Abstract: A system and a method are disclosed for enabling interoperability between data plane learning endpoints and control plane learning endpoints in an overlay network environment. An exemplary method for managing network traffic in the overlay network environment includes receiving network packets in an overlay network from data plane learning endpoints and control plane learning endpoints, wherein the overlay network extends Layer 2 network traffic over a Layer 3 network; operating in a data plane learning mode when a network packet is received from a data plane learning endpoint; and operating in a control plane learning mode when the network packet is received from a control plane learning endpoint. Where the overlay network includes more than one overlay segment, the method further includes operating as an anchor node for routing inter-overlay segment traffic to and from hosts that operate behind the data plane learning endpoints.

Abstract: In accordance with one example embodiment, there is provided a system configured for virtual local area network (VLAN) blocking on a virtual port channel (vPC) member link to handle discrepant virtual network instance (VNI) to VLAN mappings. In other embodiments, the system can be configured for providing Virtual Switch Interface Discovery Protocol (VDP) and virtual switch enhancements to accommodate discrepant VNI to VLAN mappings. In another example embodiment, an apparatus is provided that includes a processor, and a memory coupled to the processor, where the apparatus is configured such that if a server is connected through a virtual port channel, a VDP is used to notify the server of different VNI to VLAN mappings. In another embodiment, the apparatus can extend a VDP Filter Info Field to carry a set of VLANs mapped to a VNI, keyed by leaf MAC addresses that serve as bridge identifiers.

Abstract: The present disclosure provides systems, methods, and non-transitory computer-readable storage media for determining container to leaf switch connectivity information in a data center in a presence of blade switches and servers. In one aspect of the present disclosure, a method of determining container to leaf switch connectivity information of a data center utilizing at least one blade switch and at least one blade server, includes receiving, at a network controller, link connectivity information that includes south-bound neighboring information between the at least one blade switch of the data center and the at least one blade server of the data center; determining, at the network controller, the container to leaf switch connectivity information of the data center, based on the link connectivity information; and generating a visual representation of a topology of the data center based on the container to leaf switch connectivity information.

Abstract: In some embodiments, a data packet may be received at a leaf switch. A port-channel associated with a destination port for the data packet may be identified, and the data packet may be transmitted to the destination port via the identified port-channel.

Abstract: Presented herein are hybrid approaches to multi-destination traffic forwarding in overlay networks that can be used to facilitate interoperability between head-end-replication-support network devices (i.e., those that only use head-end-replication) and multicast-support network devices (i.e., those that only use native multicast). By generally using existing tunnel end-points (TEPs) supported functionality for sending multi-destination traffic and enhancing the TEPs to receive multi-destination traffic with the encapsulation scheme they do not natively support, the presented methods and systems minimize the required enhancements to achieve interoperability and circumvents any hard limitations that the end-point hardware may have. The present methods and systems may be used with legacy hardware that are commissioned or deployed as well as new hardware that are configured with legacy protocols.

Abstract: A first network device advertises routes of locally connected routes/subnetworks based on the connectivity of the host with respect to peer network devices. The first network device establishes a virtual port channel associated with a virtual network address. The virtual port channel includes the first network device associated with a first network address and a second network device associated with a second network address. The first network device detects that a host is connected to the first network device and determines a next hop address to associate with the host. The next hop address is determined based on whether the host is also connected to the second network device of the virtual port channel. The first network device generates a route advertisement associating the next hop address with the host.

Abstract: Presented herein are techniques for actively monitoring, at a network controller, a network location of an endpoint connected to the network based on control plane updates. The network controller is configured to archive the network location of the endpoint, along with local information for the endpoint, in an endpoint tracking database of the network controller.

Abstract: A method is provided in one example embodiment and includes receiving at a controller an Address Resolution Protocol (“ARP”) packet from a source VXLAN Tunnel End Point (“VTEP”) serving a source host and identifying a destination, the source VTEP having assigned thereto a Virtual Network Identifier (“VNI”) identifying a VXLAN network to which the source VTEP and a plurality of other VTEPs belong, the ARP packet being received by the controller via a control plane; determining whether the received ARP packet is a request message; and, if the received ARP packet is a request message, determining whether address information for the identified destination is stored in a cache of the controller.

Abstract: A method is provided in one example embodiment and includes receiving at a controller an Address Resolution Protocol (“ARP”) packet from a source VXLAN Tunnel End Point (“VTEP”) serving a source host and identifying a destination, the source VTEP having assigned thereto a Virtual Network Identifier (“VNI”) identifying a VXLAN network to which the source VTEP and a plurality of other VTEPs belong, the ARP packet being received by the controller via a control plane; determining whether the received ARP packet is a request message; and, if the received ARP packet is a request message, determining whether address information for the identified destination is stored in a cache of the controller.

Abstract: A network controller for a network implementing a virtual network overlay determines a network gateway via which a service appliance accesses the network. The network controller determines a network gateway via which an application server accesses the network. The network controller distributes first policy data to the network gateway via which the service appliance accesses the network. This first policy data indicates a network policy such that when the policy is executed, the network gateway via which the service appliance accesses the network is configured to forward return packets addressed to a client device sent from an application server to the service appliance. The network controller distributes second policy data to the network gateway via which the application server accesses the network.

Abstract: The present disclosure provides systems, methods, and non-transitory computer-readable storage media for determining container to leaf switch connectivity information in a data center in a presence of blade switches and servers. In one aspect of the present disclosure, a method of determining container to leaf switch connectivity information of a data center utilizing at least one blade switch and at least one blade server, includes receiving, at a network controller, link connectivity information that includes south-bound neighboring information between the at least one blade switch of the data center and the at least one blade server of the data center; determining, at the network controller, the container to leaf switch connectivity information of the data center, based on the link connectivity information; and generating a visual representation of a topology of the data center based on the container to leaf switch connectivity information.

Abstract: A Location/Identifier Separation Protocol (LISP) mapping server, including: a network interface for communicating with a LISP-enabled network; a mapping database; an extranet policy table; and a shared subnetwork mapping engine (SSME), including at least a hardware platform, configured to: receive a map request from a first endpoint serviced by a first xTR, the first endpoint on a first subnetwork, the map request for a second endpoint; determine that the second endpoint is not a member of the first subnetwork; query the extranet policy table to identify a second subnetwork that the first subnetwork subscribes to, and to determine that the second endpoint is a member of the second subnetwork; and provide to the first subnetwork a routing locator (RLOC) of an xTR servicing the second endpoint.

Abstract: Techniques for virtual workload deployment based on computing resource hardware load and associated network hardware load. For each of a plurality of computing resources within one or more data centers onto which a virtual workload can be deployed, a computing resource hardware load of the respective computing resource is determined. Network topology information is maintained for at least one network fabric of the one or more data centers, and an associated network hardware load of a network device communicatively connected to the respective computing resource is determined. Embodiments automatically select one or more computing resources. The virtual workload is deployed onto the automatically selected one or more computing resources.

Abstract: A network device is configured to establish a messaging bus with a container networking plug-in, which is associated with a container virtual network. The network device is also configured to obtain, via the messaging bus, networking information for one or more containers hosted at the at least one container-hosting computing device. Based on the networking information, the network device provides visibility of one or more containers below the network device.

Abstract: A method is described and in one embodiment includes receiving at a top-of-rack (“TOR”) switch a notification concerning a virtual machine (“VM”), wherein the received notification identifies a host associated with the VM; determining whether the identified host is directly connected to the TOR switch; and if the identified host is not directly connected to the TOR switch, identifying an intermediate switch to which the identified host is directly connected; and determining whether the identified intermediate switch to which the identified host is directly attached is attached to the TOR switch.

Abstract: Systems, methods, and computer-readable media for OAM in overlay networks. In response to receiving a packet associated with an OAM operation from a device in an overlay network, the system generates an OAM packet. The system can be coupled with the overlay network and can include a tunnel endpoint interface associated with an underlay address and a virtual interface associated with an overlay address. The overlay address can be an anycast address assigned to the system and another device in the overlay network. Next, the system determines that a destination address associated with the packet is not reachable through the virtual interface, the destination address corresponding to a destination node in the overlay network. The system also determines that the destination address is reachable through the tunnel endpoint interface. The system then provides the underlay address associated with the tunnel endpoint interface as a source address in the OAM packet.

Abstract: A first network node of a computer network discovers a host route by leveraging a temporary host route on the control plane of the computer network. The first network node receives, from a source host, a request for a host route associated with a destination host. The first network node determines that it has not previously stored the host route associated with the destination host, and generates a temporary host route associated with the destination host. The first network node propagates the temporary host route across the control plane of the computer network, causing each respective network node to discover if the destination host is connected to the respective network node.

Abstract: Embodiments include determining computing resources within one or more data centers onto which a virtual workload can be deployed. Network state data is determined for a plurality of network resources within a network fabric of a data center. For each of the plurality of computing resources, embodiments determine a respective suitability value describing a fitness of the respective physical server for deploying at least a portion of the virtual workload. Such a determination includes determining a respective at least one of the plurality of network resources within the at least one network fabric corresponding to the respective computing resource and determining a current workload of the at least one network resource, based on the network state data. Upon selecting one or more computing resources of the plurality of computing resources based on the determined suitability values, embodiments deploy the virtual workload onto the selected one or more computing resources.

Abstract: In one embodiment, a method includes importing a route target for a remote Virtual Routing and Forwarding instance (VRF) at a leaf node in an overlay network, the leaf node comprising at least one local VRF configured thereon, processing routes received for the route target at the leaf node, and installing the routes for the remote VRF at the local VRF at the leaf node to enable inter-VRF communication via the leaf node. An apparatus and logic are also disclosed herein.

Abstract: Techniques are disclosed for configuring a LISP mobility network. A management tool receives a configuration for a network fabric. The configuration specifies values for one or more attributes associated with a Locator ID Separation Protocol (LISP)-enabled network. The management tool generates one or more commands based on the specified values for the one or more attributes associated with the LISP-enabled network. The generated commands are distributed to a plurality of network devices in the network fabric. Each network device executes the one or more commands to configure the network fabric.