Abstract: A network device may obtain policer configuration information. The network device may determine, based on the policer configuration information, a traffic rate limit associated with a traffic protocol type. The network device may obtain, based on the traffic protocol type, networking data associated with the traffic protocol type. The network device may determine, based on the networking data, an expected traffic rate associated with the traffic protocol type. The network device may update, based on the expected traffic rate, the traffic rate limit. The network device may cause traffic associated with the traffic protocol type to be policed based on the updated traffic rate limit.

Abstract: The disclosed computer-implemented method may include (1) receiving, at a network node within a network, a packet from another network node within the network, (2) identifying, within the packet, a label stack that includes a plurality of labels that collectively represent at least a portion of a label-switched path within the network, (3) popping, from the label stack, a label that corresponds to a next hop of the network node, (4) determining, based at least in part on the label, that the next hop has experienced a failure that prevents the packet from reaching a destination via the next hop, (5) identifying a backup path that merges with the label-switched path at a next-to-next hop included in the label-switched path, and then (6) forwarding the packet to the next-to-next hop via the backup path. Various other methods, systems, and apparatuses are also disclosed.

Abstract: A centralized configuration management system (CCM) may receive, from an NMS device, a request concerning a configuration for a microservice associated with the NMS device. The CCM may identify, based on the request, a first data model associated with default configuration information. The CCM may identify, based on the request, a second data model associated with customized configuration information. The CCM may generate, based on the first data model and the second data model, a response that includes at least one configuration parameter. The CCM may send the response to the NMS device to allow the microservice to be configured based on the at least one configuration parameter.

Abstract: High-channel-count optical transceivers can be implemented in photonic integrated circuits (PICs) with shared lasers, splitting the light of each laser between multiple lanes prior to modulation. To reduce waveguide crossings in such PICs, transmitter and self-test functionality may be distributed between separate device layers. Various beneficial transmitter circuitry layouts are disclosed.

Abstract: Techniques are described for inter-domain segment routing using transport endpoint segments. A transport endpoint segment provisioned on a router within a domain represents any intra-domain tunnel originated at the router and having reachability to an indicated endpoint within the same domain. The provisioning router advertises a transport endpoint segment identifier (TESID) for the transport endpoint segment to other routers or a controller for use in segment routing. The TESID for the transport endpoint segment remains constant regardless of which intra-domain tunnel is bound to the transport endpoint segment. The provisioning router dynamically binds the transport endpoint segment to at least one intra-domain tunnel, and any changes to the bound intra-domain tunnel are updated locally at the provisioning router. In this way, an inter-domain segment routing tunnel may be constructed as a list TESIDs that are not affected by intra-domain tunnel changes.

Abstract: A network monitoring device may receive flow-tap information that identifies a traffic flow characteristic and a signed URL associated with a signed URL platform from a mediation device. The network device may map the traffic flow characteristic to the signed URL in an entry of a flow-tap filter that is maintained within a data structure of the network device. The network device may analyze, using the flow-tap filter, network traffic of the network to detect a traffic flow that is associated with the traffic flow characteristic. The network device may generate, based on detecting the traffic flow in the network traffic, a traffic flow copy that is associated with the traffic flow. The network device may provide, based on the signed URL, the traffic flow copy to the signed URL platform, wherein the traffic flow copy is to be accessible to an authorized user device via the signed URL.

Abstract: A network device may receive, from an application on a user device, a first network packet associated with a packet flow. The network device may identify an application identifier of the first network packet, wherein the application identifier identifies the application on the user device. The network device may select, based on the application identifier, a security protocol, wherein the security protocol is associated with at least one of an authentication header (AH) or an encryption algorithm. The network device may selectively apply, to a second network packet associated with the packet flow, at least one of the AH or the encryption algorithm, associated with the security protocol, to generate a protected network packet. The network device may transmit the protected network packet.

Abstract: A first network device may configure a first bridge connecting a passive optical network (PON) controller and first optical line terminals (OLTs) of the first network device. The first network device may be associated with a PON and each of the first OLTs may be connected to a first plurality of optical network units (ONUs). The first network device may establish a connection between the first bridge and a second bridge of a second network device. The second network device is associated with the PON, the second bridge may connect with second OLTs of the second network device, and each of the second OLTs may connect to a second plurality of ONUs. The PON controller of first network device may receive traffic from a PON domain manager and may provide the traffic to the first OLTs and the first plurality of ONUs via the first bridge.

Abstract: Described are various configurations for performing efficient optical and electrical testing of an opto-electrical device using a compact opto-electrical probe. The compact opto-electrical probe can include electrical contacts arranged for a given electrical contact layout of the opto-electrical device, and optical interface with a window in a probe core that transmits light from the opto-electrical device. An adjustable optical coupler of the probe can be mechanically positioned to receive light from the device's emitter to perform simultaneous optical and electrical analysis of the device.

Abstract: A network device may detect, from an application associated with a user space of the network device, a request to configure a firewall provided by a kernel of the network device with a rule. The network device may intercept the request to configure the firewall before the firewall is configured with the rule. The network device, based on intercepting the request to configure the firewall, may analyze the rule to determine whether the rule modifies a critical functionality of the firewall. The network device may reject the request to configure the firewall based on determining that the rule modifies the critical functionality of the firewall.

Abstract: A node receives an internet protocol (IP) payload packet that includes an IPv6 transport header that has been extended with a compressed routing header (CRH). The CRH includes a list of segment identifiers (SIDs) that identify nodes that the IP payload packet is to traverse. The node determines, by referencing the list of SIDs, a next segment for the IP payload packet. The node updates a destination IP address that is included in the IPv6 transport header to a particular destination IP address of a next-hop node. The node updates a remaining segments value, included in the CRH, that identifies a number of segments left in a route of the IP payload packet. The node provides the IP payload packet to the next-hop node to allow the next-hop node to route the IP payload packet to another node in the network or to a destination device.

Abstract: An optical-electrical device can implement a feedback-based control loop for temperature of the device during component calibration. The optical-electrical device can implement compressed air to vary the device temperature during calibration. Additionally, non-active components of the device can be provided current to vary the temperature of the device in concert with the provided compressed air. Additional calibration temperatures can be implemented by activating and deactivating additional non-active components in the device, such as light sources, optical amplifiers, and modulators.

Abstract: A non-transitory processor-readable medium storing code representing instructions to be executed by a processor can cause the processor to receive an indication to load balance a group of sessions associated with a network node and a switch across a group of links between a gateway device and the switch at a first time. The code causes the processor to calculate at a second time, a load based on the group of sessions and associated with a first set of links in an active configuration before the first time. The code causes the processor to send a signal to cause a set of sessions from the group of sessions to re-establish themselves at a third time based on a threshold value calculated based on the load such that the set of sessions are load balanced across a second set of links in the active configuration at the third time.

Abstract: A device receives network information associated with a network and server information associated with one or more server devices, wherein the network is associated with a network device and the one or more server devices. The device generates, based on the network information and the server information, an encapsulation profile for a tunnel encapsulation path and a route profile for the tunnel encapsulation path. The device provides, to the network device, the encapsulation profile for the tunnel encapsulation path and the route profile for the tunnel encapsulation path, and provides, to the one or more server devices, the encapsulation profile for the tunnel encapsulation path. The tunnel encapsulation path is provided between the network device and the one or more server devices, via the network, based on the encapsulation profile for the tunnel encapsulation path and the route profile for the tunnel encapsulation path.

Abstract: In some implementations, a network device may determine throughput rate metrics for a plurality of processing units of the network device that are processing network traffic of a network. The network device may maintain the throughput rate metrics in a status table associated with the plurality of processing units. The network device may receive tunnel traffic associated with a particular tunnel of the network. The network device may determine, based on a characteristic of the tunnel traffic, a potential throughput rate associated with processing the tunnel traffic. The network device may direct the tunnel traffic to a particular processing unit, of the plurality of processing units, based on the potential throughput rate and the throughput rate metrics indicated in the status table.

Abstract: An example photonic integrated circuit includes a transmitter circuit with a optical communication path to an optical coupler configured to couple with an optical fiber. The optical communication path has a propagation direction away from the transmitter circuit and towards the optical coupler. A counter-propagating tap diverts light sent by a light source backward against the propagation direction of the optical communication path. A photodiode receives the diverted light and measures its power level. The photodiode generates a feedback signal for the optical coupler and provides the feedback signal to the optical coupler. The optical coupler receives the feedback signal and adjusts a coupling alignment of the optical communication path to the optical fiber based on the feedback signal, which indicates the measured power level of the diverted counter-propagating light.

Abstract: A disclosed method may include (1) measuring a quality level of a first instance of a video flow received via a first link within a network, (2) measuring a quality level of a second instance of the video flow received via a second link within the network, (3) determining that the quality level of the second instance of the video flow is better than the quality level of the first instance of the video flow, and then in response to determining that the quality level of the second instance of the video flow is better, (4) performing a flow-level switchover from the first instance of the video flow to the second instance of the video flow by (A) activating the second instance of the video flow and (B) deactivating the first instance of the video flow. Various other apparatuses, systems, and methods are also disclosed.

Abstract: A device may determine, based on one or more first objects of a first version of a firewall filter, a set of first firewall rules and may determine, based on one or more second objects of a second version of the firewall filter, a set of second firewall rules. The device may determine, based on the set of first firewall rules and the set of second firewall rules, modification information related to the firewall filter, wherein the modification information indicates at least one difference between the set of first firewall rules and the set of second firewall rules. The device may identify, based on the modification information, at least one object, of the one or more first objects or the one or more second objects, is a modification or has been added or deleted and may send the at least one object to an additional device.

Abstract: A first network device may configure a high-availability cluster associated with a network that includes the first network device and a second network device. The first network device may identify a plurality of devices communicatively coupled to the network and determine a set of tasks for the plurality of devices. The first network device may queue the set of tasks in a task queue that is accessible to the second network device. The second network device may perform a first task and the first network device may perform a second task of the set of tasks. The first network device may receive first result information that is associated with a performance of the first task. The first network device may determine a result associated with performing the second task. The first network device may synchronize the first result information and the second result information with the second network device.

Abstract: Methods and systems are presented for heterogeneous integration of photonics and electronics with atomic layer deposition (ALD) bonding. One method includes operations for forming a compound semiconductor and for depositing (e.g., via atomic layer deposition) a continuous film of a protection material (e.g., Al2O3) on a first surface of the compound semiconductor. Further, the method includes an operation for forming a silicon on insulator (SOI) wafer, with the SOI wafer comprising one or more waveguides. The method further includes bonding the compound semiconductor at the first surface to the SOI wafer to form a bonded structure and processing the bonded structure. The protection material protects the compound semiconductor from acid etchants during further processing of the bonded structure.