Abstract: Bidirectional flows of a communication session in a software defined network (SDN) are efficiently managed. A smart switch comprises a digital processing unit (DPU) complex comprising one or more DPUs, and a switching complex comprising one or more network processing units (NPUs). The DPU complex is configured to disaggregate enforcement of policies of the SDN from hosts of the SDN. The switching complex is configured to perform network routing of packets in the SDN. The hosts are implemented on servers communicatively coupled to network interfaces of the SDN. The switching complex is configured to perform policy enforcement of data flows for communication sessions that are offloaded from the DPU complex to the switching complex.

Abstract: Techniques are described for managing connection states at an active network appliance and a backup network appliance. The active network appliance and backup network appliance are configured to process connections in a software defined network (SDN). The active network appliance is configured to actively process connections, and the backup network appliance maintains connection states such that the backup network appliance can actively process connections in response to a failure of the active network appliance.

Abstract: Some implementations relate to direct access to a storage device using a data plane of a switch. A response signal for a first packet transmitted from the switch to the storage device is received from a storage device. The first packet encapsulates a packet sequence number and first data to be transmitted by the switch. The response signal contains the packet sequence number. If the response signal is a negative acknowledgement response signal, a first state sequence number of the switch is updated with the packet sequence number contained in the response signal. The first state sequence number represents a sequence number of a packet to be transmitted by the switch. The first state sequence number and second data to be transmitted by the switch are encapsulated in a second packet to be transmitted to the storage device.

Abstract: An environment includes at least two network devices and a plurality of downstream devices or networks. The downstream devices or networks are communicatively coupled to network interfaces of the network devices using a plurality of data cables. The data cables each comprise a switch device configured to switch communication paths to the coupled network devices. Each of the data cables communicatively couple each of the network devices to one of the plurality of downstream devices or networks so that each of the downstream devices or networks has a communications path to each of the network devices and a switchable communications path from each of the network devices. The network devices do not arbitrate active/passive status via direct communication. Based on data contained in a reply packet indicating that a request packet sent by the first network device was acknowledged, the first network device determines that the first network device is an active network device.

Abstract: Techniques are disclosed for processing data packets and implementing policies in a software defined network (SDN) of a virtual computing environment. At least one network device is configured to disaggregate enforcement of policies of the SDN from hosts of the virtual computing environment. Tier-0 devices are communicatively coupled to network interfaces of the network device. The network device comprises a plurality of data processing units that are configured to implement functionality of the network device.

Abstract: Techniques are disclosed for processing data packets by a hardware-based networking device configured to disaggregate processing of data packets from hosts of a virtualized computing environment. The hardware-based networking device includes a hardware-based component implementing a plurality of behavioral models indicative of packet processing graphs for data flows in the virtualized computing environment. A data packet having a source from or destination to an endpoint in a virtual network of the virtualized computing environment is received. Based on determining that the data packet is a first packet of a data flow to or from the endpoint, one of the behavioral models is mapped to the data flow. The packet is modified in accordance with the mapped behavioral model. A state of the data flow is stored. Subsequent data packets of the data flow are processed based on the stored state.

Abstract: In a rack comprising a group of servers and at least two top-of-rack switches, a link fault is detected. A smart data cable connects each of the servers to both top-of-rack switches. A control signal indicates an active communication path from one of the top-of-rack switches to the servers. In response to detecting a failure of the active communication path, the control signal indicates a switch to the second of the top-of-rack switches. In response to the updated control signal, a switching mechanism of the data cable changes the active communication path to the second of the top-of-rack switches.

Abstract: Techniques are described for balancing traffic load for networks configured in multi-rooted tree topologies, in the presence of link failures. Maximum flows (through minimum cuts) are calculated for subgraphs that incorporate effective link capacities on links between source and destination nodes. Effective link capacities may be determined that take into account link failures, as well as sharing of current available link capacities by multiple nodes. Traffic is balanced while simultaneously fully utilizing available link capacities, even available link capacities on partially failed links (e.g., partially failed Link Aggregation Groups (LAGs)).

Abstract: An environment includes at least two network devices and a plurality of downstream devices or networks. The downstream devices or networks are communicatively coupled to network interfaces of the network devices using a plurality of data cables. The data cables each comprise a switch device configured to switch communication paths to the coupled network devices. Each of the data cables communicatively couple each of the network devices to one of the plurality of downstream devices or networks so that each of the downstream devices or networks has a communications path to each of the network devices and a switchable communications path from each of the network devices. The network devices do not arbitrate active/passive status via direct communication. Based on data contained in a reply packet indicating that a request packet sent by the first network device was acknowledged, the first network device determines that the first network device is an active network device.

Abstract: Techniques are described for securely managing computing resources in a computing environment comprising a computing service provider and a remote computing network. The remote computing network includes computing and network devices configured to extend computing resources of the computing service provider to remote users of the computing service provider. The network devices include a trusted network device that includes a root of trust. The trusted network device detects that a new device is communicatively coupled to a port on the trusted network device. The trusted network device determines that the new device is not authorized to access computing resources at the remote computing network. The port is isolated at the trusted network device.

Abstract: Disclosed are an embedded co-cured composite material with large-damping and electromagnetic wave absorbing properties and a preparation method and an application thereof, belonging to damping composite materials. The embedded co-cured composite material is formed by interlacing a plurality of electromagnetic wave absorbing prepreg layers and a plurality of electromagnetic wave absorbing damping layers. Each of the electromagnetic wave absorbing prepregs layers includes a fiber cloth, a micro-nano electromagnetic wave absorbing material and a resin. Contents of the micro-nano electromagnetic wave absorbing material in the electromagnetic wave absorbing prepreg layers and the electromagnetic wave absorbing damping layers have a gradient increase or decrease according to a sequence of the electromagnetic wave absorbing prepreg layers. Each of the electromagnetic wave absorbing damping layers includes a viscoelastic damping material and the micro-nano electromagnetic wave absorbing material.

Abstract: In some cases, a network monitoring system may determine an operating or health condition of a node or connection link in a network (e.g., a datacenter network) by preparing an encapsulated data packet according to a tunneling protocol. Depending on a result of routing the encapsulated data packet, the network monitoring system determines whether the node or connection link is functioning normally or is experiencing an issue such as overloading or malfunctioning.

Abstract: Techniques are disclosed for processing data packets by a hardware-based networking device configured to disaggregate processing of data packets from hosts of a virtualized computing environment. The hardware-based networking device includes a hardware-based component implementing a plurality of behavioral models indicative of packet processing graphs for data flows in the virtualized computing environment. A data packet having a source from or destination to an endpoint in a virtual network of the virtualized computing environment is received. Based on determining that the data packet is a first packet of a data flow to or from the endpoint, one of the behavioral models is mapped to the data flow. The packet is modified in accordance with the mapped behavioral model. A state of the data flow is stored. Subsequent data packets of the data flow are processed based on the stored state.

Abstract: In an environment comprising a group of servers and at least two network devices, a link fault is detected. A data cable connects each of the servers to both network devices. An active communication path from one of the network devices to the servers is determined. In response to detecting a failure of the active communication path, a second of the network devices is indicated as the active network device. The configuration is detected by the network devices based on packets received at the network devices.

Abstract: Techniques are described for securely managing computing resources in a computing environment comprising a computing service provider and a remote computing network. The remote computing network includes computing and network devices configured to extend computing resources of the computing service provider to remote users of the computing service provider. The network devices include a trusted network device that includes a root of trust. The trusted network device detects that a new device is communicatively coupled to a port on the trusted network device. The trusted network device determines that the new device is not authorized to access computing resources at the remote computing network. The port is isolated at the trusted network device.

Abstract: In an environment comprising a group of servers and at least two network devices, a link fault is detected. A data cable connects each of the servers to both network devices. An active communication path from one of the network devices to the servers is determined. In response to detecting a failure of the active communication path, a second of the network devices is indicated as the active network device. The configuration is detected by the network devices based on packets received at the network devices.

Abstract: Techniques for facilitating load balancing in distributed computing systems are disclosed herein. In one embodiment, a method includes receiving, at a destination server, a request packet from a load balancer via the computer network requesting a remote direct memory access (“RDMA”) connection between an originating server and one or more other servers selectable by the load balancer. The method can also include configuring, at the destination server, a rule for processing additional packets transmittable to the originating server via the RDMA connection based on the received reply packet. The rule is configured to encapsulate an outgoing packet transmittable to the originating server with an outer header having a destination field containing a network address of the originating server and a source field containing another network address of the destination server.

Abstract: In a rack comprising a group of servers and at least two top-of-rack switches, a link fault is detected. A smart data cable connects each of the servers to both top-of-rack switches. A control signal indicates an active communication path from one of the top-of-rack switches to the servers. In response to detecting a failure of the active communication path, the control signal indicates a switch to the second of the top-of-rack switches. In response to the updated control signal, a switching mechanism of the data cable changes the active communication path to the second of the top-of-rack switches.

Abstract: In an optical communications network, the supervisory control signal is duplicating at the OSI layer 2 or layer 3 level to generate a primary supervisory control signal and a secondary supervisory control signal. Access to the primary supervisory control signal is enabled at a network interface of a network device. In response to detecting a failure of the optical communications network or the device, access to the primary supervisory control signal is disabled and access to the secondary supervisory control signal is enabled.

Abstract: SONiC (Software for Open Networking in the Cloud) is instantiated in a chassis-based networking switch device to enable control plane functionality for the line cards and backplane. The SONiC platform may be configured with a routing table and BGP (border gateway protocol) to provide routing capabilities for the application-specific integrated circuits (ASICs) operating on each respective line card. Ethernet ports are utilized within the chassis to enable the utilization of standardized networking protocols, such as protocols on the data link layer (layer 2) within the OSI (Open Systems Interconnection) model. The implementation of SONiC and standardized networking techniques creates a simplified and more proficient routing system in the chassis framework.