Abstract: Methods, non-transitory computer readable media, network traffic management apparatuses, and network traffic management systems include inspecting a plurality of incoming packets to obtain packet header data for each of the incoming packets. The packet header data is filtered using one or more filtering criteria. At least one of a plurality of optimized DMA behavior mechanisms for each of the incoming packets are selected based on associating the filtered header data for each of the incoming packets with stored profile data. The incoming packets are disaggregated based on the corresponding selected one of the optimized DMA behavior mechanisms.

Abstract: Technology related to scheduling services on a platform including configurable computing resources is disclosed. In one example, a method includes scheduling a service to execute on a first computing node based on an availability of general-purpose computing resources at the first computing node. The first computing node can be selected from a plurality of computing nodes. Network traffic transiting the first computing node can be analyzed during the execution of the service to determine a hardware accelerator of a second computing node is capable of assisting the execution of the service. The service can be scheduled to execute on the second computing node and the hardware accelerator of the second computing node can be used to assist with the execution of the service.

Abstract: Technology related to scheduling services on a platform including configurable computing resources is disclosed. In one example, a method includes scheduling a service to execute on a first computing node based on an availability of general-purpose computing resources at the first computing node. The first computing node can be selected from a plurality of computing nodes. Network traffic transiting the first computing node can be analyzed during the execution of the service to determine a hardware accelerator of a second computing node is capable of assisting the execution of the service. The service can be scheduled to execute on the second computing node and the hardware accelerator of the second computing node can be used to assist with the execution of the service.

Abstract: Methods, non-transitory computer readable media, network traffic management apparatuses, and network traffic management systems that utilize a reverse tunnel proxy in a cloud environment. The reverse tunnel proxy in a cloud environment automatically discovers its environment and creates an appropriate tunnel without using a public IP. The reverse tunnel proxy in a cloud environment utilizes an outgoing connection along with an initialization and channelization to connect to the cloud and accepts an incoming connection in response. In embodiments, a cloud initiates a connection and a tunnel is created without need for additional IP addresses. In embodiments, the reverse tunnel proxy in a cloud environment connects to a client as a server and a private key is stored at a server side without pushing private keys into a public environment.

Abstract: Technology related to disaggregating network traffic is disclosed. In one example, a method can include determining whether individual network flows are members within a first subset of the network flows. A second subset of the first subset of network flows can be learned in response to determining a change in a number of servers available to service the network flows. A first network packet can be forwarded to a first server in response to the first network packet being a member of the first subset of network flows and a member of the learned second subset of the first subset of network flows. A second network packet can be forwarded to a second server in response to the second network packet being a member of the first subset of network flows but not a member of the learned second subset of the first subset of network flows.

Abstract: Technology related to scheduling services on a platform including configurable computing resources is disclosed. In one example, a method includes scheduling a first service to execute on a computing node based on an availability of general-purpose computing resources at the computing node. The computing node can be selected from a plurality of computing nodes. Network traffic transiting the computing node can be analyzed during the execution of the first service to determine a hardware accelerator of the computing node is capable of assisting the execution of the first service. The hardware accelerator can be used to assist with the execution of the first service. A second service can be scheduled on the computing node based on the availability of the general-purpose computing resources and the usage of the hardware accelerator on the computing node.

Abstract: Technology related to scheduling services on a platform including configurable computing resources is disclosed. In one example, a method includes scheduling a first service to execute on a computing node based on an availability of general-purpose computing resources at the computing node. The computing node can be selected from a plurality of computing nodes. Network traffic transiting the computing node can be analyzed during the execution of the first service to determine a hardware accelerator of the computing node is capable of assisting the execution of the first service. The hardware accelerator can be used to assist with the execution of the first service. A second service can be scheduled on the computing node based on the availability of the general-purpose computing resources and the usage of the hardware accelerator on the computing node.

Abstract: Methods, non-transitory computer readable media, network traffic management apparatuses, and network traffic management systems that utilize a reverse tunnel proxy in a cloud environment. The reverse tunnel proxy in a cloud environment automatically discovers its environment and creates an appropriate tunnel without using a public IP. The reverse tunnel proxy in a cloud environment utilizes an outgoing connection along with an initialization and channelization to connect to the cloud and accepts an incoming connection in response. In embodiments, a cloud initiates a connection and a tunnel is created without need for additional IP addresses. In embodiments, the reverse tunnel proxy in a cloud environment connects to a client as a server and a private key is stored at a server side without pushing private keys into a public environment.

Abstract: Embodiments are directed towards overprovisioning IP addresses among a plurality of traffic management devices (TMDs). A plurality of IP addresses may be distributed among a plurality of available TMDs. A corresponding mirror TMD may be determined for each IP address. The corresponding mirror TMD for an IP address may be different than the available TMD currently associated with the IP address. In various embodiments, connections associated with each IP address may be mirrored at their corresponding mirror TMDs. The available TMDs may be employed to perform traffic management tasks on received packets based on at least a destination IP address of the received packets and the IP addresses associated with the available TMDs. If a TMD becomes unavailable, the IP addresses associated with the unavailable TMD may be redistributed to at least one remaining available TMD.

Abstract: Embodiments are directed towards network address based flood attack mitigation methods. A PTMD disposed between one or more computers may monitor several network flows and generate metrics associated with malicious network activity, such as, flood attacks. If flood attacks are determined to be occurring, the PTMD may determine the network addresses targeted by the flood attack. Further, the PTMD may activate flood attack mitigation procedures for the targeted network addresses such that other network addresses associated with the monitored network flows are excluded from the flood attack mitigation procedure. The PTMD may monitor the network traffic subsequently communicated to the targeted network addresses. Accordingly, the PTMD may determine if the flood attack has ceased based on characteristics of the monitored network traffic. If the flood attack has ceased, the flood attack mitigation procedures for the targeted network addresses may be deactivated.

Abstract: Creating a connection between one of a first plurality of computing devices in a primary chassis and one of a second plurality of computing devices in a failover chassis. A first plurality of buckets may be associated with the primary chassis, a second plurality of buckets may be associated with the failover chassis, where the first plurality of buckets may correspond to the second plurality of buckets. One of the first plurality of computing devices may be associated with one of the first plurality of buckets, and can create a connection with attributes such that a disaggregator in the failover chassis routes the connection to one of the second plurality of computing devices, wherein the one of the second plurality of computing devices may be associated with a bucket of the second plurality of buckets that corresponds to the one of the first plurality of buckets.

Abstract: Embodiments are directed towards overprovisioning IP addresses among a plurality of traffic management devices (TMDs). A plurality of IP addresses may be distributed among a plurality of available TMDs. A corresponding mirror TMD may be determined for each IP address. The corresponding mirror TMD for an IP address may be different than the available TMD currently associated with the IP address. In various embodiments, connections associated with each IP address may be mirrored at their corresponding mirror TMDs. The available TMDs may be employed to perform traffic management tasks on received packets based on at least a destination IP address of the received packets and the IP addresses associated with the available TMDs. If a TMD becomes unavailable, the IP addresses associated with the unavailable TMD may be redistributed to at least one remaining available TMD.

Abstract: Creating a connection between one of a first plurality of computing devices in a primary chassis and one of a second plurality of computing devices in a failover chassis. A first plurality of buckets may be associated with the primary chassis, a second plurality of buckets may be associated with the failover chassis, where the first plurality of buckets may correspond to the second plurality of buckets. One of the first plurality of computing devices may be associated with one of the first plurality of buckets, and can create a connection with attributes such that a disaggregator in the failover chassis routes the connection to one of the second plurality of computing devices, wherein the one of the second plurality of computing devices may be associated with a bucket of the second plurality of buckets that corresponds to the one of the first plurality of buckets.

Abstract: Embodiments are directed towards network address based flood attack mitigation methods. A PTMD disposed between one or more computers may monitor several network flows and generate metrics associated with malicious network activity, such as, flood attacks. If flood attacks are determined to be occurring, the PTMD may determine the network addresses targeted by the flood attack. Further, the PTMD may activate flood attack mitigation procedures for the targeted network addresses such that other network addresses associated with the monitored network flows are excluded from the flood attack mitigation procedure. The PTMD may monitor the network traffic subsequently communicated to the targeted network addresses. Accordingly, the PTMD may determine if the flood attack has ceased based on characteristics of the monitored network traffic. If the flood attack has ceased, the flood attack mitigation procedures for the targeted network addresses may be deactivated.