Abstract: In general, techniques are described for maintaining load balancing after service application. A network device comprising ingress and egress forwarding components and a service card may implement the techniques. An ingress forwarding component receives a packet and, in response to a determination that the service is to be applied to the packet, updates the packet to include an ingress identifier that identifies the ingress forwarding component, thereafter transmitting the updated packet to the service card. The service card applies the service to the updated packet to generate a serviced packet and transmits the serviced packet to the ingress forwarding component identified by the ingress identifier so as to maintain load balancing of packet flows across the plurality of forwarding components. The ingress forwarding component determines a next hop to which to forward the serviced packet and the egress forwarding component forwards the serviced packet to the determined next hop.

Abstract: In some embodiments, an apparatus comprises a processing module, disposed within a first switch fabric element, configured to detect a second switch fabric element having a routing module when the second switch fabric element is operatively coupled to the first switch fabric element. The processing module is configured to define a virtual processing module configured to be operatively coupled to the second switch fabric element. The virtual processing module is configured to receive a request from the second switch fabric element for forwarding information and the virtual processing module is configured to send the forwarding information to the routing module.

Abstract: A virtual device includes multiple devices connected to operate as a single device. A first one of the devices is configured to determine that the first device connects to a second one of the devices via a first link; identify a second link; determine that the second link connects the first device to the second device; and automatically aggregate the first link and the second link to form a link aggregation with the second device based on determining that the first device connects to the second device via both the first and second links. The first device is further configured to transmit packets to the second device via the first and second links of the link aggregation.

Abstract: In some embodiments, an apparatus includes a forwarding module that is configured to receive a group of first data packets. The forwarding module is configured to modify a data flow value in response to receiving each first data packet. The forwarding module is also configured to store each first data packet in a first output queue based on the data flow value not crossing a data flow threshold after being modified. Furthermore, the forwarding module is configured to receive a second data packet. The forwarding module is configured to modify the data flow value in response to receiving the second data packet, such that the data flow value crosses the data flow threshold. The forwarding module is configured to store the second data packet in a second output queue based on the data flow value having crossed the data flow threshold.

Abstract: In one embodiment, an apparatus includes a switching policy module configured to define a switching policy associating a Fiber Channel port with a destination Media Access Control (MAC) address. The switching module can be configured to receive a Fiber Channel over Ethernet (FCoE) frame from a network device and send a Fiber Channel frame encapsulated in the FCoE frame to the Fiber Channel port based at least in part on the switching policy and a destination MAC address of the FCoE frame.

Abstract: In one embodiment, a method includes receiving a provisioning instruction including a device identifier from an external management entity, receiving the device identifier from a network device, associating the provisioning instruction the network device, and sending a portion of the provisioning instruction to the network device. The device identifier being associated with a virtual resource. The associating is based on the device identifier of the virtual resource and a device identifier of a network device. The portion of the provisioning instruction is sent to the network device based on the associating.

Abstract: A method may include contacting, by a network device, another device to obtain at least one of a network address, authentication, or authorization, receiving, from the other device, software update information that identifies an up-to-date software that the network device should have installed and location information that identifies a location from which to retrieve the up-to-date software, comparing, by the network device, the software update information to software information that identifies software currently installed on the network device, retrieving, by the network device, the up-to-date software based on the software update information and the location information when the software update information and the software information do not match, and auto-installing, by the network device, the up-to-date software.

Abstract: Techniques are described for implementing one or more logical routers within a single physical routing device. These logical routers, as referred to herein, are logically isolated in the sense that they achieve operational and organizational isolation within the routing device without requiring the use of additional or redundant hardware, e.g., additional hardware-based routing controllers. The routing device may, for example, include a computing platform, and a plurality of software process executing within the computing platform, wherein the software processes operate as logical routers. The routing device may include a forwarding component shared by the logical routers to forward network packets received from a network in accordance with the forwarding tables.

Abstract: A master node is configured to receive, from a slave node, a request to perform a modified two-step synchronization (sync) operation in a manner that precludes transmitting a follow-up packet; generate a sync packet in a manner that includes information associated with a previous time that a prior sync packet was transmitted to the slave node; transmit the sync packet to the slave node; receive, from the slave node, a delay request packet; transmit, to the slave node, a delay response packet, where the delay response packet stores information associated with another time at which the delay request packet was received, and where transmitting the delay response packet enables the slave node to calibrate a clock, hosted by the slave node, to a master clock, hosted by the master node, based on the previous time and the other time.

Abstract: Stacked (i.e., hierarchically arranged) rate wheels schedule traffic flows in a network. A first rate wheel operates to efficiently schedule traffic flows in which traffic shaping parameters may be applied to individual traffic flows. A second rate wheel schedules group of the traffic flows in which traffic shaping parameters may be applied at the group level. In the context of an ATM network, the first rate wheel may operate at the virtual circuit level and the second rate wheel may operate at the virtual path level.

Abstract: Techniques are described for determining whether power from a first power source is unavailable to a power supply module. In response to determining that power from the first power source is unavailable, the techniques de-couple the first power source from one or more components of an electronic device connected to an output of the power supply module with one or more de-coupling components of the power supply module that connect an automatic transfer switch (ATS) of the power supply module to an output of the power supply module. Subsequent to de-coupling the first power source from the one or more components of the electronic device, the techniques de-couple a power supply module from the first power source. The techniques couple the power supply module to a second power source for delivering power to the one or more components of the electronic device.

Abstract: A method may include establishing a first Point-to-Point Protocol (PPP) session on an interface, receiving an indication of a layer one failure, omitting for a period of time, an indication that the first PPP session on the interface is down, based on the indication of the layer one failure, establishing a layer one switchover to another interface based on the indication of the layer one failure, and attempting during the period of time, to establish a second PPP session on the other interface.

Abstract: This disclosure describes techniques to sample electrical data streams in coherent receivers. For instance, an analog-to-digital converter (ADC) samples the received electrical data stream at a sampling rate that is nominally twice or greater than twice the symbol rate of the electrical data stream that the ADC receives. A digital filter receives the digital data stream from the ADC, and digitally filters the digital data streams to output a filtered digital electrical data stream at an effective sampling rate that is less than the sampling rate and less than twice the symbol rate, and greater than or equal to the symbol rate.

Abstract: A device may emulate target instructions by executing a first set of microinstructions, and may store a base address of a table that includes a microinstruction provided in a second set of microinstructions for emulating the target instructions. The device may also locate the microinstruction based on the stored base address, and emulate one of the target instructions by executing the microinstruction.

Abstract: This disclosure describes techniques of determining whether a symbol stream includes a pattern defined by a regular expression. As described herein, the regular expression may be represented using a non-deterministic finite automaton (NFA). A plurality of states in the NFA may be evaluated in parallel. These states may be associated with a plurality of symbol positions in a symbol stream. Evaluating a plurality of states and symbols in parallel may allow for faster determinations of whether the symbol stream includes the pattern defined by the regular expression.

Abstract: Techniques are described for providing high availability (HA) during an in-service software upgrade (ISSU) of a network device, e.g., a router, by running a pair of virtual machines on each of a primary control unit and a backup control unit within the router. First virtual machines may be run on the primary and backup control units to provide high availability for the router. Upon receiving an ISSU request for the router, second virtual machines may be initialized on the primary and backup control units. If the ISSU of the primary control unit fails such that the first and second virtual machines on the primary control unit are executing different software systems, the virtual machines on the backup control unit may provide high availability for the router. Similarly, the virtual machines on the primary control unit may provide high availability for the router during the ISSU of the backup control unit.

Abstract: Techniques are described for providing a-priori information about the implication of a network device operator interaction with a network device, e.g., a software configuration or hardware change, to be performed on the network device before the interaction actually takes place. The network device operator is provided with information that may be used to make a decision whether to proceed with the interaction. For each logically distinct feature of a network device, the techniques generate a trigger outcome domain (TOD). Each TOD is defined to include a list of operator interactions that defines relevant events in the network device that may be triggerable by the operator interactions, a list of potential outcomes in the network based on the potential events in the network device, and a user interface to display the list of potential outcomes for the operator interactions prior to performing any of the interactions.

Abstract: In general, techniques are described for distributing traffic engineering (TE) link information across network routing protocol domain boundaries using a routing protocol. In one example, a network device logically located within a first routing protocol domain includes a routing protocol module executing on a control unit to execute an exterior gateway routing protocol. The routing protocol module of the network device receives an exterior gateway routing protocol advertisement from a router logically located within a second routing protocol domain and decodes traffic engineering information for a traffic engineering link from the exterior gateway routing protocol advertisement. A path computation module of the network device computes a traffic engineered path by selecting the traffic engineering link for inclusion in the traffic engineered path based on the traffic engineering information.

Abstract: An example network device includes network interfaces and a control unit that receives a network configuration request from a client device and sends a network configuration response to the client device.

Abstract: A distributed computing system includes a primary device and one or more backend devices. The primary device provides a management interface for the distributed computing system. A plurality of applications may be installed on the backend devices for execution. The primary device generates registration data that associates the applications with management interface commands or configuration parameters in response to messages received from the applications. Subsequently, when the primary device receives a particular command at the management interface, the primary device identifies, based on the registration data, a particular application from among the plurality of applications. In response to identifying the application, the primary device may send to the application an outgoing message.