“I've known Yi for many years--and throughout that time, I'm consistently impressed with his ability to pick up a problem, understand it quickly, and work towards a solution that will actually work. Yi is an outstanding engineer with a broad background; I would recommend him.”
About
● An innovative network architect with 5 IETF RFCs and 35 issued patents.
● 20+…
Activity
Experience
Education
Volunteer Experience
-
Cisco Volunteer Coordinator
Cary Chinese School
- 6 years 1 month
Children
Organize Cisco Volunteer Activities at Cary Chinese School
Report team hours
Publications
-
BGP for Communications among Controllers
publication description IETF, Internet-Draft
This document describes extensions to the BGP routing protocol for supporting communications among SDN controllers in a centralized control system, which comprises multiple SDN controllers controlling a network with a number of domains
-
RFC8099, OSPF Topology-Transparent Zone
IETF
This document presents a Topology-Transparent Zone (TTZ) in an OSPF area. A TTZ comprises a group of routers and a number of links connecting these routers. Any router outside of the zone is not aware of the zone. A TTZ hides the internal topology of the TTZ from the outside. It does not directly advertise any internal information about the TTZ to a router outside of the TTZ. The information about the links and routers such as a link down inside the TTZ is not advertised to any router…
This document presents a Topology-Transparent Zone (TTZ) in an OSPF area. A TTZ comprises a group of routers and a number of links connecting these routers. Any router outside of the zone is not aware of the zone. A TTZ hides the internal topology of the TTZ from the outside. It does not directly advertise any internal information about the TTZ to a router outside of the TTZ. The information about the links and routers such as a link down inside the TTZ is not advertised to any router outside of the TTZ.
Other authorsSee publication -
Mechanisms for Validating Authorization/Delegation Hierarchy Using Blockchain Technology
IP.COM
Presented herein are mechanism for the validation of hierarchical delegation of information/resources using blockchain technology. The mechanisms account for additions and deletions of information, as well as for the determination of incorrect transactions. Multiple applications are possible. A service may be provisioned to validate an authentication/delegation hierarchy for various use cases, including Internet of Things (IoT) license management, digital copyright management, staff management,…
Presented herein are mechanism for the validation of hierarchical delegation of information/resources using blockchain technology. The mechanisms account for additions and deletions of information, as well as for the determination of incorrect transactions. Multiple applications are possible. A service may be provisioned to validate an authentication/delegation hierarchy for various use cases, including Internet of Things (IoT) license management, digital copyright management, staff management, sales partnership management, route advertisement verification, and others.
Other authorsSee publication -
Container Networking: Method And Approach to Implement Service Discovery in a Multi Tenant Micro Service Environment
IP.COM
An approach is presented herein to achieve service discovery load balancing for microservices in a multi-tenant environment. The network virtualization technology is leveraged to enhance the server-side service discovery load balancing technology to support microservices in a multi-tenant environment.
Other authorsSee publication -
RFC 7356, IS-IS Flooding Scope Link State PDUs (LSPs)
IETF
This document defines new Protocol Data Units (PDUs) which provide support for new flooding scopes as well as additional space for advertising information targeted for the currently supported flooding scopes. This document also defines extended TLVs and sub-TLVs which are encoded using 16 bit fields for type and length.
Other authorsSee publication -
A YANG Data Model for Location Information
IETF, Internet-Draft
This document defines a YANG data model for RFC 5139 civic location information.
Other authorsSee publication -
Implementing a Topology Transparent Zone in Open Shortest Path First (OSPF)
IP.COM
An approach is presented to enable topology transparent zone in an Open Shortest Path First (OSPF) network. A virtual overlay routing instance is created for routing information distribution, while an underlying instance is maintained for data forwarding.
Other authorsSee publication -
RFC 6860, Hiding Transit-Only Networks in OSPF
IETF
This document updates [OSPFv2] and [OSPFv3] by specifying a mechanism that can be used to hide transit-only networks.
Other authorsSee publication -
RFC 5820, Extensions to OSPF to Support Mobile Ad Hoc Networking
IETF
This document describes extensions to OSPF to support mobile ad hoc networks (MANETs).
Other authorsSee publication -
RFC 4593, Generic Threats to Routing Protocols
IETF
This document provides a description and a summary of generic threats that affect routing protocols in general. This work describes threats, including threat sources and capabilities, threat actions, and threat consequences, as well as a breakdown of routing functions that might be attacked separately.
Other authors
Patents
-
Secure communications among tenant virtual machines in a cloud networking environment
Issued US 11,044,238
A first encryption key associated with a first tenant is created. The first encryption key is configured in a host where a virtual machine associated with the first tenant is executing, the host including a network interface controller configured to have a virtual network interface function, the virtual network interface function executing on the host and being associated with the virtual machine of the first tenant. The virtual network interface function is caused to bind the first encryption…
A first encryption key associated with a first tenant is created. The first encryption key is configured in a host where a virtual machine associated with the first tenant is executing, the host including a network interface controller configured to have a virtual network interface function, the virtual network interface function executing on the host and being associated with the virtual machine of the first tenant. The virtual network interface function is caused to bind the first encryption key to the virtual machine of the first tenant. The virtual network interface function is caused to encrypt outgoing network traffic of the first tenant using the first encryption key. The virtual network interface function is caused to decrypt incoming network traffic for the first tenant using the first encryption key.
Other inventorsSee patent -
Approach to visualize current and historical access policy of a group based policy
Issued US 11,018,952
Systems, methods, and non-transitory computer-readable storage media for visualizing current and historical access policy of a group based policy. A first group based policy and a second group based policy are received at a computing device, where each group based policy includes policy rules defining a range of destination internet protocol addresses, a range of source internet protocol addresses and a range of access ports. The computing device renders a three dimensional representation of…
Systems, methods, and non-transitory computer-readable storage media for visualizing current and historical access policy of a group based policy. A first group based policy and a second group based policy are received at a computing device, where each group based policy includes policy rules defining a range of destination internet protocol addresses, a range of source internet protocol addresses and a range of access ports. The computing device renders a three dimensional representation of the first group based policy, based on the policy rules of the first group based policy. The computing device renders a three dimensional representation of the second group based policy, based on the policy rules of the second group based policy. The computing device displays the representations of the first group based policy and second group based policy on a graphical interface.
Other inventorsSee patent -
Directed acyclic graph optimization for future time instance requested by a child network device
Issued US 10,609,621
In one embodiment, a method comprises receiving, by a network device within a tree-based topology rooted by a root network device, a request message from a child network device for generating an optimized tree-based topology for a future use by the child network device at a future time instance; the network device executing an objective function for generating the optimized tree-based topology for the future use by the child network device; and the network device providing network…
In one embodiment, a method comprises receiving, by a network device within a tree-based topology rooted by a root network device, a request message from a child network device for generating an optimized tree-based topology for a future use by the child network device at a future time instance; the network device executing an objective function for generating the optimized tree-based topology for the future use by the child network device; and the network device providing network communications, for the child network device, at the future time instance using the optimized tree-based topology.
Other inventorsSee patent -
Efficient path detection and validation between endpoints in large datacenters
Issued US 10,298,491
In response to a path monitoring task for a particular source/destination pair, a network controller determines whether stored information includes paths for the particular source/destination pair. When the stored information includes paths for the particular source/destination pair, a subset of source ports is selected that covers all the paths for the particular source/destination pair. A probe message is sent to cause an ingress switch to send probe packets using the subset of source ports…
In response to a path monitoring task for a particular source/destination pair, a network controller determines whether stored information includes paths for the particular source/destination pair. When the stored information includes paths for the particular source/destination pair, a subset of source ports is selected that covers all the paths for the particular source/destination pair. A probe message is sent to cause an ingress switch to send probe packets using the subset of source ports. Paths for the particular source/destination pair are computed based on received probe packets. A determination is made whether a topology for the data center network has changed by comparing the paths computed based on the receive probe packets for the particular source/destination pair with the paths included in the stored information for the particular source/destination pair.
Other inventorsSee patent -
Apparatus and method to hide transit only multi-access networks in OSPF
Issued US 10,225,174
In one embodiment, a first router determines whether an interface coupling the first router to one or more second routers is transit-only. When the interface is transit-only, the first router generates an Open Shortest Path First (OSPF) Link State Advertisement (LSA) that includes an address for the interface and a designated network mask. The designated network mask operates as a transit-only identification that indicates the address should not be installed in a Routing Information Base (RIB)…
In one embodiment, a first router determines whether an interface coupling the first router to one or more second routers is transit-only. When the interface is transit-only, the first router generates an Open Shortest Path First (OSPF) Link State Advertisement (LSA) that includes an address for the interface and a designated network mask. The designated network mask operates as a transit-only identification that indicates the address should not be installed in a Routing Information Base (RIB) upon receipt of the OSPF LSA at the one or more second routers. When the network is not transit-only, the first router generates an OSPF LSA that includes the address for the interface but does not include the designated network mask, to permit installation of the address in a RIB upon receipt of the OSPF LSA at the one or more second routers.
Other inventorsSee patent -
Approach to visualize current and historical access policy of a group based policy
Issued US 10,187,270
Systems, methods, and non-transitory computer-readable storage media for visualizing current and historical access policy of a group based policy. A first group based policy and a second group based policy are received at a computing device, where each group based policy includes policy rules defining a range of destination internet protocol addresses, a range of source internet protocol addresses and a range of access ports. The computing device renders a three dimensional representation of…
Systems, methods, and non-transitory computer-readable storage media for visualizing current and historical access policy of a group based policy. A first group based policy and a second group based policy are received at a computing device, where each group based policy includes policy rules defining a range of destination internet protocol addresses, a range of source internet protocol addresses and a range of access ports. The computing device renders a three dimensional representation of the first group based policy, based on the policy rules of the first group based policy. The computing device renders a three dimensional representation of the second group based policy, based on the policy rules of the second group based policy. The computing device displays the representations of the first group based policy and second group based policy on a graphical interface.
Other inventorsSee patent -
Directed acyclic graph optimization for future time instance advertised by a parent network device
Issued US 10,015,075
In one embodiment, a method comprises identifying, by a network device, a future time interval for establishment of a corresponding future tree-based topology that is to be optimized according to an identified objective function, the future tree-based topology and corresponding identified objective function distinct from a current tree-based topology optimized according to a corresponding current objective function; and generating and outputting, by the network device, a message advertising the…
In one embodiment, a method comprises identifying, by a network device, a future time interval for establishment of a corresponding future tree-based topology that is to be optimized according to an identified objective function, the future tree-based topology and corresponding identified objective function distinct from a current tree-based topology optimized according to a corresponding current objective function; and generating and outputting, by the network device, a message advertising the network device offering availability of the future tree-based topology optimized at the future time interval for the identified objective function, enabling other network devices to attach to the network device during the future time interval for communications optimized according to the identified objective function.
Other inventorsSee patent -
Attribute SET_ID in border gateway protocol
Issued US 9,942,145
Present disclosure relates to methods for preparing BGP update messages for transmission and processing received update messages. The methods are based on grouping path attributes common to a plurality of IP address prefixes into respective sets identified with respective set identifiers and, instead of duplicating path attributes in each BGP update message, including a respective identifier referring to a certain set of path attributes provided in an earlier BGP update message when sending…
Present disclosure relates to methods for preparing BGP update messages for transmission and processing received update messages. The methods are based on grouping path attributes common to a plurality of IP address prefixes into respective sets identified with respective set identifiers and, instead of duplicating path attributes in each BGP update message, including a respective identifier referring to a certain set of path attributes provided in an earlier BGP update message when sending subsequent update messages. Grouping of path attributes into individual sets associated with respective identifiers provides significant advantages by enabling re-use of the results of previous processing on both the sending and receiving sides associated with transmission of BGP update messages. In addition, such an approach limits the amount of information transmitted in the control plane because duplicate sets of path attributes may only be transmitted once and merely be referred to in subsequent update messages.
-
Attribute set.sub.--ID in border gateway protocol
Issued US 9,843,498
Present disclosure relates to methods for preparing BGP update messages for transmission and processing received update messages. The methods are based on grouping path attributes common to a plurality of IP address prefixes into respective sets identified with respective set identifiers and, instead of duplicating path attributes in each BGP update message, including a respective identifier referring to a certain set of path attributes provided in an earlier BGP update message when sending…
Present disclosure relates to methods for preparing BGP update messages for transmission and processing received update messages. The methods are based on grouping path attributes common to a plurality of IP address prefixes into respective sets identified with respective set identifiers and, instead of duplicating path attributes in each BGP update message, including a respective identifier referring to a certain set of path attributes provided in an earlier BGP update message when sending subsequent update messages. Grouping of path attributes into individual sets associated with respective identifiers provides significant advantages by enabling re-use of the results of previous processing on both the sending and receiving sides associated with transmission of BGP update messages. In addition, such an approach limits the amount of information transmitted in the control plane because duplicate sets of path attributes may only be transmitted once and merely be referred to in subsequent update messages.
Other inventorsSee patent -
Transit domain control
Issued US 9,722,910
A method for controlling transit of routing messages in a network comprising multiple autonomous systems (AS) is disclosed. The method includes receiving, at a first AS, a routing message of an inter-AS routing protocol and identifying that the routing message comprises transit domain control (TDC) information specifying one or more autonomous systems to which the routing message may be propagated and/or one or more autonomous systems to which the routing message may not be propagated. The…
A method for controlling transit of routing messages in a network comprising multiple autonomous systems (AS) is disclosed. The method includes receiving, at a first AS, a routing message of an inter-AS routing protocol and identifying that the routing message comprises transit domain control (TDC) information specifying one or more autonomous systems to which the routing message may be propagated and/or one or more autonomous systems to which the routing message may not be propagated. The method further includes propagating the routing message from the first AS to a second AS in accordance with the TDC information.
Other inventorsSee patent -
Apparatus and method to hide transit only multi-access networks in OSPF
Issued US 9,356,856
In one embodiment, a first router determines whether a network coupling the first router to one or more second routers is transit-only, wherein transit-only indicates connecting only routers to provide for transmission of data from router to router. When the network is transit-only, the first router generates an Open Shortest Path First (OSPF) Link State Advertisement (LSA) that includes an address for the network and a designated network mask. The designated network mast operates as a…
In one embodiment, a first router determines whether a network coupling the first router to one or more second routers is transit-only, wherein transit-only indicates connecting only routers to provide for transmission of data from router to router. When the network is transit-only, the first router generates an Open Shortest Path First (OSPF) Link State Advertisement (LSA) that includes an address for the network and a designated network mask. The designated network mast operates as a transit-only identification that indicates the address should not be installed in a Routing Information Base (RIB) upon receipt of the OSPF LSA at the one or more second routers. When the network is not transit-only, the first router generates an OSPF LSA that includes the address for the network but does not include the designated network mask, to permit installation of the address in a RIB upon receipt of the OSPF LSA at the one or more second routers.
Other inventorsSee patent -
Apparatus and method to hide transit only multi-access networks in OSPF
Issued US 8,537,817
-
Method and apparatus to elect ABRs dynamically and intelligently
Issued US 8,130,638
-
System and method for exchanging awareness information in a network environment
Issued US 8,098,589
-
Automatic overlapping areas that flood routing information
Issued US 8,009,591
-
Method and apparatus to enable an IPe domain through EIGRP
Issued US 7,940,668
-
Fast re-routing in distance vector routing protocol networks
Issued US 7,940,776
-
Apparatus and method to hide transit only multi-access networks in OSPF
Issued US 7,929,524
-
Method and apparatus for passing routing information among mobile routers
Issued US 7,899,005
-
Border router with selective filtering of link state advertisements
Issued US 7,672,253
-
Techniques for distributing information using multicast subsets
Issued US 7,623,474
-
Techniques to support asymmetrical static/dynamic adjacency in routers
Issued US 7,583,672
-
Techniques for reducing adjacencies in a link-state network routing protocol
Issued US 7,515,551
-
System and method for exchanging awareness information in a network environment
Issued US 7,319,674
Projects
Languages
-
Chinese
Native or bilingual proficiency
-
English
Full professional proficiency
Recommendations received
3 people have recommended Yi
Join now to viewMore activity by Yi
-
Is this the future? Is a LinkedIn profile no longer the gold standard for finding a job? Do you have to make up your own dance to get hired…
Is this the future? Is a LinkedIn profile no longer the gold standard for finding a job? Do you have to make up your own dance to get hired…
Liked by Yi Yang
-
Today I celebrate 20 years with IBM - time sure flies when you’re having fun! It has been a truly rewarding experience, especially when given new…
Today I celebrate 20 years with IBM - time sure flies when you’re having fun! It has been a truly rewarding experience, especially when given new…
Liked by Yi Yang
-
This is the proudest moment for parents. Hearty congratulations Neha!!! Your discipline and smarts put you on this well-deserved path. Over the next…
This is the proudest moment for parents. Hearty congratulations Neha!!! Your discipline and smarts put you on this well-deserved path. Over the next…
Liked by Yi Yang
-
Surprised to discover that I have 206 issued patents now:
Surprised to discover that I have 206 issued patents now:
Liked by Yi Yang
Other similar profiles
Explore collaborative articles
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
Explore MoreOthers named Yi Yang in United States
767 others named Yi Yang in United States are on LinkedIn
See others named Yi Yang