Abstract: In general, techniques are described for representing services, network resources, and relationships between such services and resources in a graph database with which to validate, provision, and manage the services in near real-time. In one example, a controller device includes at least one processor; and at least one memory to store a graph database comprising a graph that represents network resources and relationships between network resources. The controller device receives, at an application programming interface, a data-interchange formatted message that indicates a service request to configure a network service; queries, at least a portion of the plurality of the graph, to determine whether a set of the plurality of network resources can satisfy the service request to provision the network service within the network; and configures the set of the plurality of network resources to provide the network service.

Abstract: A system includes a module associated with a first stage of a switch fabric directly coupled to a module associated with a second stage of the switch fabric via a single physical hop having multiple virtual channels. The module associated with the first stage is configured to assign a virtual channel identifier associated with a virtual channel with a data packet using a hash function and to send the data packet through the virtual channel based on the virtual channel identifier. The module associated with the second stage is configured to send a flow control signal to the module associated with the first stage when an available capacity of a queue is less than a predetermined threshold. The module associated with the first stage is configured to suspend sending data packets via the virtual channel in response to the flow control signal.

Abstract: A device may establish a communication session, with a client device, for monitoring a latency of a service. The device may receive, from the client device, a request for a monitored service list. The monitored service list may identify one or more services for which service latency monitoring is supported. The device may provide, to the client device, the monitored service list. The device may receive, from the client device, a service latency monitoring session request that may identify the service to be monitored. The device may establish, with the client device, the service latency monitoring session based on the service latency monitoring session request. The device may cause the service to be performed. The device may generate information for determining the latency of the service. The device may transmit, to the client device and via the service latency monitoring session, the information for determining the latency of the service.

Abstract: In general, techniques are described for dynamically scheduling and establishing paths in a multi-layer, multi-topology network to provide dynamic network resource allocation and support packet flow steering along paths prescribed at any layer or combination of layers of the network. In one example, a multi-topology path computation element (PCE) accepts requests from client applications for dedicated paths. The PCE receives topology information from network devices and attempts to identify paths through a layer or combination of layers of the network that can be established at the requested time in view of the specifications requested for the dedicated paths and the anticipated bandwidth/capacity available in the network. The PCE schedules the identified paths through the one or more layers of the network to carry traffic for the requested paths. At the scheduled times, the PCE programs path forwarding information into network nodes to establish the scheduled paths.

Abstract: A high-performance, scalable and drop-free data center switch fabric and infrastructure is described. The data center switch fabric may leverage low cost, off-the-shelf packet-based switching components (e.g., IP over Ethernet (IPoE)) and overlay forwarding technologies rather than proprietary switch fabric. In one example, host network accelerators (HNAs) are positioned between servers (e.g., virtual machines or dedicated servers) of the data center and an IPoE core network that provides point-to-point connectivity between the servers. The HNAs are hardware devices that embed virtual routers on one or more integrated circuits, where the virtual router are configured to extend the one or more virtual networks to the virtual machines and to seamlessly transport packets over the switch fabric using an overlay network. In other words, the HNAs provide hardware-based, seamless access interfaces to overlay technologies used for communicating packet flows through the core switching network of the data center.

Abstract: A system may comprise a first switch connected to an output of a first power source, a second switch connected to an output of a second power source, a first sensor connected to an output of the first switch, a second sensor connected to an output of the second switch, a third switch connected to the first sensor and the second sensor and connected to a load, and a control device connected to the first switch, the second switch, the first sensor, the second sensor, and the third switch.

Abstract: One or more devices are configured to receive information regarding network devices associated with a physical network. The one or more devices are configured further to generate configuration data based on the information regarding the network devices. The one or more devices are configured further to generate a virtual network based on the configuration data. The one or more devices are configured to send information regarding the virtual network to a client device. The one or more devices are configured to receive a change to the virtual network from the client device; and cause a change, corresponding to the change in the virtual network, to occur in the physical network.

Abstract: A device may detect an attack. The device may receive, from a client device, a request for a resource. The device may determine, based on detecting the attack, a computationally expensive problem to be provided to the client device, where the computationally expensive problem requires a computation by the client device to solve the computationally expensive problem. The device may instruct the client device to provide a solution to the computationally expensive problem. The device may receive, from the client device, the solution to the computationally expensive problem. The device may selectively provide the client device with access to the resource based on the solution.

Abstract: Techniques are described for determining the topology of an optical network. A computing device receives a message on a data communication network after a first device in an optical network receives an optical pulse pattern on an optical fiber in the optical network. The computing device generates topology data using the message. The topology data indicates that a second device is physically connected in the optical network to the first device when the received optical pulse pattern matches an optical pulse pattern sent by the second device.

Abstract: A device may receive an indication to generate a probe packet associated with a tunnel included in a first network. The tunnel may include a first tunnel endpoint and a second tunnel endpoint and may correspond to a path, associated with a second network, between the first tunnel endpoint and the second tunnel endpoint. The device may generate the probe packet including information associated with the tunnel. The device may provide the probe packet, via the first tunnel endpoint, such that the probe packet is received by a network device that lies on the path. The device may receive a response packet, associated with the probe packet and provided by the network device, that includes path information. The path information may include information associated with the network device. The device may store the path information to allow the network device to be identified as lying on the path.

Abstract: In one embodiment, an apparatus can include a filter module configured to receive multiple Media Access Control (MAC) addresses associated with multiple virtual ports instantiated at a first network device. Each virtual port from the multiple virtual ports can be associated with a MAC address from the multiple MAC addresses. The filter module can be configured to define a filter to be applied to a data frame sent between the first network device and a network switch, the filter being based at least in part on a MAC address prefix included in each MAC address from the plurality of MAC addresses. The MAC address prefix can include an identifier uniquely associated with a second network device at which the filter module operates.

Abstract: A high-performance, scalable data center switch fabric and infrastructure is described that provides a clean separation between of routing and forwarding information between a transport layer of the data center and a service layer of data center that includes the endpoint devices, such as virtual or physical machines deployed within the data center. For example, techniques are described that enable the automatic creation of a transport hierarchy of label switched paths (LSPs) across the transport layer of the data center. For example, the techniques may be applied with the Border Gateway Protocol (BGP) labeled unicast (LU) in a manner that constructs a hierarchy of LPSs in the transport layer of the data center.

Abstract: In general, techniques are described for configuration of label switched paths in multi-protocol label switched networks. A router comprising a control unit and an interface may be configured to perform the techniques. The control unit may determine a label to bind to the LSP. The interface may transmit a message specifying the label that has been bound to the LSP prior to confirming that the LSP has been successfully configured within the support router to use the bound label.

Abstract: A first component of a network device may provide an offload request to a second component of the network device to offload a data flow from the first component. The offload request may direct the second component to provide the data flow towards a destination device and bypass the first component. The first component may receive a beacon from the second component. The beacon may identify information regarding one or more data flows offloaded from the first component. The first component may process the one or more data flows based on the information regarding the one or more data flows included in the beacon and without receiving the one or more data flows.

Abstract: A system may include a set of 4N packet processors and a switching fabric to interconnect the set of 4N packet processors. The switching fabric may include the following switching elements having a size of at least 3N×3N: a first switching element, a second switching element, a third switching element, and a fourth switching element. The first switching element may be directly connected to the second switching element and the third switching element, and may be indirectly connected to the fourth switching element. The second switching element may be directly connected to the fourth switching element, and may be indirectly connected to the third switching element. The third switching element may be directly connected to the fourth switching element.

Abstract: Techniques are described for specifying and constructing multi-protocol label switching (MPLS) rings. Routers may signal membership within MPLS rings and automatically establish ring-based label switch paths (LSPs) as components of the MPLS rings for packet transport within ring networks. In one example, a router includes a processor configured to establish an MPLS ring having a plurality of ring LSPs. Each of the ring LSPs is configured to transport MPLS packets around the ring network to a different one of the routers operating as an egress router for the respective ring LSP. Moreover, each of the ring LSPs comprises a bidirectional, multipoint-to-point (MP2P) LSP for which any of the routers can operate as an ingress to source packet traffic into the ring LSP for transport to the respective egress router for the ring LSP. Separate protection paths, bypass LSPs, detours or loop-free alternatives need not be signaled.

Abstract: Described herein are methods, systems, and apparatuses to utilize a semiconductor optical amplifier (SOA) comprising a silicon layer including a silicon waveguide, a non-silicon layer disposed on the silicon layer and including a non-silicon waveguide, first and second mode transition region comprising tapers in the silicon waveguide and/or the non-silicon waveguide for exchanging light between the waveguide, and a plurality of regions disposed between the first and second mode transition regions comprising different cross-sectional areas of the silicon waveguide and the non-silicon waveguide such that confinement factors for the non-silicon waveguide in each of the plurality of regions differ.

Abstract: This disclosure describes techniques for provisioning a CMTS to re-direct customer traffic into virtualized network functions (NFVs) service chains. This disclosure describes, in one example, techniques for providing linkage between DOCSIS service flows and NFV service chains in the DOCSIS provisioning system by embedding information within cable modem boot files used to configured cable modems within the broadband system. In one example, the techniques facilitate the definition of an NFV service-chain in the DOCSIS cable modem boot file provisioning system. A supported CMTS, CCAP or Edge Router intercepts and interprets the configuration to install packet classifiers that steer specific subscriber flows, as detailed in the DOCSIS cable modem boot file, through the service-chain.

Abstract: In general, techniques are described for decapsulating and forwarding VPLS frames in a hybrid PE router space. In one example, a method includes sending a first control plane message that includes first configuration information to a first PE router, the first control plane message comprising a request that the VPLS frames include a control word when forwarded to the first PE router. The first PE router may receive from a second PE router a second L3 control plane message that includes second configuration information for forwarding VPLS frames to the second PE router, the second L3 control plane message not comprising a request to include the control word when forwarded to the second PE router. The method may include configuring a forwarding plane of the first PE router to process VPLS frames that are received from the second PE router without processing the VPLS frames to remove the control word.

Abstract: An automatic transfer switch (ATS) is described that includes a multi-structure of relays that together provide proper spacing, within the ATS, between a first power feed and a second power feed. A monitor circuit is also described that monitors output ports of relays in the first stage of the multi-stage structure and detects that there is or is not proper spacing between the first power feed and the second power feed, within the ATS.