Abstract: A source access network device multicasts copies of a packet to multiple core switches, for switching to a same target access network device. The core switches are selected for the multicast based on a load balancing algorithm managed by a central controller. The target access network device receives at least one of the copies of the packet and generates at least metric indicative of a level of traffic congestion at the core switches and feeds back information regarding the recorded at least one metric to the controller. The controller adjusts the load balancing algorithm based on the fed back information for selection of core switches for a subsequent data flow.

Abstract: Solder reflow compatible connections between optical components are provided by use of reflow compatible epoxies to bond optical components and remain bonded between the optical components at temperatures of at least 260 degrees Celsius for at least five minutes. In some embodiments, the reflow compatible epoxy is index matched to the optical channels in the optical components and is disposed in the light path therebetween. In some embodiments, a light path is defined between the optical channels through at least a portion of an air gap between the optical components.

Abstract: In one embodiment, a device in a network captures domain name system (DNS) response data from a DNS response sent by a DNS service to a client in the network. The device captures session data for an encrypted session of the client. The device makes a determination that the encrypted session is malicious by using the captured DNS response data and the captured session data as input to a machine learning-based or rule-based classifier. The device performs a mediation action in response to the determination that the encrypted session is malicious.

Abstract: An access point in a wireless network communicates wirelessly with one or more client devices over a channel that includes a plurality of subchannels. Radar is detected on a first subchannel of the plurality of subchannels. It is determined to puncture the first subchannel, based on the detecting the radar on the first subchannel and based on one or more puncturing factors. The first subchannel is punctured, the puncturing comprising muting one or more subcarriers on the first subchannel.

Abstract: In one embodiment, a mobile receiver of a mobile station in communication with a current base station of a plurality of base stations receives hello packets from one or more base stations the plurality of base stations, each hello packet including a base station identifier that identifies which base station transmitted that packet. The receiver determines, based on the hello packets, signal strength values associated with each of the plurality of base stations. The receiver periodically analyzes the signal strength values associated with the current base station, to determine whether those signal strength values exceed a threshold value associated with the current base station.

Abstract: Techniques are disclosed for determining, at a first wireless access point (AP), one or more radio resource management (RRM) input parameters. The one or more RRM input parameters are determined based on a line of sight (LOS) estimate between two wireless stations (STAs). A plurality of RRM values are generated based on the one or more RRM input parameters. A wireless connection is established between the first AP and a first STA using the RRM values.

Abstract: In one embodiment, a device classification service forms a device cluster by applying clustering to telemetry data associated with a plurality of devices. The service obtains device type labels for the device cluster. The service generates a device type classification rule using the device type labels and the telemetry data. The service determines whether the device type classification rule should be revalidated by applying a revalidation policy to the device type classification rule. The service revalidates the device type classification rule, based on a determination that the device type classification rule should be revalidated.

Abstract: This disclosure describes methods and systems to for a method for a first computing node to receive frequency information of a system clock. The first computing node receives the frequency information of the system clock from a second computing node at a physical layer of a connection between the first computing node and the second computing node. The first computing node also receives a message from the second computing node at above the physical layer of the connection between the first computing node and the second computing node. The message includes an attestation of the frequency information from which the first computing node may verify that the second computing node is a trusted source of the frequency information.

Abstract: In one embodiment, a first networking device sends, to a second networking device, a training frame of a transmitter training signal (TTS) that includes a request for the second networking device to enable a protocol on the second networking device. In addition, the first networking device receives, from the second networking device, an indication that the second networking device has enabled the protocol on the second networking device. The first networking device may also send, using the protocol, first flow-control information indicating a number of data packets sent by the first networking device to the second networking device and a number of acknowledgments received from the second networking device, in addition to receiving second flow-control information indicating a number of data packets received at the second networking device from the first networking device and a number of acknowledgments sent by the second networking device to the first networking device.

Abstract: Techniques for tuning an optical communication system are disclosed. The system includes a first signal path for transmitting data, including an optical source, a first one or more variable optical attenuators (VOAs), a modulator, and a transmission fiber. The system further includes a second signal path for receiving data, including a receiver fiber and a second one more VOAs. The first one or more VOAs are tuned using the optical source in the first signal path for transmitting data, based on comparing a plurality of optical signal power values in the first path while a first tuning mode is enabled. The second one or more VOAs are tuned, using the optical source in the first signal path for transmitting data, based on comparing a plurality of optical signal power values in the second path while a second tuning mode is enabled.

Abstract: Techniques for initiator-based data-plane validation of segment routed, multiprotocol label switched (MPLS) networks are described herein. In examples, an initiating node may determine to validate data-plane connectivity associated with a network path of the MPLS network. The initiating node may store validation data in a local memory of the initiating node. In examples, the initiating node may send a probe message that includes a request for identification data associated with a terminating node. The terminating node may send a probe reply message that includes the identification data, as well as, in some examples, a code that instructs the initiating node to perform validation. In examples, the initiating node may use the validation data stored in memory to compare to the identification data received from the terminating node to validate data-plane connectivity. In some examples, the initiating node may indicate a positive or negative response after performing the validation.

Abstract: Embodiments include a multimode interference (MMI) device with offset facets. The MMI device includes a first set of facets positioned on opposite edges of the MMI device with an optical path between the set of facets. The MMI device also includes a second set of facets positioned on opposite edges of the MMI device, where the second set of facets are offset from the first set of facets, where a second optical path passes through the MMI device between the second set of facets.

Abstract: This technology enables normalized lookup and forwarding for diverse virtual private networks in multi-site network fabric deployments. A source device on a first Layer 2 site transmits a frame to a destination device on the same subnet, but on a second Layer 2 site. The frame is encapsulated and routed to a fabric border node. The fabric border node matches the source subnet to the destination subnet and transmits an address request protocol (“ARP”). In response to not receiving a reply to the ARP, the fabric border node transmits a map request to a Layer 3 transit fabric control plane node. The control plane node extracts a destination identifier from the map request and determines that the destination identifier is a Layer 2 identifier. The control plane node transmits a map reply to the fabric border node, where the frame is re-encapsulated and forwarded to the destination device.

Abstract: In one embodiment, dynamic user private networks are virtually segmented within a shared virtual network. A network control system maintains the dynamic logical segmentation of the shared virtual network. User entities (e.g., user devices and/or services) are communicatively coupled to respective personal virtual networks via endpoints of access devices. Each of these endpoints is associated with a corresponding user private network. Responsive in real-time to automated processing of a received electronic particular user request, the network control system automatically modifies the dynamic logical segmentation of the shared virtual network to move a particular user entity on the shared virtual network to newly being on the first dynamic user private network without being disconnected from the shared virtual network. One embodiment uses different user private network identifiers (UPN-IDs) associated with endpoints and received packets to identify their respective user private network.

Abstract: In one embodiment, a service receives a plurality of device type classification rules, each rule comprising a device type label and one or more device attributes used as criteria for application of the label to a device in a network. The service estimates, across a space of the device attributes, device densities of devices having device attributes at different points in that space. The service uses the estimated device densities to identify two or more of the device type classification rules as having overlapping device attributes. The service determines that the two or more device type classification rules are in conflict, based on the two or more rules having different device type labels. The service generates a rule conflict resolution that comprises one of the device type labels from the conflicting two or more device type classification rules.

Abstract: Techniques for key distribution are provided. A first symmetric key is generated for a first downstream site, and a second symmetric key is generated for a second downstream site. The first symmetric key is transmitted to the first downstream site, and the second symmetric key is transmitted to the second downstream site. Upon receiving an indication that the first symmetric key was successfully deployed at the first downstream site, the first symmetric key is deployed on a first network node of an upstream site. Finally, upon determining that the second symmetric key was not successfully deployed at the second downstream site, techniques include refraining from deploying the second symmetric key to a second network node of the upstream site, where the second network node continues to communicate with the second downstream site using an original symmetric key.

Abstract: In one embodiment, a device obtains characteristics of a first anomaly detection model executed by a first distributed learning agent in a network. The device receives a query from a second distributed learning agent in the network that requests identification of a similar anomaly detection to that of a second anomaly detection model executed by the second distributed learning agent. The device identifies, after receiving the query from the second distributed learning agent, the first anomaly detection model as being similar to that of the second anomaly detection model, based on the characteristics of the first anomaly detection model. The device causes the first anomaly detection model to be sent to the second distributed learning agent for execution.

Abstract: This technology enables prioritization of Multiple Stream Reservation Protocol (“MSRP”) transmissions in Audio Video Bridging (“AVB”) virtual local area networks (“VLANs”). An AVB switch receives a status from listener devices, associates a state with each of the statuses indicating whether each listener device is active or in-active, and stores each state in a database. For each listener device, a queue of MSRP protocol data unit (“PDU”) packets exists to be transmitted to the listener device. The AVB switch searches the database for listener devices with an active state, searches the queue for each active listener device for packets associated with an active state, and transmits the packets associated with the active state to each active listener device. Subsequently, the AVB switch searches each listener device's queue for packets associated with an in-active state and transmits the packets associated with an in-active state to each listener device.

Abstract: In one embodiment, an electronic device maintains one or more tunnel-based overlays for a communication network. The communication network includes two or more physical provider networks. The device maintains a mapping between a particular application and the one or more overlays for the communication network. The device adjusts the mapping between the particular application and the one or more overlays for the communication network. The device causes one or more routers in the communication network to route traffic for the particular application according to the adjusted mapping between the application and the one or more overlays for the communication network.

Abstract: In one embodiment, a supervisory service of a parking area may send a light fidelity (Li-Fi) based advertisement indicative of an offer to send video streams of the parking area to an autonomous vehicle. The supervisory service may receive an acceptance of the offer by the autonomous vehicle that includes an identifier for the autonomous vehicle. The supervisory service may identify one or more video streams of the parking area as associated with the autonomous vehicle based in part on a location of the autonomous vehicle in the parking area. The supervisory service may annotate the one or more identified video streams with metadata regarding a feature of the parking area. The supervisory service may send the annotated one or more video streams to the autonomous vehicle, wherein the autonomous vehicle uses the metadata of the annotated one or more video streams to avoid the feature of the parking area.