Abstract: Techniques are described by which a network management system (NMS) is configured to provide identification of root cause failure through the detection of network scope failures. For example, the NMS comprises one or more processors; and a memory comprising instructions that when executed by the one or more processors cause the one or more processors to: generate a hierarchical attribution graph comprising attributes representing different network scopes at different hierarchical levels; receive network event data, wherein the network event data is indicative of operational behavior of the network, including one or more of successful events or one or more failure events associated with one or more client devices; and apply a machine learning model to the network event data and to a particular network scope in the hierarchical attribution graph to detect whether the particular network scope has failure.

Abstract: In general, the disclosure describes techniques for dynamic application service level agreement (SLA) metric generation, distribution, and intent-based Software-Defined Wide Area Network (SD-WAN) link selection. For instance, a network device may determine a metric associated with an application or application-group. The network device may send the metric to a controller, and in response may receive from the controller a recommended SLA metric associated with the application or application-group. The network device may also compute an intent-based SLA metric based on the recommended SLA metric, one or more characteristics of one or more links connected to the network device, and a user configured intent model that defines a tolerance level to apply the recommended SLA metric. The network device may select, based on the intent-based SLA metric, a path to send traffic from the application or application-group.

Abstract: Techniques are described by which a network management system (NMS) provides a common user interface (UI) to enable a user to collectively configure network devices to establish an EVPN topology. For example, an NMS is configured to: generate data representative of a common UI comprising UI elements representing a plurality of network devices to be configured in an EVPN topology; receive, via the common UI, an indication of a user input selecting one or more of the UI elements representing selected network devices; generate UI elements representing a plurality of ports of the selected network devices; receive, via the common UI, an indication of a user input selecting the UI elements representing one or more selected ports; and generate, based on the one or more selected network devices and one or more selected ports, topology relationship information of the one or more selected devices to establish the EVPN topology.

Abstract: Techniques are described in which a centralized controller constructs a service chain between a bare metal server (BMS) and a virtual execution element (e.g., virtual machine or container), or in some instances a remote BMS, across a plurality of networks. In some examples, the controller may construct a service chain between a BMS and a virtual execution element or remote BMS using Ethernet Virtual Private Network (EVPN)-Virtual Extensible Local Area Network (VXLAN) and Internet Protocol Virtual Private Networks (IP VPNs) such as BGP/Multiprotocol Label Switching (BGP/MPLS) IP VPNs.

Abstract: An Access Gateway Function (AGF) node can receive requests to join a multicast stream from a computing device. If the request is the first request to join the multicast stream, the AGF can forward the request to the UPF node. The multicast stream is then received via a tunnel between the AGF node and UPF node that is associated with the computing device. The tunnel associated with the first computing device to request joining the multicast stream can be a primary tunnel for the multicast stream. Subsequent requests to join the same multicast stream can cause the AGF node add tunnels associated with the requesting computing devices as secondary tunnels. The multicast stream is received via the primary tunnel and replicated to computing devices associated with the secondary tunnels. A secondary tunnel may be promoted to a primary tunnel in response to a failure or disconnection of the primary tunnel.

Abstract: This disclosure describes techniques that include using an automatically trained machine learning system to generate a prediction. In one example, this disclosure describes a method comprising: based on a request for the prediction: training each respective machine learning (ML) model in a plurality of ML models to generate a respective training-phase prediction in a plurality of training-phase predictions; automatically determining a selected ML model in the plurality of ML models based on evaluation metrics for the plurality of ML; and applying the selected ML model to generate the prediction based on data collected from a network that includes a plurality of network devices.

Abstract: An example network element includes one or more interfaces and a control unit, the control unit includes one or more processors configured to determine an egress network domain identifier (ID) and determine an abstracted interdomain network topology. The one or more processors are also configured to determine one or more interdomain paths from an abstracted ingress domain node to an abstracted egress domain node and determine whether an abstracted domain node is on the one or more interdomain paths. The one or more processors are configured to, based on the abstracted domain node being on the one or more interdomain paths, include one or more resources within a network domain in a filtered traffic engineering database (TED) and compute a path from an ingress node within the ingress network domain to an egress node within the egress network domain based on the filtered TED.

Abstract: A broadband network gateway (BNG) controller is described that includes a network subscriber database (NSDB) and one or more core applications. The NSDB is configured to store vBNG instance information for one or more subscriber devices. The vBNG instance information specifies vBNG instances operable by one or more edge routers. The vBNG instances are configured to receive requests to access service provider services from the one or more subscriber devices and to selectively authenticate the one or more subscriber devices for network services based on authentication information included in the requests to access services provider services. The one or more core applications include a network instance and configuration manager (NICM). The NICM is configured to modify the vBNG instance information at the NSDB to include an additional vBNG instance and to output, to an edge router, an instruction to generate the additional vBNG instance at the edge router.

Abstract: In an example, a method includes computing, by a computing device, for a segment routing policy that specifies a bandwidth constraint for the segment routing policy, first shortest paths through a network of network nodes, wherein each shortest path of the first shortest paths represents a different sequence of links connecting pairs of the network nodes from a source to a destination; in response to determining, by the computing device based on the bandwidth constraint for the segment routing policy, a link of one of the first shortest paths has insufficient bandwidth to meet a required bandwidth for the link, increasing a metric of the link; computing, by the computing device, for the segment routing policy that specifies the bandwidth constraint, based on the increased metric of the link, second shortest paths through the network of network nodes; and provisioning the second shortest paths in the network of nodes.

Abstract: The disclosure describes techniques for detecting network measurement inaccuracies through the detection of sender delays or packet drops. For example, a sender device of a test packet may determine whether the sender device is experiencing any issues in sending the test packet to a receiver device and notify a controller of the issues such that the controller may generate an indication that one or more Key Performance Indicator (KPI) measurements based on the test packets from the sender device are inaccurate and/or untrustworthy, remove the inaccurate KPI measurements, and/or adjust the inaccurate KPI measurements.

Abstract: In the present disclosure, systems and techniques for network device hardware containerization is described. In one example, a network device of a network having a topology of network devices includes processing circuitry of a routing component wherein the processing circuitry generates user space containers to operate forwarding engines in each of a plurality of forwarding components of the network device; stores information for directing communications involving the plurality of forwarding components and the network devices; and configures, by at least one user space container running on the processing circuitry of the routing component, one or more corresponding forwarding engines in a respective forwarding component using the information.

Abstract: The disclosed embodiments provide for identification of a remedial action based on analysis of a system log file. In some example embodiments, messages from the system log file are used as input to generate vectors within a vector space. Portions of the log messages may generate vectors that cluster into a region in the vector space. The region of vector space is associated with one or more remedial actions. The disclosed embodiments are configured, in some example embodiments, to perform the one or more remedial actions when activity in the log file maps to the region of vector space associated with the one or more remedial actions. In some example embodiments, a remedial action can include submitting a problem report to a problem tracking database.

Abstract: A first network device may receive first traffic of a session that involves a service. The first network device may identify that the service is configured for distributed node processing. The first network device may identify a second network device that is configured for distributed node processing. The first network device may identify a state machine that is associated with the service. The first network device may determine, based on the state machine, a first function and a second function, wherein the first function is identified by a first label and the second function is identified by a second label. The first network device may process the first traffic based on the first function. The first network device may provide, to the second network device, the first traffic and the second label to permit the second network device to process second traffic in association with the second function.

Abstract: In general, this disclosure describes techniques for a containerized router operating within a cloud native orchestration framework. In an example, a computing device comprises a containerized routing protocol process executing on processing circuitry of the computing device and configured to receive routing information; a containerized set of workloads; a data plane development kit (DPDK)-based virtual router executing on the processing circuitry and configured to forward traffic to and from the workloads based on the routing information from the containerized routing protocol; and a virtual router agent for the virtual router, the virtual router agent executing on the processing circuitry and configured to expose a generic data plane interface.

Abstract: In some implementations, a device may receive, via a universal serial bus (USB) interface, configuration information and a supply of power from a network device. The device may receive, via an antenna that is external to the device, a first signal indicating timing information. The device may generate, based on the first signal, a second signal and a third signal, wherein the second signal comprises a one pulse per second signal and the third signal comprises a ten-megahertz signal. The device may provide, to the network device, the second signal and the third signal. The device may receive, via an input port, a clock signal to provide an extended holdover functionality to the network device.

Abstract: A network device may receive a first data packet. The network device may determine that a level of available computing resources satisfies a threshold level. The network device may perform a secure socket layer (SSL) proxy function based on the level of available computing resources satisfying the threshold level. The network device may receive a second data packet. The network device may determine that the level of available computing resources fails to satisfy the threshold level. The network device may determine a security characteristic associated with the second data packet. The network device may determine a security rating associated with the second data packet based on the security characteristic. The network device may selectively perform the SSL proxy function based on the security rating.

Abstract: Disclosed are embodiments for determining a location of a device based on phase differences of a signal received from the device. In some embodiments, expected phase differences for signals transmitted from a plurality of regions are determined. The expected phase differences are those differences of the signal when received at each of a plurality of receive elements of a receiving device. By comparing phase differences of a signal received from the device to the expected phase differences, a location of the device is determined.

Abstract: A network device may receive a request to access a network from a client device. The network device may determine that the client device is authenticated based on a set of authentication credentials obtained for the client device. The network device may determine, based on the client device being authenticated, that a quantity of devices currently accessing the network using the set of authentication credentials is equal to a maximum quantity of devices permitted to access the network using the set of authentication credentials. The network device may deny the client device access to the network based on the quantity of devices being equal to the maximum quantity of device.

Abstract: In some implementations, a broadband network gateway (BNG) may receive, from a customer premises equipment, a dynamic host configuration protocol (DHCP) discover request, wherein the BNG is connected to the customer premises equipment and a fixed mobile interworking function (FMIF). The BNG may communicate with, based on the DHCP discover request, the FMIF. The BNG may provide to the customer premises equipment, and based on communicating with the FMIF, a DHCP offer that offers utilization of the BNG as a DHCP server. The BNG may receive from the customer premises equipment, and based on providing the DHCP offer, a DHCP request to request utilization of the BNG as the DHCP server. The BNG may provide to the customer premises equipment, and based on the DHCP request, a DHCP acknowledgment that acknowledges utilization of the BNG as the DHCP server.

Abstract: Systems, devices and techniques for an adaptive application-specific probing scheme are disclosed. An example network device includes memory configured to store a network address and probe protocol usable for probing a first network device associated with a source of an application, and one or more processors configured to determine a network address and probe protocol usable for probing the first network device, wherein the first network device comprises a server that is responsive to the probing, the server executing the application for the data flow, or a closest network device, to the server, that is responsive to the probing. The one or more processors are also configured to send to a second network device at a location serviced by the application, a message specifying the network address and probe protocol usable for probing the first network device.