Abstract: In general, the invention relates to a method for programming a network element. The method includes detecting an addition of a first route in a routing information base (RIB) on the network element, adding, in response to detecting the addition, a first route network prefix associated with the first route to a network prefix trie (NPT), identifying, based on the adding, a first parent network prefix for the first route network prefix using the NPT, making a first determination that the first route network prefix and the first parent network prefix are reachable via a first common next hop connected to the network element, and waiving, based on the first determination, a creation of a forwarding information base (FIB) entry associated with the first route network prefix in a FIB on the network element.

Abstract: Techniques for implementing resilient hashing with multiple hashes are provided. In one set of embodiments, a network device can maintain a first hash table comprising mappings between a first set of hash indices and a set of bit values. The network device can also maintain a second hash table comprising mappings between a second set of hash indices and active next-hop destinations. Upon receiving a network packet, the network device can compute a first hash and can match the first hash value to a first mapping in the first hash table based on the first mapping's hash index. When the first mapping's bit value indicates that the first mapping's hash index corresponds to an active next-hop destination, the network device can further match the first hash value to a second mapping in the second hash table and send the network packet to the second mapping's active next-hop destination.

Abstract: A method and apparatus of a device that determines a match for a destination address using an exact match table and a longest prefix match table of a network element is described. In an exemplary embodiment, the network element receives a data packet that includes a destination address. The network element generates a key for the destination address, wherein the key represents more addresses than the destination address. The network element further performs an address lookup using the key in an exact match table. Furthermore, a match in the address lookup indicates a first transmitting interface of the network element. The network element additionally performs an address lookup using the destination address with a longest prefix match table, wherein a match in the address lookup indicates a second transmitting interface of the network element.

Abstract: Multicast traffic in a virtual extensible local area network (VXLAN). In some embodiments, a method is provided. The method includes registering a network device as a virtual extensible local area network (VXLAN) tunnel endpoint (VTEP) of a VXLAN. The VXLAN includes an overlay network and the overlay network is implemented on an underlay network. The method also includes receiving multicast traffic from the multicast source. The method further includes transmitting the multicast traffic to one or more multicast receivers using the underlay network.

Abstract: In some implementations, a method is provided. The method includes detecting a reboot of a network device. The method also includes determining a set of causes for a reboot of the network device. The method further includes updating a reboot log to include a first entry associated with the reboot of the network device. The first entry indicates the set of causes for the reboot of the network device. The reboot log includes a plurality of previous entries. The plurality of previous entries are associated with previous reboots of the network device. The plurality of previous entries indicates previous sets of causes for the previous reboots of the network device.

Abstract: A method for managing networking devices. The method includes receiving, by a second management system, first network device state information (NDSI) for a first plurality of network devices, where the first NDSI is obtained by a first management system and where the first management system manages the first plurality of network devices. The method further includes initiating performance of a management action based on a result, wherein the result is obtained by processing at least the first NDSI.

Abstract: A method and apparatus of a device that triggers a pause watchdog is described. In an exemplary embodiment, the device receives a pause message from a second network element on a first network element, where the pause message indicates that data should not be transmitted by the first network element. The device additionally triggers a pause watchdog on the first network element if the pause message is above a pause watchdog threshold, where the pause watchdog reduces the effect of the pause message.

Abstract: Various embodiments of a network element comprising a control plane including stream tracer logic are described herein. The network element additionally includes a data plane coupled to the control plane, where the data plane includes forwarding logic to forward a unit of network data from an ingress interface to an egress interface. The stream tracer logic can be configured to cause marking logic to mark selected units of network data for to be counted by counting logic and to cause the counting logic to count marked units of network data. The stream tracer logic can determine whether units of network data are dropped within the forwarding logic via comparison of an ingress count of the marked units of network data with an egress count of the marked units of network data.

Abstract: A network device includes a database that includes database entries, an external data that includes external data entries, an interpreter, and a standing query instance (SQI). The interpreter is programmed to convert an external data entry into a temporary database entry and provide the temporary database entry to the database. The SQI is programmed to obtain a database entry and the temporary database entry from the database and generate an output based on the database entry and the temporary database entry.

Abstract: Embodiments of the invention may relate to a method for routing protocol area abstraction. The method may include electing an area leader from among network devices; generating, by the area leader, an area representation node identifier associated with the first area; distributing, by the area leader, the area representation node identifier to area edge devices; receiving, from the area edge devices, second area link state packets (LSPs); generating, by the area leader and using the second area LSPs, an area representation node LSP that includes the area representation node identifier and area neighbor adjacencies; and distributing, by the area leader, the area representation node LSP to a plurality of network devices in a second area of the network. In response to receiving a copy of the area representation node LSP, each of the network devices in the second area may advertise an adjacency to an area representation node.

Abstract: A method and system for inspecting unicast network traffic between end points residing within a same zone. Specifically, the method and system disclosed herein entail the provisioning of unique forward-service and reverse-service virtual network identifiers (VNIs), and corresponding virtual layer-2 (VL2) forward-service and reverse-service broadcast domains, respectively, to communications originating from and destined to intercept hosts.

Abstract: Methods, systems, and computer readable mediums for hitless repair. Hitless repair may include making a first determination, by a system control device (SCD) agent of a network device, that a SCD of the network device has experienced an error and/or is to be updated; making a second determination, by the SCD agent, that the SCD and the network device support the hitless repair; performing, by the SCD agent, a pre-hitless repair action set; and performing, by the SCD agent and after completing the pre-hitless repair action set, a post-hitless repair action set, including a hitless reset of the SCD.

Abstract: A method and system for inspecting cross-zone network traffic between end points residing within different zones. Specifically, the method and system disclosed herein entail the provisioning of unique forward-service and reverse-service virtual network identifiers (VNIs), and corresponding virtual layer-2 (VL2) forward-service and reverse-service broadcast domains, respectively, to communications originating from and destined to intercept hosts.

Abstract: Embodiments disclosed herein relate to methods and computer-readable mediums for preserving forwarding equivalence class (FEC) hierarchy weights, which may include obtaining a FEC hierarchy; obtaining a target height for the FEC hierarchy; identifying within the FEC hierarchy a FEC node comprising pointers to a plurality of lower level FEC nodes; making a first determination that a height of the FEC node is greater than the target height; obtaining a rebasing factor for the FEC node; and updating weights for the plurality of lower level FEC nodes using the rebasing factor to obtain an updated FEC hierarchy.

Abstract: A network device is provided. The device includes a housing and a switch card, mounted within the housing and having one or more connectors. A plurality of line cards are oriented parallel to each other and orthogonal to the switch card and assembled to the one or more connectors of the switch card. The switch card has a chip, with a plurality of switches or routing paths, and the switch card and the chip couple to the plurality of line cards through the one or more connectors.

Abstract: Packet forwarding includes creating a first lookup table for mapping packets to nodes based on the number of nodes in a first set of nodes. A received packet is mapped to a mapping value using a predetermined mapping function. The first lookup table is indexed using a first subset of bits comprising the mapping value. A second lookup table is created in response to adding a node to the first set of nodes. A subsequently received packet is mapped to a mapping value using the same predetermined mapping function to index the second lookup table using a second subset of bits comprising the mapping value.

Abstract: In some implementations, a method is provided. The method includes determining that a network device will perform a reboot. The method also includes saving state information. The state information comprises data used by the network device to process address resolution protocol (ARP) messages. The method further includes initiating the reboot of the network device. The method further includes initiating a first ARP service. The first ARP service is configured to process ARP messages during the reboot of the network device.

Abstract: A method and apparatus of a network element that installs a device driver used to manage hardware of the network element is described. In an exemplary embodiment, the network element detects, with a functionality of a network element operating system, the hardware of a data plane of the network element, where at least one component of the network element operating system is executing in a first container as a first set of processes. The network element further determines a device driver for the hardware and installs the device driver in a kernel of the host operating system. The network element additionally manages the data, with the network element operating system, using the device driver.

Abstract: A method and apparatus of a network element that processes data using a data processing pipeline with standby memory is described. In one embodiment, the network element prepares a new image for the data processing pipeline of the network element, where the data processing pipeline processes incoming network data received by the network element and the new image modifies a current set of functionalities of the data processing pipeline. The network element further writes the new image into a standby memory of the data processing pipeline, where the network element includes an active memory that programs the current set of functionalities of the data processing pipeline. In addition, the network element programs the data processing pipeline using the new image. The network element additionally processes the incoming network data received by using the data processing pipeline using modified current set of functionalities.

Abstract: A method and apparatus of a device that simulates a plurality of network elements is described. In an exemplary embodiment, the device receives network topology information for the plurality of simulated network elements. The device further instantiates a container for each of the plurality of simulated network elements. The device additionally configures a set of processes for each of the plurality of containers, where each of the set of processes simulates at least one of the plurality of simulated network elements. The plurality of set of processes further implements a network topology represented by the network topology information. The device performs a test of the network topology and saves the results of the test.