Abstract: The disclosed apparatus may include (1) at least one unregulated power input that facilitates feeding unregulated electrical power to a telecommunications device, (2) at least one regulated power input that facilitates feeding regulated electrical power to the telecommunications device, and (3) at least one ORing power device that (A) provides unregulated electrical power from the unregulated power input to the telecommunications device when the unregulated electrical power is above a certain threshold and (B) provides regulated electrical power from the regulated power input to the telecommunications device when the unregulated electrical power is below the certain threshold. Various other apparatuses, systems, and methods are also disclosed.

Abstract: In general, techniques for are described for providing application metadata using an Internet Protocol Flow Information eXport (IPFIX) protocol in computer networks. In one example, a first network device including a processor and a memory may perform the techniques. The processor may be configured to determine types of the application metadata that the first network device has a capability to detect through analysis of network packets. The application metadata may comprise data representative of network protocols used by networking processes that exchange packets. The memory may be configured to store the application metadata. The processor may further be configured to execute the IPFIX protocol to advertise the types of the application metadata to a second network device configured to collect a subset of the application metadata.

Abstract: A system includes a first switch fabric portion and a second switch fabric portion. The first switch fabric portion is disposed within a first chassis and has a module associated with a first stage of a switch fabric and a module associated with a second stage of the switch fabric. The module of the first switch fabric portion associated with the first stage of the switch fabric is configured to send data to the module of the first switch fabric portion associated with the second stage of the switch fabric. The second switch fabric portion is disposed within a second chassis and has a module associated with the second stage of the switch fabric. The module of the first switch fabric portion associated with the first stage of the switch fabric is configured to send data to the module of the second switch fabric portion associated with the second stage of the switch fabric.

Abstract: A device may activate a layer 3 interface of the device based on activation of a first layer 2 interface associated with the layer 3 interface. The device may detect activation of a second layer 2 interface, associated with the layer 3 interface, after activating the layer 3 interface. The device may activate a filter to prevent transfer of network traffic via the second layer 2 interface based on detecting activation of the second layer 2 interface. The device may perform duplicate address detection, in association with the second layer 2 interface, for a layer 3 network address assigned to the device. The device may determine whether the layer 3 network address is a duplicate network address based on performing the duplicate address detection. The device may selectively maintain or deactivate the filter based on determining whether the layer 3 network address is a duplicate network address.

Abstract: The disclosed computer-implemented method for improving forwarding capabilities during route convergence may include (1) identifying, at an upstream network device, a set of updated routes that define network paths that have each experienced at least one topology change since the upstream network device last converged with a downstream network device, (2) determining, at the upstream network device, levels of priority for the set of updated routes based at least in part on amounts of traffic that traverse the network paths defined by the set of updated routes, (3) arranging, at the upstream network device, the set of updated routes in a prioritized order in accordance with the levels of priority, and then (4) converging the upstream network device with the downstream network device by sending the set of updated routes in the prioritized order to the downstream network device. Various other methods, systems, and apparatuses are also disclosed.

Abstract: The disclosed apparatus may include a set of communication ports that facilitate communication with a network device via a set of communication links that collectively operate as a LAG bundle. The disclosed apparatus may also include a link-management unit communicatively coupled to the set of communication ports that facilitate communication with the network device. The link-management unit may detect an amount of communication activity on one or more active communication links included in the set of communication links that are collectively operating as the LAG bundle. The link-management unit may then determine that the amount of communication activity detected on the active communication links has reached a certain threshold. In response to this determination, the link-management unit may modify the active communication links included in the set of communication links to account for the amount of communication activity. Various other apparatuses, systems, and methods are also disclosed.

Abstract: In one embodiment, an apparatus can include a filter module configured to receive multiple Media Access Control (MAC) addresses associated with multiple virtual ports instantiated at a first network device. Each virtual port from the multiple virtual ports can be associated with a MAC address from the multiple MAC addresses. The filter module can be configured to define a filter to be applied to a data frame sent between the first network device and a network switch, the filter being based at least in part on a MAC address prefix included in each MAC address from the plurality of MAC addresses. The MAC address prefix can include an identifier uniquely associated with a second network device at which the filter module operates.

Abstract: In general, techniques are described for providing Hot-Root Standby in Global Table Multicast (GTM) environments. For example, in such GTM environments, normally a single unicast route to the customer multicast source (“C-Source”) will be available to egress provider edge (PE) routers. As described herein, ingress PE routers may advertise multiple routes to a C-Source, including unicast routes that include Route Import Extended Communities, which are imported by egress PE routers. This enables an egress PE router to have multiple paths to the C-Source, and the egress PE router may generate multiple C-multicast source tree joins for respective ingress PE routers in order to receive respective multicast streams sourced by the C-Source from the ingress PE routers.

Abstract: A method includes receiving a signal indicative of a value of a data point associated with a compute device at a first time. The value of the data point includes a data point category that is correlated with a fault category. The compute device is operatively coupled to a record module having a protected mode and an unprotected mode. A signal is received indicative of a value of the data point at a second time, after the first time. When a characteristic of a change in the value of the data point at the first time to value of the data point at the second time crosses a threshold in a first direction, a signal is sent to the record module indicative of an instruction to record data associated with the compute device in the protected mode to define a protected data set.

Abstract: A first peer, of a plurality of peers, may receive a packet directed to a network address. The network address may identify a tunnel endpoint of a tunnel via which traffic, associated with a multi-homed client, is transferred. The multi-homed client may be connected to each peer of the plurality of peers. The first peer may identify the packet as being associated with the multi-homed client. The first peer may update first information, associated with the tunnel, based on identifying the packet as being associated with the multi-homed client. The first peer may provide the packet to a second peer of the plurality of peers. The second peer may receive the packet and may update second information, associated with the tunnel, based on receiving the packet provided by the first peer. The first information and the second information may be updated to indicate an operational status of the tunnel.

Abstract: In general, techniques are described for reducing impact of network attacks in access networks. A network device including an interface in a forwarding plane of the network device, and a policer configured in a packet forwarding engine of the forwarding plane may be configured to perform the techniques. The interface may receive a packet from a subscriber access device positioned at an edge of sub-network of an access network. The packet may include trusted information inserted by an intermediate network device positioned between the network device and the subscriber access device. The policer may determine, based on the trusted information, whether the packet is associated with the network attack. Based on the determination of whether the packet is associated with the network attack, the policer may forward the packet for subsequent protocol-specific processing.

Abstract: Techniques are described for determining, with a first optical node, a correction factor indicative of an amount of optical power loss that a Raman amplifier in a second optical node causes in an optical signal having a first wavelength that is transmitted by the first optical node and received by the second optical node, transmitting, with the first optical node to the second optical node, information, based on the determined correction factor, that is to be used for determining a gain of the Raman amplifier, and transmitting, with the first optical node to the second optical node, an optical signal having a second wavelength that is to be amplified by the Raman amplifier.

Abstract: A provider edge (PE) device may receive an indication to perform a designated forwarder (DF) election associated with a network segment that includes the PE device, one or more other PE devices, and a client edge (CE) device. The PE device, the one or more other PE devices, and the CE device may be associated with an Ethernet virtual private network (EVPN) that includes a group of EVPN instances (EVIs). The PE device may perform the DF election in order to determine election information associated with the PE device. The election information may include information associated with a particular EVI, of the group of EVIs, for which the PE device is to act as a DF. The PE device may provide the election information to the CE device to cause the CE device to provide traffic, associated with a particular VLAN included in the particular EVI, to the PE device.

Abstract: A first device may receive network traffic including a first label. The first label may be an inclusive multicast label associated with a second device. The second device may be a designated forwarder for an Ethernet segment. The first device may determine a second label based on receiving the network traffic including the first label. The second label may be used to route the network traffic to a customer edge device, via a third device, rather than the second device. The third device may be a non-designated forwarder for the Ethernet segment. The first device may provide the network traffic, including the second label, to the third device to permit the third device to provide, via the Ethernet segment, the network traffic to the customer edge device based on the second label when a failure occurs in association with the second device.

Abstract: The disclosed method may include (1) identifying, at a first node, a preconfigured level of the first node, (2) receiving, at the first node from a second node, a neighbor advertisement that includes a preconfigured level of the second node, (3) determining that a difference between the preconfigured level of the first node and the preconfigured level of the second node is equal to one, (4) recording, at the first node based on the difference being equal to one, an adjacency relationship between the first node and the second node, (5) transmitting a first type of routing-protocol packet from the first node to the second node based on the adjacency relationship, and (6) refraining from transmitting a second type of routing-protocol packet from the first node to the second node based on the adjacency relationship. Various other apparatuses, systems, and methods are also disclosed.

Abstract: A security device may receive, from a server device, a response to a request. The request may be provided by an attacker device and may include a plurality of input values. The security device may determine the plurality of input values, included in the request, based on receiving the response. The security device may modify the response to form a modified response. The response may be modified to include information associated with the plurality of input values. The response may be modified in an attempt to prevent the attacker device from identifying a vulnerability, associated with the server device, based on the plurality of input values being included in the response. The security device may provide the modified response to the attacker device.

Abstract: In some examples, techniques are directed to applying one or more corrective actions that cause the network device to bypass the failed service node of the service chain. In some examples, method includes determining that a failure has occurred at a service node included in a plurality of service nodes, the plurality of service nodes configured to apply one or more stateful services of a primary service chain to packet flows from a plurality of subscriber devices; in response to determining that the failure has occurred, configuring forwarding state of the network device to process the packet flows from the plurality of subscriber devices based on a corrective action that bypasses the service node of the primary service chain; and in response to receiving a subscriber packet in the packet flows, processing the packet flows from the plurality of subscriber devices based on the corrective action.

Abstract: The disclosed apparatus may include an encryption device that signs information exchanged between network devices to ensure the integrity of the information. The disclosed apparatus may also include a network device communicatively coupled to the encryption device, wherein the network device (1) obtains geo-location information that identifies the location of the network device, (2) directs the encryption device to sign the geo-location information to ensure the integrity of the geo-location information, (3) provides the signed geo-location information to a remote management system that manages the configuration of the network device based at least in part on the geo-location information, and (4) receives a configuration profile that modifies the configuration of the network device to account for the current location of the network device from the remote management system. Various other apparatuses, systems, and methods are also disclosed.

Abstract: A device may receive an indication to generate a probe packet associated with a tunnel included in a first network. The tunnel may include a first tunnel endpoint and a second tunnel endpoint and may correspond to a path, associated with a second network, between the first tunnel endpoint and the second tunnel endpoint. The device may generate the probe packet including information associated with the tunnel. The device may provide the probe packet, via the first tunnel endpoint, such that the probe packet is received by a network device that lies on the path. The device may receive a response packet, associated with the probe packet and provided by the network device, that includes path information. The path information may include information associated with the network device. The device may store the path information to allow the network device to be identified as lying on the path.

Abstract: In one embodiment, a processor-readable medium storing code representing instructions that when executed by a processor cause the processor to update, at a memory location, a first flow state value associated with a data flow to a second flow state value when at least one of a packet from the data flow is received or the memory location is selected after a time period has expired. At least a portion of the packet is analyzed when the second flow state value represents a flow rate of a network data flow anomaly.