Example methods and systems are provided a network device to perform tunnel-based service insertion in a public cloud environment. An example method may comprise establishing a tunnel between the network device and a service path. The method may also comprise: in response to receiving a first encapsulated packet, identifying the service path specified by a service insertion rule; generating and sending a second encapsulated packet over the tunnel to cause the service path to process an inner packet according to one or more services. The method may further comprise: in response to receiving, from the service path via the tunnel, a third encapsulated packet that includes the inner packet processed by the service path, sending the inner packet processed by the service path, or a fourth encapsulated packet, towards a destination address of the inner packet.

The present specification discloses a data processing method, apparatus, medium and device. The method includes: receiving a QUIC data packet that is sent by a first device and that includes a CID; parsing the CID and determining a routing address based on a parsing result; and routing the received QUIC data packet to a second device based on the routing address, so the second device processes the QUIC data packet. When a data packet sent by a transmitting end device is received, a routing address of data transmission is determined by processing the received data packet, to quickly establish a data transmission channel between the transmitting end device and a receiving end device. As such, stored context information is not required, and connection errors caused by exceptions such as restarting and scaling in/out on a load balancer will not occur, thereby effectively improving processing efficiency of data transmission by using the QUIC protocol.

Methods and systems are disclosed to aggregate traffic from multiple server devices through a peripheral component interconnect (PCI) hosting device. In one embodiment, the PCI hosting device comprises a network interface to couple the PCI hosting device to a network, a plurality of PCI interfaces, a processing circuit to forward packets, and a power supply to supply power to the PCI interfaces independently from the plurality of server devices. Each of the PCI interfaces is designed to be coupled to one server device to the PCI hosting device, which is registered as a first PCI board of a first server device through a first PCI interface and as a second PCI board of a second server device through a second PCI interface, and the PCI hosting device is designed to forward packets between the network interface and the first server device, and the network interface and the second server device.

In one embodiment, a segment routing and tunnel exchange provides packet forwarding efficiencies in a network, including providing an exchange between a segment routing domain and a packet tunnel domain. One application includes the segment routing and tunnel exchange interfacing segment routing packet forwarding (e.g., in a Evolved Packet Core (EPC) and/or 5-G user plane) and packet tunnel forwarding in access networks (e.g., replacing a portion of a tunnel between an access node and a user plane function for accessing a corresponding data network). In one embodiment, a network provides mobility services using a segment routing data plane that spans segment routing and tunnel exchange(s) and segment routing-enabled user plane functions. One embodiment uses the segment routing data plane without any modification to a (radio) access network (R)AN (e.g., Evolved NodeB, Next Generation NodeB) nor to user equipment (e.g., any end user device).

Provided are an information transmission method and apparatus, an information processing method and apparatus, a terminal, a network element, and a storage medium. The information transmission method includes encapsulating non-access stratum (NAS) information and access resource (AS) parameter information in a vendor-specific protocol (VSP) packet, where the NAS information includes NAS system information and NAS customization information, and the AS parameter information is used for wired side resource negotiation; encapsulating establishment signaling of a wired access network control plane channel in a vendor-specific network control protocol (VSNCP) packet; and transmitting, through the VSP packet and the VSNCP packet, the NAS information and the AS parameter information.

Methods, systems and computer readable media are disclosed for providing scalable and secured connectivity per Internet Protocol Security (IPSEC) tunnel. In one embodiment a method includes spreading Encapsulating Security Payload (ESP) encryption for a same IPSEC tunnel across multiple backend application servers; and processing application flows using decrypted packets by embedding the Application Server instance-id in ESP and application packets for correlation with application packet flows.

Described herein are systems, methods, and software to manage the selection of an edge gateway or edge for processing a packet. In one implementation, a first edge may receive a packet and hash addressing information in the packet to select a second edge to process the packet. The first edge may further forward the packet to the second edge, permitting the second edge to process the packet. Once processed, the second edge may forward the packet to a destination host computing system and notify the host computing system to use the second edge for response packets directed at a source internet protocol (IP) address in the packet.

A control node and/or a storage processing node maybe configured to modify a control path between a control node and storage processing node to include at least a portion of a data fabric and another processing node. Control communications may be sent over the data fabric by encapsulating control information that is configured in accordance with a first technology of the control fabric within communications configured in accordance with a second technology of the data fabric. Control switching logic may include logic to switch to a modified control path that includes at least a portion of a data fabric: in response to a failure of the control path; to load balance management activity; and/or improve QoS of management activity.

In one embodiment, a method generally includes a first edge (E) node in a network receiving an encapsulated data packet, wherein the encapsulated data packet comprises an outer header and a data packet, wherein the outer header comprises a first router locator (RLOC) corresponding to the first E node, wherein the data packet comprises an internet protocol (IP) header, and wherein the IP header comprises a destination endpoint identification (EID) corresponding to a host H. The first E node determines whether the host H is attached to the first E node. And in response to the first E node determining the host is attached to the first E node, the first E node forwards the data packet to the host H. The first E node receives a message from another node after the host H detaches from the first E node and reattaches to another E node, wherein the message comprises the destination EID.

A method, apparatus, and computer program product provide for updating configuration parameters of a universal integrated circuit card via dedicated network functions in a 5G system. In the context of a method, the method receives an encapsulation request from a unified data management module, the encapsulation request comprising data for at least one configuration parameter associated with a universal integrated circuit card of a user device. The method generates, in response to the encapsulation request, a secure packet comprising the at least one configuration parameter and a secure packet header. The method also provides the secure packet to the unified data management module for delivery to the user device.