Abstract: Packet processing in a EVPN L2 MPLS deployment includes performing tag editing operations in the egress pipeline. More particularly, tag manipulation is based on the egress port. Packet processing further includes performing ESI label selection in the egress pipeline, and includes selecting the ESI label based on the ingress port where the ingress port can be a physical port or a subinterface configured on a physical port.

Abstract: Systems and methods support transferring control of a workspace that operates on an Information Handling System (IHS). An authorization policy is established on the IHS that is modifiable only by an arbiter of a remote orchestration service. The authorization policy specifies authorized administrators of the workspace. The authorization policy is modified to specify the arbiter and a first remote orchestrator as authorized administrators of the workspace. Administration of the workspace by the first orchestrator is allowed based on credentials that validate it as an authorized administrator specified by the policy. A notification is received of a transfer of orchestration of the workspace to a second remote orchestrator. The authorization policy is modified to specify the arbiter and the second orchestrator as authorized administrators of the workspace.

Abstract: A bridged gateway coupled to a local area network (LAN) receives a layer 2 frame from a device coupled to the LAN. The bridged gateway forwards, to a network gateway router that provides layer 3 routing services for the LAN, the layer 2 frame via a layer 2 tunnel. The bridged gateway determines that the layer 2 frame comprises a dynamic host configuration protocol (DHCP) discover message, the DHCP discover message including an initial message in a four message sequence used by the network gateway router and the device to provide an internet protocol (IP) address to the device. The bridged gateway determines that the four message sequence between the device and the network gateway router did not complete. The bridged gateway, in response to determining the four message sequence did not complete, sends, to a destination, an alert that comprises information indicating a problem with the network gateway router.

Abstract: A system supporting transferring content between an on-premises network and a public cloud network includes a first cloud computing platform comprising a first software instance having a first IP address, a subnet configured to extend across on-premises network and a public cloud network, a first gateway associated with the on-premises network, a second gateway associate with the public cloud network, a secure communication path between the first and second gateways. The subnet comprises a shared IP address range between the public cloud network and the on-premises network, and the first IP address of the first software instance is the same as an IP address of the first software instance that resided on the on-premises network.

Abstract: A system, method, and apparatus for implementing workflows across multiple differing systems and devices is provided herein. During operation a workflow is automatically modified, or a new workflow generated, based upon user queries made after a workflow has been executed.

Abstract: According to certain embodiments, a method by a network device includes receiving a handshake message for a traffic flow from a Software-Defined Wide-Area Network (SDWAN) and determining, from a traffic policy, whether the traffic flow should be symmetrical. In response to determining from the traffic policy that the traffic flow should be symmetrical, the method further includes performing a flow lookup on the traffic flow to determine if the network device originated the traffic flow. In response to determining that the network device did not originate the traffic flow, the method further includes determining a second network device that originated the traffic flow and sending the handshake message for the traffic flow to the second network device in order to maintain symmetry for the traffic flow.

Abstract: There is provided mechanisms for quality of service differentiation between network slices. A method is performed by a prioritization entity. The method comprises obtaining relative priority values for the network slices from a network entity. The method comprises providing an access network entity with a relative priority value for a protocol data unit (PDU) flow as given by the relative priority value for the network slice used by that PDU flow, thereby causing differentiation of the quality of service for the network slices.

Abstract: Compute nodes can execute virtual routers to implement a forwarding plane for one or more virtual networks having virtual network destinations hosted by the compute nodes. In one example, a method includes generating, by a software-defined networking (SDN) controller that manages a plurality of compute nodes, based on a unique identifier of a virtual network, a route target value for the virtual network, wherein the virtual network comprises virtual network endpoints executing on the compute nodes; and outputting, by the SDN controller and to a routing protocol peer device, a virtual private network (VPN) route that includes the route target value for the virtual network and a virtual network prefix associated with the virtual network, the VPN route for routing to the plurality of compute nodes executing the virtual network endpoints of the virtual network.

Abstract: One embodiment of the present invention sets forth a technique for processing packets transmitted within a network in accordance with a network protocol. The technique includes a network device in a mesh network receiving a type-length-value (TLV) element, determining, based on a type field of the TLV element, an expected length of a value field of the TLV element, and processing the value field up to the expected length.

Abstract: A technique to stop lateral movement of ransomware between endpoints in a VLAN is disclosed. A security appliance is set as the default gateway for intra-LAN communication by overwriting the DHCP responses. A high availability cluster of the gateways is utilized to distribute traffic and implement load balancing amongst the gateways.

Abstract: Software Defined Networking concepts apply to access, fronthaul, backhaul and core networks of 5G mobile networks and beyond. Such network components currently have individual/segmented control planes and associated controllers to provide configurability, provisioning, and network slicing. This is because of technology disparity between these network components: access is wireless/cellular, backhaul and fronthaul are optical/fiber, and core is electrical/wire-line.

Abstract: An electrical distribution system includes a plurality of electrical substations. Each of the electrical substations includes a plurality of intelligent electronic devices (IEDs), and a communications network interconnecting the plurality of IEDs at that substation. The communications networks at the plurality of substations are configured as at least one virtual network spanning multiple ones of the plurality of electrical substations, and interconnecting at least some of the IEDs within the multiple ones of the plurality of electrical substations, and so that delays experience by messages on the at least one virtual network are below a defined threshold. The virtual networks may be reconfigured when/if the threshold is not met.

Abstract: A technique to improve security for a VLAN is disclosed. A security appliance is set as the gateway for intra-LAN communication. Message traffic is analyzed and anomalies are detected relative to normal message traffic that correspond to device health problems that may require service by a field technician. A network switch may be configured to drop certain types of Address Resolution Protocol messages from selected ports to aid in setting a security appliance as the gateway.

Abstract: Symmetric networking techniques disclosed herein can be applied by gateway routers in cloud networks. The techniques can ensure that both outbound traffic received at a cloud from a branch device and return traffic directed from the cloud back to the branch device are processed by a same gateway router. The gateway router can use network address translation to insert IP addresses from an inside pool and an outside pool assigned to the router.

Abstract: A system for providing policy-controlled communication over the Internet includes a client endpoint function that executes on a client device while coupled to a first VPN tunnel, a service endpoint function that operates a remote service of a plurality of remote services, and a mid-link server coupled to the first VPN tunnel and a second VPN tunnel. The client endpoint function includes a first VPN endpoint component, and the service endpoint function includes a second VPN endpoint component. A router component operates to route network packet traffic between the first and second VPN tunnels via a route specified by a plurality of policies, an inspection component that analyzes network packet traffic in accordance with the plurality of policies. The plurality of policies for the network packet traffic and the content mediation selected dynamically on the basis of one or more of a user, an application, an endpoint, and a session.

Abstract: Systems and methods for the selection of a network interface/CDN pair from among multiple network interface/CDN pairs are provided. In an embodiment, a method includes retrieving information about sets of CDNs accessible via different network interfaces of a device. A plurality of network interface/CDN pairs are then identified, and performance metrics for each pair are measured. A best pair is selected, and is used to retrieve the next segments of a requested content item.

Abstract: A network device may receive a border gateway protocol (BGP) flow specification route associated with creation of an overlay network slice in a network, and may create a new routing instance based on the BGP flow specification route. The network device may associate interfaces defined by the BGP flow specification route with virtual private network (VPN) members, and may determine VPN parameters based on the BGP flow specification route. The network device may advertise the VPN parameters within the network to cause the network to generate the overlay network slice.

Abstract: Techniques for a head-end node in one or more network autonomous systems to utilize a protocol to instantiate services on tail-end nodes. The head-end node can use a service request mechanism that is enabled by the protocol to request service instantiation on the tail-end node without a network operator having to manually configure the tail-end node, or even having access to the tail-end node. Additionally, the protocol may provide mechanisms to define handling attributes for traffic of the service (e.g., quality of service (QoS) attributes, Maximum Transmission Unit (MTU) settings, etc.), service acknowledgement mechanisms for the head-end node to determine that the service was instantiated on the tail-end node, and so forth. In this way, a head-end node can be used to instantiate a service on a tail-end node without a network operator having to have direct access to the tail-end node to manually configure the tail-end node.

Abstract: Disclosed are methods for detecting misconfigured VLANs. In some embodiments, traffic on a VLAN across multiple access points is categorized. Traffic on the VLAN at a single access point is then also categorized. The categorization of the VLAN traffic at the single access point can be in response to, for example, communication errors or other conditions. The two categorizations are then compared to determine if the VLAN traffic at the AP is consistent with the VLAN traffic across a network (e.g., an enterprise network). If the VLAN traffic at the AP is generally consistent with that across the network, this may indicate that a downstream network component, such as a switch or router, is misconfigured. Thus, some embodiments programmatically reconfigure the downstream component to forward traffic for the VLAN.

Abstract: The minimization of the amount of power consumed by an electronic device in acquiring or maintaining network connectivity with a network may extend the battery life of the electronic device. When the electronic device has established a communication connection with a wireless access point, the electronic device cycles a network interface controller of the electronic device between a power on state and a power off state without terminating the communication connection. Accordingly, the electronic device powers on a main processor of the electronic device when the network interface controller detects a beacon during the power on state that indicates the wireless access point has a buffered data frame for the electronic device.

Abstract: Systems and methods provide for the dynamic discovery, update and propagation of multicast streams capabilities in a network. An endpoint can be coupled to a first hop router in a network environment. The first hop router can discover multicast flow characteristics information associated with the endpoint and propagate the multicast flow characteristics information of the endpoint to additional network nodes in the network environment. The first hop router and at least a portion of the additional network nodes can form one or more multicast flows associated with the endpoint through the network environment using the multicast flow characteristic information associated with the endpoint.

Abstract: Virtual network controllers are described that automatically generate policies and configuration data for routing traffic through physical network function (PNF) service chains in a multi-tenant data center. An example network controller includes a memory and processing circuitry configured to: automatically generate, for one or more integrated routing and bridging (IRB) units of corresponding virtual network forwarding tables of a switch of a switch fabric of a data center network, configuration information that, when deployed, causes the IRB units to direct data traffic conforming to multiple communication protocols and flowing over a plurality of virtual networks between a first set of server devices and a second set of server devices positioned outside of the switch fabric (i) toward a service device logically positioned outside of the switch fabric and coupled to the switch, and (ii) back from the service device into the switch fabric via the switch.

Abstract: A packet sending method includes: receiving, by a first node, a first broadcast data packet sent by a second node; and if a sequence number of the first broadcast data packet equals 1 plus a sequence number of a latest data packet saved by the first node, and the first node does not receive, within a first preset time period, a first acknowledgement indication for the first broadcast data packet of the second node, sending, by the first node, a first broadcast acknowledgement packet when the first preset time period elapses, where the first broadcast acknowledgement packet includes the first acknowledgement indication, and the first acknowledgement indication includes the sequence number of the first broadcast data packet and an address of the second node. This method could resolve acknowledgement packet implosion while ensuring broadcast packet reliability of a wireless mesh network.

Abstract: An association establishment method and apparatus, for carrying out the method are described. The association establishment method includes broadcasting, by an access point (AP), a trigger frame, wherein the trigger frame is used to trigger one or more unassociated stations STAs to perform uplink data transmission and indicate one or more available subchannels for random accessing of the unassociated STAs. The method further includes receiving, by the AP, one or more association request messages sent on available subchannels acquired by the unassociated STAs. Thereafter, the AP broadcasts a multi-block acknowledgement M-BA frame, wherein the M-BA frame includes one or more pieces of association acknowledgement information and the association acknowledgement information is acknowledgement information of the association request message.

Abstract: An electronic device that includes a stack of multiple computer network devices (such as switches) that implement a spanning tree using a distributed spanning tree protocol (STP) is described. A given computer network device may create a virtual internal stacking port. This virtual internal stacking port is included in the spanning tree and provides stacking interface logic that allows the given computer network device to connect to a virtual hub in the stack that is common to the multiple computer network devices. Moreover, the given computer network device may run an instance of the distributed STP that controls ports in the given computer network device, where the instance of the distributed STP run by the given computer network device uses a bridge identifier that is common to the multiple computer network devices.

Abstract: An information management cell health monitoring system is provided herein that can monitor one or more information management systems, identify any performance issues that are occurring within an information management system, and automatically, or in response to a user input, transmit an instruction to the information management system to execute a workflow to resolve the performance issue(s). For example, the information management cell health monitoring system receives operational data, secondary copy policies, and/or similar data from an information management cells via a network. The information management cell health monitoring system analyzes the received information to identify any issues. If an issue is detected, the information management cell health monitoring system retrieves workflows and determines whether any of the workflows can be used to resolve the detected issue.

Abstract: An example data center system includes server devices hosting data of a first tenant and a second tenant of the data center, network devices of an interconnected topology coupling the server devices including respective service virtual routing and forwarding (VRF) tables, and one or more service devices that communicatively couple the network devices, wherein the service devices include respective service VRF tables for the first set of server devices and the second set of server devices, and wherein the service devices apply services to network traffic flowing between the first set of server devices and the second set of server devices using the first service VRF table and the second service VRF table.

Abstract: A system for multicast packet management in a first switch in an overlay tunnel fabric is provided. The system can operate the first switch as part of a virtual switch in conjunction with a second switch of the fabric. The virtual switch can operate as a gateway for the fabric. During operation, the system can receive a join request for a multicast group. The system can then determine whether to forward the join request to the second switch based on a type of a first ingress connection of the join request. Upon receiving a data packet for the multicast group, the system can determine how to forward the data packet based on respective types of a second ingress connection and an egress connection of the data packet. The type of a respective connection can indicate whether the connection includes an overlay tunnel.

Abstract: Disclosed herein are system, method, and computer program product aspects for multiple instance Intermediate System to Intermediate System (IS-IS or ISIS) for a multi-area fabric. A network area in a multi-area fabric includes one or more network nodes and a boundary node shared with an other network area of the multi-area fabric outside of the network area. The boundary node can include a first ISIS instance associated with the network area and a second ISIS instance associated with the other network area. The second ISIS instance can be configured to pass information associated with the other network area to the first ISIS instance.

Abstract: Disclosed herein are system, method, and computer program product aspects for multiple instance Intermediate System to Intermediate System (IS-IS or ISIS) for a multi-area fabric. A network area in a multi-area fabric includes one or more network nodes and a boundary node shared with an other network area of the multi-area fabric outside of the network area. The boundary node can include a first ISIS instance associated with the network area and a second ISIS instance associated with the other network area. The second ISIS instance can be configured to pass information associated with the other network area to the first ISIS instance.

Abstract: A handover node may receive a first hardware device identifier transmitted by a hardware device and a second hardware device identifier transmitted by a manager node. The handover node may determine whether the first and second hardware device identifiers match and, as a result of determining that the first and second hardware device identifiers match, transmit contact information for the manager node to a hardware device. A manager node may receive a hardware device identifier that identifies a hardware device, transmit the hardware device identifier to a handover node, and transmit contact information for the manager node to the handover node. The contact information may include a port number of the manager node different than a port number used to communicate with the handover node. The manager node may receive a request to establish a communication session between the hardware device and the manager node.

Abstract: Methods and apparatus for partitioned private interconnects to provider networks are described. At least a portion of available bandwidth of a private physical interconnect between a provider network and a connectivity intermediary's network is designated as the bandwidth limit of an interconnect partition set up on behalf of a customer at the request of the intermediary. The intermediary's network comprises one or more devices to which at least one of the customer's devices is connected. Access to one or more resources of the provider network via the interconnect is enabled. Traffic monitoring results associated with the interconnect are used to enforce the designated bandwidth limit of the partition.

Abstract: A packet processing technique can include receiving a packet, and parsing the packet based on a protocol field to generate a parse result vector. The parse result vector is used to select between forwarding the packet to a virtual machine executing on a host processing integrated circuit, forwarding the packet to a physical media access controller, multicasting the packet to multiple virtual machines executing on the host processing integrated circuit, and sending the packet to a hypervisor.

Abstract: In one embodiment, a segment routing and tunnel exchange provides packet forwarding efficiencies in a network, including providing an exchange between a segment routing domain and a packet tunnel domain. One application includes the segment routing and tunnel exchange interfacing segment routing packet forwarding (e.g., in a Evolved Packet Core (EPC) and/or 5-G user plane) and packet tunnel forwarding in access networks (e.g., replacing a portion of a tunnel between an access node and a user plane function for accessing a corresponding data network). In one embodiment, a network provides mobility services using a segment routing data plane that spans segment routing and tunnel exchange(s) and segment routing-enabled user plane functions. One embodiment uses the segment routing data plane without any modification to a (radio) access network (R)AN (e.g., Evolved NodeB, Next Generation NodeB) nor to user equipment (e.g., any end user device).

Abstract: A system and method for managing network traffic is disclosed. The method includes determining an application domain, network elements associated with the application domain, and roles the network elements in the application domain. A virtual routing and forwarding (VRF) policy is generated for each of the network elements in the application domain based on the application domain and the role of each of the network elements in the application domain.

Abstract: Embodiments of this application provide a packet forwarding method, a route sending and receiving method, and related apparatus. The method is applied to a data center in a non-uniform memory access (NUMA) architecture. The data center includes a server and a network device, and the server includes a first NUMA node and a second NUMA node. The method includes: The first interface processing unit (IPU) receives a first packet from the network device, where the first packet is a packet to be sent to the first virtual machine in the first NUMA node. The first IPU sends the first packet to the first virtual machine. The second IPU receives a second packet from the network device, where the second packet is a packet to be sent to the second virtual machine in the second NUMA node. The second IPU sends the second packet to the second virtual machine.

Abstract: Systems and methods for providing policy-controlled communication over the Internet are provided. A system may include a client endpoint function configured to execute on a client device while coupled to a first VPN tunnel, a service endpoint function that operates a remote service of a plurality of remote services, a gateway server including a first VPN termination point that authenticates and terminates the first VPN tunnel, a stitcher server including a second VPN termination point that authenticates and terminates a second VPN tunnel, and a mid-link server coupled to the first VPN tunnel and the second VPN tunnel. The mid-link server may include a plurality of Access Resource Servers (ARSs), and the gateway server and the stitcher server may communicate via a network connecting the plurality of ARSs.

Abstract: According to one or more embodiments of this disclosure, a network controller in a data center network establishes a translation table for in-band traffic in a data center network, the translation table resolves ambiguous network addresses based on one or more of a virtual network identifier (VNID), a routable tenant address, or a unique loopback address. The network controller device receives packets originating from applications and/or an endpoints operating in a network segment associated with a VNID. The network controller device translates, using the translation table, unique loopback addresses and/or routable tenant addresses associated with the packets into routable tenant addresses and/or unique loopback addresses, respectively.

Abstract: Systems and methods for providing policy-controlled communication over the Internet are provided. A system may include a client endpoint function configured to execute on a client device while coupled to a first VPN tunnel, a service endpoint function that operates a remote service of a plurality of remote services, and a mid-link server coupled to the first VPN tunnel and a second VPN tunnel. The client endpoint function may include a first VPN endpoint component, and the service endpoint function may include a second VPN endpoint component. The mid-link server may include a first VPN termination point that authenticates and terminates the first VPN tunnel and a second VPN termination point that authenticates and terminates the second VPN tunnel. The first VPN termination point may re-authenticate the client device based on a first characteristic of the first VPN endpoint component and/or a second characteristic of the second VPN endpoint component.

Abstract: Systems, methods, and computer-readable media are described for establishing an optimized geo-location based hub mesh network for a group of network controllers spanning multiple regions, where the optimized mesh network includes substantially fewer connections between network controllers than conventional hub mesh networks. Geo-location information is obtained for the group of network controllers, and the network controllers are categorized into various physical regions based on the geo-location information. Then, within each region, a particular network controller is selected to serve as a primary regional hub for that region. Tunnel connections are then established between each non-hub network controller in each region and the primary regional hub for that region. In addition, tunnel connections are established between each non-hub network controller in a region and each other non-hub network controller within the same region.

Abstract: Systems and methods are provided herein for an improved method of Zero-Touch Provisioning (ZTP) where a first switch receives a virtual local area network (VLAN) identifier from a second switch, allowing the first switch to reach a dynamic host configuration protocol (DHCP) server. This may be accomplished by a first switch receiving a VLAN identifier from a second switch. The first switch then transmits a DHCP discover message using the VLAN identifier. The first switch then receives reachability information for a ZTP server from the DHCP server. The first switch uses the reachability information to establish a provisioning session between the first switch and the ZTP server.

Abstract: A network element configured to implement an Ethernet Virtual Private Network (EVPN) Virtual Private Wire Service (VPWS) Flexible Cross-Connect (FXC) local switching service includes a plurality of ports; and a switching fabric configured to switch traffic between the plurality of ports; wherein a set of ports is configured in a distributed Link Aggregation Group (LAG) with two nodes, and an inter-chassis link configured with a second network element, and wherein, responsive to a failure of the inter-chassis link, a distribution state of members in the distributed LAG is coordinated.

Abstract: An optical line terminal (OLT) detects content distribution conditions in terminals, and performs control for performing switching to distribution to each terminal using an individual virtual local area network (VLAN) or distribution to a plurality of terminals by broadcasting using a broadcasting VLAN, in accordance with the detected content distribution conditions. The OLT detects that the number of viewers of a predetermined channel exceeds a predetermined threshold value or is less than the predetermined threshold value, as the content distribution conditions. Further, the OLT performs switching to distribution using a broadcasting VLAN in a case where it is detected that the number of viewers of the predetermined channel exceeds the predetermined threshold value, and performs switching to distribution using an individual VLAN in a case where it is detected that the number of viewers of the predetermined channel is less than the predetermined threshold value.

Abstract: Described is a lattice cryptography processor with configurable parameters. The lattice cryptography processor includes a sampling circuit configured to operate in accordance with a Secure Hash Algorithm 3 (SHA-3)-based pseudo-random number generator (PRNG), a single-port random access memory (RAM)-based number theoretic transform (NTT) memory architecture and a modular arithmetic unit. The described lattice cryptography processor is configured to be programmed with custom instructions for polynomial arithmetic and sampling. The configurable lattice cryptography processor may operate with lattice-based CCA-secure key encapsulation and a variety of different lattice-based protocols including, but not limited to: Frodo, NewHope, qTESLA, CRYSTALS-Kyber and CRYSTALS-Dilithium, achieving up to an order of magnitude improvement in performance and energy-efficiency compared to state-of-the-art hardware implementations.

Abstract: Automatic network configuration for the recovery of virtual machines. A network configuration can be automatically provisioned by discovering the network topology of a source site and then matching the virtual machines to their locations or subnets in the network topology. The network is then implemented on a target site such that the required connectivity is present in the recovered target site even when the infrastructure of the source site and the target site are different.

Abstract: Systems and methods provide for the dynamic discovery, update and propagation of multicast streams capabilities in a network. An endpoint can be coupled to a first hop router in a network environment. The first hop router can discover multicast flow characteristics information associated with the endpoint and propagate the multicast flow characteristics information of the endpoint to additional network nodes in the network environment. The first hop router and at least a portion of the additional network nodes can form one or more multicast flows associated with the endpoint through the network environment using the multicast flow characteristic information associated with the endpoint.

Abstract: Disclosed are methods for detecting misconfigured VLANs. In some embodiments, traffic on a VLAN across multiple access points is categorized. Traffic on the VLAN at a single access point is then also categorized. The categorization of the VLAN traffic at the single access point can be in response to, for example, communication errors or other conditions. The two categorizations are then compared to determine if the VLAN traffic at the AP is consistent with the VLAN traffic across a network (e.g., an enterprise network). If the VLAN traffic at the AP is generally consistent with that across the network, this may indicate that a downstream network component, such as a switch or router, is misconfigured. Thus, some embodiments programmatically reconfigure the downstream component to forward traffic for the VLAN.

Abstract: Techniques for routing traffic across different virtual local area networks (VLANs) within a single bridge domain are described. One technique includes receiving at a first network device a packet from a second network device on a first interface of multiple interfaces within a bridge domain at the first network device. Attachment circuit information associated with the packet is determined. An information element that includes an indication of the attachment circuit information is generated. The information element is transmitted to the third network device.

Abstract: A technique to stop lateral movement of ransomware between endpoints in a VLAN is disclosed. A security appliance is set as the default gateway for intra-LAN communication by overwriting the DHCP responses. Message traffic from compromised endpoints is detected. Attributes of ransomware may be detected in the message traffic, as well as attempts to circumvent the security appliance. Compromised devices may be quarantined. The security appliance may act in response to an initial detection of ransomware such that it does not ordinarily interfere with operation of a primary DHCP server.

Abstract: An association establishment method and apparatus for carrying out the method are described. The association establishment method includes broadcasting, by an access point (AP), a trigger frame, wherein the trigger frame is used to trigger one or more unassociated stations STAs to perform uplink data transmission and indicate one or more available subchannels for random accessing of the unassociated STAs. The method further comprises receiving, by the AP, one or more association request messages sent on available subchannels acquired by the unassociated STAs. Thereafter, the AP broadcasts a multi-block acknowledgement M-BA frame, wherein the M-BA frame includes one or more pieces of association acknowledgement information and the association acknowledgement information is acknowledgement information of the association request message.