Abstract: In one embodiment, a network session is established for transmitting a media stream. The media stream is encoded into a first set of media stream packets and the first set of media stream packets transmitted according to the established network session. The media stream is also encoded into a second set of retransmission-based repair packets and used as a second redundant copy of the media stream. The second set of retransmission packets are transmitted regardless of receiving any indication of lost or dropped packets during the network session.

Abstract: In one embodiment, an intermediate network device includes a communication facility configured to receive a reservation request message that includes a flow spec object. The flow spec object specifies one or more flow parameters that describe a given traffic flow that desires to pass through the intermediate network device. A flow is configured to compare the one or more flow parameters specified in the flow spec object to one or more constants stored in a memory, to determine a type of traffic of the given traffic flow. The flow analyzer determines the type of traffic independent of any differentiated services codepoint (DSCP) values in packets of the given traffic flow. A traffic scheduler is configured to assign the given traffic flow to a particular per hop behavior (PHB) based on the determined type of traffic for the given traffic flow.

Abstract: In one embodiment, a method includes receiving gap information from an entertainment content source configured to provide an entertainment stream associated with a contributing source information providing a source of the entertainment stream and a chronological order to render the entertainment stream, the entertainment stream being encrypted and having an associated first decryption key multiplexed into a key distribution system, the gap information identifying a gap in the entertainment stream where an ad may be one of inserted or substituted, synchronizing a target ad from an advertisement stream to a time base corresponding to the gap, decrypting the entertainment stream using the first decryption key selected from the key distribution system based on the contributing source information, and rendering the entertainment stream and the target ad as a composite stream based on the chronological order, the target ad being rendered during the gap in the entertainment stream.

Abstract: Generating a binding between a source address and one or more roles of a user accessing the network and distributing the binding to a filter node. The source address is currently assigned to the device. The binding may be generated by one or more nodes on an ingress path used during authentication of the user. The binding may be distributed to the filter node on demand or without any request from the filter node. Responsive to a determination that the user is associated with a new source address, a new binding is generated to associate a new source address with the one or more roles for the user. The new binding is distributed to the filter node. Another aspect is a method of enforcing a role based security policy at a filter node, using bindings of source addresses to roles.

Abstract: In one embodiment, a separate surrogate monitor stream provides real-time media monitoring statistics for non-media savvy protocols. The surrogate monitor stream contains packet transmission parameters, such as sequence numbers and time stamps, for associated media packets in the non-savvy media stream. The surrogate monitor stream also contains checksums derived from the media packets. The checksums are used to correlate the packets in the surrogate monitor stream with the media packets in the media stream. The information in the surrogate monitor stream is then used in conjunction with the non-savvy media stream to provide real-time media monitoring without having to modify existing infrastructure. For example, head-end video servers do not have to add Real-time Transport Protocol (RTP) support or deal with protocol upgrades like RTP/UDP co-existence.

Abstract: A method and apparatus for fast reroute of multicast data are disclosed. In one embodiment, a method includes transmitting a multicast join message from a receiver towards a source on a primary path and transmitting an alternate multicast join message from the receiver towards the source on a backup path. Data packets are then received from the primary and backup paths. The method further includes operating in a first mode wherein the data packets received from the primary path are accepted and the data packets received from the backup path are dropped, and switching to a second mode wherein the data packets received from the backup path are accepted, upon detecting a failure in the primary path.

Abstract: In one embodiment, a router receives a real-time multimedia flow that comprises IP packets. The router then processes values included in the Identifier fields of the IP packets using resources similar to those used in the monitoring of RTP flows to identify metrics for the real-time multimedia flow. The metrics may be transferred to a remote management device for aggregation with metrics output by other routers located on the data path for the real-time multimedia flow.

Abstract: Generating a binding between a source address and one or more roles of a user accessing the network and distributing the binding to a filter node. The source address is currently assigned to the device. The binding may be generated by one or more nodes on an ingress path used during authentication of the user. The binding may be distributed to the filter node on demand or without any request from the filter node. Responsive to a determination that the user is associated with a new source address, a new binding is generated to associate a new source address with the one or more roles for the user. The new binding is distributed to the filter node. Another aspect is a method of enforcing a role based security policy at a filter node, using bindings of source addresses to roles.

Abstract: To prevent theft of protected content when IPTV services are provided, a conditional access device (CAD) is connected to a personal computer (PC). An application is launched on the PC from the CAD over universal serial bus (USB) interface. The application configures the PC to allow a user to receive secure internet protocol television (IPTV) services. The conditional access device and an IPTV service provider determine user access to the IPTV services via a network by using a trusted computing base (TCB) on the CAD and keys stored on the CAD. The application decrypts and decodes the IPTV services using the processing and storage capability of the PC. The CAD also receives and processes remote control signals received from a remote control interface. The remote control signals are requests or responses from the user interacting with the application. The application displays content requested by the user or indications of responses by the user via a user interface on the PC.

Abstract: A method and apparatus for inter-domain routing of calls in a network, where the network represents a first wide area network. A routing node of the network advertises its access to a range of addresses in a second wide area network and a cost for access to the range of addresses to all adjacent nodes in the network. Each of the adjacent nodes inserts an entry in its own routing table associating access to the range of addresses in the second wide area network with the network address of the routing node and the cost for access. Each adjacent node then modifies the cost for access by adding its own cost and advertises its access to the range of addresses in the second wide area network and the modified cost for access to all of its adjacent nodes.

Abstract: In one embodiment, an endpoint sends messages containing Simple Traversal of User Datagram Protocol (UDP) Through Network Address Translators (NATs) (STUN) requests to traceroute a path to the remote endpoint. The traceroute may be completed through security devices such as NATs and firewalls. Receipt of a STUN response from the remote endpoint signals that one of the traceroute packets reached the remote endpoint whereas the other traceroute packets have elicited error responses from intermediary, on-path routers, allowing these routers to be identified.

Abstract: Nodes in an Internet Protocol (IP) network receive probe packets configured to travel over particular IP media paths. The probe packets cause the network nodes to send media path reports to a logging system. The media path reports contain information identifying the different nodes in the media path. The logging system can reconstruct the network topology of a particular media path from the media path reports which can then be used for debugging purposes. In one embodiment the probe packets are Resource Reservation Setup Protocol (RSVP) packets configured for media path probing.

Abstract: No-op media payload packets are used to analyze a media path in a packet switched network. In one embodiment, the no-op packets are Real Time Protocol (RTP) payload packets that contain no media content. A Real Time Control Protocol (RTCP) report is generated for the received RTP no-op packets. A marker bit is set in one of the no-op packets that triggers the no-op packet receiver to send back the RTCP report. The media steam is transmitted when the statistics in the RTCP report indicate a viable media path.

Abstract: A call authorization system moves state maintenance for authorization based phone calls from a central authorization server to different gateways in a packet switched network. A simple authorization session protocol is used between the authorization server and the gateways to minimize network traffic. The authorization session protocol releases the authorization server from having to maintain states for open authorization based phone calls.

Abstract: Particular embodiments generally relate to providing retransmission that is forward error correction (FEC) aware. In one embodiment, information is received that defines a plurality of missing packets for a media stream for a receiver. The plurality of missing packets may define FEC packets and source packets that are missing at the receiver. A retransmission server determines one or more retransmission packets for retransmission based on the FEC packets and source packets received at the receiver. In taking into account the FEC packets and source packets received at the receiver, retransmission of all missing source packets may not be necessary. The one or more retransmission packets are then sent to the receiver and the receiver can use the one or more retransmission packets to recover the plurality of missing source packets.

Abstract: A gateway receives a call from a Text Terminal for the Deaf (TTD) device associated with an instant messaging or chat session. The gateway establishes the instant messaging or chat session on behalf of the TTD device and then converts between the TTD tones used by the TTD device and text used in the instant messaging or chat session.

Abstract: A switch detects port failures and identifies a MAC address associated with the port failure. The switch then sends a failure notification message to other ports on the switch that identifies the MAC address associated with the port failure. The network processing devices on the other ports use the failure notification message to quickly determine if routes need to be reconfigured around an adjacency on the switch.

Abstract: A call controller is configured to monitor call signaling for a media call between a first and second endpoint. The call controller dynamically determines when to insert a media proxy into a media session for the call according to a relationship in network topology between the first and second endpoint.

Abstract: Managing contacts involves receiving data corresponding to a user. The data includes information associated with communication devices or communication services. Contacts associated with the user are generated in accordance with the data. An indication is associated with each of the one or more contacts, where the indication corresponds to a processing rule specifying a condition and an action to be performed if the condition is satisfied. At least one contact is provided to process a communication session associated with the user in accordance with the indication of the provided contact.

Abstract: A Resource ReSerVation Protocol (RSVP) proxy is used in combination with a signaling proxy to provide improved admission control, Quality of Service (QoS) reservation, and media path routing. This avoids entangling call signaling with media plane functions as required with Session Border Controllers (SBCs). A QoS access network control scheme, such as Packet Cable Multi-Media (PCMM) and/or Dynamic Quality of Service (DQoS), is conventionally used to set up QoS and other flow states on an access network. However, the gate parameters established during this access operation are also provided to an RSVP proxy in an edge router. The gate parameters trigger the RSVP proxy to attempt to establish a QoS reservation over the packet network toward a media flow destination. If admission control for the QoS reservation is successful, the edge router permits the signaling proxy to complete the media call.