Abstract: Described herein are devices, systems, methods, and processes for intelligently managing power consumption in a network by allocating a power budget for packet processing. The power budget can be allocated based on criticality and/or the trust level of the flow. A network device may determine which subsets of features can be executed within the power budget for specific flows. Network devices can signal their capability to run features based on power consumption and adherence to the power budget, allowing for cooperative end-to-end power-based decision-making and policy enforcement. Network devices unable to run all features can select a subset of the features within their power budget and a viable path where other network devices can execute the missing features. Source route information can be added to indicate the path and missing features to be executed by network devices down the segment routing path.

Abstract: Described herein are devices, systems, methods, and processes for managing power consumption in network nodes by dynamically disabling and reenabling features based on real-time power consumption monitoring and historical data analysis. A machine learning model is trained using historical sensor data and historical feature data to predict power consumption and derive feature-to-power association data. The power budget is determined based on sustainability goals. Real-time power consumption is monitored, and features are disabled or reenabled based on their priorities and power consumption levels to maintain the power budget. The machine learning model is validated and updated using new historical data to improve its prediction accuracy and adaptability. The feature-to-power association data is distributed to network nodes and management systems for power management purposes.

Abstract: Techniques for using Network Address Translation (NAT), Mobile Internet Protocol (MIP), and/or other techniques in conjunction with Domain Name System (DNS) to anonymize server-side addresses in data communications. Rather than having DNS provide a client device with an IP address of an endpoint device, such as a server, the DNS instead returns a virtual IP (VIP) address that is mapped to the client device and the endpoint device. In this way, IP addresses of servers are obfuscated by a virtual network of VIP addresses. The client device may then communicate data packets to the server using the VIP address as the destination address, and a virtual network service that works in conjunction with DNS can convert the VIP address to the actual IP address of the server using NAT and forward the data packet onto the server.

Abstract: Providing for time sensitive networking (TSN) traffic in high density deployments is described. An access point (AP) is a high density deployment receives a message identifying another AP as a TSN neighbor and also detects a TSN device within an area covered by the APs. This arrangement may cause traffic interruptions for the TSN traffic between the TSN device and the APs. In order to prevent disruption in TSN traffic, a TSN time slot and a resource unit (RU) is determined for each of the APs, and the TSN traffic is communicated between the various devices in network according to the determined TSN time slot and RU.

Abstract: In one embodiment, an illustrative method herein may comprise: obtaining, by a process, operational performance metrics associated with one or more devices performing an operation and contemporaneous situational sensor data associated with the one or more devices performing the operation; establishing, by the process, a correlation between a health of the operational performance metrics and the contemporaneous situational sensor data for the one or more devices while performing the operation; determining, by the process, an adjustment to increase the health of the operational performance metrics for a particular device of the one or more devices based on the correlation; and communicating, by the process, the adjustment to a receiving device to facilitate adjusting of the particular device.

Abstract: Balancing Multi-link Operation (MLO) usage may be provided. A list of a plurality of Access Points (APs) for each of a plurality of Multi-link Operation (MLO) types indicating availability of each of the plurality of APs may be received. A first request indicating an MLO type associated with the first request is a first MLO type may be received. In response to the first request, a first subset of the list of the plurality of APs that support the MLO type associated with the first request may be sent. A second request indicating that an MLO type associated with the second request is the first MLO type may be received. In response to the second request, a second subset of the list of the plurality of APs that support the MLO type associated with the second request may be sent. The first subset is different from the second subset.

Abstract: Personal network Software Defined-Wide Area Networks (SD-WANs) with attested permissions may be provided. A first one of a plurality Personal Area Network (PAN) devices in a PAN may seed a routing table entry for at least one application that the first one of the plurality PAN devices supports. The routing table entry may include at least one characteristic associated with an egress link between the first one of the plurality PAN devices and a device outside of the PAN. The routing table entry may be exchanged among the plurality of PAN devices in the PAN. Then data may be routed, based on the exchanged routing table entry, in the PAN through the first one of the plurality PAN devices through the egress link to the device outside of the PAN.

Abstract: A container includes a user program and data generated by the user program within a regulatory jurisdiction. Before the container leaves the regulatory jurisdiction, the data is validated by the jurisdiction to ensure the data complies with privacy laws of the jurisdiction. Upon ingress to a second regulatory jurisdiction, the data is signed locally to provide for confirmation that the data can leave the second regulatory jurisdiction, since it was not generated within the second jurisdiction. By allowing the user program to move from the first regulatory jurisdiction to a second regulatory jurisdiction, the disclosed embodiments overcome limitations in current solutions that restrict access to local data based on what a public application programming interface (API) can provide. By operating within the regulatory jurisdiction, albeit subject to access controls imposed by that jurisdiction, flexibility in the processing of sensitive data is improved.

Abstract: In one embodiment, a method includes identifying, using a Static Context Header Compression (SCHC) rules engine, one or more packets matching a rule, selecting a firewall decision based on the identified one or more packets and the rule, and applying the firewall decision to the one or more identified packets.

Abstract: Optimal coding scheme parameters may be provided. Information associated with a plurality of client devices may be received by a computing device. A map of locations of the plurality of client devices relative to an Access Point (AP) may be created based on the information. A connected dominating set of client devices within the plurality of client devices may be identified based on the map. A first client device in the connected dominating set may then be caused to relay data between the AP and a second client device comprising a client device in the plurality of client devices that is dominated by the first client device in the connected dominating set.

Abstract: A managed network supporting backscattering communication devices may be provided. A computing device may determine a plurality of locations respectively associated with a plurality of devices in a preterminal space. At least one of the plurality of devices may be power with energy transmitted from at least one Access Point (AP) to the least one of the plurality of devices at its location. Data may be received from the at least one of the plurality of devices in response to powering the at least one of the plurality of devices.

Abstract: In one embodiment, an access point of an overhead mesh of access points in an area selects a range of client identifiers. The access point sends, via a beam cone transmitted in a substantially downward direction towards a floor of the area, a trigger signal that includes the range of client identifiers and prompts client devices having identifiers in that range to send best effort transmissions towards the overhead mesh. The access point detects a collision between the best effort transmissions of the client devices. The access point adjusts the range of client identifiers so as to avoid future collisions between the best effort transmissions of the client devices.

Abstract: In one embodiment, a device identifies a plurality of paths in a wireless backhaul network between a gateway and a plurality of access points that provide wireless connectivity to a mobile system. The device determines a movement of the mobile system. The device determines, based on the movement of the mobile system, that a particular path in the plurality of paths is not needed to provide wireless connectivity to the mobile system. The device causes one or more networking nodes along the particular path to enter into a power saving mode.

Abstract: In one embodiment, a device sends data traffic to a gateway of a backhaul mesh network via a first wireless access point of the backhaul mesh network. The device maintains, while associated with the first wireless access point, an association with a second wireless access point of the backhaul mesh network by sending a frame to the first wireless access point that is relayed by the first wireless access point to the second wireless access point. The device makes a determination that additional data traffic should be sent to the gateway of the backhaul mesh network via the second wireless access point. The device sends, based on the determination, the additional data traffic to the gateway of the backhaul mesh network via the second wireless access point.

Abstract: A device for a virtual phone in a virtual network may be provided. A data packet may be received by the device, the device being in a personal-area-network (PAN) with a peer, the data packet containing information defining a characteristic of a software application. The data packet may be profiled, the data packet comprising information about the software application. An SLA table stored on the device may be seeded with the information in the data packet. A routing table may be populated with an address for forwarding the information to the peer.

Abstract: In one embodiment, a method comprises: generating, by a constrained low power and lossy network (LLN) device that is localized within a subregion of an LLN, a thin destination oriented directed acyclic graph (DODAG) having up to a prescribed limit of attached LLN devices at each hop of the thin DODAG based on generating a DODAG information object (DIO) message specifying an instruction for limiting attachment at each hop of the thin DODAG to the prescribed limit; and causing, by the constrained LLN device, multicast-only transmissions via the thin DODAG based on inserting into the DIO message a multicast-only transmission mode via the thin DODAG and outputting the DIO message, the DIO message causing each neighboring LLN device to selectively attach to the constrained LLN device as an attached child LLN device based on the instruction and execute the multicast-only transmissions via the thin DODAG.

Abstract: In one embodiment, a method comprises: identifying, by a low power and lossy network (LLN) device in a low power and lossy network, a minimum distance value and a distance limit value for limiting multicast propagation, initiated at the LLN device, of a multicast data message in the LLN; and multicast transmitting, by the LLN device, the multicast data message with a current distance field specifying the minimum distance value and a distance limit field specifying the distance limit value, the multicast transmitting causing a receiving LLN device having a corresponding rank in the LLN to respond to the multicast data message by: (1) determining an updated distance based on adding to the current distance field a rank difference between the receiving LLN device and the LLN device, and (2) selectively retransmitting the multicast data message if the updated distance is less than the distance limit value.

Abstract: A device for a virtual phone in a virtual network may be provided. A data packet may be received by the device, the device being in a personal-area-network (PAN) with a peer, the data packet containing information defining a characteristic of a software application. The data packet may be profiled, the data packet comprising information about the software application. An SLA table stored on the device may be seeded with the information in the data packet. A routing table may be populated with an address for forwarding the information to the peer.

Abstract: Techniques are provided that validate a participant in a video conference. As a video conferencing system is remote from a video conference participant, and user devices are not trusted, traditional methods such as client side facial recognition are ineffective at validating a participant from a video conferencing system. Thus, the embodiments encode modulated data for projection onto a face of the participant. A video of the participant is then captured. The conferencing system then confirms that the modulated data is present in the captured video.

Abstract: In one embodiment, a method comprises: detecting, by a wireless mirror device in a wireless data network, link layer transmission of a wireless data unit between a wireless access point (AP) device and a wireless client device on a first allocated frequency channel at a first transmission interval; and transmitting, by the wireless mirror device based on detecting the link layer transmission, the wireless data unit at a second transmission interval on a second allocated frequency channel that is allocated to the wireless mirror device for a mirror transmission between the wireless AP device and the wireless client device at the second transmission interval.