Abstract: The disclosure provides an approach for reducing multicast traffic within a network by optimizing placement of virtual machines within subnets and within hosts, and by optimizing mapping of overlay multicast groups to underlay multicast groups. In one embodiment, substantially all VMs of a multicast group are migrated to the same subnet of the network. Thereafter or independently, VMs in the same subnet are migrated to the same host, ideally to the subnet proxy endpoint of that subnet. In the same or in another embodiment, if multiple overlay groups map to the same underlay group, one or more of the overlay groups may be remapped to a separate underlay group to improve network performance.

Abstract: For a managed network implementing at least one logical router having centralized and distributed components, some embodiments provide a method for configuring a managed forwarding element (MFE) executing on a first host machine to implement a distributed multicast logical router and multiple logical switches logically connected to the logical router in conjunction with a set of additional MFEs executing on additional host machines to process multicast data messages. The method receives a multicast group report from a data compute node (DCN) that executes on the first host, sends a summarized multicast group report indicating multicast groups joined by DCNs executing on the first host to a set of central controllers, receives data based on an aggregated multicast group report from the set of central controllers, and uses the data based on the aggregated multicast group report to configure the MFE to implement the distributed multicast logical router.

Abstract: Examples disclosed herein relate to selecting an optimal network device for reporting flow table misses upon expiry of a flow in a software defined network, comprising. An SDN enabled device is selected, from a plurality of software defined network (SDN) enabled devices, for reporting a flow table miss upon expiry of a flow to an SDN controller, based on a pre-defined factor.

Abstract: In response to movement of a wireless device, an active tunnel between switches is dynamically included as a member of a virtual network over which the wireless device communicates, where data communicated in the virtual network is carried over the active tunnel, and where the virtual network is overlaid on an underlay physical network that includes the switches and the wireless access points.

Abstract: Example methods are provided for a host to perform Media Access Control (MAC) address learning in a virtualized computing environment. The host includes multiple physical network interface controllers (NICs) configured as a team. The method may comprise: in response to detecting an egress packet that includes a source MAC address from a virtualized computing instance, learning address mapping information that associates the source MAC address with a virtual port; and sending the egress packet to a physical network via a first physical NIC selected from the team based on a NIC teaming policy. The method may also comprise: in response to detecting an ingress packet that also includes the source MAC address, determining whether the source MAC address has moved based on whether the ingress packet is received via the first physical NIC, or a second physical NIC from the team, but otherwise, maintaining the address mapping information.

Abstract: An approach for improving throughput for encapsulated network traffic is provided. In an embodiment, a method comprises obtaining a plurality of network addresses of a plurality of intermediaries that facilitate communications between a plurality of virtual machines. A set of source-destination intermediary pairs is determined based on the plurality of network addresses, and for each source-destination intermediary pair, from the set of source-destination intermediary pairs, a precomputed encapsulated header is generated and included in a set of precomputed encapsulated headers.

Abstract: For a managed network implementing at least one logical router having centralized and distributed components, some embodiments provide a method for configuring a managed forwarding element (MFE) executing on a first host machine to implement a distributed multicast logical router and multiple logical switches logically connected to the logical router in conjunction with a set of additional MFEs executing on additional host machines to process multicast data messages. The method receives a multicast group report from a data compute node (DCN) that executes on the first host, sends a summarized multicast group report indicating multicast groups joined by DCNs executing on the first host to a set of central controllers, receives data based on an aggregated multicast group report from the set of central controllers, and uses the data based on the aggregated multicast group report to configure the MFE to implement the distributed multicast logical router.

Abstract: Example methods are provided for a first host to maintain data-plane connectivity with a second host via a third host in a virtualized computing environment. The method may comprise identifying an intermediate host, being the third host, having data-plane connectivity with both the first host and the second host. The method may also comprise: in response to detecting, from a first virtualized computing instance supported by the first host, an egress packet that includes an inner header addressed to a second virtualized computing instance supported by the second host, generating an encapsulated packet by encapsulating the egress packet with an outer header that is addressed from the first host to the third host instead of the second host; and sending the encapsulated packet to the third host for subsequent forwarding to the second host.

Abstract: Exemplary methods, apparatuses, and systems maintain network membership information for a host when it is disconnected from a controller. When the host detects a loss of connectivity with the network controller, the host identifies and selects one or more hosts that are members of a control logical network. The control logical network includes hosts configured to run data compute nodes that are members of the overlay network, regardless of whether or not each of the hosts is currently running a data compute node that is a member of the overlay network. The host then sends any broadcast, unknown destination, or multicast (BUM) data packet(s) to the selected one or more hosts.

Abstract: For a managed network implementing at least one logical router having centralized and distributed components, some embodiments provide a method for processing multicast data messages at a first managed forwarding element (MFE) executing on a first host machine that implements a distributed multicast logical router and multiple logical switches logically connected to the logical router in conjunction with a set of additional MFEs executing on additional host machines. The method replicates multicast data messages received from a source data compute node (DCN), operating on the first host machine, that logically connects to a first logical switch of the multiple logical switches. The method replicates the multicast data message to a set of DCNs in the multicast group in the logical network without routing through a centralized local multicast router.

Abstract: Some embodiments provide a method for configuring a set of MFEs to implement a distributed multicast logical router and multiple logical switches to process the multicast data messages. The method sends, from a managed forwarding element (MFE) implementing the distributed multicast logical router, a multicast group query to a set of data compute nodes (DCNs) that are logically connected to one of several logical switches and that execute on the same host machine as the managed forwarding element. The method receives multicast group reports from a subset of the set of DCNs and at least one of the multicast group reports specifies a multicast group of interest. The method distributes, to a set of MFEs executing on other host machines, a summarized multicast group report specifying a set of multicast groups of interest to the first MFE (i.e., multicast groups that the first MFE participates in).

Abstract: For a managed network implementing at least one logical router having centralized and distributed components, some embodiments provide a method for configuring a managed forwarding element (MFE) executing on a first host machine to implement a distributed multicast logical router and multiple logical switches logically connected to the logical router in conjunction with a set of additional MFEs executing on additional host machines to process multicast data messages. The method receives a multicast group report from a data compute node (DCN) that executes on the first host, sends a summarized multicast group report indicating multicast groups joined by DCNs executing on the first host to a set of central controllers, receives data based on an aggregated multicast group report from the set of central controllers, and uses the data based on the aggregated multicast group report to configure the MFE to implement the distributed multicast logical router.

Abstract: Example methods are provided for a host to perform Media Access Control (MAC) address learning in a virtualized computing environment. The host includes multiple physical network interface controllers (NICs) configured as a team. The method may comprise: in response to detecting an egress packet that includes a source MAC address from a virtualized computing instance, learning address mapping information that associates the source MAC address with a virtual port; and sending the egress packet to a physical network via a first physical NIC selected from the team based on a NIC teaming policy. The method may also comprise: in response to detecting an ingress packet that also includes the source MAC address, determining whether the source MAC address has moved based on whether the ingress packet is received via the first physical NIC, or a second physical NIC from the team, but otherwise, maintaining the address mapping information.

Abstract: Example methods are provided for a first host to restore control-plane connectivity with a network management entity. The method may comprise: detecting a loss of control-plane connectivity between the first host and the network management entity; and determining connectivity status information associated with one or more second hosts. The method may also comprise, based on the connectivity status information, selecting, from the one or more second hosts, a proxy host having data-plane connectivity with the first host and control-plane connectivity with the network management entity. The method may further comprise restoring control-plane connectivity between the first host with the network management entity via the proxy host such that the first host is able to send control information to, or receive control information from, the network management entity via the proxy host.

Abstract: Example methods are provided for a first host to perform address resolution suppression in a logical network. The first host may support a first virtualized computing instance located on the logical network and a first hypervisor. The method may comprise the first hypervisor broadcasting a notification message within the logical network to trigger one or more control messages, and learning protocol-to-hardware address mapping information associated with multiple second virtualized computing instances located on the logical network based on the one or more control messages. The method may also comprise: in response to the first hypervisor detecting an address resolution request message that includes a protocol address associated with one of the multiple second virtualized computing instances, the first hypervisor generating and sending an address resolution response message to a first virtualized computing instance without broadcasting the address resolution request message on the logical network.

Abstract: Examples disclosed herein relate to controlling an unknown flow inflow to an SDN controller in a software defined network (SDN). In an example, an optimizer may be provided, between a switch and an SDN controller, to intercept an unknown flow from the switch to the SDN controller, in a software defined network. A portion of a data packet from each data packet in a plurality of data packets from the unknown flow may be aggregated at the optimizer. Only the aggregated portion of the data packet from each data packet may be sent, from the optimizer to the SDN controller, in a single package.

Abstract: Examples disclosed herein relate to selecting an optimal network device for reporting flow table misses upon expiry of a flow in a software defined network, comprising. An SDN enabled device is selected, from a plurality of software defined network (SDN) enabled devices, for reporting a flow table miss upon expiry of a flow to an SDN controller, based on a pre-defined factor.

Abstract: In response to movement of a wireless device, an active tunnel between switches is dynamically included as a member of a virtual network over which the wireless device communicates, where data communicated in the virtual network is carried over the active tunnel, and where the virtual network is overlaid on an underlay physical network that includes the switches and the wireless access points.

Abstract: Examples herein disclose detecting when a control plane within a switch suffers a failure. The failure of the control plane is communicated to a software defined networking (SDN) controller. A data plane forwards traffic based on communications with the SDN controller.

Abstract: In one implementation, a network controller includes a path analysis module, an instruction module, and a distribution module. The path analysis module defines a data path including a plurality of network devices for a flow within a network in response to a data path request from a network device. The instruction module generates a first message including an instruction to establish a first forwarding rule at a first network device, and a second message including a first instruction to establish a second forwarding rule at a second network device and a second instruction to establish a third forwarding rule at a third network device. The distribution module provides the first message to the first network device and the second message to the second network device.