Abstract: A content distribution system as discussed herein includes one or more instances of communication management hardware. The communication management hardware tracks a status of multiple different groupings of edge nodes in a content delivery network. Each of the edge nodes is operative to distribute content (such as video content, video segments, digital assets, etc.) in a network environment. The communication device is redirected to the communication management hardware for selection of an appropriate edge node to deliver content to the communication device. To provide load balancing, the communication management hardware selects an appropriate edge node from the different available edge nodes in different edge node clusters. The communication management hardware then communicates an identity of the selected edge node to the communication device. The communication device then communicates with the selected edge node to retrieve the content.

Abstract: A service mesh traffic management apparatus, system, and method in a distributed Kubernetes multi-cluster environment are disclosed. A service mesh traffic management apparatus in a distributed Kubernetes multi-cluster environment comprises a processor, and a memory connected to the processor, wherein the memory stores program instructions executable by the processor for performing operations comprising receiving a monitoring metric collected by a Prometheus server distributed in the multi-cluster, selecting a first routing policy based on a predefined routing policy selection rule and the collected monitoring metric, comparing the first routing policy and a second routing policy currently in use, distributing, when the first routing policy and the second routing policy are different, the first routing policy to each proxy in the service mesh.

Abstract: A method is provided that is performed for a wireless network that includes one or more wireless client devices that may rotate their media access control (MAC) address used for wireless communication with one or more wireless access point devices in the wireless network. The method includes determining an impact of MAC address rotation by the one or more wireless client devices on operational resources of one or more networking devices or networking processes in a network infrastructure associated with the wireless network. The method further includes scheduling MAC address rotation by the one or more wireless client devices according to the impact on operational resources of the one or more networking devices or networking processes in the network infrastructure.

Abstract: The present technology pertains to receiving a tag associating at least one routing domain in an on-premises site with at least one virtual network in a cloud environment associated with a cloud service provider. The present technology also pertains to the automation of populating route and propagation tables with the cloud service provider.

Abstract: Techniques for migrating on-premises and/or cloud-based workloads to follow a network session as it potentially migrates, due to multipathing techniques, across multiple edge and/or cloud datacenters. The techniques may include determining, by a controller of a network, that a traffic flow between an endpoint device and a workload has migrated to a different path of a multipath flow such that the traffic flow terminates at a different termination point than the workload. Based at least in part on determining that the traffic flow has migrated, the controller may cause a migration of a state of the workload to a location associated with the different termination point. That is, the controller may cause the workload to be migrated in its current state, which may be specific to the endpoint device, to follow the traffic flow.

Abstract: The present application relates to the field of network communication technologies, and provides a packet processing method and device, an advertisement method and device, a bridge node, a source apparatus, a packet processing system, and a computer-readable storage medium. The packet processing method includes: receiving a time sensitive networking (TSN) service packet; querying, according to a packet header of the TSN service packet, a mapping table of service stream IDs and TSN-profiles, where the mapping table of service stream IDs and TSN-profiles is established according to advertisement information of a source apparatus; and processing the TSN service packet according to a result of the querying on the mapping table of service stream IDs and TSN-profiles.

Abstract: An example data center system includes server devices hosting data of a first tenant and a second tenant of the data center, network devices of an interconnected topology coupling the server devices including respective service virtual routing and forwarding (VRF) tables, and one or more service devices that communicatively couple the network devices, wherein the service devices include respective service VRF tables for the first set of server devices and the second set of server devices, and wherein the service devices apply services to network traffic flowing between the first set of server devices and the second set of server devices using the first service VRF table and the second service VRF table.

Abstract: A switch capable of on-the-fly reduction in a network is provided. The switch is equipped with a reduction engine that can be dynamically configured to perform on-the-fly reduction. As a result, the network can facilitate an efficient and scalable environment for high performance computing.

Abstract: Provided in embodiments of the present disclosure are a path computation method and apparatus, a storage medium, and an electronic device. The method includes: computing, by a controller, a forwarding path and forwarding delay information according to an end-to-end delay requirement; and sending, by the controller, the forwarding path and the forwarding delay information to a device side. Accordingly, the problem that a network path or route computed based on a network graph cannot satisfy service requirements in the related art can be solved, and a determined target path can satisfy the service requirements.

Abstract: The present disclosure relates to a system and method for controlling home appliances that operates home appliances using a user terminal and controls the operation of the home appliances arranged in a space in consideration of the amount of power consumed in the space. In the present disclosure, when a first home appliance is operated, the first home appliance is operated only when the total power consumption of the first home appliance and other home appliances that are already operating is less than or equal to a reference value.

Abstract: Embodiments are directed to managing communication over networks. A gateway identifier (GID), a network address, source nodes, relays, or the like, may be determined based on an overlay network. Two or more relays may be ranked based on metrics associated with each relay such that a top ranked relay is designated as a preferred relay.

Abstract: Network requests can be automatically routed between two or more computer subsystems in some examples. In one such example, a system can determine that a user is eligible for a service based on usage data relating to an account of the user. Based on determining that the account is eligible for the service, the system can activate the service for the user by communicating with a service subsystem. Subsequent to activating the service for the user, the system can receive a network request associated with the user and determine that the network request has a characteristic. Based on determining that the network request has the characteristic, the system can forward the request to the service subsystem. The service subsystem can complete the network request using the service.

Abstract: A Layer 2 (L2) domain hierarchical address communication system includes a first computing device that provides a first host, and a second computing device that provides a second host. A first leaf switch device is connected to the first computing device, and a second leaf switch device that is connected to the second computing device and coupled to the first leaf switch device. The first leaf switch device receives a first data communication from the first host that includes a second hierarchical MAC address of the second host. The first leaf switch device identifies a hierarchical MAC prefix in the second hierarchical MAC address, and uses the hierarchical MAC prefix to forward the first data communication to the second leaf switch device.

Abstract: A server for predicting a future traffic load of a base station is provided. The server may obtain a first prediction model based on traffic data collected from the base station for a first period of time, obtain a second prediction model based on traffic data collected from the same base station for a second period time, and also based on knowledge transferred from the first prediction model. Each of the first prediction model and the second prediction model may include an encoder module, a reconstruction module, and a prediction module which are connected to form two paths, an encoder-reconstruction path and an encoder-prediction path, to preserve more information of historic traffic data.

Abstract: Aspects of the present disclosure are directed to group travel between artificial reality (XR) destinations. Currently, users in an artificial reality (XR) experience cannot travel with a group to a specific destination or between destinations (e.g., to and from virtual worlds, levels, applications, etc.). Thus, some implementations assign users within a group in a multiplayer XR experience (e.g., a virtual lobby) a same session identifier. When the users select a destination, some implementations can provide a computing system hosting the destination with the session identifier associated with the users, such that the hosting computing system can ensure that the users travel to the same instance of the destination together. If a user does not already have the destination installed, some implementations can allow the user to acquire access rights to the destination, then travel to the same instance of the destination as the other users.

Abstract: A system for facilitating RDMA transmit flow scheduling and pacing is disclosed. The system may determine a set of groups. The groups may be associated with a range of transmission rates. The system may determine a transmission rate of a queue pair. The system may assign the QP to a first group of the set of groups. The transmission rate of the QP may be within the range of transmission rates of the first group. The system may determine an available QP of at least one group from the set of groups. The system may schedule transmission, by an arbiter, of the available QP. The system may transmit, by the arbiter, a message associated with the available QP.

Abstract: In one embodiment, a controller features a first data store, a second data store and route determination logic. The first data store is configured to store current routing information from a source transit gateway within at least a first transit cloud network to a destination transit gateway within at least a second transit cloud network of the cloud network. Each of the source transit gateway and the destination transit gateway being one of a plurality of transit gateways associated with the cloud network. The second data store is configured to store alternative routing information between the source transit gateway and the destination transit gateway. The route determination logic is configured to (i) conduct analytics on all available route paths for a message intended to be sent from the source transit gateway to the destination transit gateway and (ii) select a best route path for the message.

Abstract: Example embodiments describe a method for managing data traffic congestion in a network communication node. The method comprising maintaining a marking probability based on a marking ratio indicative of a change in packets responsible for congestion in a network queue in the network communication node over a change in a total number of packets processed by the network queue. The method further comprising classifying packets processed by the network queue as scalable packets or other packets based on an identifier included in the packets; wherein the scalable packets support scalable congestion control. The method further comprising marking the scalable packets responsible for congestion in the network queue with a congestion mark to signal data traffic congestion; and marking the other packets that support unscalable congestion control with the congestion mark based on the marking probability.

Abstract: Techniques for leveraging the MASQUE protocol to provide remote clients with full application access to private enterprise resources are described herein. One or more network nodes may be configured to execute a MASQUE proxy service to provide a remote client device with full access to an enterprise/private application resource executing on an application node and hosted in an enterprise/application network, behind the MASQUE proxy service. In some examples, the MASQUE proxy service may execute on a single proxy node hosted at an edge of a cloud network or at an edge of an enterprise network. Additionally, or alternatively, a first instance of the MASQUE proxy service may execute on a first proxy node hosted at an edge of a cloud network (e.g., an ingress proxy node) and a second instance of the MASQUE proxy service may execute on a second proxy node hosted at an edge of the enterprise network.

Abstract: A method for securing network communication between containers by a terminal, includes: a step of installing an HSI (Hyperion Secure Interface) for communication with a secure bridge included in an NIC (Network Interface Chip) in a secure container through a manager module; a step of changing a source address of a transmission packet to a specific token on the basis of a map of the HSI through the manager module; a step of delivering the transmission packet to the secure bridge through the HSI; a step of determining whether the specific token of the transmission packet is valid; and a step of changing the specific token to the source address and delivering the transmission packet to a target container when the specific token is valid.

Abstract: A communication method includes: determining a first central unit (CU)-user plane (UP) and a user plane function (UPF) network element that correspond to a quality of service (QoS) flow, where an access network device to which the first CU-UP belongs supports at least two CU-UPs; determining a first packet delay budget (PDB) for transmitting the QoS flow between the first CU-UP and the UPF network element; and sending the first PDB to the access network device, where the first PDB is used by the access network device to schedule an air interface resource. After the CU-UP corresponding to the QoS flow is determined, the PDB of the CU-UP corresponding to the QoS flow may be sent to the radio access network (RAN) device.

Abstract: Some embodiments provide an automated method for defining externally routable Pods within a Kubernetes cluster. In some embodiments, the Pod operates in a guest cluster has its own VPC (virtual private cloud) network in a datacenter with several other guest clusters that have their own VPC networks and their own set of managers. In some embodiments, a Pod within a GC can be made externally routable so that it can be directly addressable from an external client outside of the Pod's network by using two new Kubernetes CRDs (custom resource definitions), which are an IPPool CRD and a RouteSet CRD. Examples of such external clients include VMs or Pods in another GC or a supervisor cluster connected to the particular GC through a gateway, or from a machine outside of the network of all of the GCs or SC.

Abstract: A first router generates session establishment metrics for use in network path selection. For example, a plurality of routers connect a client device to a network service instance hosted by a server. A first router is connected to the network service instance via first and second paths. The first router receives session performance requirements for a session between the client device and the network service instance. The first router forwards, along the first path, network traffic for the session by modifying a first packet of the session to include a session identifier for the session. The first router determines that session establishment metrics for the session do not satisfy the session performance requirements. In response, the first router forwards, along the second path, the network traffic for the session by modifying a second packet of the session to include the session identifier for the session.

Abstract: A device includes a transceiver and processing circuitry. The transceiver is configured to receive an input packet having an input header and forward an output packet having an output header. The processing circuitry is configured to parse the input header, determine recommendations for forwarding a payload of the input packet using a trained neural network and based on the parsed input header, and process the input packet and generate the output packet with the output header based on the recommendations and available resources.

Abstract: A method for managing a transaction data structure, the method may include (a) receiving, at a first point in time that corresponds to a first value of a clock signal, a request to commit a transaction, and updating a status of the transaction, within the transaction data structure, as being a commit in progress; (b) updating the status of the transaction within the transaction data structure as being committed following (i) a completion of the committing, and (ii) a change of a value of the clock signal from the first value to a second value that differs from the first value; and (c) updating, using a background process, a database segment (DS) version metadata associated with the transaction regarding the completion of the committing. The DS version metadata belongs to a DS version metadata data structure. The DS version metadata data structure and the transaction data structure are selectively accessed during transactions.

Abstract: Automatic load-balancing techniques in a network device are used to select, from a multipath group, a path to assign to a flow based on observed state attributes such as path state(s), device state(s), port state(s), or queue state(s) of the paths. A mapping of the path previously assigned to a flow or group of flows (e.g., on account of having then been optimal in view of the observed state attributes) is maintained, for example, in a table. So long as the flow(s) are active and the path is still valid, the mapped path is selected for subsequent data units belonging to the flow(s), which may, among other effects, avoid or reduce packet re-ordering. However, if the flow(s) go idle, or if the mapped path fails, a new optimal path may be assigned to the flow(s) from the multipath group.

Abstract: Satellites provide connectivity in remote and rural areas as well as providing applications and services elsewhere on earth and in space. Existing satellite networks will be increasingly augmented by ultra-dense deployments of interconnected satellites providing low Earth orbit (LEO) constellations. However, such satellites only offer short-term line-of-sight access requiring ongoing handovers during the duration of a terminal's access. Accordingly, to exploit these LEO constellations the inventors have established methodologies exploiting distributed massive multiple-input multiple-output technology for a user terminal to be connected to a cluster of LEO satellites.

Abstract: Network traffic between a source node and a destination node in a network fabric can be routed by distributing the network traffic from the source node to a set of one-hop neighbors of the source node. Each one-hop neighbor of the source node can be set as a first waypoint. A one-hop neighbor of the destination node mapped to the corresponding one-hop neighbor of the source node is identified and set as a second waypoint. The distributed traffic is then routed from the first waypoint to the second waypoint via a network fabric having network nodes connected according to harmonics.

Abstract: In an example implementation consistent with the features disclosed herein, publisher-subscriber message mapping is performed. A message is received from a publisher, with the message including a first topic. The first topic includes a gateway identifier of a gateway for the publisher. The gateway identifier is then mapped to a user identifier. The first topic of the message is modified to a second topic by replacing the gateway identifier with the user identifier. The message is then sent to a subscriber that is subscribed to the second topic.

Abstract: A testing device (10) acquires session information to configure a session with a server (23), which is a to-be-tested device, protected by a security device (22) performing authentication of a packet. Then, the testing device (10) generates a test packet with the session information acquired, generates a test session according to a predetermined scenario when transmitting the test packet to the server (23), and transmits to the server (23) a test packet that increases processing load.

Abstract: According to one or more embodiments of the disclosure, an edge node of a virtual overlay for a Layer-2 mesh receives a new flow notification that indicates a destination address for a new flow in the Layer-2 mesh. The virtual overlay is configured to flood replicated frames of the new flow throughout the virtual overlay. The edge node makes a local match between the destination address indicated by the new flow notification and a local address table of the edge node. The edge node sends, based on the local match, a match notification that causes other nodes in the virtual overlay to stop flooding replicated frames of the new flow.

Abstract: A packet processing method implements a QoS guarantee. The method includes: obtaining a flow identification based on packet attribute information and a flow matching rule, generating a flow policy that includes a correspondence between the flow identification and a flow behavior, determining a forwarding path of a packet including the packet attribute information, sending the flow matching rule to an ingress device of the forwarding path, and sending the flow policy to a first network device on the forwarding path. The ingress device adds the flow identification to the packet including the packet attribute information, and sends the packet. The first network device receives the packet including the flow identification, obtains the flow behavior from the flow policy based on the flow identification, and processes the packet in a packet processing mode corresponding to the flow behavior.

Abstract: A system and method for providing technical support when using an application that includes recording and/or otherwise capturing a problem as a video file or screen image while using the application and sending the file or image to a technician from the application. The system includes a back-end server operating the online application and having a processor for processing data and information, a communications interface communicatively coupled to the processor, and a memory device storing data and executable code. When the code is executed, the processor can allow a user to record the problem that the user encounters while using the application as a file, send the file to a technical support team to be reviewed, and allow the user to correspond with a technician about the file.

Abstract: Disclosed are an information processing method and a related network device. The method comprises: a session management function (SMF) obtaining first address information of a local domain name system (DNS) server; sending the first address information to an uplink classifier; and sending, by means of an access and mobility management function (AMF), the first address information to a user equipment (UE), wherein the first address information is used for the UE to update the IP address of local DNS server.

Abstract: A CGW (7) connected to a first communication network (1) and a fifth communication network (5). The second communication network uses a communication protocol different from a communication protocol of the first communication network (1). The CGW (7) receives, from the first communication network (1), CAN frames each including a data field storing control information (CD) to be transmitted from the first communication network (1) to a second communication network (5), a CAN ID for identifying the control information (CD), and an error detection code (EC) stored in the data field and calculated on the basis of the control information (CD) and the CAN ID. The CGW (7) generates an FD frame including a data field storing the CAN frames and a CAN FD ID indicating that the CAN frames are stored in the data field, and transmits the generated FD frame to the fifth communication network (5).

Abstract: This application provides an internet of vehicles message notification method, applied to a multi-access edge computing system including a first application instance, a second application instance and an internetworking service instance. The method includes: receiving, by the first application instance, a notification message; sending, by the first application instance, the notification message to the interworking service instance; sending, by the interworking service instance, the notification message to the second application instance that subscribes to the message; and sending, by the second application instance, the notification message to an in-vehicle application served by the second application instance. As a result, data can be exchanged and shared between vehicles of different vehicle manufacturers and between internet of vehicles application instances of different vehicle manufacturers. Therefore, a real internet of vehicles service is implemented.

Abstract: Techniques for discovering a network using a sensor installed in the network, where the network is communicatively coupled to an external network by a router, are presented. The techniques can include: determining, automatically and by the sensor, a network address of the router; detecting, automatically and by the sensor, a network address of a client in the network; assessing, automatically and by the sensor, that the client in the network is actively communicating on the network; communicating, by the sensor, with the network address of the router; and participating, by the sensor, in communications on the network by emulating the network address of the client and by using the network address of the router.

Abstract: A container may be created, and a plurality of domain name system (DNS) configuration objects may be added to the container. The plurality of DNS configuration objects may comprise at least one of private DNS zones, outbound forwarding rules, DNS query log configurations, and firewall rule groups. The container may be associated with a plurality of private logical networks. The container may also be across a plurality of customer accounts. Based on the plurality of DNS configuration objects, a plurality of DNS operations associated with the plurality of private logical networks may be performed. The plurality of DNS operations may comprise at least one of DNS query resolution, DNS query outbound forwarding, configuring a query log, or configuring a firewall.

Abstract: Techniques are described for suppressing data plane traffic using a service monitoring policy for data plane control. If a service provided to a router becomes nonfunctional, preventing the router from being able to forward traffic to a next-hop device, data plane traffic from client devices on the data plane that requires the use of the nonfunctioning service is suppressed. Additionally, new communication pathways to the router that will use the nonfunctioning service are prevented from being established. Traffic is redirected to another router with a functioning service. Thus, traffic that may normally be directed to the router with the nonfunctioning service and not able to be forwarded (e.g., blackholing of data) can be forwarded to the other router.

Abstract: An information processing system includes: an information processing apparatus configured to manage sharing of a screen performed by a plurality of screen-sharing terminals coupled communicably to the information processing apparatus; and an administrator terminal configured to have administrative authority and to be coupled to the information processing apparatus via a network. The information processing apparatus includes an information management unit and an instruction delivery unit. The administrator terminal includes an accepting unit a communication control unit.

Abstract: New link requests are received and an application making the request is identified. SD-WAN parameters are retrieved from an application control database. A first parameter is a JLP loss requirement for the application, and can be either low JLP, medium JLP, or high JLP SLA level. A second parameter a downstream/upstream bandwidth capability requirement. Links are determined from the pool of available links that meet the JLP requirement. One of the links is selected for the new link request, from the pool of available links that meet the JLP requirement, based on a downstream and an upstream bandwidth capability. The best link is automatically activated for the new link request.

Abstract: Methods and systems for identifying a network threat are disclosed. The methods described herein may involve receiving at least one permutation of a domain name, wherein the at least one permutation is registered with a domain name registrar. The methods described herein may further involve executing a scanning function to identify an active service on the at least one permutation registered with the domain name registrar and implementing a threat prevention procedure upon identifying an active service on the at least one permutation.

Abstract: According to various embodiments, an electronic device includes at least one processor. The at least one processor may be configured to: confirm a data session establishment request from a first application executed by the at least one processor; confirm at least one first descriptor corresponding to the first application for path selection; confirm a first network interface corresponding to the at least one first confirmed descriptor based on the at least one first confirmed descriptor; establish a first data session corresponding to the at least one first confirmed descriptor; and transmit and/or receive data related to the first application through the first network interface using the first data session.

Abstract: Provided is a computer-implemented method for receiving the at least two log files; wherein each log file of the at least two log files includes at least one log entry with at least one time stamp and at least one message; wherein the at least two log files differ from one another with respect to at least one distinctive criteria; extracting at least one additional information of each log file of the at least two log files; and combining each log file of the at least two log files with the extracted additional information into at least two processed log files; wherein the at least two processed log files comply with a coherent representation. A corresponding computer program product and generating unit is also provided.

Abstract: Multiple types of lines are made simultaneously available, including a Wi-Fi link, a cell link and a wired link. A list of running cloud applications is identified by monitoring A quality of each available link for each running cloud application is periodically tested, including measurements of latency, jitter and packet loss. A first link is selected for a first application and a second link is selected for a second application. Data packets related to the first application are transmitted over a first link and data packets related to the second application over the second link.

Abstract: A communication device includes a storage unit that stores a conversion table; a receiving unit that receives a packet addressed to a user terminal from a server, and an address conversion unit that converts a destination address of the packet into a multicast address in accordance with the conversion table, adds, to the packet, an identification ID for identifying a group to which the user terminal belongs, and transmits the packet to which the identification ID is added.

Abstract: Techniques are disclosed for a computing system comprising processing circuitry having access to a storage device, the processing circuitry configured to: generate, by a network controller executing in a software defined network (SDN), an advertisement in a first network cluster executing within a container orchestration platform of the SDN, wherein the advertisement conforms to a routing protocol and comprises information identifying a network service executing in the first network cluster, wherein the network service exposes a backend of a network application to the container orchestration platform of the SDN; and broadcast, by the network controller and to a second network cluster executing within the container orchestration platform of the SDN, the advertisement in accordance with the routing protocol.

Abstract: Disclosed are a method and apparatus for sending a segment routing traffic engineering (SR-TE) policy, a method and apparatus for receiving an SR-TE policy, a network element, and a computer-readable storage medium. The method for sending an SR-TE policy includes creating an SR-TE policy instance by a first network element; and sending an SR-TE policy corresponding to the SR-TE policy instance to a second network element by the first network element, where the SR-TE policy carries path identifier information and primary/standby state information of a segment list so as to support fast reroute (FRR) of a segment list level.

Abstract: Methods are provided which involve obtaining information about a distributed ledger instance associated with an enterprise and generating at least one announcement that advertises a presence of the distributed ledger instance based on the information. The methods further involve providing the at least one announcement to one or more network devices associated with other distributed ledger instances to provide visibility of the distributed ledger instance to the other distributed ledger instances.

Abstract: The predictive overlay network architecture of the present invention improves the performance of applications distributing digital content among nodes of an underlying network such as the Internet by establishing and reconfiguring overlay network topologies over which associated content items are distributed. The present invention addresses not only frequently changing network congestion, but also interdependencies among nodes and links of prospective overlay network topologies. The present invention provides a prediction engine that monitors metrics and predicts the relay capacity of individual nodes and links (as well as demand of destination nodes) over time to reflect the extent to which the relaying of content among the nodes of an overlay network will be impacted by (current or future) underlying network congestion.