Abstract: Embodiments of the invention describe flexible (i.e., elastic) data center architectures capable of meeting exascale, while maintaining low latency and using reasonable sizes of electronic packet switches, through the use of optical circuit switches such as optical time, wavelength, waveband and space circuit switching technologies. This flexible architecture enables the reconfigurability of the interconnectivity of servers and storage devices within a data center to respond to the number, size, type and duration of the various applications being requested at any given point in time.

Abstract: Techniques are disclosed for seamless integration between a multicasting Virtual Private Network and an edge replicated multicast network. For example, a controller (e.g., software defined networking (SDN) controller) may facilitate the integration between a multicasting VPN network and an edge replicated multicast network through the selection of a multicast bridge node from virtual routers specified in the multicast replication tree, and sending information identifying the multicast bridge node to a provider edge (PE) device for the source VPN such that the PE device may use the information to steer multicast traffic from the source VPN site across the Layer 3 VPN network to the multicast bridge node of the receiver VPN site. When the multicast bridge node receives the multicast traffic, the multicast bridge node determines from the information that it is to receive the multicast traffic and to perform the edge replicated multicast using the edge replicated multicast tree.

Abstract: A network device identifies an Internet Protocol Security (IPsec) tunnel that connects the network device to a remote device and determines that dead peer detection (DPD) is enabled at the network device. The network device receives a first DPD request message from the remote device via the IPsec tunnel, and sends a first DPD response message to the remote device via the IPsec tunnel. The network device determines that a workload of the network device satisfies a threshold amount, and sends one or more encapsulating security payload (ESP) packets that include traffic flow confidentiality (TFC) payload data to the remote device via the IPsec tunnel. The network device determines that the workload of the network device does not satisfy the threshold amount. The network device receives a second DPD request message from the remote device and sends a second DPD response message to the remote device via the IPsec tunnel.

Abstract: In general, techniques are described for supporting bulk delivery of change of authorization data in authentication, authorization, and accounting (AAA) protocols, where delivery is performed as a change of authorization after a subscriber has successfully authenticated and initially authorized. In one example, the techniques are directed to a method including determining, by a RADIUS server for a service provider network, change of authorization data for services to which the subscriber of the service provider network has subscribed. The method further includes generating, by the RADIUS server, RADIUS messages that form a transaction between the RADIUS server and a network access server acting as a RADIUS client. The RADIUS messages provide all of the change of authorization data to the network access server prior to the network access server provisioning the services. The method further includes outputting, by the RADIUS server, the RADIUS messages to the network access server.

Abstract: A ternary phase shift keying transmitter and receiver can efficiently communicate using ternary encoded data that avoids indistinguishable transition curves for each of the three modulated states in the ternary encoded data. The transmitter is interoperable and can function with different types of receivers including direct detection-based receivers and coherent detection-based receivers.

Abstract: Techniques are described for automatic discovery of two or more virtual service instances configured to apply a given service to a packet in a software-defined networking (SDN)/network functions virtualization (NFV) environment. Virtual service instances may be deployed as virtual entities hosted on one or more physical devices to offer individual services or chains of services from a service provider. The use of virtual service instances enables automatic scaling of the services on-demand. The techniques of this disclosure enable automatic discovery by a gateway network device of virtual service instances for a given service as load balancing entities. According to the techniques, the gateway network device automatically updates a load balancing group for the given service to include the discovered virtual service instances on which to load balance traffic for the service. In this way, the disclosed techniques provide auto-scaling and auto-discovery of services in an SDN/NFV environment.

Abstract: A disclosed method may include (1) generating a test packet that includes an inner packet encapsulated within an outer packet, (2) adding, to the test packet, an amount of padding data that increases a total size of the test packet to a certain threshold, (3) forwarding, via a transport layer protocol, the test packet along a network path that leads from a source node to a destination node by way of a tunnel, (4) receiving the inner packet from the destination node after the destination node extracts the inner packet from the test packet, and (5) determining, based at least in part on receiving the inner packet from the destination node, that a maximum transmission unit of the network path is greater than or equal to the total size of the test packet as increased by the amount of padding data. Various other apparatuses, systems, and methods are also disclosed.

Abstract: The disclosed computer-implemented method may include (1) receiving, at a network device, a route update for one or more routes that direct traffic within a network that supports BGP, (2) identifying, within the route update, a BGP prefix and a plurality of protocol next-hop addresses that (A) identify a plurality of neighbors of the network device and (B) each correspond to the BGP prefix, (3) maintaining a single copy of the BGP prefix and each of the protocol next-hop addresses, (4) receiving a packet destined for a computing device that is reachable via at least one of the neighbors of the network device, and then (5) forwarding the packet to the one of the neighbors of the network device in accordance with the BGP prefix and the protocol next-hop address that identifies the one of the neighbors. Various other methods, systems, and apparatuses are also disclosed.

Abstract: A network function virtualization (NFV) platform may include one or more processors to identify a condition associated with the NFV platform, where the condition may affect operation of at least one virtual network function (VNF) hosted by or associated with the NFV platform; determine, based on the condition, information that may be provided or an action that may be performed with regard to the at least one VNF, and/or generate or transmit a message identifying the information and/or that may cause the action to be performed with regard to the at least one VNF.

Abstract: In general, techniques are described for detecting duplicate hardware addresses in network devices of a computer network. A network device sends a request message on a network, the request message specifying the range of hardware addresses starting from the target hardware address. A network device determines whether at least a subset of the range of hardware addresses starting from the target hardware address is available based on response messages received from other network devices. The network device then reserves the available addresses for assigning to virtual machines (VMs) executing on the network device.

Abstract: A method includes modulating a digital signal via pulse amplitude modulation (PAM) and applying Nyquist shaping to the digital signal to generate a filtered digital signal. The method also includes converting the filtered digital signal into an analog signal and transmitting the analog signal in an optical communication channel via a dense wavelength division multiplexing (DWDM) scheme.

Abstract: An apparatus includes a first reconfigurable optical add/drop multiplexer (ROADM) to receive a first optical signal and a second ROADM to receive a second optical signal. The apparatus also includes a reconfigurable optical switch that includes a first switch, switchable between a first state and a second state, to transmit the first optical signal at the first state and block the first optical signal at the second state. The reconfigurable optical switch also includes a second switch, switchable between the first state and the second state, to transmit the second optical signal at the first state and block the second optical signal at the second state. The reconfigurable optical switch also includes an output port to transmit an output signal that is a sum of possible optical signals transmitted through the first switch and the second switch.

Abstract: Disclosed are methods and systems for estimating a location of a wireless device. In some embodiments, received signal strength indication (RSSI) values of signals from a first wireless device are determined. A rate of motion of the first wireless device is then determined based on a rate at which the RSSI values vary with time. A machine learning model is conditionally updated based on the determined rate of motion, and path loss parameters are then derived from the machine learning model. The path loss parameters are used to estimate the location of the first wireless device.

Abstract: Methods and apparatus relating to the detection of one or more devices in zones, e.g., non-overlapping areas, are described. Individual device locations are made based on RSSI information. Whether a user is determined to be in a zone or not is determined based on location determinations corresponding to the device. Thresholds used to determine whether a device is to be considered as being within a zone differs depending on whether the device is newly detected in the zone or is already determined to be in the zone. In some embodiments it is easier to be determined to be in a zone than to be determined to have left a zone. A device may be determined to be in two non-overlapping zones at the same time thereby increasing the chance that devices in edge areas will be counted with regard to the number of devices for which resources should be provided.

Abstract: Methods and apparatus for identifying the root cause of deterioration of system level experience (SLE). Offending network components that caused the SLE deterioration are identified and corrective actions are taken.

Abstract: In general, techniques are described for a dynamic prefix list for route filtering. In one example, a network device comprises a control unit comprising one or more processors; one or more interface cards coupled to the control unit; a routing protocol process configured to execute on the control unit to exchange, using the interface cards, routing protocol advertisements with a peer network device in accordance with a routing protocol; and a configuration database comprising a routing policy that references a dynamic prefix list comprising one or more prefixes. The routing policy includes at least one action for application to routes for import or export, by the network device via a routing protocol, that match any of the one or more prefixes of the dynamic prefix list. The dynamic prefix list comprises a routing table to store the one or more prefixes, the routing table separate from the configuration database.

Abstract: In some embodiments, a system includes a super-channel multiplexer (SCM) and an optical cross connect (OXC) switch. The SCM is configured to multiplex a set of optical signals into a super-channel optical signal with a wavelength band. The OXC switch is configured to be operatively coupled to the SCM and a reconfigurable optical add-drop multiplexer (ROADM) degree. The OXC switch is configured to be located between the SCM and the ROADM degree and the OXC switch, the SCM, and the ROADM degree are configured to be included in a colorless, directionless, and contentionless (CDC) optical network. The OXC switch is configured to switch, based on the wavelength band, the super-channel optical signal to an output port from a set of output ports of the OXC switch. The OXC switch is configured to transmit the super-channel optical signal from the output port to the ROADM degree.

Abstract: In general, the disclosure describes techniques for dynamic application service level agreement (SLA) metric generation, distribution, and intent-based Software-Defined Wide Area Network (SD-WAN) link selection. For instance, a network device may determine a metric associated with an application or application-group. The network device may send the metric to a controller, and in response may receive from the controller a recommended SLA metric associated with the application or application-group. The network device may also compute an intent-based SLA metric based on the recommended SLA metric, one or more characteristics of one or more links connected to the network device, and a user configured intent model that defines a tolerance level to apply the recommended SLA metric. The network device may select, based on the intent-based SLA metric, a path to send traffic from the application or application-group.