Real Time Touch



new TOP 200 Companies filing patents this week

new Companies with the Most Patent Filings (2010+)




Real Time Touch

Juniper Networks Inc patents


Recent patent applications related to Juniper Networks Inc. Juniper Networks Inc is listed as an Agent/Assignee. Note: Juniper Networks Inc may have other listings under different names/spellings. We're not affiliated with Juniper Networks Inc, we're just tracking patents.

ARCHIVE: New 2018 2017 2016 2015 2014 2013 2012 2011 2010 2009 | Company Directory "J" | Juniper Networks Inc-related inventors


Methods and apparatus related to a flexible data center security architecture

In one embodiment, edge devices can be configured to be coupled to a multi-stage switch fabric and peripheral processing devices. The edge devices and the multi-stage switch fabric can collectively define a single logical entity. ... Juniper Networks Inc

Traceroute for multi-path routing

In general, techniques are described for extending network connectivity software utilities, such as traceroute, to provide complete visibility into a network topology between a source device and a destination device, even when an intermediate network device may be actively utilizing multiple network links when forwarding packets toward the destination. In one example, a network device coupled to a plurality of paths and positioned between a source network device and destination network device may receive a traceroute packet. ... Juniper Networks Inc

Detecting a transceiver using a noise optical signal

A method may include causing a signal to be transmitted that includes a plurality of wavelengths. The signal may be transmitted via an optical fiber that is associated with a particular wavelength. ... Juniper Networks Inc

Method for monitoring and correction of adjacent channel penalty in coherent optical transmission

In some embodiments, an apparatus includes a processor configured to receive a set of digital samples associated with a set of optical signals received at a coherent optical receiver. The set of digital samples is associated with a set of optical channels. ... Juniper Networks Inc

Network interface card switching for virtual networks

In some examples, a computing device comprises a virtual network endpoint; a network interface card (nic) comprising a first hardware component and a second hardware component, wherein the first hardware component and the second hardware component provide separate packet input/output access to a physical network interface of the nic, wherein the nic is configured to receive a packet inbound from the physical network interface; and a virtual router to receive the packet from the nic and output, using the first hardware component, in response to determining a destination endpoint of the packet is the virtual network endpoint, the packet back to the nic, wherein the nic is further configured to switch, in response to receiving the packet from the virtual router, the packet to the virtual network endpoint and to output, using the second hardware component, the packet to the virtual network endpoint.. . ... Juniper Networks Inc

Network server having hardware-based virtual router integrated circuit for virtual networking

A high-performance, scalable and drop-free data center switch fabric and infrastructure is described. The data center switch fabric may leverage low cost, off-the-shelf packet-based switching components (e.g., ip over ethernet (ipoe)) and overlay forwarding technologies rather than proprietary switch fabric. ... Juniper Networks Inc

Granular offloading of a proxied secure session

A device may receive encrypted traffic associated with a secure session. The device may determine, based on the encrypted traffic, information associated with an offload service to be applied to the encrypted traffic associated with the secure session. ... Juniper Networks Inc

Managing flow table entries for express packet processing based on packet priority or quality of service

A device may receive a packet associated with a flow and may identify a capacity indicator associated with a flow table. The capacity indicator may indicate an available storage capacity associated with the flow table. ... Juniper Networks Inc

Installing active flows in a forwarding table

A device may determine that a route is inactive. Information identifying the route may be stored in a forwarding plane portion of a forwarding table and a control plane portion of the forwarding table. ... Juniper Networks Inc

Protocol independent multicast sparse mode (pim-sm) support for data center interconnect

Techniques are described for utilizing protocol independent multicast sparse mode (pim-sm) to transport bum (broadcast, unknown unicast, and multicast) traffic in a virtual extensible lan (vxlan) underlay of a data center, where the bum traffic is received on active-active, multi-homed ethernet virtual private network (evpn) interconnects between multiple physical data centers. For example, the techniques may readily be applied to support usage of pim-sm where provider edge (pe) routers of the evpn operate as gateways between the evpn and the vxlan spanning the data center interconnect.. ... Juniper Networks Inc

Consistent flow assignment in load balancing

A device may receive first information identifying multiple server devices and second information identifying multiple flows. The device may assign the multiple flows to the multiple server devices in a first order. ... Juniper Networks Inc

Systems and methods for propagating metadata of in-flight packets within kernel space

The disclosed computer-implemented method may include (1) identifying, in kernel space on a network device, a packet that is destined for a remote device, (2) passing, along with the packet, metadata for the packet to a packet buffer in kernel space on the network device, (3) framing, by the kernel module in kernel space, the packet such that the packet egresses via a tunnel interface driver on the network device, (4) encapsulating, by the tunnel interface driver, the packet with the metadata, and then (5) forwarding, by the tunnel interface driver, the packet to the remote device based at least in part on the metadata with which the packet was encapsulated. Various other methods, systems, and computer-readable media are also disclosed.. ... Juniper Networks Inc

Optical cladding layer design

Embodiments of the invention describe apparatuses, optical systems, and methods related to utilizing optical cladding layers. According to one embodiment, a hybrid optical device includes a silicon semiconductor layer and a iii-v semiconductor layer having an overlapping region, wherein a majority of a field of an optical mode in the overlapping region is to be contained in the iii-v semiconductor layer. ... Juniper Networks Inc

Methods and apparatus for tracking data flow based on flow state values

In one embodiment, a processor-readable medium storing code representing instructions that when executed by a processor cause the processor to update, at a memory location, a first flow state value associated with a data flow to a second flow state value when at least one of a packet from the data flow is received or the memory location is selected after a time period has expired. At least a portion of the packet is analyzed when the second flow state value represents a flow rate of a network data flow anomaly.. ... Juniper Networks Inc

07/26/18 / #20180212699

Optical transceiver with external laser source

A wavelength division multiplexing (wdm) transceiver module comprising an optical port and an optical modulator is disclosed herein. The optical port includes a data transmit and receive optical fiber connector and a laser source-in optical fiber connector. ... Juniper Networks Inc

07/19/18 / #20180205670

Network device data plane sandboxes for third-party controlled packet forwarding paths

In some examples, a network device comprises a first application and a second application; a forwarding unit comprising an interface card to receive a packet; a packet processor; an internal forwarding path of the forwarding unit; a forwarding unit processor; a first interface; and a second interface. The first application is configured to configure, via the first interface, the internal forwarding path to include a sandbox that comprises a container for instructions to be configured inline within the internal forwarding path. ... Juniper Networks Inc

07/19/18 / #20180204003

Identifying an evasive malicious object based on a behavior delta

A security device may receive actual behavior information associated with an object. The actual behavior information may identify a first set of behaviors associated with executing the object in a live environment. ... Juniper Networks Inc

07/19/18 / #20180203188

Atomic layer deposition bonding for heterogeneous integration of photonics and electronics

Methods and systems are presented for heterogeneous integration of photonics and electronics with atomic layer deposition (ald) bonding. One method includes operations for forming a compound semiconductor and for depositing (e.g., via atomic layer deposition) a continuous film of a protection material (e.g., al2o3) on a first surface of the compound semiconductor. ... Juniper Networks Inc

07/12/18 / #20180198809

Apparatus, system, and method for accelerating security inspections using inline pattern matching

The disclosed apparatus may include a physical processing that (1) receives, at a network device, a packet that is destined for a computing device within a network, (2) performs pattern matching on the packet by (a) comparing at least a portion of the packet with a set of signatures that facilitate pattern matching in connection with network traffic and (b) determining, based at least in part on the comparison, that the portion of the packet matches at least one of the signatures, (3) parses, after performing the pattern matching, at least the portion of the packet to determine whether the packet is malicious based at least in part on the portion of the packet, and then (4) upon determining that the portion of the packet is malicious, performs at least one security action in connection with the packet. Various other apparatuses, systems, and methods are also disclosed.. ... Juniper Networks Inc

07/05/18 / #20180192544

Removable board with cooling system for chassis-based electronic equipment

A system may include a removable board that is adapted for inserting into and removing from an enclosure, an electronic component that is attached to the removable board, and a cooling system that is attached to the removable board. The cooling system may include a first heat exchanger that is attached to the electronic component by a physical interface. ... Juniper Networks Inc

07/05/18 / #20180191783

Selectively applying internet protocol security (ipsec) encryption based on application layer information

A network device may receive a packet flow, and may identify an application associated with the packet flow. The network device may determine that packets associated with the application are not to be encrypted using a security protocol. ... Juniper Networks Inc

07/05/18 / #20180191743

Reputation-based application caching and white-listing

A device may classify an application, associated with an endpoint, based on traffic associated with the endpoint. The device may determine a reputation score associated with the endpoint. ... Juniper Networks Inc

07/05/18 / #20180191683

Verifying firewall filter entries using rules associated with an access control list (acl) template

A device may receive a firewall filter entry that includes one or more match conditions associated with filtering network traffic. The device may identify an access control list (acl) template associated with the firewall filter entry. ... Juniper Networks Inc

07/05/18 / #20180191650

Publish-subscribe based exchange for network services

A publication exchange device may receive information that identifies a subscriber device, and may receive a set of subscription keys associated with subscribed-to network event information to be provided to the subscriber device. The publication exchange device may receive published network event information from one or more publisher devices, and may determine that the published network event information includes information that matches the set of subscription keys. ... Juniper Networks Inc

07/05/18 / #20180191618

Multi-stage switching fabric that uses reserved output ports

A network device may receive network traffic, originating from an input component, via a first set of input ports of a first switching element. The first switching element may be included in a stage of a multi-stage switching fabric. ... Juniper Networks Inc

07/05/18 / #20180191612

Performing a service on a packet

A first device may receive first route information, from a second device, identifying a first route to the second device for a packet to be provided toward a destination via the second device. The first device may generate second route information identifying a second route to the first device for the packet. ... Juniper Networks Inc

07/05/18 / #20180191610

Media access control address and internet protocol address binding proxy advertisement for network devices of a network

A device may receive, via a first message, first route information for directing network traffic for a network. The first route information may identify a media access control (mac) route corresponding to a mac address associated with a host device connecting to a subnet of the network. ... Juniper Networks Inc

07/05/18 / #20180191607

Network service application and customer-aware virtualized network function placement

In general, techniques are described for placing, for execution, virtualized network functions (vnfs) for network services to virtual hardware components of a network function virtualization infrastructure (nfvi) having a multi-layer switch hierarchy to locate vnfs that are adjacent, in an ordering within a network service or between network services, logically near to one another in the multi-layer switch hierarchy.. . ... Juniper Networks Inc

07/05/18 / #20180191597

Dynamic distribution of network entities among monitoring agents

Techniques are described for dynamically distributing entity monitoring assignments to a plurality of monitoring agents. In one example, processors of a co-location facility execute a plurality of network services monitoring agents. ... Juniper Networks Inc

07/05/18 / #20180191515

Multicast flow prioritization

Techniques are described for multicast flow prioritization in protocol independent multicast (pim) networks with multicast flow limits. According to the disclosed techniques, once a router has reached its multicast flow limit, the router may preempt an installed lower priority multicast flow with a newly requested higher priority multicast flow. ... Juniper Networks Inc

06/28/18 / #20180184515

Cross-talk reduction for high speed signaling at ball grid array region and connector region

A multilayered printed circuit board (pcb) may include a plurality of pads associated with facilitating a connection to a component. The component may include a first edge and a second edge. ... Juniper Networks Inc

06/28/18 / #20180183706

Apparatus, system, and method for distributing routing-protocol information in clos fabrics

The disclosed method may include (1) identifying, at a first node, a preconfigured level of the first node, (2) receiving, at the first node from a second node, a neighbor advertisement that includes a preconfigured level of the second node, (3) determining that a difference between the preconfigured level of the first node and the preconfigured level of the second node is equal to one, (4) recording, at the first node based on the difference being equal to one, an adjacency relationship between the first node and the second node, (5) transmitting a first type of routing-protocol packet from the first node to the second node based on the adjacency relationship, and (6) refraining from transmitting a second type of routing-protocol packet from the first node to the second node based on the adjacency relationship. Various other apparatuses, systems, and methods are also disclosed.. ... Juniper Networks Inc

06/28/18 / #20180183673

Allocating and advertising available bandwidth due to switching fabric degradation

A network device may detect a reduced switching fabric bandwidth due to switching fabric degradation of a switching fabric. The network device may allocate the reduced switching fabric bandwidth to one or more interfaces of a packet processor. ... Juniper Networks Inc

06/28/18 / #20180181390

Automatic scaling of microservices applications

A device may receive information identifying a set of tasks to be executed by a microservices application that includes a plurality of microservices. The device may determine an execution time of the set of tasks based on a set of parameters and a model. ... Juniper Networks Inc

06/21/18 / #20180176257

Rule placement in network devices

A device receives a new rule construct that includes a source address or a destination address, and at least one parameter, where the new rule construct includes a new rule to be provided to a network. The device identifies network devices, of the network, to which the new rule is to be provided based on the new rule construct, and determines a proper position for the new rule, in a list of existing rules provided in each network device, based on the new rule construct and information associated with the network devices. ... Juniper Networks Inc

06/21/18 / #20180176121

Optimizing information related to a route and/or a next hop for multicast traffic

A first device may receive information that identifies a second device. The second device may be connected to the first device or a third device. ... Juniper Networks Inc

06/21/18 / #20180176120

Maintaining coherency in distributed operating systems for network devices

In general, techniques are described for maintaining coherency in distributed operating systems for network devices. A network device comprising hardware computing nodes may be configured to perform the techniques. ... Juniper Networks Inc

06/21/18 / #20180176093

Organizing execution of distributed operating systems for network devices

In general, techniques are described for organizing execution of distributed operating systems for network devices. A device comprising hardware computing nodes may be configured to perform the techniques. ... Juniper Networks Inc

06/21/18 / #20180176082

Communicating state information in distributed operating systems

In general, techniques are described for communicating state information in distribute operating system. A network device comprises a first hardware node and a second hardware node. ... Juniper Networks Inc

06/21/18 / #20180176077

Apparatus, system, and method for secure remote configuration of network devices

The disclosed apparatus may include an encryption device that signs information exchanged between network devices to ensure the integrity of the information. The disclosed apparatus may also include a network device communicatively coupled to the encryption device, wherein the network device (1) obtains geo-location information that identifies the location of the network device, (2) directs the encryption device to sign the geo-location information to ensure the integrity of the geo-location information, (3) provides the signed geo-location information to a remote management system that manages the configuration of the network device based at least in part on the geo-location information, and (4) receives a configuration profile that modifies the configuration of the network device to account for the current location of the network device from the remote management system. ... Juniper Networks Inc

06/21/18 / #20180176075

Deadlock avoidance using modified ethernet connectivity fault management signaling

A first maintenance endpoint (mep) device may identify that a first interface of the first mep device is associated with a connectivity failure. The first mep device may provide, to a second mep device, a first continuity check message (ccm), that includes a mep identifier of the first mep device. ... Juniper Networks Inc

06/21/18 / #20180176028

System for avoiding traffic flooding due to asymmetric mac learning and achieving predictable convergence for pbb-evpn active-active redundancy

In one example, a method includes performing l2 learning of a c-mac address included in a first l2 data message by a first provider edge (pe) router included in an ethernet segment of a provider-backbone bridging ethernet virtual private network (pbb-evpn); sending to a second pe router within the ethernet segment an l2 control message comprising the c-mac address and a b-mac address corresponding to the ethernet segment of the pbb-evpn, wherein the l2 control message informs the second pe router of the reachability of the c-mac address through the first pe router; receiving, by the first pe router and from the second pe router, a second l2 data message as unicast traffic destined for the c-mac address; and forwarding the second l2 data message to the first ce router.. . ... Juniper Networks Inc

06/21/18 / #20180173557

Physical path determination for virtual network packet flows

In general, techniques are described for configuring and managing virtual networks. For example, a distributed virtual network controller is described that configures and manages an overlay network within a physical network formed by plurality of switches. ... Juniper Networks Inc

06/14/18 / #20180167705

Methods and apparatus for a flattened data center network employing wavelength-agnostic endpoints

In some embodiments, a system includes a set of servers, a set of switches within a switch fabric, and an optical device. The optical device is operatively coupled to the set of servers via a first set of optical fibers. ... Juniper Networks Inc

06/14/18 / #20180167294

Subscriber-aware twamp data monitoring in computer networks

Techniques are described for performing subscriber aware two-way active measurement protocol (twamp) data session provisioning between two endpoints in a computer network. For example, the disclosed techniques include extending twamp control messaging to include a communication mode for negotiating subscriber-aware twamp data monitoring. ... Juniper Networks Inc

06/14/18 / #20180167207

Decryption of secure sockets layer sessions having enabled perfect forward secrecy using a diffie-hellman key exchange

A device may receive client cipher information, associated with initiating a secure session, identifying at least one key exchange cipher supported by a client device associated with the secure session. The device may determine, based on the client cipher information, that a diffie-hellman key exchange is to be used to establish the secure session. ... Juniper Networks Inc

06/14/18 / #20180164501

High-efficiency optical waveguide transitions

Embodiments describe high-efficiency optical waveguide transitions—i.e., creating heterogeneous transitions between si and iii-v semiconductor regions or devices with minimal reflections. This is advantageous for iii-v device performance, e.g. ... Juniper Networks Inc

05/31/18 / #20180152286

Efficient unicast signaling in a precision time protocol enabled packet network

A first device may provide, to a second device, a first message that includes a first request for a first type of precision time protocol (ptp) message and a second request for a second type of ptp message. The first device may receive, from the second device, a second message based on the first message. ... Juniper Networks Inc

05/24/18 / #20180145917

Methods and apparatus for flow-controllable multi-staged queues

In one embodiment, a method includes sending a first flow control signal to a first stage of transmit queues when a receive queue is in a congestion state. The method also includes sending a second flow control signal to a second stage of transmit queues different from the first stage of transmit queues when the receive queue is in the congestion state.. ... Juniper Networks Inc

05/17/18 / #20180139228

Apparatus, system, and method for protecting against denial of service attacks using one-time cookies

The disclosed apparatus may include (1) a storage device that stores a set of cookies that facilitate authenticating packets received from a node within a network and (2) a processing unit communicatively coupled to the storage device, wherein the processing unit (a) receives at least one packet from the node, (b) identifies a cookie included in the packet received from the node, (c) searches the set of cookies stored in the storage device for the cookie included in the packet received from the node, (d) identifies, during the search of the set of cookies, the cookie included in the packet and (e) protects against a dos attack by authenticating the legitimacy of the packet based at least in part on the cookie included in the packet being identified in the set of cookies stored in the storage device. Various other apparatuses, systems, and methods are also disclosed.. ... Juniper Networks Inc

05/17/18 / #20180139173

Method and apparatus for implementing a fibre channel zone policy

In some embodiments, an apparatus includes a first network switch configured to be within a fibre channel over ethernet (fcoe) network, which has a set of network switches including the first network switch. The first network switch is configured to receive, from a first network device, a login signal including a proposed logical identifier for the first network device. ... Juniper Networks Inc

05/17/18 / #20180139128

Semantic information for labels in border gateway protocol

A device may receive a set of border gateway protocol labels via a set of corresponding border gateway protocol messages. A border gateway protocol label, of the set of border gateway protocol labels, may be associated with a label descriptor attribute. ... Juniper Networks Inc

05/17/18 / #20180138970

Methods and apparatus for self healing of an optical transceiver in a wavelength division multiplexing (wdm) system

In some embodiments, an apparatus includes an optical transceiver that includes a first set of electrical transmitters operatively coupled to a switch. Each electrical transmitter from the first set of electrical transmitters is configured to transmit an electrical signal from a set of electrical signals. ... Juniper Networks Inc

05/17/18 / #20180138658

Optical amplifier including multi-section gain waveguide

Described herein are methods, systems, and apparatuses to utilize a semiconductor optical amplifier (soa) comprising a silicon layer including a silicon waveguide, a non-silicon layer disposed on the silicon layer and including a non-silicon waveguide, first and second mode transition region comprising tapers in the silicon waveguide and/or the non-silicon waveguide for exchanging light between the waveguide, and a plurality of regions disposed between the first and second mode transition regions comprising different cross-sectional areas of the silicon waveguide and the non-silicon waveguide such that confinement factors for the non-silicon waveguide in each of the plurality of regions differ.. . ... Juniper Networks Inc

05/10/18 / #20180131561

Multi-stage switch fabric fault detection and handling

In some examples, a switching system includes a plurality of fabric endpoints and a multi-stage switching fabric having a plurality of fabric planes each having a plurality of stages to switch data units between any of the plurality of fabric endpoints. A fabric endpoint of the fabric endpoints is configured to send, to a switch of a first one of the stages and within a first fabric plane of the plurality of fabric planes, a self-ping message destined for the fabric endpoint. ... Juniper Networks Inc

05/03/18 / #20180123947

Dynamic modification of bypass label-switched paths based on monitoring network traffic conditions

A device may configure a dynamic set of bypass label-switched paths (lsps), to protect one or more protected lsps, based on configuration information. The dynamic set of bypass lsps may be initially configured to include zero or more bypass lsps. ... Juniper Networks Inc

05/03/18 / #20180123869

Multicast only fast re-route over remote loop-free alternate backup path

Techniques are described for enhancements to protocol independent multicast (pim) to support multicast only fast re-route (mofrr) over a remote loop free alternate (rlfa) backup path in a network. This disclosure describes a modified pim control message having a new pim message type and an additional field to indicate an address of a rlfa network device in the rlfa backup path. ... Juniper Networks Inc

04/19/18 / #20180109348

Optical transceiver with external laser source

A wavelength division multiplexing (wdm) transceiver module comprising an optical port and an optical modulator is disclosed herein. The optical port includes a data transmit and receive optical fiber connector and a laser source-in optical fiber connector. ... Juniper Networks Inc

04/12/18 / #20180102628

Integrated wavelength locker

Described are various configurations of integrated wavelength lockers including asymmetric mach-zehnder interferometers (amzis) and associated detectors. Various embodiments provide improved wavelength-locking accuracy by using an active tuning element in the amzi to achieve an operational position with high locking sensitivity, a coherent receiver to reduce the frequency-dependence of the locking sensitivity, and/or a temperature sensor and/or strain gauge to computationally correct for the effect of temperature or strain changes.. ... Juniper Networks Inc

04/12/18 / #20180102627

Integrated wavelength locker

Described are various configurations of integrated wavelength lockers including asymmetric mach-zehnder interferometers (amzis) and associated detectors. Various embodiments provide improved wavelength-locking accuracy by using an active tuning element in the amzi to achieve an operational position with high locking sensitivity, a coherent receiver to reduce the frequency-dependence of the locking sensitivity, and/or a temperature sensor and/or strain gauge to computationally correct for the effect of temperature or strain changes.. ... Juniper Networks Inc

04/12/18 / #20180100967

Integrated wavelength locker

Described are various configurations of integrated wavelength lockers including asymmetric mach-zehnder interferometers (amzis) and associated detectors. Various embodiments provide improved wavelength-locking accuracy by using an active tuning element in the amzi to achieve an operational position with high locking sensitivity, a coherent receiver to reduce the frequency-dependence of the locking sensitivity, and/or a temperature sensor and/or strain gauge to computationally correct for the effect of temperature or strain changes.. ... Juniper Networks Inc

04/05/18 / #20180097726

Rsvp make-before-break label reuse

Techniques are described for reusing downstream-assigned labels when establishing a new instance of a label switched path (lsp) prior to tearing down an existing instance of the lsp using make-before-break (mbb) procedures for rsvp. The techniques enable a routing engine of any non-ingress router along a path of the new lsp instance to reuse a previously allocated label for the existing lsp instance as the downstream assigned label for the new lsp instance when the paths of the existing lsp instance and the new lsp instance overlap. ... Juniper Networks Inc

04/05/18 / #20180097725

Multiple paths computation for label switched paths

In general, techniques are described for identifying a result set of multiple paths through a network for one or more label switched paths between a source node and a destination node. In some examples, the identified paths are computed to be broadly separate to avoid overlapping network elements. ... Juniper Networks Inc

04/05/18 / #20180097719

Deterministically selecting a bypass lsp for a defined group of protected lsps

In one example, a method includes receiving, by a network device, first data defining a group of lsps, receiving second data defining one or more constraints for one or more bypass lsps, and receiving third data defining a mapping between the group of lsps and the one or more bypass lsps. The method also includes, in response to receiving the third data, automatically signaling, by the network device, a bypass lsp in accordance with the one or more constraints, selecting, by the network device and based on the mapping, a respective alternate next hop for rerouting network traffic received on each lsp of the group of lsps to the signaled bypass lsp, and programming a forwarding component of the network device to install each of the respective alternate next hops as alternate next hops to primary next hops for the lsps of the group of lsps.. ... Juniper Networks Inc

03/29/18 / #20180092012

Methods and apparatus for virtual soft handoff

In some embodiments, a non-transitory processor-readable medium includes code to cause a processor to receive at a tunnel server, a data unit addressed to a communication device, and define, a first instance of the data unit and a second instance of the data unit. The first instance of the data unit is sent to the communication device via a first tunnel defined between at least the tunnel server and a first base station associated with a first network. ... Juniper Networks Inc

03/29/18 / #20180091603

Session-identifer based twamp data session provisioning in computer networks

Techniques are described for performing session identifier (“sid”) based two-way active measurement protocol (twamp) data session provisioning between two endpoints in a computer network. According to the techniques, a sid assigned to each data session is used to uniquely identify the data session, instead of a source and destination address/port pairs. ... Juniper Networks Inc

03/29/18 / #20180091474

Predicting firewall rule ranking value

A device may obtain information regarding firewall rules. The information, for a firewall rule of the firewall rules, may include one or more match condition values and a ranking value. ... Juniper Networks Inc

03/29/18 / #20180091445

Evpn designated forwarder state propagation to customer edge devices using connectivity fault management

Techniques are described to provide designated forwarder state propagation to customer edge network devices using connectivity fault management (cfm) so as to ensure that customer edge (ce) network devices are aware of a change in designated forwarder election in an ethernet virtual private network (evpn). In one example, a method includes determining a change in designated forwarder election from a provider edge (pe) network device to another pe device; in response to the change in designated forwarder election, configuring a message including at least a client-facing interface status of the first pe device, wherein the client-facing interface status included in the message is configured as an indicator of a result of the change in designator forwarder election; and transmitting the message to the multi-homed ce device.. ... Juniper Networks Inc

03/29/18 / #20180091444

Methods and apparatus related to virtualization of data center resources

In one embodiment, an apparatus includes a switch core that has a multi-stage switch fabric. A first set of peripheral processing devices coupled to the multi-stage switch fabric by a set of connections that have a protocol. ... Juniper Networks Inc

03/29/18 / #20180091420

Distributing service function chain data and service function instance data in a network

In some examples, a computing device comprises a first service function instance to apply a service function and a service function forwarder to: receive a first layer 3 routing protocol route advertisement that includes service function instance data for a second service function instance, the service function instance data indicating a service function type and a service identifier for the service function instance; receive a second layer 3 routing protocol route advertisement that includes service function chain data for a service function chain, the service function chain data indicating a service path identifier and one or more service function items; and send, to the second service function instance and based at least on determining a service function item of the one or more service function items indicates the second service function instance, a packet classified to the service function chain.. . ... Juniper Networks Inc

03/29/18 / #20180091419

Symmetric intersubnet traffic load balancing in multihomed networks

A device may receive a network address associated with a destination device. The network address may identify the destination device based on layer 3 of the open systems interconnection model. ... Juniper Networks Inc

03/22/18 / #20180083870

Simple hierarchical label-switched paths

A device may identify a portion of a label-switched path (lsp) on which a simple hierarchical lsp (sh-lsp) is to be used for transferring traffic via a network. The device may determine attribute information associated with the sh-lsp. ... Juniper Networks Inc

03/15/18 / #20180077060

Multicast flow overlay using registration over a reliable transport

An example method includes exchanging targeted hello messages to establish a targeted neighbor connection between a first routing device and a second routing device, wherein one of the routing devices comprises a central routing device, and wherein another one of the routing devices comprises an ingress routing device. The example method further includes processing a source-active register message that specifies a source address and an identifier that are collectively associated with a multicast stream, and wherein the source-active register message further indicates whether the multicast stream is active or withdrawn. ... Juniper Networks Inc

03/15/18 / #20180077050

Preventing data traffic loops associated with designated forwarder selection

A device may receive a route identifier that includes a range identifier or a configuration identifier. The range identifier may identify a range of broadcast domain identifiers associated with a first device. ... Juniper Networks Inc

03/15/18 / #20180076901

Detection and compensation of power imbalances for a transmitter

An optical device may include a transmitter to provide an optical signal via a set of channels and a modulator. The optical device may include two or more tributary modulators to modulate the set of channels with a training pattern. ... Juniper Networks Inc

03/08/18 / #20180069715

Multicasting within distributed control plane of a switch

In some embodiments, a non-transitory processor-readable medium stores code representing instructions configured to cause a processor to receive, from an access switch, a first signal including forwarding state information associated with a first peripheral processing device from a set of peripheral processing devices. The code can further represent instructions configured to cause the processor to receive, from the first peripheral processing device, a second signal including a data packet. ... Juniper Networks Inc

03/01/18 / #20180062999

Filtering and route lookup in a switching device

Methods and devices for processing packets are provided. The processing device may include an input interface for receiving data units containing header information of respective packets; a first module configurable to perform packet filtering based on the received data units; a second module configurable to perform traffic analysis based on the received data units; a third module configurable to perform load balancing based on the received data units; and a fourth module configurable to perform route lookups based on the received data units.. ... Juniper Networks Inc

03/01/18 / #20180062966

Selective transmission of bidirectional forwarding detection (bfd) messages for verifying multicast connectivity

A network device may identify first interfaces used by the network device to communicate with other network devices. The network device may use second interfaces to communicate with multicast receiver devices that are different from the other network devices. ... Juniper Networks Inc

03/01/18 / #20180062753

Methods and apparatus for low-loss reconfigurable optical quadrature amplitude modulation (qam) signal generation

In some embodiments, an apparatus includes a quadrature amplitude modulation (qam) optical modulator which includes a first phase modulator (pm), a second pm, a tunable optical coupler (toc), and an optical combiner (oc). The toc is configured to split a light wave at an adjustable power splitting ratio to produce a first split light wave and a second split light wave. ... Juniper Networks Inc

02/01/18 / #20180034776

Filtering data using malicious reference information

A device may receive data from a first endpoint device. The device may identify a network protocol. ... Juniper Networks Inc

02/01/18 / #20180034667

Adaptive load balancing for single active redundancy using evpn designated forwarder election

A provider edge (pe) device may receive an indication to perform a designated forwarder (df) election associated with a network segment that includes the pe device, one or more other pe devices, and a client edge (ce) device. The pe device, the one or more other pe devices, and the ce device may be associated with an ethernet virtual private network (evpn) that includes a group of evpn instances (evis). ... Juniper Networks Inc

02/01/18 / #20180034648

Communicating igmp leave requests between load-balanced, multi-homed provider-edge routers in an ethernet virtual private network

In general, the disclosure describes techniques for communicating multicast group leave requests between two or more load-balanced, multi-homed pe routers included in an ethernet virtual private network (evpn). The techniques of the disclosure enable the two or more pe routers to synchronize igmp state and routing information amongst one another to ensure that the one of the multi-homed pe routers elected as the designated forwarder (df) ceases forwarding the multicast group traffic to the ce router, even if it is not the pe router that receives the igmp leave request.. ... Juniper Networks Inc

01/18/18 / #20180020060

Method, system, and apparatus for reducing the size of route updates

The disclosed method may include (1) establishing a communication session between a plurality of network nodes to enable the plurality of network nodes to exchange route updates with one another, and then during the communication session, (2) detecting, at one of the network nodes, at least one route update to send to another one of the network nodes, (3) compressing, at the network node, the route update to reduce an amount of data included in the route update, and then upon compressing the route update, (4) sending the compressed route update to the other network node to enable the other network node to forward traffic along a path whose route is advertised in the compressed route update. Various other methods, systems, and apparatuses are also disclosed.. ... Juniper Networks Inc

01/04/18 / #20180007809

Mechanism to provide physical location information to any network device

An apparatus may be configured to be mounted on a rack. The apparatus may include a communication component. ... Juniper Networks Inc

01/04/18 / #20180007064

Malware detection using internal and/or external malware detection operations

A system may determine to perform an internal and an external malware detection operation to detect a malware infection associated with a client device. The system may perform the internal operation by modifying an environment, executing on a particular device, to form a modified environment. ... Juniper Networks Inc

01/04/18 / #20180007063

Selective verification of signatures by network nodes

A network node may include one or more processors. The one or more processors may receive a message that is associated with one or more signatures and one or more second signatures. ... Juniper Networks Inc

01/04/18 / #20180006995

Layer 3 convergence for evpn link failure

A network device is configured to provide, via an ethernet segment with a customer network, active-active multi-homing l2 virtual bridge connectivity to the customer network using an evpn instance (evi) and l3 routing using an irb interface that is a l3 routing interface assigned to the evi; to receive, from a peer pe device of the evpn instance, an evpn route comprising an l2-l3 binding for a customer device of the customer network and associating the l2-l3 binding with the ethernet segment, the l2-l3 binding comprising an l2 and an l3 address assigned to the customer device, wherein the peer pe device provides, with the network device and via the ethernet segment, active-active multi-homing l2 virtual bridge connectivity to the customer network; and to forward, via the ethernet segment and based at least on the l2-l3 binding received from the peer pe device, an l3 packet to the customer device.. . ... Juniper Networks Inc

01/04/18 / #20180006962

Generating automatic bandwidth adjustment policies per label-switched path

A device may identify a plurality of first values associated with network traffic of a label-switched path of a plurality of label-switched paths. The device may determine an adjustment policy based on the plurality of first values. ... Juniper Networks Inc

01/04/18 / #20180006959

Disaggregated broadband network gateway functionality for efficient content delivery network peering

A first device may receive information that assigns a function related to network traffic associated with a content delivery network. The first device may implement the function based on the information that assigns the function. ... Juniper Networks Inc

01/04/18 / #20180006948

Bandwidth management for resource reservation protocol lsps and non-resource reservation protocol lsps

In general, techniques described are for bandwidth sharing between resource reservation protocol label switched paths (lsps) and non-resource reservation protocol lsps. For example, in networks where resource reservation protocol lsps and non-resource reservation protocol lsps co-exist within the same domain, resource reservation protocol lsps and non-resource reservation protocol lsps may share link bandwidth. ... Juniper Networks Inc

01/04/18 / #20180006944

Processing data flows based on information provided via beacons

A first component of a network device may provide an offload request to a second component of the network device to offload a data flow from the first component. The offload request may direct the second component to provide the data flow towards a destination device and bypass the first component. ... Juniper Networks Inc

01/04/18 / #20180006942

Remotely updating routing tables

A network device may receive an instruction to update a data structure implemented by the network device and update the data structure based on receiving the instruction. The data structure may include a routing instruction to direct the network device to provide a data flow to a server device for processing. ... Juniper Networks Inc

01/04/18 / #20180006935

Auto discovery and auto scaling of services in software-defined network environment

Techniques are described for automatic discovery of two or more virtual service instances configured to apply a given service to a packet in a software-defined networking (sdn)/network functions virtualization (nfv) environment. Virtual service instances may be deployed as virtual entities hosted on one or more physical devices to offer individual services or chains of services from a service provider. ... Juniper Networks Inc

01/04/18 / #20180006925

Automatically detecting an error in a communication and automatically determining a source of the error

A device may monitor a communication between network devices for an error associated with the communication. The device may detect the error associated with the communication between the network devices. ... Juniper Networks Inc

01/04/18 / #20180006920

Monitoring packet residence time and correlating packet residence time to input sources

An output circuit, included in a device, may determine counter information associated with a packet provided via an output queue managed by the output circuit. The output circuit may determine that a latency event, associated with the output queue, has occurred. ... Juniper Networks Inc

12/28/17 / #20170373973

Signaling ip address mobility in ethernet virtual private networks

In some examples, a provider edge device provides l2 virtual bridge connectivity for at least one customer network using an evpn instance and l3 routing using an irb interface that is a l3 routing interface assigned to the evpn instance; the provider edge device obtains an indication of a new binding for an endpoint device of the at least one customer network, the new binding comprising a first l2 address and a l3 address that are assigned to the endpoint device; and the provider edge device outputs, in response to determining the provider edge device stores a prior binding for the endpoint device of a second l2 address and the l3 address that are assigned to the endpoint device, an evpn route comprising an indication of the new binding and an indication the new binding is an updated binding of the prior binding for the endpoint device.. . ... Juniper Networks Inc

12/21/17 / #20170366452

Service chaining within computer networks

Techniques are described for providing session-aware, stateful network services to subscriber packet flows. Devices within a service provider network direct subscriber packets along service chains. ... Juniper Networks Inc

12/21/17 / #20170366444

Scaled inter-domain metrics for link state protocols

In general, techniques are described by which to provide a scaled end-to-end view of link metrics to integrate multiple non-uniform interior gateway protocol (“igp”) domains. For example, an accumulated interior gateway protocol (“aigp”) attribute, a non-transitive bgp attribute, which includes a link metric assigned to a link within a first igp domain, is scaled to conform to a metric scale of the second igp domain. ... Juniper Networks Inc

12/21/17 / #20170366437

Extended ping protocol for determining status for remote interfaces without requiring network reachability

An extend ping protocol is described that allow connectivity tests to be performed for individual network interfaces of a target device without requiring network reachability between the testing device and the remote interface whose status is being queried. Moreover, the extend ping protocol supports a plurality of different probe types that allow an administrator to control how identification information within an extended ping echo request is resolved to the unreachable interfaces.. ... Juniper Networks Inc

12/21/17 / #20170366286

Master/slave negotiation associated with a synchronous ethernet network

A device may determine a link master/slave relationship for an ethernet link associated with a connection between a component of the device and a component of another device. The device may determine that synchronous ethernet (synce) is to be enabled on the ethernet link. ... Juniper Networks Inc

12/14/17 / #20170359758

Preserving mobile network session data during radio access technology handover

An example gateway device determines that a first policy, applicable to a subscriber device when the subscriber device is coupled to a first access network, indicates that packets from the subscriber device are to be sent to a service device, and forwards a first set of packets from the subscriber device to the service device while the subscriber device is coupled to the first access network. After determining that the subscriber device has become coupled to a second access network of the plurality of access networks, the gateway device determines that a second policy, for the subscriber device when the subscriber device is coupled to the second access network, does not indicate that packets should be sent to the service device, but nevertheless forwards a second set of packets from the subscriber device to the service device while the subscriber device is coupled to the second access network.. ... Juniper Networks Inc

12/07/17 / #20170353402

Supplemental connection fabric for chassis-based network device

A system may receive, by a switching component of the system, network traffic to be provided to an i/o component of the network device. The system may route, by the switching component, the network traffic to the i/o component based on whether the i/o component is connected to the switching component via the first connections and/or via second connections. ... Juniper Networks Inc

12/07/17 / #20170351124

Dissipating heat from an active region of an optical device

A device, such as an electroabsorption modulator, can modulate a light intensity by controllably absorbing a selectable fraction of the light. The device can include a substrate. ... Juniper Networks Inc

11/30/17 / #20170346838

Detecting a malicious file infection via sandboxing

A device may receive a trigger to determine whether a malicious file is operating on a client device. The device may determine a network activity profile associated with the malicious file based on receiving the trigger to determine whether the malicious file is operating on the client device. ... Juniper Networks Inc

11/30/17 / #20170346827

Using a probability-based model to detect random content in a protocol field associated with network traffic

A device may receive network traffic. The device may identify candidate text included in a protocol field associated with the network traffic. ... Juniper Networks Inc

11/30/17 / #20170346796

Distributed learning and aging for management of internet protocol (ip) addresses

A device includes a security process unit (spu) associated with a logical ring of spus. The spu receives a packet with an address associated with a malicious source, and creates, based on the packet, an entry in a data structure associated with the spu. ... Juniper Networks Inc

11/30/17 / #20170346763

Switching fabric topology based on traversing asymmetric routes

A system may include a set of 4n packet processors and a switching fabric to interconnect the set of 4n packet processors. The switching fabric may include the following switching elements having a size of at least 3n×3n: a first switching element, a second switching element, a third switching element, and a fourth switching element. ... Juniper Networks Inc

11/30/17 / #20170346703

Monitoring network management activity

A device is configured to receive, from a network device, a first message associated with a network management activity performed by using an application of the network device. The device is further configured to determine whether the first message satisfies a criterion, and to classify the first message based on a type of the application when the first message satisfies the criterion. ... Juniper Networks Inc

11/30/17 / #20170344744

Detecting keylogging

A device may detect or emulate a sequence of keystrokes to be used to detect a keystroke logger application. The device may determine a sequence of characters associated with the sequence of keystrokes. ... Juniper Networks Inc

11/30/17 / #20170344740

Configuring a sandbox environment for malware testing

A device may receive a file to be analyzed in a sandbox environment, and may determine configuration information for configuring the sandbox environment. The configuration information may be determined based on at least one of: file information associated with the file to be analyzed, or client device information associated with a client device for which the file is intended. ... Juniper Networks Inc

11/23/17 / #20170339052

Egress node protection for broadcast, unknown unicast, or multicast traffic in evpn topologies

A first device may receive network traffic including a first label. The first label may be an inclusive multicast label associated with a second device. ... Juniper Networks Inc

11/23/17 / #20170337375

Identifying malware based on a relationship between a downloader file and a downloaded file

A device may analyze a first file for malware. The device may determine that the first file causes a second file to be downloaded. ... Juniper Networks Inc

11/16/17 / #20170331634

Detecting and preventing man-in-the-middle attacks on an encrypted connection

A client device may provide, to a host device, a request to access a website associated with a host domain. The client device may receive, based on the request, verification code that identifies a verification domain and a resource, associated with the verification domain, to be requested to verify a public key certificate. ... Juniper Networks Inc

11/09/17 / #20170324756

Remote remediation of malicious files

A device may determine that a file of a client device is a malicious file. The device may obtain remote access to the client device using a connection tool. ... Juniper Networks Inc

11/09/17 / #20170324679

Multi-chassis switch having a modular center stage chassis

A system may comprise a first group of switches, each switch including a first group of inputs and outputs, and a first group of controllers, each controller being independent from one another and corresponding to a switch of the first group of switches, to selectively control the switch to connect the switch's inputs with outputs. The first group of switches and controllers may be installed in a chassis. ... Juniper Networks Inc

11/09/17 / #20170323101

Dynamically optimizing performance of a security appliance

A device may identify a set of features associated with the unknown object. The device may determine, based on inputting the set of features into a threat prediction model associated with a set of security functions, a set of predicted threat scores. ... Juniper Networks Inc

10/26/17 / #20170310589

Egress peer engineering using ipv4-mapped ipv6 addresses

A first device may determine an internet protocol version r (ipvr) interface address associated with a second device, where r is greater than or equal to four. The first device and the second device may be associated with an external border gateway protocol peering session. ... Juniper Networks Inc

10/26/17 / #20170310587

Efficient synchronization of stored information using a parallel ring network topology

A routing system may include a primary message group to be used for synchronizing stored information. The primary message group may include multiple primary network devices. ... Juniper Networks Inc

10/26/17 / #20170308503

Virtual network optimizing a physical network

One or more devices are configured to receive information regarding network devices associated with a physical network. The one or more devices are configured further to generate configuration data based on the information regarding the network devices. ... Juniper Networks Inc

10/26/17 / #20170308422

Method, system, and apparatus for debugging networking malfunctions within network nodes

The disclosed computer-implemented method for debugging network nodes may include (1) detecting a computing event that is indicative of a networking malfunction within a network node, (2) determining, based at least in part on the computing event, one or more potential causes of the networking malfunction, (3) identifying one or more debugging templates that each define debugging steps that, when performed by a computing system, enable the computing system to determine whether the networking malfunction resulted from any of the potential causes, (4) performing a set of debugging steps defined by one of the debugging templates that corresponds to one of the potential causes, and then (5) determining, based at least in part on the set of debugging steps defined by the debugging template, that the networking malfunction resulted from the potential cause. Various other methods, systems, and apparatuses are also disclosed.. ... Juniper Networks Inc

10/05/17 / #20170289291

Providing user subscription nomadicity in wireline broadband networks

In general, techniques are described for providing user nomadicity in wireline broadband networks. A network device positioned in a wireline broadband network comprising a processor and an interface may be configured to perform the techniques. ... Juniper Networks Inc

10/05/17 / #20170289217

Selectively signaling selective tunnels in multicast vpns

In some examples, a method includes receiving, by a first ingress network device for a network, a source tree join route message from an egress network device for the network, specifying a multicast source and a multicast group, and in response to receiving the source tree join route message, determining, by the ingress network device, whether the multicast source is multi-homed to the network via the first ingress network device and a second ingress network device for the network. The method includes, in response to determining that the multicast source is not multi-homed, forwarding traffic for the multicast source on an inclusive provider tunnel without initiating setup of a selective provider tunnel to the egress network device, and in response to determining that the multicast source is multi-homed, initiating setup of a selective provider tunnel to the egress network device and terminating forwarding multicast traffic on the inclusive provider tunnel.. ... Juniper Networks Inc

10/05/17 / #20170289216

Hot root standby support for multicast

In general, techniques are described for providing hot-root standby in global table multicast (gtm) environments. For example, in such gtm environments, normally a single unicast route to the customer multicast source (“c-source”) will be available to egress provider edge (pe) routers. ... Juniper Networks Inc

10/05/17 / #20170289094

Performing duplicate address detection for an integrated routing and bridging device

A device may activate a layer 3 interface of the device based on activation of a first layer 2 interface associated with the layer 3 interface. The device may detect activation of a second layer 2 interface, associated with the layer 3 interface, after activating the layer 3 interface. ... Juniper Networks Inc

10/05/17 / #20170289028

Label switched path reporting

Techniques are described for reporting, by non-ingress routers for traffic engineering label switched paths (te lsps) and to a path computation element, actual paths taken by the te lsps through the network. A first network device: receives, from a second network device, an lsp path signaling message that includes a route object having a first indication of at least a sub-path of a path for te lsp through a network, wherein the first network device is not an ingress label edge router for the te lsp; generates, in response to the lsp path signaling message and based at least in part on the route object, an lsp path report message that includes a second indication of the at least the sub-path of the path for the te lsp; and sends, to a path computation element, the lsp path report message to notify the pce.. ... Juniper Networks Inc

10/05/17 / #20170289027

Routing inter-as lsps with centralized controller

Techniques are described for routing inter-as lsps with a centralized controller taking inter-as te metric values for inter-as links into account. The inter-as te metric values, e.g., local preference values, med values, or eros, indicate route preferences for routes between ases. ... Juniper Networks Inc

10/05/17 / #20170289013

Method, system, and apparatus for improving forwarding capabilities during route convergence

The disclosed computer-implemented method for improving forwarding capabilities during route convergence may include (1) identifying, at an upstream network device, a set of updated routes that define network paths that have each experienced at least one topology change since the upstream network device last converged with a downstream network device, (2) determining, at the upstream network device, levels of priority for the set of updated routes based at least in part on amounts of traffic that traverse the network paths defined by the set of updated routes, (3) arranging, at the upstream network device, the set of updated routes in a prioritized order in accordance with the levels of priority, and then (4) converging the upstream network device with the downstream network device by sending the set of updated routes in the prioritized order to the downstream network device. Various other methods, systems, and apparatuses are also disclosed.. ... Juniper Networks Inc

10/05/17 / #20170288987

Application signature generation and distribution

A network device may receive network traffic for an application. The network device may identify an application layer protocol being used for the network traffic. ... Juniper Networks Inc

10/05/17 / #20170288970

Mass mac withdrawal for evpn-dci using virtual esi

The techniques described are directed to providing mass withdrawal of media access control (mac) routes for network devices in an ethernet virtual private network data center interconnect (evpn dci). Mac routes to reach the learned mac addresses are stored in routing tables with corresponding top-of-rack ethernet segment identifier (tor-esi) values that represent the ethernet segments from where the mac addresses were learned. ... Juniper Networks Inc

10/05/17 / #20170288948

Failure handling for active-standby redundancy in evpn data center interconnect

Techniques are described for avoiding traffic black-holing in a multi-homed ethernet virtual private networks (evpns) in which a customer device (ce) is multi-homed to a plurality of multi-homing provider edge devices (pes) via respective links of an ethernet segment. An overlay network is created over the ethernet segment, and the multi-homing pes of the evpn are configured with a common anycast ip address for respective virtual network interfaces. ... Juniper Networks Inc

10/05/17 / #20170288946

Performing a protocol, such as micro bidirectional forwarding detection, on member links of an aggregated link that uses an address of the aggregated link

The problem of being unable to run microbfd using an ipv6 address over any member links of a layer 2 lag when the lag is down (and its ipv6 address becomes or is tentative), is solved by running dad for the address configured for the microbfd once the individual link is in distributing or standby state and triggering (or starting) microbfd once the dad for that address completes successfully. Further, member links of the lag may be permitted to continue running microbfd even if the lag interface is down and even if some other member links (but not all member links) of the lag are down.. ... Juniper Networks Inc

09/28/17 / #20170279773

Dynamic prioritization of network traffic based on reputation

A network device may determine a plurality of reputation indicators that indicate a measure of reputation associated with the flow. A first reputation indicator, of the plurality of reputation indicators, may be determined based on applying a first reputation analysis technique in association with the flow. ... Juniper Networks Inc

09/28/17 / #20170279709

Method, system, and apparatus for forwarding network traffic using minimal forwarding information bases

The disclosed computer-implemented method for forwarding network traffic using minimal forwarding information bases (fibs) may include (1) identifying a routing information base (rib) that includes a set of routes that define paths to destinations both inside and outside a network and then (2) creating a fib that includes a subset of active routes whose size is below a size threshold by (a) importing, from the set of routes within the rib, (i) internal routes that define paths to destinations inside the network, (ii) high-traffic external routes that define paths to destinations outside the network, and (iii) a default route that defines a path to a default node that facilitates resolution of traffic that does not match any of the internal or high-traffic external routes and (b) excluding, from the fib, low-traffic external routes that define paths to destinations outside the network. Various other methods, systems, and apparatuses are also disclosed.. ... Juniper Networks Inc

09/28/17 / #20170279705

Method, system, and apparatus for preventing tromboning in inter-subnet traffic within data center architectures

The disclosed computer-implemented method for preventing tromboning in inter-subnet traffic within data center architectures may include (1) detecting, at a leaf node of a data center, a route advertisement that advertises a route to a spine node of another data center that interfaces with the data center, (2) identifying, at the leaf node, an ip identifier of the spine node included in the route advertisement, (3) determining, at the leaf node, that the route corresponds to the spine node based at least in part on the ip identifier identified in the route advertisement, and then in response to determining that the route corresponds to the spine node, (4) rejecting the route to the spine node at the leaf node such that the leaf node does not learn the route to the spine node. Various other methods, systems, and apparatuses are also disclosed.. ... Juniper Networks Inc

09/28/17 / #20170279675

Methods and apparatus for a self-organized layer-2 enterprise network architecture

In some embodiments, an apparatus includes a network node operatively coupled within a network. The network node is configured to send a first authentication message upon boot up, and receive, in response to the first authentication message, a second authentication message configured to be used to authenticate the network node. ... Juniper Networks Inc

09/21/17 / #20170272312

Methods and apparatus for centralized virtual switch fabric control

In some embodiments, an apparatus comprises a processing module, disposed within a first switch fabric element, configured to detect a second switch fabric element having a routing module when the second switch fabric element is operatively coupled to the first switch fabric element. The processing module is configured to define a virtual processing module configured to be operatively coupled to the second switch fabric element. ... Juniper Networks Inc

09/21/17 / #20170272307

Methods and apparatus for a common control protocol for wired and wireless nodes

In some embodiments, an apparatus comprises of a control module implemented in at least one of a memory or a processing device that is configured to receive, via a network and from a wireless access point or an access network node, a control packet defined based on a control protocol. The control packet is associated with at least one control function of the wireless access point or access network node. ... Juniper Networks Inc

09/07/17 / #20170257328

Methods and apparatus for flow control associated with a switch fabric

In some embodiments, an apparatus includes a flow control module configured to receive a first data packet from an output queue of a stage of a multi-stage switch at a first rate when an available capacity of the output queue crosses a first threshold. The flow control module is configured to receive a second data packet from the output queue of the stage of the multi-stage switch at a second rate when the available capacity of the output queue crosses a second threshold. ... Juniper Networks Inc

09/07/17 / #20170257311

Processing inter-vlan traffic in an ethernet tree

A device may receive, from a first device associated with a first lan, network traffic destined for a second lan. The device may provide the first lan with access to a core network. ... Juniper Networks Inc

08/31/17 / #20170251038

Failure detection manager

A network device is configured to receive information regarding a group of content streams and determine a buffer size for each of the content streams. The network device is further configured to receive the content streams from one or more encoding devices. ... Juniper Networks Inc

08/31/17 / #20170250995

Obtaining suspect objects based on detecting suspicious activity

A device may detect a suspicious activity. The device may automatically obtain a suspect object from a client device that is associated with the suspicious activity and based on detecting the suspicious activity. ... Juniper Networks Inc

08/31/17 / #20170250904

Split-horizon packet forwarding in a multi-home pbb-evpn network

Techniques are described to provide split-horizon packet forwarding so as to ensure that packets from the customer network that are injected into the provider backbone bridging ethernet virtual private network (pbb-evpn) by one of the provider edge (pe) devices of the multi-homed ethernet segment are not forwarded back toward the customer network by a different pe device connected to the same multi-homed ethernet segment. For example, a method may comprise receiving a packet via a core-facing interface of a first pe device, determining the ethernet segment associated with the pe devices by a lookup operation based on keys of the packet; in response to determining the ethernet segment, supplanting the core-facing interface of the first pe device with a virtual interface associated with the keys, and forwarding the packet to a second ce device without forwarding the received packet back to the ethernet segment associated with the first pe device.. ... Juniper Networks Inc

08/24/17 / #20170244621

Lsp ping and traceroute for bypass tunnels

A method performed by a network device may include assembling a multiprotocol label switching (mpls) echo request, the echo request including an instruction for a transit node to forward the echo request via a bypass path associated with the transit node, and an instruction for an egress node to send an echo reply indicating that the echo request was received on the bypass path. The method may also include sending the mpls echo request over a functioning label switched path (lsp).. ... Juniper Networks Inc

08/17/17 / #20170237661

Processing packets by a network device

A method and apparatus for performing a lookup in a switching device of a packet switched network where the lookup includes a plurality of distinct operations each of which returns a result that includes a pointer to a next operation in a sequence of operations for the lookup. The method includes determining a first lookup operation to be executed, executing the first lookup operation including returning a result and determining if the result includes a pointer to another lookup operation in the sequence of operations. ... Juniper Networks Inc

08/10/17 / #20170228542

Multi-file malware analysis

A device may identify a plurality of files for a multi-file malware analysis. The device may execute the plurality of files in a malware testing environment. ... Juniper Networks Inc

07/13/17 / #20170201979

Methods and apparatus for controlling wireless access points

In some embodiments, an apparatus comprises of a first control and provisioning of wireless access points (capwap) module implemented in at least one of a memory or a processing device that is configured to be designated as a backup control module for a wireless access point during a first time period. The first capwap control module is configured to receive state information associated with the wireless access point during the first time period from a second capwap control module. ... Juniper Networks Inc

07/13/17 / #20170201389

System for avoiding traffic flooding due to asymmetric mac learning and achieving predictable convergence for pbb-evpn active-active redundancy

In one example, a method includes performing l2 learning of a c-mac address included in a first l2 data message by a first provider edge (pe) router included in an ethernet segment of a provider-backbone bridging ethernet virtual private network (pbb-evpn); sending to a second pe router within the ethernet segment an l2 control message comprising the c-mac address and a b-mac address corresponding to the ethernet segment of the pbb-evpn, wherein the l2 control message informs the second pe router of the reachability of the c-mac address through the first pe router; receiving, by the first pe router and from the second pe router, a second l2 data message as unicast traffic destined for the c-mac address; and forwarding the second l2 data message to the first ce router.. . ... Juniper Networks Inc

07/13/17 / #20170200026

Apparatus, system, and method for detecting theft of network devices

The disclosed apparatus may include a secure storage device that securely stores an initial geographic location of a network device that facilitates network traffic within a network. This apparatus may also include a processing unit communicatively coupled to the secure storage device. ... Juniper Networks Inc

07/06/17 / #20170195291

Network session data sharing

In general, techniques for sharing of network session data are described. The techniques may enable security devices to leverage application classification information in a federated manner. ... Juniper Networks Inc

07/06/17 / #20170195220

Media access control address and internet protocol address binding proxy advertisement for network devices of a network

A device may receive, via a first message, first route information for directing network traffic for a network. The first route information may identify a media access control (mac) route corresponding to a mac address associated with a host device connecting to a subnet of the network. ... Juniper Networks Inc








ARCHIVE: New 2018 2017 2016 2015 2014 2013 2012 2011 2010 2009



###

This listing is an abstract for educational and research purposes is only meant as a recent sample of applications filed, not a comprehensive history. Freshpatents.com is not affiliated or associated with Juniper Networks Inc in any way and there may be associated servicemarks. This data is also published to the public by the USPTO and available for free on their website. Note that there may be alternative spellings for Juniper Networks Inc with additional patents listed. Browse our Agent directory for other possible listings. Page by FreshPatents.com

###