Abstract: The problem of routing micro-loops in networks having a CLOS topology, such as data center CLOS networks employing the exterior border gateway protocol (eBGP) for example, is solved by: (a) receiving, on an interface of one of the nodes, a datagram, the datagram including destination information; (b) determining a next hop and an egress interface using (1) an identifier of the interface on which the datagram was received, (2) the destination information of the received datagram, and (3) stored forwarding information such that a routing micro-loop is avoided without discarding the datagram; and (c) forwarding the datagram via the egress interface.

Abstract: The problem of routing micro-loops in networks having a CLOS topology, such as data center CLOS networks employing the exterior border gateway protocol (eBGP) for example, is solved by: (a) receiving, on an interface of one of the nodes, a datagram, the datagram including destination information; (b) determining a next hop and an egress interface using (1) an identifier of the interface on which the datagram was received, (2) the destination information of the received datagram, and (3) stored forwarding information such that a routing micro-loop is avoided without discarding the datagram; and (c) forwarding the datagram via the egress interface.

Abstract: In general, techniques are described for atomically installing and withdrawing host routes along paths connecting network routers to attenuate packet loss for mobile nodes migrating among wireless LAN access networks and a mobile network. In some examples, whenever the mobile node moves from one attachment point to the next, it triggers the distribution of its host route from the new attachment point toward the service provider network hub provider edge (PE) router that anchors the mobile node on a service provider network. Routers participating in the Mobile VPN install the host route “atomically” from the attachment point to the mobile gateway so as to ensure convergence of the network forwarding plane with the host route toward the new attachment point prior to transitioning mobile node connectivity from a previous attachment point.

Abstract: This application describes techniques for replicating data at a primary routing engine of a network device before processing the data at a transport layer of the primary routing engine, wherein the data is to be sent to a routing peer via a routing communication session, and sending the replicated data to a secondary routing engine of the network device to be processed at a transport layer of the secondary routing engine. The secondary routing engine, in response to detecting that a socket buffer for buffering the replicated data has reached a predefined high occupancy threshold, outputs a notification to the primary routing engine. In response to receiving the notification, an application-layer routing process of the primary routing engine refrains from sending at least some of a plurality of routing updates to the routing peer, and continues to send keepalive messages for the routing communication session to the routing peer.

Abstract: In general, techniques are described for atomically installing and withdrawing host routes along paths connecting network routers to attenuate packet loss for mobile nodes migrating among wireless LAN access networks and a mobile network. In some examples, whenever the mobile node moves from one attachment point to the next, it triggers the distribution of its host route from the new attachment point toward the service provider network hub provider edge (PE) router that anchors the mobile node on a service provider network. Routers participating in the Mobile VPN install the host route “atomically” from the attachment point to the mobile gateway so as to ensure convergence of the network forwarding plane with the host route toward the new attachment point prior to transitioning mobile node connectivity from a previous attachment point.

Abstract: In general, techniques are described for atomically installing and withdrawing host routes along paths connecting network routers to attenuate packet loss for mobile nodes migrating among wireless LAN access networks and a mobile network. In some examples, whenever the mobile node moves from one attachment point to the next, it triggers the distribution of its host route from the new attachment point toward the service provider network hub provider edge (PE) router that anchors the mobile node on a service provider network. Routers participating in the Mobile VPN install the host route “atomically” from the attachment point to the mobile gateway so as to ensure convergence of the network forwarding plane with the host route toward the new attachment point prior to transitioning mobile node connectivity from a previous attachment point.

Abstract: In general, techniques are described for atomically installing and withdrawing host routes along paths connecting network routers to attenuate packet loss for mobile nodes migrating among wireless LAN access networks and a mobile network. In some examples, whenever the mobile node moves from one attachment point to the next, it triggers the distribution of its host route from the new attachment point toward the service provider network hub provider edge (PE) router that anchors the mobile node on a service provider network. Routers participating in the Mobile VPN install the host route “atomically” from the attachment point to the mobile gateway so as to ensure convergence of the network forwarding plane with the host route toward the new attachment point prior to transitioning mobile node connectivity from a previous attachment point.

Abstract: In one embodiment, a best exit from an autonomous system (AS) for a controlled prefix is determined. A network device of the AS influences a route for the controlled prefix to be over the best exit. Traffic statistics for the controlled prefix are selected. The network device verifies, based on the traffic statistics, whether the influence has caused at least a configured amount of traffic for the controlled prefix to be over the best exit. When at least the configured amount of the traffic is not directed over the best exit, the network device further influences the route for the controlled prefix to be over the best exit.

Abstract: In general, techniques are described for atomically installing and withdrawing host routes along paths connecting network routers to attenuate packet loss for mobile nodes migrating among wireless LAN access networks and a mobile network. In some examples, whenever the mobile node moves from one attachment point to the next, it triggers the distribution of its host route from the new attachment point toward the service provider network hub provider edge (PE) router that anchors the mobile node on a service provider network. Routers participating in the Mobile VPN install the host route “atomically” from the attachment point to the mobile gateway so as to ensure convergence of the network forwarding plane with the host route toward the new attachment point prior to transitioning mobile node connectivity from a previous attachment point.

Abstract: In one embodiment, a best exit from an autonomous system (AS) for a controlled prefix is determined. A network device of the AS influences a route for the controlled prefix to be over the best exit. Traffic statistics for the controlled prefix are selected. The network device verifies, based on the traffic statistics, whether the influence has caused at least a configured amount of traffic for the controlled prefix to be over the best exit. When at least the configured amount of the traffic is not directed over the best exit, the network device further influences the route for the controlled prefix to be over the best exit.

Abstract: In general, techniques are described for atomically installing and withdrawing host routes along paths connecting network routers to attenuate packet loss for mobile nodes migrating among wireless LAN access networks and a mobile network. In some examples, whenever the mobile node moves from one attachment point to the next, it triggers the distribution of its host route from the new attachment point toward the service provider network hub provider edge (PE) router that anchors the mobile node on a service provider network. Routers participating in the Mobile VPN install the host route “atomically” from the attachment point to the mobile gateway so as to ensure convergence of the network forwarding plane with the host route toward the new attachment point prior to transitioning mobile node connectivity from a previous attachment point.

Abstract: A technique dynamically enforces a best exit selection for a controlled prefix based on policies and real-time performance statistics in a computer network. A Master Controller (e.g., an Optimized Edge Routing, OER, Master Controller) of an autonomous system (AS) in the network selects a best exit from the AS for the controlled prefix, and conveys the selection to a border router having the selected exit. In response, the border router performs a parent lookup to determine whether the controlled prefix is reachable via the best exit. If so, the border router influences routing in the AS for the controlled prefix through the best exit by, e.g., injecting routes or modifying metrics of existing routes. The Master Controller (or border router) then verifies that the routes for the controlled prefix traverse the selected best exit. Notably, if a route does not traverse the selected best exit, the border router may try to influence the route again or remove the influence.

Abstract: Approaches are disclosed for switching transport protocol connection keys. A method of automatically changing a message authentication key at each of two endpoints of a connection in a telecommunications network comprises testing a date-time value received in each of a plurality of data segments on the connection; and selecting a next message authentication key, from among a plurality of stored message authentication keys, for use in authenticating subsequently received data segments, when the date-time value matches a specified characteristic.

Abstract: An apparatus and automatic method for detecting brown-outs in a computer network includes determining normal rates of different types of traffic with respect to defined address prefixes. Thresholds are established based on the normal rates. The rates for the different traffic types are monitored, and when a threshold is exceeded the detected addresses and traffic types are flagged for reporting. In some cases, the inventive system will monitor traffic to finer address granularities to further identify suspect addresses. The system may actively ping suspect sub-prefixes and/or initiate communications with the suspect sub-addresses that is then monitored to determine which sub-prefixes are experiencing abnormal activity.

Abstract: A method is disclosed for routing BGP traffic. In one embodiment, according to the method, an association is formed between a first process and a second process. The first process includes a first BGP process on a first peer and the second process includes a second BGP process on a second peer. The association is formed using a reliable datagram-oriented IP transport protocol. Traffic sent from the first BGP process is segregated into a control traffic type and an update traffic type and any more finer classifications that can further classify BGP traffic. The traffic from the first BGP process is sent to the second BGP process in accordance with a priority allocation assigned to the traffic types based on the association.

Abstract: A method is disclosed for providing context-based routing table updates in Border Gateway Protocol (BGP) hosts. One or more contexts representing distinct routing tables are defined in a BGP host. As part of establishing a BGP session, a particular context of the one or more contexts is advertised to the BGP peer. In response to receiving from the BGP peer a route update message that includes information identifying the particular context, the routing table that is represented by the particular context is updated at the BGP host.

Abstract: An apparatus and automatic method for detecting brown-outs in a computer network includes determining normal rates of different types of traffic with respect to defined address prefixes. Thresholds are established based on the normal rates. The rates for the different traffic types are monitored, and when a threshold is exceeded the detected addresses and traffic types are flagged for reporting. In some cases, the inventive system will monitor traffic to finer address granularities to further identify suspect addresses. The system may actively ping suspect sub-prefixes and/or initiate communications with the suspect sub-addresses that is then monitored to determine which sub-prefixes are experiencing abnormal activity.

Abstract: A method is disclosed for providing context-based routing table updates in Border Gateway Protocol (BGP) hosts. One or more contexts representing distinct routing tables are defined in a BGP host. As part of establishing a BGP session, a particular context of the one or more contexts is advertised to the BGP peer. In response to receiving from the BGP peer a route update message that includes information identifying the particular context, the routing table that is represented by the particular context is updated at the BGP host.

Abstract: A method is disclosed for routing BGP traffic. In one embodiment, according to the method, an association is formed between a first process and a second process. The first process includes a first BGP process on a first peer and the second process includes a second BGP process on a second peer. The association is formed using a reliable datagram-oriented IP transport protocol. Traffic sent from the first BGP process is segregated into a control traffic type and an update traffic type and any more finer classifications that can further classify BGP traffic. The traffic from the first BGP process is sent to the second BGP process in accordance with a priority allocation assigned to the traffic types based on the association.