Abstract: Technologies are disclosed for providing name resolution services to components executing in a virtualized environment. A name resolution request generated by a component executing within a virtualized environment is intercepted and forwarded from the virtualized environment to a host operating system (“OS”). A user process is then executed that requests that the host OS resolve a name specified by the intercepted name resolution request. Once the user process has received a response to the name resolution request made to the host OS, a response to the original name resolution request made by the component executing within the virtualized environment can be generated based on the response received by the user process. The response to the original name resolution request can then be provided to the component executing in the virtualized environment that requested name resolution.

Abstract: A network firewall is disclosed that operates between a virtualized environment and the processing system that provides the virtualized environment. The network firewall filters network traffic generated by and destined for program components executing in the virtualized environment. The network firewall can be located in a hypervisor, a flow steering engine, or at another location between the virtualized environment and the processing system. The network firewall utilizes a firewall policy that can be shared with a network firewall on the processing system that filters network traffic originating at or destined for the processing system. The network firewall can filter network traffic based upon a unique identifier assigned to a virtualized environment, upon port numbers assigned to program components in a virtualized environment, or upon profiles assigned to network interfaces. The network firewall can also filter loopback traffic between a guest operating system (OS) and a host OS.

Abstract: Technologies are disclosed for providing compatible network resources to program components executing in a virtualized environment. Virtual network adapters are created in a virtualized environment that correspond to network interfaces present on a host processing system. A virtual network interface is created in the virtualized environment and exposed to program components executing in the virtualized environment. Network packets are routed between the program components executing in the virtualized environment, the virtual network interface, the active virtual network adapter, and the network interface on the host processing system corresponding to the active virtual network adapter. Network control messages generated by program components executing in a virtualized environment are intercepted and forwarded to a host processing system for processing.

Abstract: Technologies are disclosed for enabling virtual private network (VPN) support in a virtualized environment. The presence or creation of a host VPN adapter on a host processing system providing a virtualized environment is detected and, in response thereto, a virtual network adapter is created in the virtualized environment. A guest operating system (OS) creates a guest VPN adapter in the virtualized environment. A software component is inserted between the guest VPN adapter and the virtual network adapter. The software component adds Ethernet frames to point-to-point protocol (PPP) packets received from the guest VPN adapter and removes Ethernet frames from packets received from the virtual network adapter.

Abstract: Embodiments relate to hypervisors that provide hardware isolated virtualization environments (HIVEs) such as containers and virtual machines (VMs). A first HIVE includes a first virtual network interface card (NIC) and a second HIVE includes a second virtual NIC. Both virtual NICs are backed by the same physical NIC. The physical NIC has an Internet Protocol (IP) address. The virtual NICs are assigned the same IP address as the physical NIC. A networking stack of the hypervisor receives inbound packets addressed to the IP address. The networking stack steers the inbound packets to the virtual NICs according to tuples of the inbound packets. Packets emitted by the virtual NICs comprise the IP address, pass through the network stack, and are transmitted by the physical NIC with headers comprising the IP address.

Abstract: Computing devices are configured to passively monitor network stacks and protocols for a respective computing device, transmit metadata and statistics gathered by the monitoring to a remote service, and utilize a crowd-sourced heuristic model responsively generated by the remote service to proactively predict connectivity issues and connect to a best available network media and access device for the network media. A computing device's operating system may monitor various networking protocols without the computing device engaging in constant network activities (e.g., video streaming). The statistics obtained from this passive monitoring can be utilized by the remote service using various machine learning techniques to predict when networks will subsequently fail. Profiles are developed and sorted within the model to be used by individual computing devices to seamlessly connect to access devices based on performance, as opposed to connecting to the access device previously utilized by the user.

Abstract: Computing devices are configured to passively monitor network stacks and protocols for a respective computing device, transmit metadata and statistics gathered by the monitoring to a remote service, and utilize a crowd-sourced heuristic model responsively generated by the remote service to proactively predict connectivity issues and connect to a best available network media and access device for the network media. A computing device's operating system may monitor various networking protocols without the computing device engaging in constant network activities (e.g., video streaming). The statistics obtained from this passive monitoring can be utilized by the remote service using various machine learning techniques to predict when networks will subsequently fail. Profiles are developed and sorted within the model to be used by individual computing devices to seamlessly connect to access devices based on performance, as opposed to connecting to the access device previously utilized by the user.

Abstract: Embodiments relate to hypervisors that provide hardware isolated virtualization environments (HIVEs) such as containers and virtual machines (VMs). A first HIVE includes a first virtual network interface card (NIC) and a second HIVE includes a second virtual NIC. Both virtual NICs are backed by the same physical NIC. The physical NIC has an Internet Protocol (IP) address. The virtual NICs are assigned the same IP address as the physical NIC. A networking stack of the hypervisor receives inbound packets addressed to the IP address. The networking stack steers the inbound packets to the virtual NICs according to tuples of the inbound packets. Packets emitted by the virtual NICs comprise the IP address, pass through the network stack, and are transmitted by the physical NIC with headers comprising the IP address.

Abstract: Embodiments described herein relate to providing hardware isolated virtualized environments (HIVEs) with network information. The HIVEs are managed by a hypervisor that virtualizes access to one or more physical network interface cards (NICs) of the host. Each HIVE has a virtual NIC backed by the physical NIC. Network traffic of the HIVEs flows through the physical NIC to a physical network. Traits of the physical NIC may be projected to the virtual NICs. For example, a media-type property of the virtual NICs (exposed to guest software in the HIVEs) may be set to mirror the media type of the physical NIC. A private subnet connects the virtual NICs with the physical NICs, possibly through a network address translation (NAT) component and virtual NICs of the host.

Abstract: Described herein is an extensible connection management framework comprising a computer comprising a processor and a memory. The memory comprises a connection management system comprising a route management engine configured to select a policy from a policy store in response to a received input trigger, the route manager further configured to apply the selected policy to facilitate communication between the computer and another computer to transition from a Wi-Fi network to a cellular network, wherein the input trigger is received from a component of the computer and provide information regarding at least one of a a user of the computer or a communication modality.