Abstract: Techniques are described for specifying a backend virtual network for a service load balancer. An example orchestrator of this disclosure is configured to receive a service definition for a service implemented by load balancing service traffic for the service among a plurality of backend virtual execution elements, wherein the service definition specifies a first virtual network to use as a backend virtual network for the service, to instantiate, in a selected one of the computing devices, a backend virtual execution element for the service, and to configure, based on the service definition specifying the first virtual network to use as the backend virtual network for the service, a network controller for the virtualized computing infrastructure to configure a load balancer to load balance service traffic to a first virtual network interface, of the backend virtual element, for the first virtual network.

Abstract: An apparatus includes a first communication interface configured to be communicatively coupled, via an optical line, to a network device that is disposed in an optical network using wavelength division multiplexing (WDM). The apparatus also includes a second communication interface configured to be communicatively coupled to a router via an Ethernet connection. The apparatus also includes a signal generator operatively coupled to the first communication interface and the second communication interface. The signal generator is configured to generate an Ethernet signal representing at least one attribute of the optical line between the first communication interface and the network device. The second communication interface is configured to transmit the Ethernet signal to the router.

Abstract: A network device receives an attribute identifying paths associated with an open shortest path first (OSPF) domain of a network and an intermediate system to intermediate system (ISIS) domain of the network, and provides the attribute to other network devices of the network. The network device receives traffic destined for one of the other network devices of the network, and determines that a primary path is unavailable for routing the traffic to the one of the other network devices. The network device selects a secondary path from the paths identified by the attribute. The secondary path is selected based on determining that the primary path is unavailable, and the secondary path is associated with the OSPF domain or the ISIS domain of the network. The network device provides the traffic to the one of the other network devices via the secondary path.

Abstract: A security platform may determine mapped attribute information associated with a plurality of host identifiers. The mapped attribute information may include information that identifies a set of related attributes. The security platform may determine, based on the mapped attribute information, that a host device is associated with at least two host identifiers of the plurality of host identifiers. The security platform may aggregate, based on the at two least host identifiers, threat information as aggregated threat information associated with the host device. The security platform may classify the host device as an infected device or a suspicious device based on the aggregated threat information.

Abstract: A security platform may determine, during receipt of a file, metadata associated with the file. The file may be intended for a client device. The security platform may compute, based on the metadata and during the receipt of the file, a hash associated with the file. The security platform may identify, during the receipt of the file, a stored hash that matches the hash associated with the file. The security platform may determine a security classification of the file based on information associated with a security classification corresponding to the stored hash. The security classification of the file may be determined before the receipt of the file is complete. The security platform may selectively permit, based on the security classification of the file, the client device to complete a receipt of the file.

Abstract: The disclosed apparatus may include (1) a cold plate base that (A) is thermally coupled to a component and (B) includes a set of heatsink fin structures that facilitate absorbing heat generated by the component and (2) a cold plate cover that (A) sits atop the cold plate base and (B) directs a cooling fluid across the set of heatsink fin structures to cool the cold plate base despite the heat absorbed by the cold plate base from the component. Various other apparatuses, systems, and methods are also disclosed.

Abstract: A system and method for service discovery. A network management system constructs, based on configuration data associated with a first network device and a second network device, respectively, a first partial service instance associated with a service executing on a first network device and a second partial service instance associated with the service executing on a second network device. The network management system merges the first partial service instance and a second partial service instance to form a merged partial service instance. The network management system promotes the merged partial service instance as a service instance.

Abstract: Embodiments of the invention describe apparatuses, optical systems, and methods related to utilizing optical cladding layers. According to one embodiment, a hybrid optical device includes a silicon semiconductor layer and a III-V semiconductor layer having an overlapping region, wherein a majority of a field of an optical mode in the overlapping region is to be contained in the III-V semiconductor layer. A cladding region between the silicon semiconductor layer and the III-V semiconductor layer has a spatial property to substantially confine the optical mode to the III-V semiconductor layer and enable heat dissipation through the silicon semiconductor layer.

Abstract: Techniques are disclosed for performing secure remote bootstrapping operations of a network device such that sensitive configuration resides in volatile memory or is inaccessible upon power loss. In one example, a network device performs a first request for onboarding information. In response to determining that a first initialization of the network device has not occurred, the network device performs the first initialization by configuring, with the onboarding information, the network device to mount a portion of a file system to a volatile memory and not a non-volatile memory. After rebooting, the network device performs a second request for the onboarding information. In response to determining that the first initialization of the network device has occurred, the network device performs a bootstrapping operation of the network device. The bootstrapping operation may configure the network device for remote management such that any subsequent configuration obtained remotely is not retained on power loss.

Abstract: A disclosed method may include (1) identifying a set of field-replaceable units installed on a network device, (2) monitoring the set of FRUs for flapping that renders any of the FRUs temporarily inoperable, (3) detecting at least one flap in which an FRU within the set (A) experiences a fault that renders the FRU temporarily inoperable and (B) subsequently overcomes the fault to resume operability, (4) determining that the FRU is deficient based at least in part on at least one characteristic of the flap detected in connection with the FRU, and (5) performing at least one corrective action that addresses the deficiency of the FRU. Various other systems and methods are also disclosed.

Abstract: An apparatus includes a first input port, a first switch, and a second switch. The first switch and the second input port are in optical communication with the first input port. The apparatus also includes a second input port, a third switch, and a fourth switch. The third switch and the fourth switch are in optical communication with the second input port. Each switch is switchable between a first state to pass optical signals and a second state to block optical signals. The apparatus also includes a first combiner in optical communication with the first input port via the first switch and the second input port via the third switch. The apparatus also includes a second combiner in optical communication with the first input port via the second switch and the second input port via the fourth switch.

Abstract: A method includes modulating a digital signal via pulse amplitude modulation (PAM) and applying Nyquist shaping to the digital signal to generate a filtered digital signal. The method also includes converting the filtered digital signal into an analog signal and transmitting the analog signal in an optical communication channel via a dense wavelength division multiplexing (DWDM) scheme.

Abstract: Embodiments of the invention describe apparatuses, optical systems, and methods for utilizing a dynamically reconfigurable optical transmitter. A laser array outputs a plurality of laser signals (which may further be modulated based on electrical signals), each of the plurality of laser signals having a wavelength, wherein the wavelength of each of the plurality of laser signals is tunable based on other electrical signals. An optical router receives the plurality of (modulated) laser signals at input ports and outputs the plurality of received (modulated) laser signals to one or more output ports based on the tuned wavelength of each of the plurality of received laser signals. This reconfigurable transmitter enables dynamic bandwidth allocation for multiple destinations via the tuning of the laser wavelengths.

Abstract: The disclosed heatsink apparatus may include (i) a base that facilitates thermal transfer between a computing component and cooling airflow, (ii) a plurality of fins, extending from the base, that provide additional surface area to facilitate the thermal transfer between the computing component and the cooling airflow, (iii) at least one channel, defined within the plurality of fins, that facilitates a faster passage of a portion of the cooling airflow across the heatsink apparatus, and (iv) at least one air dam that prevents the cooling airflow from escaping a designated path on a printed circuit board. Various other apparatuses, systems, and methods are also disclosed.

Abstract: A device receives policy information indicating a policy to be implemented for an application hosted by multiple cloud domains, and receives, from the multiple cloud domains, different application resource tags and addresses associated with the application. The device maps the different application resource tags to a generic identifier, and associates the policy with the generic identifier and with the addresses associated with the application. The device provides, based on associating the policy with the generic identifier and with the addresses associated with the application, the policy to the multiple cloud domains to permit the multiple cloud domains to implement the policy.

Abstract: This disclosure describes techniques to generate information of the operational characteristics of a border relay device. For example, a host device transmits a loop-back packet that travels through a forwarding path of the border relay device, rather than a control path, and back to the host device. Based on the host device receiving the loop-back packet, the host device may generate information indicative of operational characteristics of the border relay device.

Abstract: A device, such as an electroabsorption modulator, can modulate a light intensity by controllably absorbing a selectable fraction of the light. The device can include a substrate. A waveguide positioned on the substrate can guide light. An active region positioned on the waveguide can receive guided light from the waveguide, absorb a fraction of the received light, and return a complementary fraction of the received light to the waveguide. Such absorption produces heat, mostly at an input portion of the active region. The input portion of the active region can be thermally coupled to the substrate, which can dissipate heat from the input portion, and can help avoid thermal runaway of the device. The active region can be thermally isolated from the substrate away from the input portion, which can maintain a relatively low thermal mass for the active region, and can increase efficiency when heating the active region.

Abstract: This disclosure describes techniques that include selecting a member port of an aggregation bundle by evaluating utilization of paths, within a router, to member ports of an aggregation bundle. In one example, this disclosure describes a method that includes receiving network data to be output through an aggregation bundle having a plurality of member ports; identifying local member ports; identifying non-local member ports, each of the non-local member ports being reachable from the receiving line card over a path through the switch fabric to a different one of the plurality of line cards; identifying available non-local member ports by determining, for each non-local member port, whether the path through the switch fabric has low utilization; and selecting a member port by applying a hashing algorithm to a group that includes each of the identified available non-local member ports.

Abstract: Optical alignment of an optical connector to input/output couplers of a photonic integrated circuit can be achieved by first actively aligning the optical connector successively to two loopback alignment features formed in the photonic chip of the PIC, optically unconnected to the PIC, and then moving the optical connector, based on precise knowledge of the positions of the loopback alignment features relative to the input/output couplers of the PIC, to a position aligned with the input/output couplers of the PIC and locking it in place.