Abstract: Functionality is described herein for measuring the performance of a network. The functionality operates by generating a probe packet and injecting the probe packet into the network. The probe packet is configured, using one or more layers of encapsulation, to target a particular network component of interest in the network, or to target a particular collection of network components in the network. A switch to which the probe packet is addressed operates by: (a) generating mirrored information that is associated with the probe packet; (b) decapsulating the probe packet (with respect to its outermost encapsulation) to produce a new probe packet; and (c) passing the new probe packet to a downstream network component, in accordance with a destination address associated with the new probe packet. The functionality uses the mirrored information that has been collected in the above manner to detect various anomalies in the network.

Abstract: The techniques and/or systems described herein implement a network management service configured to read and write a state of a network for various applications (e.g., network management applications) so that the applications can operate independently. The network management service is configured to read an observed network state and provide the observed network state to the applications. Subsequently, the network management service receives proposed network states from the applications and uses a state dependency graph to determine whether state conflicts exist between the proposed network states. The network management service also determined whether defined policies are violated by the proposed network states. Finally, the network management service is configured to generate a target network state by merging non-conflicting proposed network states that comply with defined policies and to update (e.g., write) the network state based on the generated target network state.

Abstract: Techniques are described for balancing traffic load for networks configured in multi-rooted tree topologies, in the presence of link failures. Maximum flows (through minimum cuts) are calculated for subgraphs that incorporate effective link capacities on links between source and destination nodes. Effective link capacities may be determined that take into account link failures, as well as sharing of current available link capacities by multiple nodes. Traffic is balanced while simultaneously fully utilizing available link capacities, even available link capacities on partially failed links (e.g., partially failed Link Aggregation Groups (LAGs)).

Abstract: A tracking system is described herein for investigating the behavior of a network. In operation, each switch in the network (or each switch in some subset of switches) may determine whether each original packet that it processes satisfies one or more packet-detection rules. If so, the switch generates a mirrored packet and sends that packet to a load balancer multiplexer, which, in turn, forwards the mirrored packet to a processing module for further analysis. The packet-detection rules hosted by the switches can be designed to select a subset of packets that are of greatest interest, based on any environment-specific objectives. As a result of this behavior, the tracking system can effectively and quickly pinpoint undesirable (and potentially desirable) behavior of the network, without being overwhelmed with too much information.

Abstract: The subject disclosure is directed towards a technology that automatically mitigates datacenter failures, instead of relying on human intervention to diagnose and repair the network. Via a mitigation pipeline, when a network failure is detected, a candidate set of components that are likely to be the cause of the failure is identified, with mitigation actions iteratively targeting each component to attempt to alleviate the problem. The impact to the network is estimated to ensure that the redundancy present in the network will be able to handle the mitigation action without adverse disruption to the network.

Abstract: The techniques and/or systems described herein implement a network management service configured to read and write a state of a network for various applications (e.g., network management applications) so that the applications can operate independently. The network management service is configured to read an observed network state and provide the observed network state to the applications. Subsequently, the network management service receives proposed network states from the applications and uses a state dependency graph to determine whether state conflicts exist between the proposed network states. The network management service also determined whether defined policies are violated by the proposed network states. Finally, the network management service is configured to generate a target network state by merging non-conflicting proposed network states that comply with defined policies and to update (e.g., write) the network state based on the generated target network state.

Abstract: In some cases, a network monitoring system may determine an operating or health condition of a node or connection link in a network (e.g., a datacenter network) by preparing an encapsulated data packet according to a tunneling protocol. Depending on a result of routing the encapsulated data packet, the network monitoring system determines whether the node or connection link is functioning normally or is experiencing an issue such as overloading or malfunctioning.

Abstract: A load balancer system is described herein which uses one or more switch-based hardware multiplexers, each of which performs a multiplexing function. Each such hardware multiplexer operates based on an instance of mapping information associated with a set of virtual IP (VIP) addresses, corresponding to a complete set of VIP addresses or a portion of the complete set. That is, each hardware multiplexer operates by mapping VIP addresses that correspond to its set of VIP addresses to appropriate direct IP (DIP) addresses. In another implementation, the load balancer system may also use one or more software multiplexers that perform a multiplexing function with respect to the complete set of VIP addresses. A main controller can generate one or more instances of mapping information, and then load the instance(s) of mapping information on the hardware multiplexer(s), and the software multiplexer(s) (if used).

Abstract: The subject disclosure is directed towards a technology that automatically mitigates datacenter failures, instead of relying on human intervention to diagnose and repair the network. Via a mitigation pipeline, when a network failure is detected, a candidate set of components that are likely to be the cause of the failure is identified, with mitigation actions iteratively targeting each component to attempt to alleviate the problem. The impact to the network is estimated to ensure that the redundancy present in the network will be able to handle the mitigation action without adverse disruption to the network.

Abstract: A method of enabling an electronic privately addressable source to be publicly addressable starts at a receiver where an electronic message is received. It is communicated from a sender with a private address outside a subnet of the receiver through a translator. The translator retrieves a lease to at least one of a public address or a port from a lease manager, translates the private address and the private port into a public address and a public port and communicates identifying data such as the public address and the public port to the receiver. If a response is communicated to the private sender, the response may be communicated to the private sender through the network. The public address and the public port on the message may be translated to the private address and the port of the private sender and the private address and the private port may be used to properly route the response to the private sender.

Abstract: This document relates to a distributed network coordinate system. One implementation provides computer-readable storage media including instructions that may cause a processor to perform certain acts. For example, the acts may include storing an initial network location of a first device in a network. The network may include the first device and a second device. The acts may also include monitoring one or more network performance metrics related to existing application communications with the second device, and determining an updated network location of the first device, based on the initial network location and the network performance metrics. Aspects of network health can be derived from monitoring changes in the network locations of various devices within the coordinate system.

Abstract: This document relates to a distributed network coordinate system. One implementation provides computer-readable storage media including instructions that may cause a processor to perform certain acts. For example, the acts may include storing an initial network location of a first device in a network. The network may include the first device and a second device. The acts may also include monitoring one or more network performance metrics related to existing application communications with the second device, and determining an updated network location of the first device, based on the initial network location and the network performance metrics. Aspects of network health can be derived from monitoring changes in the network locations of various devices within the coordinate system.

Abstract: The subject disclosure is directed towards a technology that automatically mitigates datacenter failures, instead of relying on human intervention to diagnose and repair the network. Via a mitigation pipeline, when a network failure is detected, a candidate set of components that are likely to be the cause of the failure is identified, with mitigation actions iteratively targeting each component to attempt to alleviate the problem. The impact to the network is estimated to ensure that the redundancy present in the network will be able to handle the mitigation action without adverse disruption to the network.

Abstract: Architecture that facilitates the capture of connection state of a connection established between a client and an intermediate server and forwards the state to one or more target servers. A software component at the target server (as well as the intermediate server) uses this connection state to reply back to the client directly, thereby bypassing the intermediate server. All packets from the client related to the request are received at the intermediate server and then forwarded to the target server. The migration can be accomplished without any change in the client operating system and client applications, without assistance from a gateway device such as a load balancer or the network, without duplication of all packets between the multiple servers, and without changes to the transport layer stack of the intermediate and target servers.

Abstract: The present application relates to network configurations and specifically to scalable load balancing network configurations. One implementation includes an external client coupled to a scalable load balancing system. The scalable load balancing system includes a load balancing layer that is configured to encapsulate individual incoming packets of a packet flow from the external client. The load balancing layer is further configured to route the incoming packets to target devices on the system. The target devices can span multiple IP subnets. The incoming packets can pass through one or more load balancers of the load balancing layer before reaching individual target devices. Individual target devices can be configured to route at least some outgoing packets of the packet flow to the external client without passing through any of the one or more load balancers.

Abstract: Today, data networks are ever increasing in size and complexity. For example, a datacenter may comprise hundreds of thousands of service endpoints configured to perform work. To reduce network wide degradation, a load balancer may send work requests to healthy service endpoints, as opposed to unhealthy and/or inoperative service endpoints. Accordingly, among other things, one or more systems and/or techniques for monitoring service endpoints, which may be scalable for large scale networks, are provided. In particular, a consistent hash function may be performed to generate a monitoring scheme comprising assignments of service endpoints to monitoring groups. In this way, multiple monitoring components may monitor a subset of endpoints to ascertain health status. Additionally, the monitoring components may communicate between one another so that a monitoring component may know heath statuses of service endpoints both assigned and not assigned to the monitoring component.

Abstract: This document relates to a distributed network coordinate system. One implementation provides computer-readable storage media including instructions that may cause a processor to perform certain acts. For example, the acts may include storing an initial network location of a first device in a network. The network may include the first device and a second device. The acts may also include monitoring one or more network performance metrics related to existing application communications with the second device, and determining an updated network location of the first device, based on the initial network location and the network performance metrics. Aspects of network health can be derived from monitoring changes in the network locations of various devices within the coordinate system.

Abstract: A method of enabling an electronic privately addressable source to be publicly addressable starts at a receiver where an electronic message is received. It is communicated from a sender with a private address outside a subnet of the receiver through a translator. The translator retrieves a lease to at least one of a public address or a port from a lease manager, translates the private address and the private port into a public address and a public port and communicates identifying data such as the public address and the public port to the receiver. If a response is communicated to the private sender, the response may be communicated to the private sender through the network. The public address and the public port on the message may be translated to the private address and the port of the private sender and the private address and the private port may be used to properly route the response to the private sender.

Abstract: Today, data networks are ever increasing in size and complexity. For example, a datacenter may comprise hundreds of thousands of service endpoints configured to perform work. To reduce network wide degradation, a load balancer may send work requests to healthy service endpoints, as opposed to unhealthy and/or inoperative service endpoints. Accordingly, among other things, one or more systems and/or techniques for monitoring service endpoints, which may be scalable for large scale networks, are provided. In particular, a consistent hash function may be performed to generate a monitoring scheme comprising assignments of service endpoints to monitoring groups. In this way, multiple monitoring components may monitor a subset of endpoints to ascertain health status. Additionally, the monitoring components may communicate between one another so that a monitoring component may know heath statuses of service endpoints both assigned and not assigned to the monitoring component.

Abstract: Architecture that facilitates the capture of connection state of a connection established between a client and an intermediate server and forwards the state to one or more target servers. A software component at the target server (as well as the intermediate server) uses this connection state to reply back to the client directly, thereby bypassing the intermediate server. All packets from the client related to the request are received at the intermediate server and then forwarded to the target server. The migration can be accomplished without any change in the client operating system and client applications, without assistance from a gateway device such as a load balancer or the network, without duplication of all packets between the multiple servers, and without changes to the transport layer stack of the intermediate and target servers.