Methods and systems for transmitting data packets from a host to a destination via a virtual private network (VPN) connection at a VPN gateway. VPN gateway receives encapsulated packets via the VPN connection. The encapsulated packets encapsulate the data packets originated from the host. VPN gateway decapsulates the encapsulated packets to retrieve the data packets. VPN gateway determines whether the data packets originated from an IoT device based on IP address of the host. When the host is the IoT device, VPN gateway performs deep packet inspection (DPI) on the data packets. VPN gateway determines whether the data packets are allowed to be transmitted to the destination. When the data packets are allowed to be transmitted to the destination, VPN gateway transmits the data packets to the destination.

Methods and systems for transmitting data packets from a host to a destination via a virtual private network (VPN) connection at a VPN gateway. VPN gateway receives encapsulated packets via the VPN connection. The encapsulated packets encapsulate the data packets originated from the host. VPN gateway decapsulates the encapsulated packets to retrieve the data packets. VPN gateway determines whether the data packets originated from an IoT device based on IP address of the host. When the host is the IoT device, VPN gateway performs deep packet inspection (DPI) on the data packets. VPN gateway determines whether the data packets are allowed to be transmitted to the destination. When the data packets are allowed to be transmitted to the destination, VPN gateway transmits the data packets to the destination.

Socially provided context-based messaging can include receiving a message content in a messaging system from a user, wherein the content includes objects; matching one or more objects of the message content to socially provided context information, which the socially provided context information is information relevant to an object obtained from a social network to which the user belongs; and displaying the socially provided context information with the message content for a recipient user to receive.

Provided are methods and devices for acquiring a Media Access Control (MAC) address. According to a method for acquiring an MAC address, an MAC address request message is received, wherein the MAC address request message carries a Fibre Channel Identifier (FCID); whether the FCID is matched with an FCID of a receiver receiving the MAC address request message or not is judged; and when it is judged that the FCID is matched with the FCID of the receiver receiving the MAC address request message, the receiver sends a response message, wherein the response message carries an MAC address of the receiver. The technical solution solves the problem in a related technology that communication cannot be directly performed through the link layer, and has the effect of directly acquiring an MAC address corresponding to an FCID of an opposite end so as to perform communication by fast switching at the link layer.

A writing application on a computing device can reference a tail pointer to write messages to message buffers that a peer-to-peer data link replicates in memory of another computing device. The message buffers are divided into at least two queue segments, where each segment has several buffers. Messages are read from the buffers by a reading application on one of the computing devices using an advancing head pointer by reading a message from a next message buffer when determining that the next message buffer has been newly written. The tail pointer is advanced from one message buffer to another within a same queue segment after writing messages. The tail pointer is advanced from a message buffer of a current queue segment to a message buffer of a next queue segment when determining that the head pointer does not indicate any of the buffers of the next queue segment.

The present application is directed towards systems and methods for adaptive application provisioning for cloud services. An appliance deployed in a network as a gateway may be able to transparently monitor application activity in a cloud computing environment provided by one or more servers, including servers executed by virtual machines, bare-metal or non-virtual servers, or other computing devices. In some embodiments, the appliance may monitor one or more network metrics, including bandwidth usage, latency, congestion, or other issues; and/or may monitor application health or server or virtual machine statistics, including memory and processor usage, bandwidth usage, latency, or other metrics. Responsive to one or more metrics exceeding a threshold, the appliance may automatically provision or start, or deprovision or shut down, one or more virtual or physical machines from a cloud service provider, and may provide configuration information to the provisioned or started machines as needed.

A method for sending a service by a first gateway (GW) among multiple GWs includes, upon reception of a request for a service from a terminal, determining whether the first GW is able to provide the service, detecting a second GW that is able to provide the service requested by the terminal among the multiple GWs based on GW management information that includes respective service information regarding services that the multiple GWs are able to provide, if the first GW is not able to provide the service, requesting the second GW to provide the service requested by the terminal, and upon reception of the service from the second GW, forwarding the service to the terminal. The other embodiments, including a gateway and a terminal are also disclosed.

A network node, comprising a receiver configured to receive a request for a service, wherein the request comprises a hierarchically structured name comprising a root and a suffix, a data storage component comprising a network synchronized policy rule associated with a service name root, wherein the network synchronized policy rule is applied to any request for a service whose name comprises a root matching the service name root, and a processor coupled to the receiver and to the data storage component, wherein the processor is configured to apply the network synchronized policy rule to the request, wherein the processor is configured to synchronize service definitions and service policies with other nodes in a network based on the name of the service, and wherein the network synchronized policy rule is synchronized with the other nodes in the network using name-based routing.

According to an example, in an AC pool including a MAC and a plurality of LACs registered on the MAC, after a first LAC is registered on the MAC, the MAC issues a first traffic rule to the first LAC, wherein the first traffic rule redirects a discovery packet sent from an AP to the MAC. When receiving the discovery packet sent from the AP or receiving a discovery packet sent from the AP and forwarded via a LAC, the MAC selects, from a plurality of the LACs, a second LAC for handling the AP. The MAC generates a second traffic rule associated with the AP and the second LAC, and issue the second traffic rule to a plurality of the LACs, so that when another LAC receives a communication tunnel protocol packet sent from the AP, the other LAC redirects the communication tunnel protocol packet to the second LAC.

Technologies for packet flow classification on a computing device include a hash table including a plurality of hash table buckets in which each hash table bucket maps a plurality of keys to corresponding traffic flows. The computing device performs packet flow classification on received data packets, where the packet flow classification includes a plurality of sequential classification stages and fetch classification operations and non-fetch classification operations are performed in each classification stage. The fetch classification operations include to prefetch a key of a first received data packet based on a set of packet fields of the first received data packet for use during a subsequent classification stage, prefetch a hash table bucket from the hash table based on a key signature of the prefetched key for use during another subsequent classification stage, and prefetch a traffic flow to be applied to the first received data packet based on the prefetched hash table bucket and the prefetched key. The computing device handles processing of received data packets such that a fetch classification operation is performed by the flow classification module on the first received data packet while a non-fetch classification operation is performed by the flow classification module on a second received data packet.