Abstract: Techniques include providing ingress protection for multipoint label switched paths (LSPs). According to the techniques, a primary ingress node and a backup ingress node of a network are both configured to advertise a virtual node identifier of a virtual node as a next hop for a multicast source. Two or more egress nodes of the network then use the virtual node as a root node reachable through the primary ingress node to establish a multipoint LSP. After the multipoint LSP is established, the primary ingress node forwards traffic of the multicast source on the multipoint LSP. When failure occurs at the primary ingress node, the backup ingress node forwards the traffic of the multicast source along a backup path and onto the same multipoint LSP with the virtual node as the root node reachable through the backup ingress node. The techniques enable ingress protection without tearing down the multipoint LSP.

Abstract: A network router includes interfaces to receive packets, a routing engine that executes a routing protocol to maintain routing information specifying routes through a network, a packet forwarding engine forward the packets to the interfaces in accordance with the routing information, one or more advertising engine service cards comprising a packet inspection engine and an advertising engine control unit, and a set of dynamic filters that identify packets for inspection by the packet inspection engine based on characteristics of the packet. The filters direct any matching ones of the packets from the packet forwarding engine to the packet inspection engine within the advertising engine service card, and the packet inspection engine analyzes the packets to extract information from the packets based on configured advertising engine policies. The advertising engine control unit outputs commands to dynamically add and delete filters from the set of dynamic filters.

Abstract: A device may receive, from a load balancing device, configuration information that identifies a set of nodes for which a status is to be determined. The device may generate a data structure. The data structure may store information that identifies a status of the set of nodes. The device may transmit a status request to one or more nodes. The device may determine the status of the one or more nodes based on transmitting the status request. The device may update the data structure based on determining a change in status of the one or more nodes. The device may provide, to the load balancing device, information that identifies the change in status of the one or more nodes based on updating the data structure.

Abstract: In some embodiments, a network management module is operatively coupled to a set of edge devices that are coupled to a set of peripheral processing devices. The network management module can receive a signal associated with a broadcast protocol from an edge device from the set of edge devices in response to that edge device being operatively coupled to a switch fabric. The network management module can provision that edge device in response to receiving the signal. The network management module can define multiple network control entities at the set of edge devices such that each network control entity from the multiple network control entities can provide forwarding-state information associated with at least one peripheral processing device from the set of peripheral processing devices to at least one remaining network control entity from the multiple network control entities using a selective protocol.

Abstract: A two-dimensional data input plane represents a set of objects along an x-axis and a set of values that can be assigned to the objects along a y-axis. Plotting a point on the graph causes a value corresponding to the horizontal component of the point to be assigned to an object corresponding to the vertical component of the point. In one example, a device includes a user interface to display a graph, identifiers for a set of objects along an x-axis of the graph, and a set of values along a y-axis of the graph, and a processor to receive a selection of an intersection of one of the identifiers of the objects along the x-axis and one of the values along the y-axis from the user interface, and to assign the one of the values to the one of the objects corresponding to the one of the identifiers.

Abstract: A network device receives, from a client device, a client request associated with a connection with a server device, where the client request identifies requested content. The network device determines connection information that identifies the connection with the server device, transmits, to a proxy server, a connection transfer request that identifies the connection information and the requested content, and receives, from the proxy server, an indication that the proxy server is capable of providing the requested content. Based on receiving the indication, the network device provides, from the proxy server to the client device, a response to the client request, and provides, from the proxy server and to the server device, information that causes the server device to terminate the connection. The network device may use a connection request transfer protocol to transmit the connection transfer request, and the client request may be an HTTP request.

Abstract: At a first time, a schedule module is configured to access a list of status indicators associated with a group of egress port indicators. The list of status indicators includes a set of status indicators each of which has a value greater than a threshold. The schedule module is configured to randomly select a status indicator from the set of status indicators and configured to reduce the value of the selected status indicator. The schedule module is then configured to send the egress port indicator associated with the selected status indicator such that a data cell is sent from an egress port associated with that egress port indicator. At a second time, when the value of every status indicator from the list of status indicators is not greater than the threshold, the schedule module is configured to increase the value of every status indicator above the threshold.

Abstract: A computer-implemented method for detecting fault conditions experienced by remote physical ports may include (1) identifying a network connection between a first physical port operating in a first communication mode and a second physical port operating in a second communication mode, (2) monitoring at least one count that identifies the number of block-sized transmission errors encountered by the first physical port, (3) determining that the second physical port has experienced a fault condition based at least in part on the count that identifies the number of block-sized transmission errors encountered by the first physical port and then, in response to determining that the second physical port has experienced the fault condition, (4) deactivating the network connection to avoid dropping network traffic directed to the network connection. Various other systems, methods, and apparatuses are also disclosed.

Abstract: A hybrid type telephony system capable of establishing a connection between conventional type telephone sets contained in an exchange unit and LAN type telephone sets contained in an IP network, the system comprising: a gateway circuit connected between the exchange unit and the IP network and performing voice data format conversion, and a central control unit connected to the LAN of the IP network for establishing a communication path to the exchange unit via a control bus, controlling switching of IP packets of the IP network, managing IP address information of the LAN type telephone sets and the gateway circuit via the LAN, and controlling connection between the LAN type telephone sets and connection between the LAN type telephone sets and the gateway circuit.

Abstract: A controller at an IP (e.g., client) layer in a multi-layer network can request a network topology map from another controller at an optical (e.g., server) layer in the multi-layer network. The controller at the optical layer of the network can use a layer mapping function and common attributes between the formats used to describe the network topology map at the two layers to generate a common layer abstraction model representing the network topology map stored at the controller at the optical layer of the network. A controller-to-controller interface can translate and/or send the common layer abstraction model to the controller at the IP layer for processing data on the network.

Abstract: In some embodiments, an apparatus comprises of a first Control And Provisioning of Wireless Access Points (CAPWAP) module implemented in at least one of a memory or a processing device that is configured to be designated as a backup control module for a wireless access point during a first time period. The first CAPWAP control module is configured to receive state information associated with the wireless access point during the first time period from a second CAPWAP control module. The second CAPWAP control module is designated as a primary control module for the wireless access point during the first time period. The first CAPWAP control module is configured to be automatically designated as the primary control module during a second time period after the first time period and in response to the second CAPWAP control module not operating according to at least one predefined criterion.

Abstract: An apparatus and method are described for compensating for frequency and phase variations of electronic components by processing packet delay values. In one embodiment, a packet delay determination module determines packet delay values based on time values associated with a first and a second electronic component. A packet delay selection module selects a subset of the packet delay values based on the maximum frequency drift of the first electronic component. A statistical parameter determination module evaluates a first and a second parameter based on portions of the subset of packet delay values. A validation module validates the parameters when each portion the subset of packet delay values includes a minimum of at least two packet delay values. An adjustment module compensates for at least one of a frequency variation and a phase variation of the first electronic component based on the parameters if the parameters are both validated.

Abstract: The disclosed computer-implemented method for facilitating atomic delivery of bundled data sets to applications within distributed systems may include (1) receiving, at a queue of an application, a data set from at least one other application, (2) determining that the data set is incorporated in a bundle whose contents have yet to completely arrive at the queue, (3) gating the data set at the queue until the bundle's contents have completely arrived at the queue, (4) receiving, at the queue, another data set incorporated in the bundle, (5) determining that the bundle's contents have completely arrived at the queue based at least in part on receiving the other data set, and then (6) notifying the application that the bundle is ready for atomic delivery such that the application is able to consume the bundle's contents on an as-needed basis. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: In general, the invention is directed to techniques for reducing deadlocks that may arise when performing fabric replication. For example, as described herein, a network device includes packet replicators that each comprises a plurality of resource partitions. A replication data structure for a packet received by the network device includes packet replicator nodes that are arranged hierarchically to occupy one or more levels of the replication data structure. Each of the resource partitions in each of the plurality of packet replicators is associated with a different level of the replication data structure. The packet replicators replicate the packet according to the replication data structure, and each of the packet replicators handles the packet using the one of the resource partitions of the packet replicator that is associated with the level of the replication data structure occupied by the node that corresponds to that particular packet replicator.

Abstract: In some embodiments, a method includes calculating, at a wireless access point (WAP) from a set of WAPs within a network, an interference value for each channel from a set of channels of the WAP. The method includes calculating, based on the interference value for each channel, a total move weight of the WAP. The method includes receiving, at the WAP, a total move weight from each remaining WAP. The method includes selecting one WAP from the set of WAPs based on a random number, the total move weight of the WAP, the total move weights from the remaining WAPs, and a rank of the WAPs. The method further includes changing, if the WAP is selected, a designated channel of the WAP to one of the remaining channels; and sending a signal to modify an active channel of the WAP to correspond with the designated channel.

Abstract: A node is configured to receive a packet from a host device, where the packet includes a source address associated with the host device; determine that the source address is not stored by the node; generate one or more logical distances, associated with one or more nodes, based on the source address and a respective address associated with each of the nodes; determine that another node is associated with a shortest logical distance, of the one or more logical distances; and transmit the source address to the other node based on the determination that the other node is associated with the shortest logical distance, where transmitting the source address allows the other node to store the source address or enables further nodes to obtain the source address from the other node.

Abstract: A high-performance, scalable and drop-free data center switch fabric and infrastructure is described. The data center switch fabric may leverage low cost, off-the-shelf packet-based switching components (e.g., IP over Ethernet (IPoE)) and overlay forwarding technologies rather than proprietary switch fabric. In one example, host network accelerators (HNAs) are positioned between servers (e.g., virtual machines or dedicated servers) of the data center and an IPoE core network that provides point-to-point connectivity between the servers. The HNAs are hardware devices that embed virtual routers on one or more integrated circuits, where the virtual router are configured to extend the one or more virtual networks to the virtual machines and to seamlessly transport packets over the switch fabric using an overlay network. In other words, the HNAs provide hardware-based, seamless access interfaces to overlay technologies used for communicating packet flows through the core switching network of the data center.

Abstract: A computer-implemented method for detecting cache-poisoning attacks in networks using SDPs may include maintaining a cache of service information that identifies services provided by client devices connected to a network using an SDP. The method may also include detecting a cache-poisoning attack by (1) receiving, from a client device connected to the network, an SDP message related to a service allegedly provided via the network, (2) identifying, within the SDP message, an attribute of the service allegedly provided via the network, and then (3) determining that the client device is attempting to corrupt the cache of service information by determining that the identified attribute of the service suggests that the service is illegitimate. Finally, the method may include performing a security action to mitigate the cache-poisoning attack in response to detecting the cache-poisoning attack. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A device may determine a first aggregation level for aggregating incoming packets. The device may aggregate the incoming packets using the first aggregation level. The device may determine that a controlled packet pass rate for the incoming packets satisfies an arrival rate threshold based on aggregating the incoming packets using the first aggregation level. The device may determine a bandwidth violation trend associated with the incoming packets and the first aggregation level based on determining that the controlled packet pass rate satisfies the threshold. The device may determine that flow suppression is not effective at the first aggregation level based on the bandwidth violation trend, and may determine a second aggregation level based on determining that the flow suppression is not effective. The device may set the first aggregation level to the second aggregation level. The device may use the first aggregation level for aggregating additional incoming packets.

Abstract: In some embodiments, a switch fabric system includes multiple access switches configured to be operatively coupled to a switch fabric. The multiple access switches include multiple ports each to be operatively coupled to a peripheral processing device. A first set of ports from the multiple ports and a second set of ports from the multiple ports are managed by a first network control entity when the switch fabric system is in a first configuration. The first set of ports is managed by the first network control entity and the second set of ports is managed by a second network control entity when the switch fabric system is in a second configuration. The second network control entity is automatically initiated when the system is changed from the first configuration to the second configuration.