Abstract: In general, the disclosure describes techniques for dynamic application service level agreement (SLA) metric generation, distribution, and intent-based Software-Defined Wide Area Network (SD-WAN) link selection. For instance, a network device may determine a metric associated with an application or application-group. The network device may send the metric to a controller, and in response may receive from the controller a recommended SLA metric associated with the application or application-group. The network device may also compute an intent-based SLA metric based on the recommended SLA metric, one or more characteristics of one or more links connected to the network device, and a user configured intent model that defines a tolerance level to apply the recommended SLA metric. The network device may select, based on the intent-based SLA metric, a path to send traffic from the application or application-group.

Abstract: Techniques are described by which a network management system (NMS) provides a common user interface (UI) to enable a user to collectively configure network devices to establish an EVPN topology. For example, an NMS is configured to: generate data representative of a common UI comprising UI elements representing a plurality of network devices to be configured in an EVPN topology; receive, via the common UI, an indication of a user input selecting one or more of the UI elements representing selected network devices; generate UI elements representing a plurality of ports of the selected network devices; receive, via the common UI, an indication of a user input selecting the UI elements representing one or more selected ports; and generate, based on the one or more selected network devices and one or more selected ports, topology relationship information of the one or more selected devices to establish the EVPN topology.

Abstract: An Access Gateway Function (AGF) node can receive requests to join a multicast stream from a computing device. If the request is the first request to join the multicast stream, the AGF can forward the request to the UPF node. The multicast stream is then received via a tunnel between the AGF node and UPF node that is associated with the computing device. The tunnel associated with the first computing device to request joining the multicast stream can be a primary tunnel for the multicast stream. Subsequent requests to join the same multicast stream can cause the AGF node add tunnels associated with the requesting computing devices as secondary tunnels. The multicast stream is received via the primary tunnel and replicated to computing devices associated with the secondary tunnels. A secondary tunnel may be promoted to a primary tunnel in response to a failure or disconnection of the primary tunnel.

Abstract: An example network element includes one or more interfaces and a control unit, the control unit includes one or more processors configured to determine an egress network domain identifier (ID) and determine an abstracted interdomain network topology. The one or more processors are also configured to determine one or more interdomain paths from an abstracted ingress domain node to an abstracted egress domain node and determine whether an abstracted domain node is on the one or more interdomain paths. The one or more processors are configured to, based on the abstracted domain node being on the one or more interdomain paths, include one or more resources within a network domain in a filtered traffic engineering database (TED) and compute a path from an ingress node within the ingress network domain to an egress node within the egress network domain based on the filtered TED.

Abstract: This disclosure describes techniques that include using an automatically trained machine learning system to generate a prediction. In one example, this disclosure describes a method comprising: based on a request for the prediction: training each respective machine learning (ML) model in a plurality of ML models to generate a respective training-phase prediction in a plurality of training-phase predictions; automatically determining a selected ML model in the plurality of ML models based on evaluation metrics for the plurality of ML; and applying the selected ML model to generate the prediction based on data collected from a network that includes a plurality of network devices.

Abstract: Techniques are described in which a centralized controller constructs a service chain between a bare metal server (BMS) and a virtual execution element (e.g., virtual machine or container), or in some instances a remote BMS, across a plurality of networks. In some examples, the controller may construct a service chain between a BMS and a virtual execution element or remote BMS using Ethernet Virtual Private Network (EVPN)-Virtual Extensible Local Area Network (VXLAN) and Internet Protocol Virtual Private Networks (IP VPNs) such as BGP/Multiprotocol Label Switching (BGP/MPLS) IP VPNs.

Abstract: A first network device may receive first traffic of a session that involves a service. The first network device may identify that the service is configured for distributed node processing. The first network device may identify a second network device that is configured for distributed node processing. The first network device may identify a state machine that is associated with the service. The first network device may determine, based on the state machine, a first function and a second function, wherein the first function is identified by a first label and the second function is identified by a second label. The first network device may process the first traffic based on the first function. The first network device may provide, to the second network device, the first traffic and the second label to permit the second network device to process second traffic in association with the second function.

Abstract: In general, this disclosure describes techniques for a containerized router operating within a cloud native orchestration framework. In an example, a computing device comprises a containerized routing protocol process executing on processing circuitry of the computing device and configured to receive routing information; a containerized set of workloads; a data plane development kit (DPDK)-based virtual router executing on the processing circuitry and configured to forward traffic to and from the workloads based on the routing information from the containerized routing protocol; and a virtual router agent for the virtual router, the virtual router agent executing on the processing circuitry and configured to expose a generic data plane interface.

Abstract: In an example, a method includes computing, by a computing device, for a segment routing policy that specifies a bandwidth constraint for the segment routing policy, first shortest paths through a network of network nodes, wherein each shortest path of the first shortest paths represents a different sequence of links connecting pairs of the network nodes from a source to a destination; in response to determining, by the computing device based on the bandwidth constraint for the segment routing policy, a link of one of the first shortest paths has insufficient bandwidth to meet a required bandwidth for the link, increasing a metric of the link; computing, by the computing device, for the segment routing policy that specifies the bandwidth constraint, based on the increased metric of the link, second shortest paths through the network of network nodes; and provisioning the second shortest paths in the network of nodes.

Abstract: In some implementations, a device may receive, via a universal serial bus (USB) interface, configuration information and a supply of power from a network device. The device may receive, via an antenna that is external to the device, a first signal indicating timing information. The device may generate, based on the first signal, a second signal and a third signal, wherein the second signal comprises a one pulse per second signal and the third signal comprises a ten-megahertz signal. The device may provide, to the network device, the second signal and the third signal. The device may receive, via an input port, a clock signal to provide an extended holdover functionality to the network device.

Abstract: In the present disclosure, systems and techniques for network device hardware containerization is described. In one example, a network device of a network having a topology of network devices includes processing circuitry of a routing component wherein the processing circuitry generates user space containers to operate forwarding engines in each of a plurality of forwarding components of the network device; stores information for directing communications involving the plurality of forwarding components and the network devices; and configures, by at least one user space container running on the processing circuitry of the routing component, one or more corresponding forwarding engines in a respective forwarding component using the information.

Abstract: The disclosed embodiments provide for identification of a remedial action based on analysis of a system log file. In some example embodiments, messages from the system log file are used as input to generate vectors within a vector space. Portions of the log messages may generate vectors that cluster into a region in the vector space. The region of vector space is associated with one or more remedial actions. The disclosed embodiments are configured, in some example embodiments, to perform the one or more remedial actions when activity in the log file maps to the region of vector space associated with the one or more remedial actions. In some example embodiments, a remedial action can include submitting a problem report to a problem tracking database.

Abstract: The disclosure describes techniques for detecting network measurement inaccuracies through the detection of sender delays or packet drops. For example, a sender device of a test packet may determine whether the sender device is experiencing any issues in sending the test packet to a receiver device and notify a controller of the issues such that the controller may generate an indication that one or more Key Performance Indicator (KPI) measurements based on the test packets from the sender device are inaccurate and/or untrustworthy, remove the inaccurate KPI measurements, and/or adjust the inaccurate KPI measurements.

Abstract: A broadband network gateway (BNG) controller is described that includes a network subscriber database (NSDB) and one or more core applications. The NSDB is configured to store vBNG instance information for one or more subscriber devices. The vBNG instance information specifies vBNG instances operable by one or more edge routers. The vBNG instances are configured to receive requests to access service provider services from the one or more subscriber devices and to selectively authenticate the one or more subscriber devices for network services based on authentication information included in the requests to access services provider services. The one or more core applications include a network instance and configuration manager (NICM). The NICM is configured to modify the vBNG instance information at the NSDB to include an additional vBNG instance and to output, to an edge router, an instruction to generate the additional vBNG instance at the edge router.

Abstract: In some implementations, a device may include a first flexible barrier that is configured to prevent dust from passing through a cable slot of a network device. The device may further include a second flexible barrier that is configured to absorb at least a portion of an amount of electromagnetic energy generated by the network device.

Abstract: Disclosed are embodiments for determining a location of a device based on phase differences of a signal received from the device. In some embodiments, expected phase differences for signals transmitted from a plurality of regions are determined. The expected phase differences are those differences of the signal when received at each of a plurality of receive elements of a receiving device. By comparing phase differences of a signal received from the device to the expected phase differences, a location of the device is determined.

Abstract: Failure impact analysis (or “impact analysis”) is a process that involves identifying effects of a network event that are may or will results from the network event. In one example, this disclosure describes a method that includes generating, by a control system managing a resource group, a resource graph that models resource and event dependencies between a plurality of resources within the resource group; detecting, by the control system, a first event affecting a first resource of the plurality of resources, wherein the first event is a network event; and identifying, by the control system and based on the dependencies modeled by the resource graph, a second resource that is expected to be affected by the first event.

Abstract: Disclosed is an attachment mechanism for attaching a wireless access point to a vertical structure, such as a wall. The attachment mechanism includes a bracket that is mounted to the vertical structure. The attachment mechanism also includes at least two engagement members positioned on opposing sides of the access point. The two engagement members are horizontally aligned, in some embodiments, when the access point is engaged with a bracket. The two engagement members engage with receptacles that are part of the bracket. One of the receptacles includes a tab which prevents its corresponding engagement member from fully engaging with the receptacle, allowing the attachment mechanism to disengage via disengagement of only one of the engagement members.

Abstract: In general, techniques are described for signaling IP path tunnels for traffic engineering using constraints in an IP network. For example, network devices, e.g., routers, of an IP network may compute an IP path using constraint information and establish the IP path using, for example, Resource Reservation Protocol, to signal the IP path without using MPLS. As one example, the egress router generates a path reservation signaling message that includes an egress IP address that is assigned for use by the routers on the IP path to send traffic of the data flow by encapsulating the traffic with the egress IP address and forwarding toward the egress router. As each router in the IP path receives the path reservation signaling message, the router configures a forwarding state to forward traffic encapsulated with the egress IP address to a next hop along the IP path toward the egress router.

Abstract: A controller device includes a memory and one or more processors coupled to the memory. The memory stores instructions that, when executed, cause the one or more processors to receive a query indicating a first time and a network service, determine a first set of configuration elements using telemetry data associated with the first time and the network service, and determine a second set of configuration elements using an intent model. The instructions further cause the one or more processors to determine one or more first metrics that occur at the first time using the first set of configuration elements and the second set of configuration elements, determine one or more second metrics at a second time using telemetry data received from the plurality of network devices, and generate data representing a user interface presenting the one or more first metrics and the one or more second metrics.