Abstract: Techniques are disclosed for capturing network traffic in a virtualized computing environment. A packet to be captured in the virtualized environment is identified. The packet is tagged using a pattern of one or more bits in a header of the packet. The pattern indicates that the packet is to be traced. The pattern is propagated to an outer layer during encapsulation of the packet. A header of the encapsulated packet includes the pattern of one or more bits. At least one network device is caused to mirror identified packets based on the reserved bit.

Abstract: Techniques are described for balancing traffic load for networks configured in multi-rooted tree topologies, in the presence of link failures. Maximum flows (through minimum cuts) are calculated for subgraphs that incorporate effective link capacities on links between source and destination nodes. Effective link capacities may be determined that take into account link failures, as well as sharing of current available link capacities by multiple nodes. Traffic is balanced while simultaneously fully utilizing available link capacities, even available link capacities on partially failed links (e.g., partially failed Link Aggregation Groups (LAGs)).

Abstract: Disclosed are an embedded co-cured composite material with large-damping and electromagnetic wave absorbing properties and a preparation method and an application thereof, belonging to damping composite materials. The embedded co-cured composite material is formed by interlacing a plurality of electromagnetic wave absorbing prepreg layers and a plurality of electromagnetic wave absorbing damping layers. Each of the electromagnetic wave absorbing prepregs layers includes a fiber cloth, a micro-nano electromagnetic wave absorbing material and a resin. Contents of the micro-nano electromagnetic wave absorbing material in the electromagnetic wave absorbing prepreg layers and the electromagnetic wave absorbing damping layers have a gradient increase or decrease according to a sequence of the electromagnetic wave absorbing prepreg layers. Each of the electromagnetic wave absorbing damping layers includes a viscoelastic damping material and the micro-nano electromagnetic wave absorbing material.

Abstract: SONiC (Software for Open Networking in the Cloud) is instantiated in a chassis-based networking switch device to enable control plane functionality for the line cards and backplane. The SONiC platform may be configured with a routing table and BGP (border gateway protocol) to provide routing capabilities for the application-specific integrated circuits (ASICs) operating on each respective line card. Ethernet ports are utilized within the chassis to enable the utilization of standardized networking protocols, such as protocols on the data link layer (layer 2) within the OSI (Open Systems Interconnection) model. The implementation of SONiC and standardized networking techniques creates a simplified and more proficient routing system in the chassis framework.

Abstract: Remote direct memory access (RDMA) enables access to a memory resource on a computing device without involving the device's CPU (central processing unit). Data packets traversing a NIC (network interface controller/card) on a server in a network are efficiently captured by adapting an ASIC (application-specific circuit) in a programmable TOR (top of rack) switch to modify headers of incoming data packets to indicate to the NIC that the packets are RDMA packets. Such modification enables the packets to be written directly to the server memory while bypassing the server's CPU which can typically act as a bottleneck when attempting full packet capture.

Abstract: A Top of Rack (TOR) switch operating with a Software for Open Networking in the Cloud (SONiC) platform is implemented using commodity switch hardware and is configured to maintain or retrieve flow state information for incoming data flows in a load balancer. In one embodiment, an application-specific integrated circuit (ASIC) informs a user mode container flow state information for each incoming data flow. The user mode container informs the ASIC of any affected flows that may result pursuant to a modified distributed system (e.g., added, updated, or removed servers). In other embodiments, the ASIC may utilize remote direct memory access (RDMA) to retrieve flow state information maintained by a remote device or may utilize the RDMA to retrieve network address translation (NAT) information for incoming traffic. In each of the implementations, the integrity of the load balancing system is maintained when the distributed system of servers changes.

Abstract: Network buildout of cloud computing environments subject to different data control policies is performed in a manner that ensures compliance with the data control policies. A buildout service is located in a remote cloud computing environment separate from the cloud computing environments at which buildout is being performed. The buildout service implements workflows to manage different aspects of network buildout in the cloud computing environments. The buildout service does not have access to restricted data in the cloud computing environments, including access control data, such that the buildout service cannot directly interact with network devices. The buildout service issues requests for device configuration to hardware proxies in the cloud computing environments. In response to the requests, the hardware proxies obtain access control data to access and configure the network devices.

Abstract: Techniques are described for balancing traffic load for networks configured in multi-rooted tree topologies, in the presence of link failures. Maximum flows (through minimum cuts) are calculated for subgraphs that incorporate effective link capacities on links between source and destination nodes. Effective link capacities may be determined that take into account link failures, as well as sharing of current available link capacities by multiple nodes. Traffic is balanced while simultaneously fully utilizing available link capacities, even available link capacities on partially failed links (e.g., partially failed Link Aggregation Groups (LAGs)).

Abstract: Techniques for facilitating load balancing in distributed computing systems are disclosed herein. In one embodiment, a method includes receiving, at a destination server, a request packet from a load balancer via the computer network requesting a remote direct memory access (“RDMA”) connection between an originating server and one or more other servers selectable by the load balancer. The method can also include configuring, at the destination server, a rule for processing additional packets transmittable to the originating server via the RDMA connection based on the received reply packet. The rule is configured to encapsulate an outgoing packet transmittable to the originating server with an outer header having a destination field containing a network address of the originating server and a source field containing another network address of the destination server.

Abstract: Techniques are disclosed for capturing network traffic in a virtualized computing environment. A packet to be captured in the virtualized environment is identified. The packet is tagged using a pattern of one or more bits in a header of the packet. The pattern indicates that the packet is to be traced. The pattern is propagated to an outer layer during encapsulation of the packet. A header of the encapsulated packet includes the pattern of one or more bits. At least one network device is caused to mirror identified packets based on the reserved bit.

Abstract: Monitoring of cloud computing environments subject to different data control policies is performed in a manner that ensures compliance with the data control policies. A monitoring service is located in a remote cloud computing environment separate from the cloud computing environments being monitored. The monitoring service does not have access to restricted data in the cloud computing environments, including access control data, such that the monitoring service cannot directly interact with network devices. The monitoring service issues requests for monitoring data to device access services in the cloud computing environments. In response to the requests, the device access services obtain access control data to access the network devices and obtain the requested data, which is returned to the monitoring service.

Abstract: Network buildout of cloud computing environments subject to different data control policies is performed in a manner that ensures compliance with the data control policies. A buildout service is located in a remote cloud computing environment separate from the cloud computing environments at which buildout is being performed. The buildout service implements workflows to manage different aspects of network buildout in the cloud computing environments. The buildout service does not have access to restricted data in the cloud computing environments, including access control data, such that the buildout service cannot directly interact with network devices. The buildout service issues requests for device configuration to hardware proxies in the cloud computing environments. In response to the requests, the hardware proxies obtain access control data to access and configure the network devices.

Abstract: Monitoring of cloud computing environments subject to different data control policies is performed in a manner that ensures compliance with the data control policies. A monitoring service is located in a remote cloud computing environment separate from the cloud computing environments being monitored. The monitoring service does not have access to restricted data in the cloud computing environments, including access control data, such that the monitoring service cannot directly interact with network devices. The monitoring service issues requests for monitoring data to device access services in the cloud computing environments. In response to the requests, the device access services obtain access control data to access the network devices and obtain the requested data, which is returned to the monitoring service.

Abstract: Software deployment to network devices in cloud computing environments subject to data control policies is provided in a manner that ensures compliance with the data control policies. A deployment service is located in a remote cloud computing environment separate from the cloud computing environments to which software is being deployed. The deployment service does not have access to restricted data in the cloud computing environments, including access control data, such that the deployment service cannot directly interact with network devices. The deployment service issues deployment requests to hardware proxies in the cloud computing environments. In response to the requests, the hardware proxies obtain access control data to access the network devices and issue commands to install the software on the network devices.

Abstract: The subject disclosure is directed towards a technology that automatically mitigates datacenter failures, instead of relying on human intervention to diagnose and repair the network. Via a mitigation pipeline, when a network failure is detected, a candidate set of components that are likely to be the cause of the failure is identified, with mitigation actions iteratively targeting each component to attempt to alleviate the problem. The impact to the network is estimated to ensure that the redundancy present in the network will be able to handle the mitigation action without adverse disruption to the network.

Abstract: Techniques for facilitating load balancing in distributed computing systems are disclosed herein. In one embodiment, a method includes receiving, at a destination server, a request packet from a load balancer via the computer network requesting a remote direct memory access (“RDMA”) connection between an originating server and one or more other servers selectable by the load balancer. The method can also include configuring, at the destination server, a rule for processing additional packets transmittable to the originating server via the RDMA connection based on the received reply packet. The rule is configured to encapsulate an outgoing packet transmittable to the originating server with an outer header having a destination field containing a network address of the originating server and a source field containing another network address of the destination server.

Abstract: This document relates to a distributed network coordinate system. One implementation provides computer-readable storage media including instructions that may cause a processor to perform certain acts. For example, the acts may include storing an initial network location of a first device in a network. The network may include the first device and a second device. The acts may also include monitoring one or more network performance metrics related to existing application communications with the second device, and determining an updated network location of the first device, based on the initial network location and the network performance metrics. Aspects of network health can be derived from monitoring changes in the network locations of various devices within the coordinate system.

Abstract: Functionality is described herein for measuring the performance of a network. The functionality operates by generating a probe packet and injecting the probe packet into the network. The probe packet is configured, using one or more layers of encapsulation, to target a particular network component of interest in the network, or to target a particular collection of network components in the network. A switch to which the probe packet is addressed operates by: (a) generating mirrored information that is associated with the probe packet; (b) decapsulating the probe packet (with respect to its outermost encapsulation) to produce a new probe packet; and (c) passing the new probe packet to a downstream network component, in accordance with a destination address associated with the new probe packet. The functionality uses the mirrored information that has been collected in the above manner to detect various anomalies in the network.

Abstract: This document relates to a distributed network coordinate system. One implementation provides computer-readable storage media including instructions that may cause a processor to perform certain acts. For example, the acts may include storing an initial network location of a first device in a network. The network may include the first device and a second device. The acts may also include monitoring one or more network performance metrics related to existing application communications with the second device, and determining an updated network location of the first device, based on the initial network location and the network performance metrics. Aspects of network health can be derived from monitoring changes in the network locations of various devices within the coordinate system.

Abstract: A process of tracking the lifecycle of a network cluster. A method readies a device for provisioning in a network cluster to place the device in a provision ready state. The method further provisions the device to place the device in an in provision state and when provisioned places the device in an in validation state. The method validates the provisioning of the device by, in parallel, validating the automatic configuration operation of the device and validating the human configuration operation of the device when the device is in the in validation state. When the device is validated, the method changes the device state to a production ready state.