Abstract: An enterprise controller of an enterprise network sends to a service gateway of a service provider network a request for network slice information about network slices provisioned on a data plane of the service provider network. Responsive to the sending, the enterprise controller receives from the service gateway the network slice information including identifiers of and properties associated with the network slices. Responsive to receiving a request for the network slice information from a network device at a border of a forwarding plane of the enterprise network, the enterprise controller sends the network slice information to the network device to cause the network device to perform configuring network traffic in the forwarding plane with identifiers of ones of the network slices that match the network traffic, and to perform forwarding the network traffic configured with the identifiers to the data plane of the service provider network.

Abstract: An enterprise controller of an enterprise network sends to a service gateway of a service provider network a request for network slice information about network slices provisioned on a data plane of the service provider network. Responsive to the sending, the enterprise controller receives from the service gateway the network slice information including identifiers of and properties associated with the network slices. Responsive to receiving a request for the network slice information from a network device at a border of a forwarding plane of the enterprise network, the enterprise controller sends the network slice information to the network device to cause the network device to perform configuring network traffic in the forwarding plane with identifiers of ones of the network slices that match the network traffic, and to perform forwarding the network traffic configured with the identifiers to the data plane of the service provider network.

Abstract: A plurality of policies to be enforced in a network environment via a plurality of devices are determined. A topology of the plurality of devices within the network environment is also determined. For each policy of the plurality of policies, a device of the plurality of devices is selected as the location at which to enforce the policy of the plurality of policies. Selecting the device for each policy of the plurality of policies includes correlating the policy of the plurality of policies with another of the plurality of policies and correlating the policy of the plurality of policies with the topology.

Abstract: This technology enables normalized lookup and forwarding for diverse virtual private networks in multi-site network fabric deployments. A source device on a first Layer 2 site transmits a frame to a destination device on the same subnet, but on a second Layer 2 site. The frame is encapsulated and routed to a fabric border node. The fabric border node matches the source subnet to the destination subnet and transmits an address request protocol (“ARP”). In response to not receiving a reply to the ARP, the fabric border node transmits a map request to a Layer 3 transit fabric control plane node. The control plane node extracts a destination identifier from the map request and determines that the destination identifier is a Layer 2 identifier. The control plane node transmits a map reply to the fabric border node, where the frame is re-encapsulated and forwarded to the destination device.

Abstract: This technology enables normalized lookup and forwarding for diverse virtual private networks in multi-site network fabric deployments. A source device on a first Layer 2 site transmits a frame to a destination device on the same subnet, but on a second Layer 2 site. The frame is encapsulated and routed to a fabric border node. The fabric border node matches the source subnet to the destination subnet and transmits an address request protocol (“ARP”). In response to not receiving a reply to the ARP, the fabric border node transmits a map request to a Layer 3 transit fabric control plane node. The control plane node extracts a destination identifier from the map request and determines that the destination identifier is a Layer 2 identifier. The control plane node transmits a map reply to the fabric border node, where the frame is re-encapsulated and forwarded to the destination device.

Abstract: An enterprise controller of an enterprise network sends to a service gateway of a service provider network a request for network slice information about network slices provisioned on a data plane of the service provider network. Responsive to the sending, the enterprise controller receives from the service gateway the network slice information including identifiers of and properties associated with the network slices. Responsive to receiving a request for the network slice information from a network device at a border of a forwarding plane of the enterprise network, the enterprise controller sends the network slice information to the network device to cause the network device to perform configuring network traffic in the forwarding plane with identifiers of ones of the network slices that match the network traffic, and to perform forwarding the network traffic configured with the identifiers to the data plane of the service provider network.

Abstract: An enterprise controller of an enterprise network sends to a service gateway of a service provider network a request for network slice information about network slices provisioned on a data plane of the service provider network. Responsive to the sending, the enterprise controller receives from the service gateway the network slice information including identifiers of and properties associated with the network slices. Responsive to receiving a request for the network slice information from a network device at a border of a forwarding plane of the enterprise network, the enterprise controller sends the network slice information to the network device to cause the network device to perform configuring network traffic in the forwarding plane with identifiers of ones of the network slices that match the network traffic, and to perform forwarding the network traffic configured with the identifiers to the data plane of the service provider network.

Abstract: An enterprise controller of an enterprise network sends to a service gateway of a service provider network a request for network slice information about network slices provisioned on a data plane of the service provider network. Responsive to the sending, the enterprise controller receives from the service gateway the network slice information including identifiers of and properties associated with the network slices. Responsive to receiving a request for the network slice information from a network device at a border of a forwarding plane of the enterprise network, the enterprise controller sends the network slice information to the network device to cause the network device to perform configuring network traffic in the forwarding plane with identifiers of ones of the network slices that match the network traffic, and to perform forwarding the network traffic configured with the identifiers to the data plane of the service provider network.

Abstract: Systems, methods, and computer-readable media for providing cross-domain policy enforcement. In some examples, transit VRFs for a destination network domain and a source network domain are created. Route advertisements for nodes coupled to source VRFs in the source network domain are created that include identifications of the source VRFs. The route advertisements can be transmitted from a source transit VRF in the source network domain to a destination transit VRF in the destination network domain. The route advertisements can then be filtered at the destination transit VRF based on a cross-domain policy using the identifications of the source VRFs to export routes to destination VRFs in the destination network domain according to the cross-domain policy.

Abstract: One embodiment of a method includes receiving at a first network node traffic from a second network node; and sending by the first network node to a third network node information identifying the second network node via a Local Area Network (“LAN”) connection between the first and third network nodes. Subsequent to receipt of the information identifying the second network node, the third network node updates a locator table maintained by the third network node to include an entry including the information identifying the second network node received by the third network node from the first network node. Upon receipt by the third network node of a notification that the first network node has failed, the third network node sends an update only to network nodes that have an entry in the locator table indicating that the first network node has failed.

Abstract: A method is described that includes receiving at a network element a transmission control protocol (“TCP”) packet with TCP options set on a link between a controller and a destination node. If the network element comprises a transit node, the method includes comparing a bandwidth value indicated in a TCP options field of the received TCP packet with an outgoing link bandwidth of the network element. If the bandwidth value indicated in the TCP options field is greater than the outgoing link bandwidth of the network element, the method includes updating the bandwidth value in the TCP options field to be equal to the outgoing link bandwidth of the network element, and forwarding the packet to a next network element. If the bandwidth value indicated in the TCP options field is not greater than the outgoing link bandwidth, the bandwidth value in the TCP options field is not changed.

Abstract: A system and a method are disclosed for enabling interoperability between data plane learning endpoints and control plane learning endpoints in an overlay network environment. An exemplary method for managing network traffic in the overlay network environment includes receiving network packets in an overlay network from data plane learning endpoints and control plane learning endpoints, wherein the overlay network extends Layer 2 network traffic over a Layer 3 network; operating in a data plane learning mode when a network packet is received from a data plane learning endpoint; and operating in a control plane learning mode when the network packet is received from a control plane learning endpoint. Where the overlay network includes more than one overlay segment, the method further includes operating as an anchor node for routing inter-overlay segment traffic to and from hosts that operate behind the data plane learning endpoints.

Abstract: A method is provided in one example embodiment and includes receiving a request to create a path through a network, wherein the path originates on a first network device and terminates on the second network device; identifying a first controller associated with the first network device, wherein the first controller proxies control plane functions for the first network device; identifying a second controller associated with the second network device, wherein the second controller proxies control plane functions for the second network device; and computing the path using the first controller as a source and the second controller as a destination. The first controller installs the computed path on the first network device and the second controller installs the computed path on the second network device.

Abstract: One embodiment of a method includes receiving at a first network node traffic from a second network node; and sending by the first network node to a third network node information identifying the second network node via a Local Area Network (“LAN”) connection between the first and third network nodes. Subsequent to receipt of the information identifying the second network node, the third network node updates a locator table maintained by the third network node to include an entry including the information identifying the second network node received by the third network node from the first network node. Upon receipt by the third network node of a notification that the first network node has failed, the third network node sends an update only to network nodes that have an entry in the locator table indicating that the first network node has failed.

Abstract: A method is described and in some embodiments includes receiving at a network element a transmission control protocol (“TCP”) packet with TCP options set on a link between a controller and a destination node; if the network element comprises a transit node, comparing a bandwidth value indicated in a TCP options field of the received TCP packet with an outgoing link bandwidth of the network element; if the bandwidth value indicated in the TCP options field is greater than the outgoing link bandwidth of the network element, updating the bandwidth value indicated in the TCP options field to be equal to the outgoing link bandwidth of the network element; and forwarding the TCP packet to a next network element. If the bandwidth value indicated in the TCP options field is not greater than the outgoing link bandwidth, the bandwidth value indicated in the TCP options field is not changed.

Abstract: A method and system are disclosed for distributing (advertising) segment identifiers in network functions virtualization and/or software defined networking environments. An exemplary method includes receiving a route advertisement that includes a prefix with a forwarding address for a first network element and receiving a segment identifier (SID) advertisement that includes a prefix SID for the prefix. The route advertisement may be received from a second network element proxying control plane functions for the first network element. Reachability information for the first network element is updated based on the route advertisement and the SID advertisement.

Abstract: An example method for instantiating a network using a network function virtualization infrastructure (NVFI) pod in a network environment is provided and includes receiving a request to instantiate a logical network topology in the NFVI pod that includes a pre-selected set of interconnected pre-configured hardware resources, the abstract network topology including a virtual network function (VNF) forwarding graph (FG), distilling the VNF FG into various interconnected VNFs, deploying various VNFs of the VNF FG to a plurality of virtual machines, and instantiating the network topology on appropriate hardware resources in the NFVI pod. In specific embodiments, the pre-selected set of interconnected pre-configured hardware resources includes a plurality of compute servers, a plurality of controller servers, a set of network resources, and a plurality of storage resources. It may also include a high performance virtual switch operating in a user space of respective memory elements of a plurality of servers.

Abstract: A system and a method are disclosed for enabling interoperability between data plane learning endpoints and control plane learning endpoints in an overlay network environment. An exemplary method for managing network traffic in the overlay network environment includes receiving network packets in an overlay network from data plane learning endpoints and control plane learning endpoints, wherein the overlay network extends Layer 2 network traffic over a Layer 3 network; operating in a data plane learning mode when a network packet is received from a data plane learning endpoint; and operating in a control plane learning mode when the network packet is received from a control plane learning endpoint. Where the overlay network includes more than one overlay segment, the method further includes operating as an anchor node for routing inter-overlay segment traffic to and from hosts that operate behind the data plane learning endpoints.

Abstract: A method and system are disclosed for distributing (advertising) segment identifiers in network functions virtualization and/or software defined networking environments. An exemplary method includes receiving a route advertisement that includes a prefix with a forwarding address for a first network element and receiving a segment identifier (SID) advertisement that includes a prefix SID for the prefix. The route advertisement may be received from a second network element proxying control plane functions for the first network element. Reachability information for the first network element is updated based on the route advertisement and the SID advertisement.

Abstract: A method is provided in one example embodiment and includes receiving a request to create a path through a network, wherein the path originates on a first network device and terminates on the second network device; identifying a first controller associated with the first network device, wherein the first controller proxies control plane functions for the first network device; identifying a second controller associated with the second network device, wherein the second controller proxies control plane functions for the second network device; and computing the path using the first controller as a source and the second controller as a destination. The first controller installs the computed path on the first network device and the second controller installs the computed path on the second network device.