Abstract: In general, techniques are described for supporting interchassis redundancy (ICR) by a plurality of network access servers (NASes) that are members of an ICR. For example, techniques may be used to associate, within a RADIUS server, multiple NAS identifiers for the NASes with a single NAS identifier alias. The RADIUS server is configured to handle RADIUS protocol messages from any member of the ICR cluster as though the RADIUS protocol messages issued from a single NAS having the NAS identifier alias.

Abstract: An ingress router of a provider network receives a packet from a customer network, determines that the packet includes a customer network label and that the packet is to be tunneled through the provider network, based on the determination, adds a delimiter label to the packet indicative of a bottom of a provider network label stack and one or more provider network labels to the packet, and forwards the packet to a next routing device along the provider network tunnel. An egress routing device of the provider network receives a packet comprising a provider network label stack, removes the provider network label stack from the packet, determines whether the packet comprises a delimiter label following the provider network label stack, and, when the packet comprises the delimiter label, forwards the packet to a customer network interface device.

Abstract: Static analysis of software code may be performed in a selective regression testing framework. The static impact analysis, when carried out in a comprehensive and efficient way, can help make the test selection safer and more complete. One method for performing static analysis in selective regression testing of a software project includes, for example, storing changes to source code that defines functions and global data elements of the software project; performing a static analysis of the source code to determine which global data elements in the source code correspond to changed functions in the source code and executing a regression test of the software project using a set of test units determined based, at least in part, on the static analysis.

Abstract: Fan tray assemblies for cooling electronic devices in data processing units are described herein. In some embodiments, an apparatus includes a fan tray and a stator member. The fan tray is configured to be mounted within a data processing unit, and defines an opening. The fan tray is configured to be coupled to a fan such that the fan and the opening collectively define a portion of an air flow path. The stator member includes multiple stator blades. The stator member is separate from the fan and configured to be coupled to the fan tray such that the stator blades are within the air flow path.

Abstract: A first provider edge (PE) device is configured to: receive a Label Distribution Protocol (LDP) MAC Flush message from a PE device via an input port; flush a routing table in response to the LDP MAC Flush message; determine whether the LDP MAC Flush message comprises a PE identifier corresponding to the PE device; generate a Topology Change Notification (TCN) message based on the LDP MAC Flush message when the LDP MAC Flush message comprises the PE identifier corresponding to the PE device; and output the TCN message.

Abstract: An example network device includes a control plane and a filter lookup module that includes a Bloom filter that supports parallel lookup of a maximum number of different prefix lengths. The filter lookup module accesses the Bloom filter to determine a longest length prefix that matches an entry in a set of prefixes. The control plane receives prefix lengths that include more than the maximum number of different prefix lengths supported by the Bloom filter, wherein the set of prefix lengths is associated with one application, generates, based on the received set of prefix lengths, two or more groups of different prefix lengths, wherein each of the two or more groups of different prefix lengths includes no more than the maximum number of different prefix lengths, and programs the filter lookup module with the two or more groups of different prefix lengths associated with the one application.

Abstract: Packet processing is provided in a multiple processor system including a first processor to processing a packet and to create a tag associated with the packet. The tag includes information about the processing of the packet. A second processor receives the packet subsequent to the first processor and processes the packet using the tag information.

Abstract: Techniques described in this disclosure relate to configuration updates, such as performing an in-service software upgrade on a device, using virtual machines. In a routing device, a routing engine utilizes a virtual machine executing on a hypervisor to provide control plane functions. In one example, an in-service software upgrade may be performed between a first virtual machine and a second virtual machine without a managing virtual machine. More specifically, a first virtual machine in the control plane of the router may control the upgrade process, including requesting initialization of the second virtual machine, installing a new software system on the second virtual machine, and replicating state data from the first virtual machine to the second virtual machine. In this example, the first virtual machine may operate as a master virtual machine and the second virtual machine may operate as a slave virtual machine that synchronizes with the master virtual machine.

Abstract: A number of wireless networks are established by a network device, each wireless network having an identifier. Requests are received from client devices to establish wireless network sessions via the wireless networks using the identifiers. Network privileges of the client devices are segmented into discrete security interfaces based on the identifier used to establish each wireless network session.

Abstract: A laser system includes an array of lasers that emit light at a number of different, fixed wavelengths. A group of optical transport systems connect to the laser system. Each of the optical transport systems is configured to modulate data signals onto the light from the laser system to create optical signals and transmit the optical signals on one or more optical fibers.

Abstract: A method performed by a network device may include assembling a multiprotocol label switching (MPLS) echo request, the echo request including an instruction for a transit node to forward the echo request via a bypass path associated with the transit node, and an instruction for an egress node to send an echo reply indicating that the echo request was received on the bypass path. The method may also include sending the MPLS echo request over a functioning label switched path (LSP).

Abstract: In one embodiment, a method includes receiving a value associated with a data packet and identifying a data set based on the value. The data set is associated with a range of values and represents routing actions. The data set is a first data set from a plurality of data sets if the value is included in the range of values associated with the first data set. The data set is a default data set if the value is not included in a range of values associated with a data set from the plurality of data sets. The method includes combining the first data set with the default data set if the first data set is identified. The method includes combining the default data set with an except data set if the default data set is identified.

Abstract: An apparatus includes a destination edge device configured to receive a first validation packet according to a switch fabric validation protocol. The destination edge device is configured to validate multiple data paths through a distributed switch fabric from a source edge device to the destination edge device based on the first validation packet. The destination edge device is configured to send, in response to receiving the first validation packet, a second validation packet to a peripheral processing device. The destination edge device is also configured to send the second validation packet according to a validation protocol different from the first validation protocol.

Abstract: Systems and methods of various embodiments provide mechanisms to support synchronous and asynchronous transactions. Distinct encodings allow an instruction to choose whether to perform any operation synchronously or asynchronously. Separate synchronous and asynchronous result registers hold the data returned in the most recent replies received for synchronous and asynchronous transaction requests, respectively. A status bit indicates whether an asynchronous transaction request is currently outstanding.

Abstract: In general, this disclosure describes techniques of selecting routes for network packets through a computer network based, at least in part, on electrical power procurement arrangements of devices in the computer network. A computing system includes a hardware processor and a database storing power procurement profiles. Each of the power procurement profiles stores data indicating an arrangement between an operator of one or more of routing devices to procure electrical power from a utility company for facilities in which the routing devices are located. The power procurement profiles are mapped to ranges of network addresses associated with the facilities for retrieval of the power procurement profiles for the routers based on the network addresses assigned to the routers.

Abstract: Feedback indicates low signal-to-noise ratio (SNR) conditions for a wireless communications link between a transmitter device and a receiver device. After attempting to achieve a target packet error rate (PER) by increasing transmission power for the wireless communications link, the transmitter device receives feedback that indicates a current PER, for data transmitted using an initial automatic repeat request (ARQ) block size, is above the target PER for the receiver device, and changes, based on the feedback, the current ARQ block size to a different ARQ block size for the wireless communications link. The different ARQ block size may be adaptively selected to provide a maximum PDU size that achieves the target PER at the receiver device under the low SNR conditions.

Abstract: A network device receives, from a remote user device, a requested test that includes test Internet protocol (IP) packets, and converts the test IP packets into hardware test commands. The network device also performs, based on the hardware test commands, the requested test on a component of a network device card to produce hardware test results. The network device further converts the hardware test results into test results in an IP packet format, and provides the tests results in the IP packet format to the remote user device.

Abstract: In one embodiment, an apparatus can include a filter module operatively coupled to a switching module. The filter module can be configured to define a filter to be applied to a Fiber Channel over Ethernet (FCoE) frame received from any port from multiple ports instantiated at a network device. The filter can be defined based at least in part on a first logical address associated with a first port from the multiple ports. The first logical address can be based at least in part on (1) a first identifier associated with a switch fabric to which the apparatus is operatively coupled and (2) a second identifier associated with a first port from the multiple ports. The filter module can be configured to define the filter such that a switching module sends the FCoE frame to a Fiber Channel device when a second logical address included in the FCoE frame matches the first logical address and the filter module is operatively coupled to the switching module.

Abstract: A firewall device may include a forwarding component that includes a filter block. The filter block may obtain a first hardware-implemented filter, where a hardware implementation limits the first hardware-implemented filter to a maximum quantity of rules; determine whether a last rule associated with the accessed hardware-implemented filter includes a split-filter action, where the split-filter action identifies a second hardware-implemented filter; and link the second hardware-implemented filter to the first hardware-implemented filter to make the second hardware-implemented filter a logical continuation of the first hardware-implemented filter, in response to determining that the last rule includes the split-filter action.

Abstract: A network device implements an SSL VPN gateway for client devices. The network device may receive a script destined for a client device. The script may include at least one later binding uniform resource locator (URL)-based link entity. The network device may rewrite the script to include additional script associated with the later binding URL-based link entity. The additional script is configured to execute at the client device to rewrite the later binding URL-based link entity with substitute links that refer to the network device. In this manner, the network device allows the external client devices to access back-end servers in a proprietary network without requiring the installation of custom software on the client devices.