Abstract: A network device may receive, from a timing source of a network, timing information. The network device may identify a client device to which the timing information is to be provided, wherein the network device provides an interface between the client device and the network. The network device may select a virtual network address to associate with a timing agent of the network device, wherein the virtual network address is within an address range that is reachable by the client device. The network device may provide to the client device, and via a network layer communication, a timing control packet comprising the timing information, wherein the timing control packet identifies the virtual network address as a source network address of the timing control packet, and wherein the timing information is to be used by the client device to update a clock of the client device.

Abstract: In general, techniques are disclosed to facilitate communicating within computer networks. For example, a layer three (L3) router including a service card and an interface card may be configured to perform the techniques. The interface card receives a query from a network that sources communications in accordance with a plurality of models. The query may specify a customer device and one of the sourced communications, and request that the service card select one of the models for the specified sourced communication and the specified customer device. The service card further stores data defining a profile for the one of the customer devices. The service card may also, in response to the query, analyze the profile data for the specified customer device to determine the selected one of the models for the specified sourced communication with respect to the specified customer device.

Abstract: A network device may receive one or more packets, and may determine a flow control parameter, a rate limiting parameter, and a statistical sampling parameter associated with a slow counter. The network device may determine whether the flow control parameter satisfies a first threshold, whether the rate limiting parameter satisfies a second threshold, and whether the statistical sampling parameter satisfies a third threshold. The network device may identify a counter event associated with one of the one or more packets, and may selectively assign the counter event to a fast counter when at least one of the first threshold, the second threshold, or the third threshold being satisfied, or to the slow counter when none of the first threshold, the second threshold, and the third threshold being satisfied.

Abstract: A network device may detect an error associated with a packet based on error information being generated from processing the packet at a layer of a network stack. The network device may determine, based on detecting the error, metadata associated with the packet. The network device may generate telemetry data to include the metadata. The network device may provide the telemetry data to a network analyzer for policy enforcement.

Abstract: A device may receive, from a network device in near-real time, a packet of data associated with network traffic of a network, wherein the packet includes privacy-related data and network-related data. The device may read the privacy-related data from the packet. The device may generate anonymous data based on the privacy-related data, wherein the anonymous data obscures the privacy-related data. The device may generate a mapping between the anonymous data and the privacy-related data. The device may combine the anonymous data and the network-related data to generate a masked packet. The device may provide the masked packet to a server device. The device may receive, from the server device, data identifying a recommendation that is generated by processing the masked packet with an artificial intelligence model. The device may perform one or more actions based on the recommendation.

Abstract: A device determines a first current, of a first input phase of a power system, and a second current, of a second input phase of the power system. The device determines whether the first input phase and the second input phase are balanced based on the first current and the second current. When the first input phase and the second input phase are not balanced, the device selects the first input phase and an output phase of the power system. The device balances the first input phase and the second input phase by using the first input phase and the output phase.

Abstract: A network device may receive policy data identifying a first segment routing (SR) policy and a second SR policy. The first SR policy may be associated with a first path through a network and a first next hop, and the second SR policy may be associated with a second path through the network and a second next hop. The network device may advertise, to another device, reachability associated with the first next hop and the second next hop, and may receive, from the other device, a packet with a header. The network device may determine, from the header, data identifying the first next hop or the second next hop, without performing a lookup, and may cause the packet to be routed to a destination address, via the first path or the second path, based on the policy data associated with the first next hop or the second next hop.

Abstract: A network device may receive a packet and may determine whether a next header of the packet is an Internet protocol (IP) header, an Internet control message protocol (ICMP) header, or a segment routing header. The network device may determine, when the next header of the packet is the IP header, whether policy processing of the packet is set to ultimate segment decapsulation and may discard the packet when the policy processing of the packet is not set to ultimate segment decapsulation. The network device may decapsulate an outer header of the packet when the policy processing of the packet is set to ultimate segment decapsulation and may process the packet after decapsulating the outer header of the packet, to generate a processed packet. The network device may forward the processed packet toward a destination.

Abstract: A network device may receive, from a source device, an option request that includes a source address of the source device and a destination address of a destination device, wherein the network device is associated with an Internet protocol version 6 (IPv6) network. The network device may identify a map code that is associated with an address translation for traffic associated with the destination device and may determine, based on identifying the map code, a source prefix code and a destination prefix code for the address translation. The network device may determine a source IPv6 prefix and a destination IPv6 prefix for the address translation based on the source prefix code and the destination prefix code and may provide, to the source device, an option response to the option request to permit the source device to use the source IPv6 prefix and the destination IPv6 prefix for the traffic.

Abstract: A first network device may receive a request associated with forming a high-availability cluster with a second network device, wherein the first network device is associated with a session of a user device. The first network device may determine, based on authorization information associated with the first network device, that the first network device is authorized to form the high-availability cluster. The first network device may configure communication links with the second network device to form the high-availability cluster. The first network device may synchronize, with the second network device, session information associated with the session via the communication links. The first network device may route session traffic of the session to the second network device and a data network to enable the user device to receive a high-availability service during the session.

Abstract: In general, various aspects of the techniques are described in this disclosure for distributed label assignment for labeled routes. In one example, a method includes obtaining, by a first thread of a plurality of execution threads for at least one routing protocol process executing on processing circuitry of a network device, an allocation of first labels drawn from a label space for a network service; adding, by the first thread, the first labels to a first local label pool for the first thread; generating, by the first thread, after obtaining the allocation of the first labels, a labeled route comprising a route for the network service and a label assigned by the first thread from the first local label pool; and outputting, by the network device, the labeled route.

Abstract: Problems associated with providing a large Clos network having at least one top of fabric (ToF) node, a plurality of internal nodes, and a plurality of leaf nodes may be solved by: (a) providing L2 tunnels between each of the leaf nodes of the Clos and one or more of the at least one ToF node to ensure a non-partitioned IGP L2 backbone, and (b) identifying the L2 tunnels as non-forwarding adjacencies in link state topology information stored in ToF node(s) and leaf node(s) such that the L2 tunnels are not used for forwarding traffic. Tunnel formation is prevented over L2.

Abstract: A network device, associated with peer network devices, may receive policy information for a protocol; and compute a first update message based on information regarding a route associated with the policy information. The network device may determine that an upper utilization threshold for one or more of peer queues, associated with the peer network devices, is not satisfied; and write the first update message to the peer queues based on determining that the upper utilization threshold is not satisfied. The network device may compute a second update message based on the information regarding the route; determine that the upper utilization threshold for one or more of the peer queues is satisfied; and pause writing the second update message to the peer queues based on the upper utilization threshold being satisfied. The network device may permit the peer network devices to obtain data from corresponding ones of the peer queues.

Abstract: The techniques describe example network systems providing core-facing designated forwarder (DF) election to forward multicast traffic into an EVPN of a core network. For example, a first PE device of a plurality of PE devices participating in an EVPN comprises one or more processors operably coupled to a memory, wherein the one or more processors are configured to: determine that a first multicast traffic flow has started for the first PE device; in response, send a source-active (SA) route to indicate the first multicast traffic flow has started for the first PE device; receive, from a second PE device, a second SA route that indicates that a second multicast traffic flow has started for the second PE device; and perform an election of a core-facing DF from among the first PE device and second PE device, wherein the core-facing DF is configured to forward the multicast traffic into the EVPN.

Abstract: A network device may receive a first data packet. The network device may determine that a level of available computing resources satisfies a threshold level. The network device may perform a secure socket layer (SSL) proxy function based on the level of available computing resources satisfying the threshold level. The network device may receive a second data packet. The network device may determine that the level of available computing resources fails to satisfy the threshold level. The network device may determine a security characteristic associated with the second data packet. The network device may determine a security rating associated with the second data packet based on the security characteristic. The network device may selectively perform the SSL proxy function based on the security rating.

Abstract: A device determines traffic and costs associated with a network that includes network devices interconnected by links, and determines traffic assignments for the network based on the traffic and the costs associated with the network. The device determines tunnel use for the network based on the traffic assignments, and determines peer link use for the network based on the tunnel use. The device determines costs associated with the traffic assignments, the tunnel use, and the peer link use for the network, and generates traffic plans based on the traffic assignments, the tunnel use, the peer link use, and the costs associated with the traffic assignments, the tunnel use, and the peer link use. The device causes one of the traffic plans to be implemented in the network by the network devices and the links.

Abstract: A network device may assign, to a port of a plurality of ports on the network device, a precision timing protocol (PTP) port priority for PTP communications between the network device and another network device. The network device and the other network device may be communicatively connected via a plurality of links in a link aggregation group (LAG). Each port, of the plurality of ports, may be associated with a respective link, of the plurality of links, in the LAG. The network device may generate a link layer discovery protocol (LLDP) frame that includes information identifying the PTP port priority assigned to the port. The network device may transmit the LLDP frame to the other network device to identify, to the other network device, the PTP port priority.

Abstract: A disclosed method may include (1) generating a configuration file that represents a specific configuration of a network device included in a network, (2) storing the configuration file that represents the specific configuration of the network device among a set of configuration files available via an NMS, (3) assigning to the configuration file via the NMS, a configuration identifier that uniquely identifies the configuration file among the set of configuration files available via the NMS, (4) receiving, via the NMS, a rollback request to restore the network device to the specific configuration based at least in part on the configuration identifier, and then in response to receiving the rollback request, (5) restoring the network device to the specific configuration based at least in part on the configuration file. Various other systems, methods, and computer-readable media are also disclosed.

Abstract: A controller device includes a memory configured to store a tree structure comprising a plurality of nodes, wherein the tree structure comprises a set of sub-structures, and wherein the tree structure defines a configuration of a network device of a set of network devices such that each node of the plurality of nodes corresponds to a respective resource of the network device. Additionally, the controller device includes processing circuitry configured to receive an instruction to update the configuration of the network device, wherein the instruction to update the configuration of the network device indicates a node of the set of nodes corresponding to the update; and verify, based on a sub-structure of the set of sub-structures corresponding to the node indicated by the instruction, the instruction to update the configuration of the network device.

Abstract: A disclosed apparatus for accomplishing such a task may include (1) a circuit board incorporated into a module designed for insertion into slots of computing devices, (2) at least one conductive contact disposed on the circuit board, (3) a counter circuit disposed on the circuit board and communicatively coupled to the conductive contact, wherein the counter circuit comprises (A) a signal-change detector that detects signal changes as the module is inserted into one of the slots of the computing devices and (B) a counter device that maintains a dynamic count indicative of a number of times that the module has been inserted into one of the slots of the computing devices based at least in part on the signal changes, (4) a battery electrically coupled to the counter circuit, wherein the battery powers the counter device prior to the insertion. Various other apparatuses, systems, and methods are also disclosed.