DETAILED ACTION

Notice of Pre-AIA  or AIA  Status

The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Rejections - 35 USC § 112

The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 5 and 13 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Claims 5 and 13 recites the limitation "the second network device" in lines 1 and 1-2, respectively.  There is insufficient antecedent basis for this limitation in the claim.


Claim Rejections - 35 USC § 103

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner 

Claims 1, 8, 9, 10, 16 and 17 is/are rejected under 35 U.S.C. 103 as being unpatentable over in view of RFC 3791 (“3791”) (J. Arkko, Ed., J. Kempf, B. Zill and P. Nikander, SEcure Neighbor Discovery (SEND), pages 1-56, March 2005) in view of Adams, et al. (WIPO Publication No. WO 2020/163210 A1; note also parallel citations to 62/807,832) and Jacob, et al. (US Pre Grant Publication No. 2017/0195210 A1). 

Regarding claims 1 and 10, 3791 discloses a method comprising and a first network device configured to:

a. receiving, by a first network device/receive a neighbor discovery response message including a NONCE. (The system of 3791 discloses SEND in which a sending network device may transmit a discovery solicitation request to target network device including a NONCE that is included in the discovery response message/solicited neighbor advertisement message sent by the target network device back to the sending network device [Page 6, section 3, first paragraph – SEND is a neighbor discover protocol; page 20, section 5.3.2 – disclosing a discovery response message/solicited neighbor advertisement sent by a second network device in response to a solicitation sent by the first network device including the NONCE of the solicitation request that is received by the first network device [page 21, sections 5.3.3 and 5.3.4 – giving details about the solicitation and discovery response message/solicited neighbor advertisement transmission; page 22, section 5.3.4.1 - discovery response message/solicited neighbor advertisement message is received at the first network device].)

b. determining, by the first network device/determine whether the nonce of the neighbor discovery response message matches a nonce stored in the first network device and in response to determining that the NONCE of the neighbor discovery response message does not match a NONCE stored in the first network device [performing a security action]. (The system of 3791 discloses SEND in which a sending network device may transmit a discovery solicitation request to target network device including a NONCE that is included in the discovery response message/solicited neighbor advertisement message sent by the target network device back to the sending network device and verified at the sending network device by comparison to the stored sent NONCE value-  if the NONCE does not match, the security action of dropping the non-matching packet is performed [Page 6, section 3, first paragraph – SEND is a neighbor discover protocol; page 20, section 5.3.2 – disclosing a discovery response message/solicited neighbor advertisement sent in response to a solicitation including the NONCE of the solicitation; page 21, sections 5.3.3 and 5.3.4 – giving details about the solicitation and discovery response message/solicited neighbor advertisement transmission; page 22, section 5.3.4.1 - discovery response message/solicited neighbor advertisement message is processed and compared to stored NONCE value and if no match is made [i.e. NONCE is not “recognized” as a stored NONCE] the message is silently discarded for security reasons].)
3791 fails to disclose in response to the determination that the nonce of the neighbor discovery response message does not match a nonce stored in the first network device as performed in 3971 processing, by the first network device/process the neighbor discovery response message including the nonce. In the same field of endeavor, Adams discloses in response to the determination that the nonce of the neighbor discovery response message does not match a nonce stored in the first network device Adams, when a nonce does not match an original nonce, the system logs [i.e. process the traffic for logging and storage] associated traffic for further inspection [paragraph 0089; see also 62/807,832 – paragraph 0054].)
Therefore, since Adams discloses logging upon nonce verification failure, it would have been obvious to a person of ordinary skill in the art at the time of the invention to combine the logging of Adams with the system of 3971 by further processing the discovery response message/solicited neighbor advertisement when the NONCE of the discovery response message/solicited neighbor advertisement fails to match the transmitted NONCE in the discovery request message and a NONCE verification fails by logging the discovery response message/solicited neighbor advertisement. The motive to combine is to improve security be allowing logging of failed the discovery response message/solicited neighbor advertisement for further review of possible security issues. 
3791 as modified by Adams fails to disclose a first network device that implements Ethernet Virtual Private Network (EVPN) (for claims 1 and 10) and (for claim 10) the first network device comprising one or more processors coupled to a memory, wherein the one or more processors are configured to perform the recited functions. In the same field of endeavor, Jacob discloses a first network device that implements Ethernet Virtual Private Network (EVPN) (for claims 1 and 10) and (for claim 10) the first network device comprising one or more processors coupled to a memory, wherein the one or more processors are configured to perform the recited functions. (The system of Jacob discloses a first device that implements Ethernet Virtual Private Network [fig. 1, PE Router, Elements 10a and 10b; paragraph 0007] comprising one or more processors coupled to a memory, wherein the one or more processors are configured to perform the recited functions [paragraph 0011]. The first network device/PE router [fig. 1, PE Router, Elements 10A/B] transmits a Network Discovery Protocol [“NDP”] 
Therefore, since the system of Jacob discloses the use of NDP in an EVPN environment and the use of an appropriately programmed processor and memory, it would have been obvious to a person of ordinary skill in the art at the time of the invention to implement the functions of the first network device using a programmed processor and memory, as taught by Jacob and to further implement the first network device as an EVPN device sending the neighbor solicitation and receiving the neighbor advertisement/neighbor discovery response in response to the solicitation. The motive to combine is to lower costs by using the low cost processor and memory to implement the recited functions and to extend NDP functionality to EVPNs so the NDP may be used to discover attached customer edge networks automatically by a provider edge device.
Regarding claims 8 and 16, 3791 as modified by Adams and Jacob discloses the neighbor discovery response message comprises a neighbor advertisement message configured using a Neighbor Discovery Protocol (NDP). (3791 teaches the discovery response message is a SEND neighbor advertisement message [see 3791 in the independent claim, supra].)
Regarding claims 9 and 17, 3791 discloses the Neighbor Discovery Protocol is extended to include security extensions including SEcure Neighbor Discovery (SEND). (3791 teaches the discovery response message is a SEND neighbor advertisement message [see 3791 in the independent claim, supra].)

Claim 18 is rejected under 35 U.S.C. 103 as being unpatentable over in view of RFC 3791 (“3791”) (J. Arkko, Ed., J. Kempf, B. Zill and P. Nikander, SEcure Neighbor Discovery (SEND), pages 1-56, March 2005) in view of Adams, et al. (WIPO Publication No WO 2020/163210 A1; note also parallel citations to 62/807,832).

Regarding claim 18, 3791 discloses a network device configured to:

a. receive a neighbor discovery response message including a NONCE. (The system of 3791 discloses SEND in which a sending network device may transmit a discovery solicitation request to target network device including a NONCE that is included in the discovery response message/solicited neighbor advertisement message sent by the target network device back to the sending network device [Page 6, section 3, first paragraph – SEND is a neighbor discover protocol; page 20, section 5.3.2 – disclosing a discovery response message/solicited neighbor advertisement sent by a second network device in response to a solicitation sent by the first network device including the NONCE of the solicitation request that is received by the first network device [page 21, sections 5.3.3 and 5.3.4 – giving details about the solicitation and discovery response message/solicited neighbor advertisement transmission; page 22, section 5.3.4.1 - discovery response message/solicited neighbor advertisement message is received at the first network device].)

b. determine whether the nonce of the neighbor discovery response message matches a nonce stored in the network device and in response to determining that the NONCE of the neighbor discovery response message does not match a NONCE stored in the network device [performing a security action]. (The system of 3791 discloses SEND in which a sending network device may transmit a discovery solicitation request to target network device including a NONCE that is included in the discovery response message/solicited neighbor advertisement message sent by the target network device back to the sending network device and verified at the sending network device by comparison to the stored sent NONCE value-  if the NONCE does not match, 
3791 fails to disclose in response to the determination that the nonce of the neighbor discovery response message does not match a nonce stored in the network device as performed in 3971 processing the neighbor discovery response message including the nonce. In the same field of endeavor, Adams discloses in response to the determination that the nonce of the neighbor discovery response message does not match a nonce stored in the network device as performed in 3971 processing the neighbor discovery response message including the nonce. (In the system of Adams, when a nonce does not match an original nonce, the system logs [i.e. process the traffic for logging and storage] associated traffic for further inspection [paragraph 0089; see also 62/807,832 – paragraph 0054].)
Therefore, since Adams discloses logging upon nonce verification failure, it would have been obvious to a person of ordinary skill in the art at the time of the invention to combine the logging of Adams with the system of 3971 by further processing the discovery response message/solicited neighbor advertisement when the NONCE of the discovery response message/solicited neighbor advertisement fails to match the transmitted NONCE in the discovery request message and a NONCE verification fails by logging the discovery response message/solicited neighbor advertisement. The 
3791 as modified by Adams fails to disclose a non-transitory computer-readable storage medium comprising instructions for causing one or more programmable processors of a network device to carry out the recited functions. However, it is officially noted that the use of non-transitory mediums, such as RAM and ROM, bearing instructions for execution by a processor was well known in the art before the effective filing date of the invention. Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the invention to implement the functions of 3791 as modified by Adams using a memory bearing instructions for execution by a processor. The motive to combine is to allow use of low cost general purpose RAM/ROM and associated processors to carry out the invention. 


Allowable Subject Matter

Claims 2-4, 6, 7, 11, 12, 14 and 15 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
Claims 5 and 13 would be allowable if rewritten to overcome the rejection(s) under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), 2nd paragraph, set forth in this Office action and to include all of the limitations of the base claim and any intervening claims.


Regarding claims 2 and 11, the prior art fails to teach suggest or disclose processing the neighbor discovery response message including the nonce comprises determining, by the first network device, whether the neighbor discovery response message was received on an Ethernet segment identifier (ESI) interface of the Ethernet segment and in response to determining that the neighbor discovery response message was received on the ESI interface of the Ethernet segment, dropping the nonce from the neighbor discovery response message to learn a link layer address from the neighbor discovery response message. That is, in regards to the current rejection, the system of 3791 as modified by Adams and Jacob fails to disclose the first and second network device are coupled to a multi-homed host device by an Ethernet segment, as the first and second network devices of 3791 as modified by Adams and Jacob are a provider edge device and a host device/customer edge router and not two provider edge routers. Furthermore, 3791 as modified by Adams and Jacob fails to disclose to determining that the neighbor discovery response message was received on the ESI interface of the Ethernet segment, dropping the nonce from the neighbor discovery response message to learn a link layer address from the neighbor discovery response message. Although these limitations were previously mapped to the system of Ninan and 3791 (See the Non-Final Rejection of claims 1 and 2, dated 8/4/2021) Ninan and 3791 fail to disclose the claimed comparison at the first network device of the neighbor discovery response message required by amended claims 1 and 10, as the system of Ninan does not teach any NONCE comparisons at the first network device as it forwards a response from the third network device to the second network device for processing at the second network device and gives no teaching or suggestion that the first/forwarding device could store or compare the two NONCEs. The system of 3791 is likewise silent in this regard and no other art could be located teaching this element. Therefore, the prior art fails to teach, suggest or disclose all elements of the claims 2 and 11. 
Regarding claims 3-4 and 12, the claims depend from claims 2 and 11 and are allowable for at least the reasons stated with respect to those claims, supra.
	Regarding claims 5 and 13, the prior art fails to teach, suggest or disclose determining, by the first network device, that a destination address of the neighbor discovery response message is a physical IP address of the second network device in response to determining that the destination address of the neighbor discovery response message is the physical IP address of the second network device, sending, by the first network device, the neighbor discovery response message to the second network device via an overlay network. That is, in regards to the current rejection, the system of 3791 as modified by Adams and Jacob fails to disclose the need to forward the neighbor discovery response message, as the system involves only a first and second device sending the request and response messages between themselves. Furthermore, the prior utilized art of Ninan and 3791 (See the Non-Final Rejection of claims 1 and 2, dated 8/4/2021) fails to disclose the claimed comparison at the first network device of the neighbor discovery response message required by amended claims 1 and 10, as the system of Ninan does not teach any NONCE comparisons at the first network device as it forwards a response from the third network device to the second network device for processing at the second network device and gives no teaching or suggestion that the first/forwarding device could store or compare the two NONCEs. The  system of 3791 is likewise silent in this regard and no other art could be located teaching this element.  Therefore, the prior art fails to teach, suggest or disclose all elements of claims 5 and 11.
	Regarding claims 6 and 14, the prior art fails to teach, suggest or disclose the first network device is coupled to a local host device, wherein the neighbor discovery response message comprises a first neighbor discovery response message, wherein receiving the neighbor discovery response message including the NONCE includes intercepting, by the network device and from a local host device, the first neighbor discovery response message including the nonce, wherein the first neighbor discovery response message is generated by the local host device in response to a first neighbor discovery request Adams and Jacob fails to disclose the need to intercept a first neighbor discovery response at the first network device, as the system involves only a first and second device sending the request and response messages between themselves. Furthermore, the prior utilized art of Ninan and 3791 (See the Non-Final Rejection of claim 1, dated 8/4/2021) fails to disclose the claimed comparison at the first network device of the neighbor discovery response message required by amended claims 1 and 10, as the system of Ninan does not teach any NONCE comparisons at the first network device as it forwards a response from the third network device to the second network device for processing at the second network device and gives no teaching or suggestion that the first/forwarding device could store or compare the two NONCEs. The system of 3791 is likewise silent in this regard and no other art could be located teaching this element.  Therefore, the prior art fails to teach, suggest or disclose all elements of claims 6 and 14.
	Regarding claims 7 and 15, the claim depend from claims 6 and 14 and are allowable for at least the reasons stated with respect to those claims, supra.


Conclusion

Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 


Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHRISTOPHER M CRUTCHFIELD whose telephone number is (571)270-3989.  The examiner can normally be reached on 9am-5pm M-F.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Faruk Hamza can be reached on (571) 272-7969.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available 






/CHRISTOPHER M CRUTCHFIELD/               Primary Examiner, Art Unit 2466