802.1X access session keepalive method, device, and system
US-9918353-B2 · Mar 13, 2018 · US
Liveness detection for an authenticated client session
US11902380B1 · US · B1
| Field | Value |
|---|---|
| Publication number | US-11902380-B1 |
| Application number | US-202117301808-A |
| Country | US |
| Kind code | B1 |
| Filing date | Apr 15, 2021 |
| Priority date | Sep 26, 2019 |
| Publication date | Feb 13, 2024 |
| Grant date | Feb 13, 2024 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A network node may determine parameters of an authenticated client session for a client device, wherein the parameters comprise a network address of the client device. The network node may determine inactivity of the client device in the authenticated client session. The network node may generate, based on determining the inactivity of the client device, an address resolution protocol (ARP) message or a neighbor solicitation (NS) message to send to the client device, wherein the ARP message or the NS message is to trigger a response from the client device to indicate that the network address of the client device is in use. The network node may provide, toward the client device, the ARP message or the NS message. The network node may perform one or more actions based on receiving or not receiving the response, from the client device, to the ARP message or the NS message.
First claim
Opening claim text (preview).
What is claimed is: 1. A method, comprising: maintaining, by a network node, parameters of an authenticated client session for a client device with a dynamic host configuration protocol (DHCP) server, wherein the parameters include instructions for providing an address resolution protocol (ARP) message or a neighbor solicitation (NS) message to trigger a response from the client device before removing the parameters, wherein the instructions include a vendor specific attribute (VSA) that specifies a periodicity at which to trigger the ARP message or the NS message; determining, by the network node, inactivity of the client device in the authenticated client session; providing, by the network node and based on the inactivity of the client device and the instructions, the ARP message or the NS message to trigger the response from the client device; and maintaining, by the network node and based on receiving the response from the client device, the parameters in a data structure of the network node. 2. The method of claim 1 , wherein the parameters are maintained in one or more of: a filtering data structure, a forwarding data structure, or a media access control (MAC) radius data structure. 3. The method of claim 1 , wherein determining the inactivity of the client device comprises: determining that an amount of time since a transmission by the client device has exceeded a threshold period. 4. The method of claim 1 , wherein the parameters comprise one or more of: a time of authentication, or a media access control (MAC) address of the authenticated client session. 5. The method of claim 1 , wherein the parameters include instructions from a particular VSA associated with the client device, and wherein providing the ARP message or the NS message is based on conditions configured via the VSA. 6. The method of claim 1 , wherein the response includes a network address of the client device, and wherein maintaining the parameters based on receiving the response from the client device is based on identifying the client device using the network address of the client device. 7. The method of claim 1 , further comprising: providing one or more additional ARP messages or one or more additional NS messages to the client device. 8. A non-transitory computer-readable medium storing a set of instructions, the set of instructions comprising: one or more instructions that, when executed by one or more processors of a network node, cause the network node to: maintain parameters of an authenticated client session for a client device with a dynamic host configuration protocol (DHCP) server, wherein the parameters include particular instructions for providing an address resolution protocol (ARP) message or a neighbor solicitation (NS) message to trigger a response from the client device before removing the parameters, wherein the particular instructions include a vendor specific attribute (VSA) that specifies a periodicity at which to trigger the ARP message or the NS message; determine inactivity of the client device in the authenticated client session; provide, based on the inactivity of the client device and the particular instructions, the ARP message or the NS message to trigger the response from the client device; and maintain, based on receiving the response from the client device, the parameters in a data structure of the network node. 9. The non-transitory computer-readable medium of claim 8 , wherein the parameters are maintained in one or more of: a filtering data structure, a forwarding data structure, or a media access control (MAC) radius data structure. 10. The non-transitory computer-readable medium of claim 8 , wherein the one or more instructions, that cause the network node to determine the inactivity of the client device, cause the network node to: determine that an amount of time since a transmission by the client device has exceeded a threshold period. 11. The non-transitory computer-readable medium of claim 8 , wherein the parameters comprise one or more of: a time of authentication, or a media access control (MAC) address of the authenticated client session. 12. The non-transitory computer-readable medium of claim 8 , wherein the parameters include instructions from a particular VSA associated with the client device, and wherein providing the ARP message or the NS message is based on conditions configured via the VSA. 13. The non-transitory computer-readable medium of claim 8 , wherein the response includes a network address of the client device, and wherein maintaining the parameters based on receiving the response from the client device is based on identifying the client device using the network address of the client device. 14. The non-transitory computer-readable medium of claim 8 , wherein the one or more instructions further cause the network node to: provide one or more additional ARP messages or one or more additional NS messages to the client device. 15. A network node, comprising: one or more memories; and one or more processors to: maintain parameters of an authenticated client session for a client device with a dynamic host configuration protocol (DHCP) server, wherein the parameters include particular instructions for providing an address resolution protocol (ARP) message or a neighbor solicitation (NS) message to trigger a response from the client device before removing the parameters, wherein the particular instructions include a vendor specific attribute (VSA) that specifies a periodicity at which to trigger the ARP message or the NS message; determine inactivity of the client device in the authenticated client session; provide, based on the inactivity of the client device and the particular instructions, the ARP message or the NS message to trigger the response from the client device; and maintain, based on receiving the response from the client device, the parameters in a data structure of the network node. 16. The network node of claim 15 , wherein the parameters are maintained in one or more of: a filtering data structure, a forwarding data structure, or a media access control (MAC) radius data structure. 17. The network node of claim 15 , wherein the one or more processors, to determine the inactivity of the client device, are to: determine that an amount of time since a transmission by the client device has exceeded a threshold period. 18. The network node of claim 15 , wherein the parameters comprise one or more of: a time of authentication, or a media access control (MAC) address of the authenticated client session. 19. The network node of claim 15 , wherein the parameters include instructions from a particular VSA associated with the client device, and wherein providing the ARP message or the NS message is based on conditions configured via the VSA. 20. The network node of claim 15 , wherein the response includes a network address of the client device, and wherein maintaining the parameters based on receiving the response from the client device is based on identifying the client device using the network address of the client device.
Assignees
Inventors
Classifications
in which an application is distributed across nodes in the network (software deployment G06F8/60; multiprogramming arrangements G06F9/46) · CPC title
- H04L67/145Primary
avoiding end of session, e.g. keep-alive, heartbeats, resumption message or wake-up for inactive or interrupted session · CPC title
- H04L61/103Primary
across network layers, e.g. resolution of network layer into physical layer addresses or address resolution protocol [ARP] · CPC title
by checking connectivity · CPC title
using dynamic host configuration protocol [DHCP] or bootstrap protocol [BOOTP] · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11902380B1 cover?
- A network node may determine parameters of an authenticated client session for a client device, wherein the parameters comprise a network address of the client device. The network node may determine inactivity of the client device in the authenticated client session. The network node may generate, based on determining the inactivity of the client device, an address resolution protocol (ARP) mes…
- Who is the assignee on this patent?
- Juniper Networks Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L67/145. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Feb 13 2024 00:00:00 GMT+0000 (Coordinated Universal Time) (B1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 3 related publications on this page (citations in our corpus or others sharing the same primary CPC).