Ghost routing is a network verification technique that uses a portion of a production network itself to verify the impact of potential network changes. Ghost routing logically partitions the production network into a main network and a ghost network. The main network handles live traffic while the ghost network handles traffic generated for diagnostic purposes. The ghost network may have a network topology identical to the production network and may use the same hardware and software as the production network. An operator may implement a network configuration change on the ghost network and then use verification tools to verify that the network configuration change on the ghost network does not result in bugs. Verifying on the ghost network may not affect the main network. If the network operator verifies the network configuration change on the ghost network, the network operator may implement the network configuration change on the main network.

Disclosed is a computing apparatus implemented with a network hypervisor implementing software defined network (SDN)-based network virtualization. The computing apparatus include a statistics virtualization module configured to provide individual statistics to each of created virtual networks, a transmission disaggregation module configured to include a physical statistics cache that performs periodic monitoring of a plurality of physical switches and store statistics of the physical switches collected, and a physical statistics aggregation module configured to respond with statistics of the plurality of physical switches when a single monitoring request.

Aspects of the subject disclosure may include, for example, a method in which a processing system identifies a set of target users of user equipment communication devices (UEs), based on reports from the UEs regarding a quality of service (QoS) experienced by the respective UEs; obtaining from internal sources a set of key performance indicators (KPIs) for the communication network; correlating information received from external sources with the data obtained from the internal sources to validate the reports from the UEs; and recommending, in accordance with data records generated by the correlating, an action to improve the QoS for a UE of the set of UEs, where the action includes a modification of the UE and/or a reconfiguration of the network. Other embodiments are disclosed.

A method and system for remote testing of a plurality of devices is disclosed. The method may include receiving a request from a client system to perform testing on a set of remote devices. The local system and the client system are connected via a first network connection and the plurality of remote devices are connected to the local system via a second network connection. The method may further include receiving an input from the client system with reference to a test-suite to perform a testing action on the set of remote devices, generating a test command corresponding to the input, and transmitting the test command to each of the set of remote devices. The method may further include receiving feedback from each of the set of remote devices and transmitting the feedback to the client system.

Techniques for in-situ passive performance measurement are described. In one embodiment, a method includes receiving a data packet at a first network element, determining whether measurement information is to be collected for the data packet, providing one or more measurement fields for the data packet based on a determination that measurement information is to be collected for the data packet in which at least one measurement field identifies a measurement type, and forwarding the data packet to a second network element. The method further includes determining, by the second network element, the measurement type for the data packet, and performing one or more actions based on the measurement type.

A computing system implementing an application service can receive network data from computing devices of clients of the application service. The system can determine, from the network data, that a network latency for a subset of the computing devices crosses above a latency threshold. Based on determining that the subset of computing devices utilize a common network service provider, the system can transmit a set of configuration signals to the subset of computing devices, which modify a set of default application configurations of the designated application to compensate for the network latency.

In one embodiment, a labeling service receives telemetry data for a cluster of endpoint devices in a first network environment. The endpoint devices in the cluster are clustered by a device classification service based on their telemetry data and labeled by a device type classifier of the device classification service as being of an unknown device type. The labeling service obtains a first device type label for the cluster of endpoint devices via a first user interface. The labeling service identifies one or more other network environments in which endpoint devices are located that have similar telemetry data as that of the cluster of endpoint devices. The labeling service obtains device type labels for the cluster of endpoint devices via a selected set of user interfaces from the identified one or more other network environments. The labeling service validates the first device type label for the cluster using the device type labels obtained via the selected set of user interfaces from the identified one or more other network environments.

Example methods are provided for a network scanning controller to perform agent-based network scanning in a software-defined networking (SDN) environment. In one example, the method may comprise identifying multiple networks for which network scanning is required, performing a first network scan using a first agent to obtain first address mapping information associated with multiple first workloads, and performing a second network scan using a second agent to obtain second address mapping information associated with multiple second workloads. The first agent and the multiple first workloads may be located in a first network, and the second agent and the multiple second workloads in a second network. The method may also comprise generating aggregated address information based on the first address mapping information and the second address mapping information.

A method includes extracting packet information of a data packet to be transmitted through a Transmission Control Protocol (TCP) connection. If the packet information does not match information in a first data flow table, a first compliance detection is performed on the data packet. A state machine of the TCP connection is obtained if the first compliance detection is successful. The method also includes recording the packet information in the first data flow table, recording a connection status of the TCP connection in a first connection tracking table, and sending the data packet to a receiving end of the TCP connection. If the packet information matches the information in the first data flow table, a second compliance detection is performed on the data packet and, if the second compliance detection fails, the connection status of the TCP connection is adjusted and the data packet is discarded.

The process includes acquiring, from a relay device that relays a packet between a first communication device and a second communication device, a plurality of first delay times generated by a round trip of the packet between the first communication device and the relay device, and a plurality of second delay times generated by a round trip of the packet between the second communication device and the relay device, sorting separately the plurality of first delay times and the plurality of second delay times based on a length of a delay time, and calculating device delay times based on a first delay calculation that calculates a difference between each of the plurality of first delay times and each of the plurality of second delay times in a same rank after the sorting.