Abstract: Technology related to processing network packets in a subscriber-aware manner is disclosed. In one example, a method includes selecting one or more subscribers to move from a first network processing node to a second network processing node. In response to the selection, subscriber data associated with the one or more subscribers can be programmed at the second network processing node. After the subscriber data associated with the one or more subscribers is programmed on the second network processing node, a software defined network (SDN) switch can be reprogrammed to forward network traffic having network addresses associated with the one or more subscribers to the second network processing node instead of the first network processing node.

Abstract: Technology related to processing network packets in a subscriber-aware manner is disclosed. In one example, a method includes selecting one or more subscribers to move from a first network processing node to a second network processing node. In response to the selection, subscriber data associated with the one or more subscribers can be programmed at the second network processing node. After the subscriber data associated with the one or more subscribers is programmed on the second network processing node, a software defined network (SDN) switch can be reprogrammed to forward network traffic having network addresses associated with the one or more subscribers to the second network processing node instead of the first network processing node.

Abstract: A method may include detecting a presence of a first server device; communicating, with the first server device, to obtain information associated with the first server device; sending, to a second server device, a request for authentication services, where the request includes the information associated with the first server device; receiving, from the second server device, a notification that the first server device has been authenticated, where the notification includes a session threshold; and establishing, based on the notification, a session with the first server device by associating the first server device with a virtual local area network (VLAN), where the associating permits network traffic to be received from or sent to the first server device via the VLAN, and where the network node uses the session threshold received from the second server device, instead of a threshold associated with the VLAN, to determine a duration permitted for the session.

Abstract: A method may include detecting a presence of a first server device; communicating, with the first server device, to obtain information associated with the first server device; sending, to a second server device, a request for authentication services, where the request includes the information associated with the first server device; receiving, from the second server device, a notification that the first server device has been authenticated, where the notification includes a session threshold; and establishing, based on the notification, a session with the first server device by associating the first server device with a virtual local area network (VLAN), where the associating permits network traffic to be received from or sent to the first server device via the VLAN, and where the network node uses the session threshold received from the second server device, instead of a threshold associated with the VLAN, to determine a duration permitted for the session.

Abstract: A method may include detecting a presence of a first server device; communicating, with the first server device, to obtain information associated with the first server device; sending, to a second server device, a request for authentication services, where the request includes the information associated with the first server device; receiving, from the second server device, a notification that the first server device has been authenticated, where the notification includes a session threshold; and establishing, based on the notification, a session with the first server device by associating the first server device with a virtual local area network (VLAN), where the associating permits network traffic to be received from or sent to the first server device via the VLAN, and where the network node uses the session threshold received from the second server device, instead of a threshold associated with the VLAN, to determine a duration permitted for the session.

Abstract: A network device may include a supplicant framework to generate a first 802.1x packet using a MAC address, associated with a first device as a first username and password in the first 802.1x packet; and generate a second 802.1x packet using a second username and password received from a second device via a captive-portal web page. The network device may further include an authenticator state machine to authenticate the first device with a Remote Authentication Dial In User Service (RADIUS) server using a first Extensible Authentication Protocol (EAP) packet that includes the first 802.1x packet; authenticate the second device with the RADIUS server using a second EAP packet that includes the second 802.1x packet; receive a third EAP packet from a third device; and authenticate the third device with the RADIUS server using the third EAP packet.

Abstract: A method may include detecting a presence of a first server device; communicating, with the first server device, to obtain information associated with the first server device; sending, to a second server device, a request for authentication services, where the request includes the information associated with the first server device; receiving, from the second server device, a notification that the first server device has been authenticated, where the notification includes a session threshold; and establishing, based on the notification, a session with the first server device by associating the first server device with a virtual local area network (VLAN), where the associating permits network traffic to be received from or sent to the first server device via the VLAN, and where the network node uses the session threshold received from the second server device, instead of a threshold associated with the VLAN, to determine a duration permitted for the session.

Abstract: A method may include detecting a presence of a first server device; communicating, with the first server device, to obtain information associated with the first server device; sending, to a second server device, a request for authentication services, where the request includes the information associated with the first server device; receiving, from the second server device, a notification that the first server device has been authenticated, where the notification includes a session threshold; and establishing, based on the notification, a session with the first server device by associating the first server device with a virtual local area network (VLAN), where the associating permits network traffic to be received from or sent to the first server device via the VLAN, and where the network node uses the session threshold received from the second server device, instead of a threshold associated with the VLAN, to determine a duration permitted for the session.

Abstract: A method includes detecting a presence of a device on a network associated with a node, where the node is not connected to an authentication server and is configured to communicate with the device using a data link layer authentication protocol; communicating, with another node, using a data link layer tunneling protocol, to authenticate the device as a result of detecting the presence of the device, where the other node communicates with the authentication server, using a network layer authentication protocol, that enables the other node to receive an authentication notification associated with the device; receiving, from the other node, the authentication notification that indicates that the device has been authenticated, where the authentication notification is received using the data link layer tunneling protocol; and sending, to the device, an indication that the device is authorized to communicate with the network, where the sending includes establishing an authentication session that enables the device

Abstract: A method may include detecting a presence of a first server device; communicating, with the first server device, to obtain information associated with the first server device; sending, to a second server device, a request for authentication services, where the request includes the information associated with the first server device; receiving, from the second server device, a notification that the first server device has been authenticated, where the notification includes a session threshold; and establishing, based on the notification, a session with the first server device by associating the first server device with a virtual local area network (VLAN), where the associating permits network traffic to be received from or sent to the first server device via the VLAN, and where the network node uses the session threshold received from the second server device, instead of a threshold associated with the VLAN, to determine a duration permitted for the session.

Abstract: A method and system for managing inverse multiplexing over ATM is disclosed. In one embodiment, a method for use in a digital communications network, comprises monitoring a plurality of links to determine state changes of the links. An IMA-ID check is enforced when an insufficient links state is reached. The IMA-ID check is relaxed when all the links are in an error state. An IMA-ID check is re-enforced when at least one link of the plurality of links recovers from an error state.

Abstract: A method and system for graceful slowlink deletion and subsequent fast link addition in an inverse multiplexing over asynchronous transfer mode (IMA) group are disclosed in which data is received on one or more data links. The received data is written into a buffer for each data link. The data in the buffer for each data link is read faster than the data is written into the buffer. By reading data from a DCB faster than the data is written into the DCB, the differential delay caused by a slow link deletion can be reduced. As such, a fast link, which otherwise could not be added to an IMA group because of the slow link deletion, can now be added without writing over unread data.

Abstract: A system and method for processing control cells to prevent event missequencing and data loss are described. At least one control unit is processed to retrieve communication information related to data received along one or more communication links in a network. The at least one control unit is then stored in one or buffers. Finally, the at least one control unit is further processed to retrieve link information related to the one or more communication links.

Abstract: Methods and apparatus are disclosed for handling transient anomalies in a communications or computer device or system, such an inverse multiplexing for ATM (“IMA”) device. Such transient anomalies may include out of IMA frame (“OIF”) anomalies. In one implementation, cells comprising a stream of packets are received over multiple links along with indications of OIF conditions for these links. During a period of an inactive OIF condition on a link, cells are received over the link and placed in a buffer at a next location. After an OIF condition is detected, cells are ignored and a write process waits until the OIF condition is no longer active. At which point, a buffer position is determined to place the next valid cell. Typically, this cell should be placed in the same buffer position as it would have been if there had never been an active OIF condition.