan 1994	EP
0993156	Apr 2000	EP
0993156	Dec 2000	EP
1398920	Mar 2004	EP
1398920	Mar 2004	EP
1916807	Apr 2008	EP
2001167	Oct 2008	EP
2854352	Apr 2015	EP
2874359	May 2015	EP
2008056838	May 2008	WO
2009042919	Apr 2009	WO
2010111142	Sep 2010	WO
2010111142	Sep 2010	WO
2011132568	Oct 2011	WO
2011140028	Nov 2011	WO
2011140028	Nov 2011	WO
2012033663	Mar 2012	WO
2012093429	Jul 2012	WO
2014031781	Feb 2014	WO

Non-Patent Literature Citations (238)

Entry
Office Action dated Jan. 31, 2017, U.S. Appl. No. 13/184,526, filed Jul. 16, 2011.
Office Action dated Jan. 27, 2017, U.S. Appl. No. 14/216,292, filed Mar. 17, 2014.
Office Action dated Jan. 26, 2017, U.S. Appl. No. 13/786,328, filed Mar. 5, 2013.
Office Action dated Dec. 2, 2016, U.S. Appl. No. 14/512,268, filed Oct. 10, 2014.
Office Action dated Dec. 1, 2016, U.S. Appl. No. 13/899,849, filed May 22, 2013.
Office Action dated Dec. 1, 2016, U.S. Appl. No. 13/656,438, filed Oct. 19, 2012.
Office Action dated Nov. 30, 2016, U.S. Appl. No. 13/598,204, filed Aug. 29, 2012.
Office Action dated Nov. 21, 2016, U.S. Appl. No. 13/669,357, filed Nov. 5, 2012.
Office Action dated Feb. 8, 2017, U.S. Appl. No. 14/473,941, filed Aug. 29, 2014.
Office Action dated Feb. 8, 2017, U.S. Appl. No. 14/822,380, filed Aug. 10, 2015.
Office Action for U.S. Appl. No. 14/662,095, dated Mar. 24, 2017.
Office Action for U.S. Appl. No. 15/005,967, dated Mar. 31, 2017.
Office Action for U.S. Appl. No. 15/215,377, dated Apr. 7, 2017.
Office Action for U.S. Appl. No. 13/098,490, dated Apr. 6, 2017.
Office Action for U.S. Appl. No. 14/662,092, dated Mar. 29, 2017.
Office Action for U.S. Appl. No. 14/817,097, dated May 4, 2017.
Office Action for U.S. Appl. No. 14/872,966, dated Apr. 20, 2017.
Office Action for U.S. Appl. No. 14/680,915, dated May 3, 2017.
Office Action for U.S. Appl. No. 14/792,166, dated Apr. 26, 2017.
“Network based IP VPN Architecture using Virtual Routers” Paul Knight et al.
Yang Yu et al “A Framework of using OpenFlow to handle transient link failure”, TMEE, 2011 International Conference on, IEEE, Dec. 16, 2011.
Office Action for U.S. Appl. No. 15/227,789, dated Feb. 27, 2017.
Office Action for U.S. Appl. No. 14/822,380, dated Feb. 8, 2017.
Office Action for U.S. Appl. No. 14/704,660, dated Feb. 27, 2017.
Office Action for U.S. Appl. No. 14/510,913, dated Mar. 3, 2017.
Office Action for U.S. Appl. No. 14/473,941, dated Feb. 8, 2017.
Office Action for U.S. Appl. No. 14/329,447, dated Feb. 10, 2017.
Office Action for U.S. Appl. No. 14/660,803, dated May 17, 2017.
Office Action for U.S. Appl. No. 14/488,173, dated May 12, 2017.
Office Action for U.S. Appl. No. 13/288,822, dated May 26, 2017.
Office Action for U.S. Appl. No. 14/329,447, dated Jun. 8, 2017.
Eastlake, D. et al., ‘RBridges: TRILL Header Options’, Dec. 24, 2009, pp. 1-17, TRILL Working Group.
Perlman, Radia et al., ‘RBridge VLAN Mapping’, TRILL Working Group, Dec. 4, 2009, pp. 1-12.
Touch, J. et al., ‘Transparent Interconnection of Lots of Links (TRILL): Problem and Applicability Statement’, May 2009, Network Working Group, pp. 1-17.
‘Switched Virtual Networks. Internetworking Moves Beyond Bridges and Routers’ Data Communications, McGraw Hill. New York, US, vol. 23, No. 12, Sep. 1, 1994 (Sep. 1, 1994), pp. 66-70,72,74, XP000462385 ISSN: 0363-6399.
Knight S et al: ‘Virtual Router Redundancy Protocol’ Internet Citation Apr. 1, 1998 (Apr. 1, 1998), XP002135272 Retrieved from the Internet: URL:ftp://ftp.isi.edu/in-notes/rfc2338.txt [retrieved on Apr. 10, 2000].
Office Action dated Jun. 18, 2015, U.S. Appl. No. 13/098,490, filed May 2, 2011.
Perlman R: ‘Challenges and opportunities in the design of TRILL: a routed layer 2 technology’, 2009 IEEE GLOBECOM Workshops, Honolulu, HI, USA, Piscataway, NJ, USA, Nov. 30, 2009 (Nov. 30, 2009), pp. 1-6, XP002649647, DOI: 10.1109/GLOBECOM.2009.5360776 ISBN: 1-4244-5626-0 [retrieved on Jul. 19, 2011].
TRILL Working Group Internet-Draft Intended status: Proposed Standard RBridges: Base Protocol Specificaiton Mar. 3, 2010.
Office Action dated Jun. 16, 2015, U.S. Appl. No. 13/048,817, filed Mar. 15, 2011.
Knight P et al: ‘Layer 2 and 3 Virtual Private Networks: Taxonomy, Technology, and Standardization Efforts’, IEEE Communications Magazine, IEEE Service Center, Piscataway, US, vol. 42, No. 6, Jun. 1, 2004 (Jun. 1, 2004) pp. 124-131, XP001198207, ISSN: 0163-6804, DOI: 10.1109/MCOM.2004.1304248.
Office Action for U.S. Appl. No. 13/092,873, filed Apr. 22, 2011, dated Nov. 29, 2013.
Perlman, Radia et al., ‘RBridges: Base Protocol Specification; Draft-ietf-trill-rbridge-protocol-16.txt’, Mar. 3, 2010, pp. 1-117.
‘An Introduction to Brocade VCS Fabric Technology’, Brocade white paper, http://community.brocade.com/docs/DOC-2954, Dec. 3, 2012.
Brocade, ‘Brocade Fabrics OS (FOS) 6.2 Virtual Fabrics Feature Frequently Asked Questions’, pp. 1-6, 2009 Brocade Communications Systems, Inc.
Brocade, ‘Fastlron and Turbolron 24x Configuration Guide’, Feb. 16, 2010.
Brocade, ‘The Effortless Network: Hyperedge Technology for the Campus LAN’ 2012.
Brocade ‘Brocade Unveils ‘The Effortless Network’’, http://newsroom.brocade.com/press-releases/brocade-unveils-the-effortless-network-nasdaq-brcd-0859535, 2012.
Christensen, M. et al., ‘Considerations for Internet Group Management Protocol (IGMP) and Multicast Listener Discovery (MLD) Snooping Switches’, May 2006.
Fastlron Configuration Guide Supporting Ironware Software Release 07.0.00, Dec. 18, 2009.
Foundary Fastlron Configuration Guide, Software Release FSX 04.2.00b, Software Release FWS 04.3.00, Software Release FGS 05.0.00a, Sep. 2008.
Knight, ‘Network Based IP VPN Architecture using Virtual Routers’, May 2003.
Kreeger, L. et al., ‘Network Virtualization Overlay Control Protocol Requirements draft-kreeger-nvo3-overlay-cp-00’, Jan. 30, 2012.
Lapuh, Roger et al., ‘Split Multi-link Trunking (SMLT)’, draft-lapuh-network-smlt-08, Jul. 2008.
Lapuh, Roger et al., ‘Split Multi-Link Trunking (SMLT)’, Network Working Group, Oct. 2012.
Louati, Wajdi et al., ‘Network-based virtual personal overlay networks using programmable virtual routers’, IEEE Communications Magazine, Jul. 2005.
Narten, T. et al., ‘Problem Statement: Overlays for Network Virtualization d raft-narten-n vo3-over l ay-problem-statement-01’, Oct. 31, 2011.
Office Action for U.S. Appl. No. 13/092,752, filed Apr. 22, 2011, from Park, Jung H., dated Jul. 18, 2013.
Office Action for U.S. Appl. No. 13/351,513, filed Jan. 17, 2012, dated Jul. 24, 2014.
Office Action for U.S. Appl. No. 13/365,993, filed Feb. 3, 2012, from Cho, Hong Sol., dated Jul. 23, 2013.
Office Action for U.S. Appl. No. 13/742,207 dated Jul. 24, 2014, filed Jan. 15, 2013.
Office Action for U.S. Appl. No. 12/725,249, filed Mar. 16, 2010, dated Apr. 26, 2013.
Office Action for U.S. Appl. No. 12/950,968, filed Nov. 19, 2010, dated Jan. 4, 2013.
Office Action for U.S. Appl. No. 12/950,968, filed Nov. 19, 2010, dated Jun. 7, 2012.
Office Action for U.S. Appl. No. 12/950,974, filed Nov. 19, 2010, dated Dec. 20, 2012.
Office Action for U.S. Appl. No. 12/950,974, filed Nov. 19, 2010, dated May 24, 2012.
Office Action for U.S. Appl. No. 13/030,688, filed Feb. 18, 2011, dated Apr. 25, 2013.
Office Action for U.S. Appl. No. 13/030,806, filed Feb. 18, 2011, dated Dec. 3, 2012.
Office Action for U.S. Appl. No. 13/030,806, filed Feb. 18, 2011, dated Jun. 11, 2013.
Office Action for U.S. Appl. No. 13/042,259, filed Mar. 7, 2011, dated Mar. 18, 2013.
Office Action for U.S. Appl. No. 13/042,259, filed Mar. 7, 2011, dated Jul. 31, 2013.
Office Action for U.S. Appl. No. 13/044,301, filed Mar. 9, 2011, dated Feb. 22, 2013.
Office Action for U.S. Appl. No. 13/044,301, filed Mar. 9, 2011, dated Jun. 11, 2013.
Office Action for U.S. Appl. No. 13/044,326, filed Mar. 9, 2011, , dated Oct. 2, 2013.
Office Action for U.S. Appl. No. 13/050,102, filed Mar. 17, 2011, dated Oct. 26, 2012.
Office Action for U.S. Appl. No. 13/050,102, filed Mar. 17, 2011, dated May 16, 2013.
Office Action for U.S. Appl. No. 13/087,239, filed Apr. 14, 2011, dated May 22, 2013.
Office Action for U.S. Appl. No. 13/092,460, filed Apr. 22, 2011, dated Jun. 21, 2013.
Office Action for U.S. Appl. No. 13/092,580, filed Apr. 22, 2011, dated Jun. 10, 2013.
Office Action for U.S. Appl. No. 13/092,701, filed Apr. 22, 2011, dated Jan. 28, 2013.
Office Action for U.S. Appl. No. 13/092,701, filed Apr. 22, 2011, dated Jul. 3, 2013.
Office Action for U.S. Appl. No. 13/092,724, filed Apr. 22, 2011, dated Feb. 5, 2013.
Office Action for U.S. Appl. No. 13/092,724, filed Apr. 22, 2011, dated Jul. 16, 2013.
Office Action for U.S. Appl. No. 13/092,752, filed Apr. 22, 2011, dated Feb. 5, 2013.
Office Action for U.S. Appl. No. 13/092,864, filed Apr. 22, 2011, dated Sep. 19, 2012.
Office Action for U.S. Appl. No. 13/092,873, filed Apr. 22, 2011, dated Jun. 19, 2013.
Office Action for U.S. Appl. No. 13/092,877, filed Apr. 22, 2011, dated Mar. 4, 2013.
Office Action for U.S. Appl. No. 13/092,877, filed Apr. 22, 2011, dated Sep. 5, 2013.
Office Action for U.S. Appl. No. 13/098,360, filed Apr. 29, 2011, dated May 31, 2013.
Office Action for U.S. Appl. No. 13/098,490, filed May 2, 2011, dated Jul. 9, 2013.
Office Action for U.S. Appl. No. 13/184,526, filed Jul. 16, 2011, dated Jan. 28, 2013.
Office Action for U.S. Appl. No. 13/184,526, filed Jul. 16, 2011, dated May 22, 2013.
Office Action for U.S. Appl. No. 13/365,808, filed Jul. 18, 2013, dated Jul. 18, 2013.
Perlman, Radia et al., ‘Challenges and Opportunities in the Design of TRILL: a Routed layer 2 Technology’, 2009.
S. Nadas et al., ‘Virtual Router Redundancy Protocol (VRRP) Version 3 for IPv4 and IPv6’, Internet Engineering Task Force, Mar. 2010.
‘RBridges: Base Protocol Specification’, IETF Draft, Perlman et al., Jun. 26, 2009.
U.S. Appl. No. 13/030,806 Office Action dated Dec. 3, 2012.
Office action dated Apr. 26, 2012, U.S. Appl. No. 12/725,249, filed Mar. 16, 2010.
Office action dated Sep. 12, 2012, U.S. Appl. No. 12/725,249, filed Mar. 16, 2010.
Office action dated Dec. 21, 2012, U.S. Appl. No. 13/098,490, filed May 2, 2011.
Office action dated Mar. 27, 2014, U.S. Appl. No. 13/098,490, filed May 2, 2011.
Office action dated Jul. 9, 2013, U.S. Appl. No. 13/098,490, filed May 2, 2011.
Office action dated May 22, 2013, U.S. Appl. No. 13/087,239, filed Apr. 14, 2011.
Office action dated Dec. 5, 2012, U.S. Appl. No. 13/087,239, filed Apr. 14, 2011.
Office action dated Apr. 9, 2014, U.S. Appl. No. 13/092,724, filed Apr. 22, 2011.
Office action dated Feb. 5, 2013, U.S. Appl. No. 13/092,724, filed Apr. 22, 2011.
Office action dated Jan. 10, 2014, U.S. Appl. No. 13/092,580, filed Apr. 22, 2011.
Office action dated Jun. 10, 2013, U.S. Appl. No. 13/092,580, filed Apr. 22, 2011.
Office action dated Jan. 16, 2014, U.S. Appl. No. 13/042,259, filed Mar. 7, 2011.
Office action dated Mar. 18, 2013, U.S. Appl. No. 13/042,259, filed Mar. 7, 2011.
Office action dated Jul. 31, 2013, U.S. Appl. No. 13/042,259, filed Mar. 7, 2011.
Office action dated Aug. 29, 2014, U.S. Appl. No. 13/042,259, filed Mar. 7, 2011.
Office action dated Mar. 14, 2014, U.S. Appl. No. 13/092,460, filed Apr. 22, 2011.
Office action dated Jun. 21, 2013, U.S. Appl. No. 13/092,460, filed Apr. 22, 2011.
Office action dated Aug. 14, 2014, U.S. Appl. No. 13/092,460, filed Apr. 22, 2011.
Office action dated Jan. 28, 2013, U.S. Appl. No. 13/092,701, filed Apr. 22, 2011.
Office Action dated Mar. 26, 2014, U.S. Appl. No. 13/092,701, filed Apr. 22, 2011.
Office action dated Jul. 3, 2013, U.S. Appl. No. 13/092,701, filed Apr. 22, 2011.
Office Action dated Apr. 9, 2014, U.S. Appl. No. 13/092,752, filed Apr. 22, 2011.
Office action dated Jul. 18, 2013, U.S. Appl. No. 13/092,752, filed Apr. 22, 2011.
Office action dated Dec. 20, 2012, U.S. Appl. No. 12/950,974, filed Nov. 19, 2010.
Office action dated May 24, 2012, U.S. Appl. No. 12/950,974, filed Nov. 19, 2010.
Office action dated Jan. 6, 2014, U.S. Appl. No. 13/092,877, filed Apr. 22, 2011.
Office action dated Sep. 5, 2013, U.S. Appl. No. 13/092,877, filed Apr. 22, 2011.
Office action dated Mar. 4, 2013, U.S. Appl. No. 13/092,877, filed Apr. 22, 2011.
Office action dated Jan. 4, 2013, U.S. Appl. No. 12/950,968, filed Nov. 19, 2010.
Office action dated Jun. 7, 2012, U.S. Appl. No. 12/950,968, filed Nov. 19, 2010.
Office action dated Sep. 19, 2012, U.S. Appl. No. 13/092,864, filed Apr. 22, 2011.
Office action dated May 31, 2013, U.S. Appl. No. 13/098,360, filed Apr. 29, 2011.
Office action dated Jul. 7, 2014, for U.S. Appl. No. 13/044,326, filed Mar. 9, 2011.
Office action dated Oct. 2, 2013, U.S. Appl. No. 13/044,326, filed Mar. 9, 2011.
Office Action dated Dec. 19, 2014, for U.S. Appl. No. 13/044,326, filed Mar. 9, 2011.
Office action dated Dec. 3, 2012, U.S. Appl. No. 13/030,806, filed Feb. 18, 2011.
Office action dated Apr. 22, 2014, U.S. Appl. No. 13/030,806, filed Feb. 18, 2011.
Office action dated Jun. 11, 2013, U.S. Appl. No. 13/030,806, filed Feb. 18, 2011.
Office action dated Apr. 25, 2013, U.S. Appl. No. 13/030,688, filed Feb. 18, 2011.
Office action dated Feb. 22, 2013, U.S. Appl. No. 13/044,301, filed Mar. 9, 2011.
Office action dated Jun. 11, 2013, U.S. Appl. No. 13/044,301, filed Mar. 9, 2011.
Office action dated Oct. 26, 2012, U.S. Appl. No. 13/050,102, filed Mar. 17, 2011.
Office action dated May 16, 2013, U.S. Appl. No. 13/050,102, filed Mar. 17, 2011.
Office action dated Aug. 4, 2014, U.S. Appl. No. 13/050,102, filed Mar. 17, 2011.
Office action dated Jan. 28, 2013, U.S. Appl. No. 13/148,526, filed Jul. 16, 2011.
Office action dated Dec. 2, 2013, U.S. Appl. No. 13/184,526, filed Jul. 16, 2011.
Office action dated May 22, 2013, U.S. Appl. No. 13/148,526, filed Jul. 16, 2011.
Office action dated Aug. 21, 2014, U.S. Appl. No. 13/184,526, filed Jul. 16, 2011.
Office action dated Nov. 29, 2013, U.S. Appl. No. 13/092,873, filed Apr. 22, 2011.
Office action dated Jun. 19, 2013, U.S. Appl. No. 13/092,873, filed Apr. 22, 2011.
Office action dated Jul. 18, 2013, U.S. Appl. No. 13/365,808, filed Feb. 3, 2012.
Office Action dated Mar. 6, 2014, U.S. Appl. No. 13/425,238, filed Mar. 20, 2012.
Office action dated Nov. 12, 2013, U.S. Appl. No. 13/312,903, filed Dec. 6, 2011.
Office action dated Jun. 13, 2013, U.S. Appl. No. 13/312,903, filed Dec. 6, 2011.
Office Action dated Jun. 18, 2014, U.S. Appl. No. 13/440,861, filed Apr. 5, 2012.
Office Action dated Feb. 28, 2014, U.S. Appl. No. 13/351,513, filed Jan. 17, 2012.
Office Action dated May 9, 2014, U.S. Appl. No. 13/484,072, filed May 30, 2012.
Office Action dated May 14, 2014, U.S. Appl. No. 13/533,843, filed Jun. 26, 2012.
Office Action dated Feb. 20, 2014, U.S. Appl. No. 13/598,204, filed Aug. 29, 2012.
Office Action dated Jun. 6, 2014, U.S. Appl. No. 13/669,357, filed Nov. 5, 2012.
Brocade ‘An Introduction to Brocade VCS Fabric Technology’, Dec. 3, 2012.
Huang, Nen-Fu et al., ‘An Effective Spanning Tree Algorithm for a Bridged LAN’, Mar. 16, 1992.
Lapuh, Roger et al., ‘Split Multi-link Trunking (SMLT) draft-lapuh-network-smlt-08’, Jan. 2009.
Mckeown, Nick et al. “OpenFlow: Enabling Innovation in Campus Networks”, Mar. 14, 2008, www.openflow.org/documents/openflow-wp-latest.pdf.
Office Action for U.S. Appl. No. 13/030,688, filed Feb. 18, 2011, dated Jul. 17, 2014.
Office Action for U.S. Appl. No. 13/042,259, filed Mar. 7, 2011, from Jaroenchonwanit, Bunjob, dated Jan. 16, 2014.
Office Action for U.S. Appl. No. 13/044,326, filed Mar. 9, 2011, dated Jul. 7, 2014.
Office Action for U.S. Appl. No. 13/092,752, filed Apr. 22, 2011, dated Apr. 9, 2014.
Office Action for U.S. Appl. No. 13/092,873, filed Apr. 22, 2011, dated Jul. 25, 2014.
Office Action for U.S. Appl. No. 13/092,877, filed Apr. 22, 2011, dated Jun. 20, 2014.
Office Action for U.S. Appl. No. 13/312,903, filed Dec. 6, 2011, dated Aug. 7, 2014.
Office Action for U.S. Appl. No. 13/425,238, filed Mar. 20, 2012, dated Mar. 6, 2014.
Office Action for U.S. Appl. No. 13/556,061, filed Jul. 23, 2012, dated Jun. 6, 2014.
Office Action for U.S. Appl. No. 13/950,974, filed Nov. 19, 2010, dated Dec. 2, 2012.
Office Action for U.S. Appl. No. 12/725,249, filed Mar. 16, 2010, dated Sep. 12, 2012.
Office Action for U.S. Appl. No. 13/098,490, filed May 2, 2011, dated Dec. 21, 2012.
Office Action for U.S. Appl. No. 13/098,490, filed May 2, 2011, dated Mar. 27, 2014.
Office Action for U.S. Appl. No. 13/312,903, filed Dec. 6, 2011, dated Jun. 13, 2013.
Office Action for U.S. Appl. No. 13/044,301, dated Mar. 9, 2011.
Office Action for U.S. Appl. No. 13/087,239, filed Apr. 14, 2011, dated Dec. 5, 2012.
Office Action for U.S. Appl. No. 13/092,873, filed Apr. 22, 2011, dated Nov. 7, 2014.
Office Action for U.S. Appl. No. 13/092,877, filed Apr. 22, 2011, dated Nov. 10, 2014.
Office Action for U.S. Appl. No. 13/157,942, filed Jun. 10, 2011.
Office Action for U.S. Appl. No. 13/184,526, filed Jul. 16, 2011, dated Jan. 5, 2015.
Office Action for U.S. Appl. No. 13/184,526, filed Jul. 16, 2011, dated Dec. 2, 2013.
Office Action for U.S. Appl. No. 13/351,513, filed Jan. 17, 2012, dated Feb. 28, 2014.
Office Action for U.S. Appl. No. 13/533,843, filed Jun. 26, 2012, dated Oct. 21, 2013.
Office Action for U.S. Appl. No. 13/598,204, filed Aug. 29, 2012, dated Jan. 5, 2015.
Office Action for U.S. Appl. No. 13/598,204, filed Aug. 29, 2012, dated Feb. 20, 2014.
Office Action for U.S. Appl. No. 13/669,357, filed Nov. 5, 2012, dated Jan. 30, 2015.
Office Action for U.S. Appl. No. 13/851,026, filed Mar. 26, 2013, dated Jan. 30, 2015.
Office Action for U.S. Appl. No. 13/092,887, dated Jan. 6, 2014.
Zhai F. Hu et al. ‘RBridge: Pseudo-Nickname; draft-hu-trill-pseudonode-nickname-02.txt’, May 15, 2012.
Abawajy J. “An Approach to Support a Single Service Provider Address Image for Wide Area Networks Environment” Centre for Parallel and Distributed Computing, School of Computer Science Carleton University, Ottawa, Ontario, K1S 5B6, Canada.
Office action dated Oct. 2, 2014, for U.S. Appl. No. 13/092,752, filed Apr. 22, 2011.
Kompella, ED K. et al., ‘Virtual Private LAN Service (VPLS) Using BGP for Auto-Discovery and Signaling’ Jan. 2007.
Office Action for U.S. Appl. No. 13/042,259, filed Mar. 7, 2011, dated Feb. 23, 2015.
Office Action for U.S. Appl. No. 13/044,301, filed Mar. 9, 2011, dated Jan. 29, 2015.
Office Action for U.S. Appl. No. 13/050,102, filed Mar. 17, 2011, dated Jan. 26, 2015.
Office Action for U.S. Appl. No. 13/092,460, filed Apr. 22, 2011, dated Mar. 13, 2015.
Office Action for U.S. Appl. No. 13/092,752, filed Apr. 22, 2011, dated Feb. 27, 2015.
Office Action for U.S. Appl. No. 13/425,238, filed Mar. 20, 2012, dated Mar. 12, 2015.
Office Action for U.S. Appl. No. 13/786,328, filed Mar. 5, 2013, dated Mar. 13, 2015.
Office Action for U.S. Appl. No. 14/577,785, filed Dec. 19, 2014, dated Apr. 13, 2015.
Rosen, E. et al., “BGP/MPLS VPNs”, Mar. 1999.
Office action dated Jun. 8, 2015, U.S. Appl. No. 14/178,042, filed Feb. 11, 2014.
Office Action dated May 21, 2015, U.S. Appl. No. 13/288,822, filed Nov. 3, 2011.
Office action dated Apr. 30, 2015, U.S. Appl. No. 13/351,513, filed Jan. 17, 2012.
Office Action dated Apr. 1, 2015, U.S. Appl. No. 13/656,438, filed Oct. 19, 2012.
Office Action dated Jun. 10, 2015, U.S. Appl. No. 13/890,150, filed May 8, 2013.
Mahalingam “VXLAN: A Framework for Overlaying Virtualized Layer 2 Networks over Layer 3 Networks” Oct. 17, 2013 pp. 1-22, Sections 1, 4 and 4.1.
Siamak Azodolmolky et al. “Cloud computing networking: Challenges and opportunities for innovations”, IEEE Communications Magazine, vol. 51, No. 7, Jul. 1, 2013.
Office Action dated Jul. 31, 2015, U.S. Appl. No. 13/598,204, filed Aug. 29, 2014.
Office Action dated Jul. 31, 2015, U.S. Appl. No. 14/473,941, filed Aug. 29, 2014.
Office Action dated Jul. 31, 2015, U.S. Appl. No. 14/488,173, filed Sep. 16, 2014.
Office Action dated Aug. 21, 2015, U.S. Appl. No. 13/776,217, filed Feb. 25, 2013.
Office Action dated Aug. 19, 2015, U.S. Appl. No. 14/156,374, filed Jan. 15, 2014.
Office Action dated Sep. 2, 2015, U.S. Appl. No. 14/151,693, filed Jan. 9, 2014.
Office Action dated Sep. 17, 2015, U.S. Appl. No. 14/577,785, filed Dec. 19, 2014.
Office Action dated Sep. 22, 2015 U.S. Appl. No. 13/656,438, filed Oct. 19, 2012.
Office Action dated Nov. 5, 2015, U.S. Appl. No. 14/178,042, filed Feb. 11, 2014.
Office Action dated Oct. 19, 2015, U.S. Appl. No. 14/215,996, filed Mar. 17, 2014.
Office Action dated Sep. 18, 2015, U.S. Appl. No. 13/345,566, filed Jan. 6, 2012.
Open Flow Switch Specification Version 1.1.0, Feb. 28, 2011.
Open Flow Switch Specification Version 1.0.0, Dec. 31, 2009.
Open Flow Configuration and Management Protocol 1.0 (OF-Config 1.0) Dec. 23, 2011.
Open Flow Switch Specification Version 1.2 Dec. 5, 2011.
Office action dated Feb. 2, 2016, U.S. Appl. No. 13/092,460, filed Apr. 22, 2011.
Office Action dated Feb. 2, 2016. U.S. Appl. No. 14/154,106, filed Jan. 13, 2014.
Office Action dated Feb. 3, 2016, U.S. Appl. No. 13/098,490, filed May 2, 2011.
Office Action dated Feb. 4, 2016, U.S. Appl. No. 13/557,105, filed Jul. 24, 2012.
Office Action dated Feb. 11, 2016, U.S. Appl. No. 14/488,173, filed Sep. 16, 2014.
Office Action dated Feb. 24, 2016, U.S. Appl. No. 13/971,397, filed Aug. 20, 2013.
Office Action dated Feb. 24, 2016, U.S. Appl. No. 12/705,508, filed Feb. 12, 2010.
Office Action for U.S. Appl. No. 14/510,913, dated Jun. 30, 2017.
Office Action for U.S. Appl. No. 15/005,946, dated Jul. 14, 2017.
Office Action for U.S. Appl. No. 13/092,873, dated Jul. 19, 2017.
Office Action for U.S. Appl. No. 15/047,539, dated Aug. 7, 2017.
Office Action for U.S. Appl. No. 14/830,035, dated Aug. 28, 2017.
Office Action for U.S. Appl. No. 13/098,490, dated Aug. 24, 2017.
Office Action for U.S. Appl. No. 13/786,328, dated Aug. 21, 2017.

Related Publications (1)

	Number	Date	Country
	20160173393 A1	Jun 2016	US

Provisional Applications (1)

	Number	Date	Country
	61649034	May 2012	US

Continuations (1)

	Number	Date	Country
Parent	13890150	May 2013	US
Child	15047539		US

Network feedback in software-defined networks

Information

Patent Number

Date Filed

Date Issued

Inventors

Original Assignees

Examiners

Agents

CPC

Field of Search

CPC

International Classifications

Disclaimer

Term Extension

Abstract