Abstract: In some cases, a network monitoring system may determine an operating or health condition of a node or connection link in a network (e.g., a datacenter network) by preparing an encapsulated data packet according to a tunneling protocol. Depending on a result of routing the encapsulated data packet, the network monitoring system determines whether the node or connection link is functioning normally or is experiencing an issue such as overloading or malfunctioning.

Abstract: A load balancer system is described herein which uses one or more switch-based hardware multiplexers, each of which performs a multiplexing function. Each such hardware multiplexer operates based on an instance of mapping information associated with a set of virtual IP (VIP) addresses, corresponding to a complete set of VIP addresses or a portion of the complete set. That is, each hardware multiplexer operates by mapping VIP addresses that correspond to its set of VIP addresses to appropriate direct IP (DIP) addresses. In another implementation, the load balancer system may also use one or more software multiplexers that perform a multiplexing function with respect to the complete set of VIP addresses. A main controller can generate one or more instances of mapping information, and then load the instance(s) of mapping information on the hardware multiplexer(s), and the software multiplexer(s) (if used).

Abstract: The present invention extends to methods, systems, and computer program products for offloading virtual machine flows to physical queues. A computer system executes one or more virtual machines, and programs a physical network device with one or more rules that manage network traffic for the virtual machines. The computer system also programs the network device to manage network traffic using the rules. In particular, the network device is programmed to determine availability of one or more physical queues at the network device that are usable for processing network flows for the virtual machines. The network device is also programmed to identify network flows for the virtual machines, including identifying characteristics of each network flow. The network device is also programmed to, based on the characteristics of the network flows and based on the rules, assign one or more of the network flows to at least one of the physical queues.

Abstract: A source device obtains a data packet that includes both a destination address and a payload. The source device selects an exit point address of multiple exit point addresses corresponding to the destination address based on one or more policies. The source device encapsulates the data packet with a header that includes the selected exit point address, and the encapsulated data packet is provided to the backbone network. The encapsulated data packet is routed through the backbone network based on the exit point address, and an edge router of the backbone network identifies an interface of the edge router that corresponds to the exit point address. The header is removed from the encapsulated data packet, and the data packet is added to a buffer of the interface for routing to one or more other devices outside of the backbone network.

Abstract: The subject disclosure is directed towards a technology that automatically mitigates datacenter failures, instead of relying on human intervention to diagnose and repair the network. Via a mitigation pipeline, when a network failure is detected, a candidate set of components that are likely to be the cause of the failure is identified, with mitigation actions iteratively targeting each component to attempt to alleviate the problem. The impact to the network is estimated to ensure that the redundancy present in the network will be able to handle the mitigation action without adverse disruption to the network.

Abstract: Methods and apparatus for congestion control in computer networks achieve high burst tolerance, low latency and high throughput with shallow-buffered switches. A method for controlling congestion includes transmitting a set of data packets on a network connection from a first computing device to a second computing device, identifying each data packet in the set of data packets that experienced congestion on the network connection, sending, by the second computing device to the first computing device, a sequence of bits that represents the number of data packets in the set of data packets that were identified as having experienced congestion, and adjusting a rate of transmitting data packets on the network connection based on the sequence of bits sent to the first computing device.

Abstract: A method of networking a plurality of servers together within a data center is disclosed. The method includes the step of addressing a data packet for delivery to a destination server by providing the destination server address as a flat address. The method further includes the steps of obtaining routing information required to route the packet to the destination server. This routing information may be obtained from a directory service servicing the plurality of servers. Once the routing information is obtained, the data packet may be routed to the destination server according to the flat address of the destination server and routing information obtained from the directory service.

Abstract: A method of enabling an electronic privately addressable source to be publicly addressable starts at a receiver where an electronic message is received. It is communicated from a sender with a private address outside a subnet of the receiver through a translator. The translator retrieves a lease to at least one of a public address or a port from a lease manager, translates the private address and the private port into a public address and a public port and communicates identifying data such as the public address and the public port to the receiver. If a response is communicated to the private sender, the response may be communicated to the private sender through the network. The public address and the public port on the message may be translated to the private address and the port of the private sender and the private address and the private port may be used to properly route the response to the private sender.

Abstract: A plurality of network addresses from a distributed client is obtained, at least a first portion of the obtained network addresses including resolved network address responses to distributed client requests for resolved network addresses corresponding to one or more network location indicators associated with a first web service. Test content is obtained, based on one or more of the network addresses included in the first portion. It is determined whether the obtained test content includes unauthorized content.

Abstract: The transmission of multiple copies of data to other computing devices is optimized by minimizing the number of copies of such data transmitted through an expensive portion of the network. A store-and-forward methodology is utilized to transmit only a single copy through the expensive portion and the data is subsequently forked into multiple copies directed to multiple destination computing devices. Computing devices that are not intended destinations can be conscripted as intermediate computing devices, if appropriate to minimize copies of the data transmitted through an expensive portion. Additionally, accommodation can be made for data that is intolerant of out-of-order delivery by utilizing adaptive protocols that avoid mechanisms that may result in out-of-order delivery for data intolerant of such and by utilizing packet sorting at data convergence points to reorder the data. Different protocol settings can be utilized to transmit data across different portions of the network.

Abstract: Memory is shared among physically distinct, networked computing devices. Each computing device comprises a Remote Memory Interface (RMI) accepting commands from locally executing processes and translating such commands into forms transmittable to a remote computing device. The RMI also accepts remote communications directed to it and translates those into commands directed to local memory. The amount of storage capacity shared is informed by a centralized controller, either a single controller, a hierarchical collection of controllers, or a peer-to-peer negotiation. Requests that are directed to remote high-speed non-volatile storage media are detected or flagged and the process generating the request is suspended such that it can be efficiently revived. The storage capacity provided by remote memory is mapped into the process space of processes executing locally.

Abstract: Application-provided transmission metadata is utilized, in conjunction with current network information, to adjust network transmissions. An interface between applications seeking to transmit data and networking components enables the application to provide destination information, communication type information, information regarding the quantity of data to be transferred, timeliness information, data location information, cost information, and other like transmission metadata. Current network information can be obtained by the networking components themselves, or can be provided by, or enhanced by, a centralized controller. The networking components can then optimize both the routing and the protocol settings in the form of adjustments to error control settings, flow control settings, receiver control settings, segmentation settings, and other like protocol settings.

Abstract: Computing unit enclosures are often configured to connect units (e.g., server racks or trays) with a wired network. Because the network type may vary (e.g., Ethernet, InfiniBand, and Fibre Channel), such enclosures often provide network resources connecting each unit with each supported network type. However, such architectures may present inefficiencies such as unused network resources, and may constrain network support for the units to a small set of supported network types. Presented herein are enclosure architectures enabling flexible and efficient network support by including a backplane comprising a backplane bus that exchanges data between the units and a network adapter using an expansion bus protocol, such as PCI-Express.

Abstract: A cloud computing environment providing a network service for a client computing entity. The network service is not an application level service, but rather a service that operates at or below the network layer in the protocol stack. For instance, the network service might be a network endpoint service such as a network address service (such as DNS) or a dynamic network service (such as DHCP), or a network traffic service such as a firewall service or a secure tunneling service (such as VPN). The service might also provide a pipeline of network services for network level traffic to and from the client computing entity. The cloud environment uses policy to determine which of a plurality of communication channels to use when exchanging cloud service data for the network service.

Abstract: The subject disclosure is directed towards a technology that automatically mitigates datacenter failures, instead of relying on human intervention to diagnose and repair the network. Via a mitigation pipeline, when a network failure is detected, a candidate set of components that are likely to be the cause of the failure is identified, with mitigation actions iteratively targeting each component to attempt to alleviate the problem. The impact to the network is estimated to ensure that the redundancy present in the network will be able to handle the mitigation action without adverse disruption to the network.

Abstract: The provisioning of a host computing system by a controller located over a wide area network. The host computing system has power-on code that automatically executes upon powering up, and causes the host to notify the controller of the host address. In a first level of bootstrapping, the controller instructs the host to download a maintenance operating system. The host responds by downloading and installing a maintenance operating system, enabling further bootstrapping. The persistent memory may further have security data, such as a public key, that allows the host computing system to securely identify the source of the download instructions (and subsequent instructions) as originating from the controller. A second level of bootstrapping may accomplish the configuring of the host with a hypervisor and a host agent. A third level of bootstrapping may accomplish the provisioning of virtual machines on the host.

Abstract: The present invention extends to methods, systems, and computer program products for offloading virtual machine flows to physical queues. A computer system executes one or more virtual machines, and programs a physical network device with one or more rules that manage network traffic for the virtual machines. The computer system also programs the network device to manage network traffic using the rules. In particular, the network device is programmed to determine availability of one or more physical queues at the network device that are usable for processing network flows for the virtual machines. The network device is also programmed to identify network flows for the virtual machines, including identifying characteristics of each network flow. The network device is also programmed to, based on the characteristics of the network flows and based on the rules, assign one or more of the network flows to at least one of the physical queues.

Abstract: A delivery controller for use in an enterprise environment that communicates with a cloud computing environment that is providing a service for the enterprise. As the cloud service processing progresses, some cloud service data is transferred from the cloud computing environment to the enterprise environment, and vice versa. The cloud service data may be exchanged over any one of a number of different types of communication channels. The delivery controller selects which communication channel to use to transfer specific data, depending on enterprise policy. Such policy might consider any business goals of the enterprise, and may be applied at the application level.

Abstract: A management service that receives requests for the cloud computing environment to host applications, and improves performance of the application using an edge server. In response to the original request, the management service allocates the application to run on an origin data center, evaluates the application by evaluating at least one of the application properties designated by an application code author or provider, or the application performance, and uses an edge server to improve performance of the application in response to evaluating the application. For instance, a portion of application code may be offloaded to run on the edge data center, a portion of application data may be cached at the edge data center, or the edge server may add functionality to the application.

Abstract: Constructing an inference graph relates to the creation of a graph that reflects dependencies within a network. In an example embodiment, a method includes determining dependencies among components of a network and constructing an inference graph for the network responsive to the dependencies. The components of the network include services and hardware components, and the inference graph reflects cross-layer components including the services and the hardware components. In another example embodiment, a system includes a service dependency analyzer and an inference graph constructor. The service dependency analyzer is to determine dependencies among components of a network, the components including services and hardware components. The inference graph constructor is to construct an inference graph for the network responsive to the dependencies, the inference graph reflecting cross-layer components including the services and the hardware components.