A system and method of detecting an unauthorized access, phish attempt, or ransomware attempt based on limiting network transmission of data packets within an authorized device range. The method includes establishing a router hop limit value to predetermine an authorized device range for data packets to be exchanged between communicating pair devices and limiting transmission of data packets to within the predetermined authorized device range by discarding data packets after reaching the predetermined authorized device range as a function of the established hop limit value, to exclude devices beyond the predetermined authorized device range. Analyzer, Explorer, Setter, Modifier and Monitor Modules interoperate to suppress spurious communications from remote intruders.

Systems and methods include obtaining a table having a plurality of addresses each having a plurality of attributes and classifications; responsive to a requirement to reduce a size of the table, reducing a number of the plurality of addresses based on one or more reduction approaches that use any of the plurality of attributes and classifications; and obtaining an output table having some or all of the plurality of addresses for a table receiver. The table can be obtained via control plane components including one or more of Interior Gateway Protocol (IGP) and Border Gateway Protocol (BGP). The requirement to reduce the size is based on a size of the table and a size of memory associated with the table receiver.

Systems and methods are disclosed for determining a topology of a network comprising a plurality of intermediary devices and intermediary paths. One method includes transmitting probes having a TTL value with a destination set to a destination device; receiving, for each probe transmitted, a response including an IP address of a responding device; determining whether more than one responding device has responded to the probes; determining whether more than one responding device has been found for two previous transmissions of probes when more than one responding device has responded to the probes; and transmitting, for each more than one responding device, probes having a decreased TTL value with a destination set to one of the IP addresses of the more than one responding devices, when more than one responding device has been found for two previous transmissions.

Apparatuses, methods, and systems are disclosed for transmitting data corresponding to a relay UE. One method includes transmitting data and first information indicating relay information corresponding to retransmission of the data by a relay UE to at least one UE. The first information comprises a relay identifier, an indication that retransmission of the data is based on feedback received by the relay UE, an indication that retransmission of the data is based on a multi-hop count, an indication for the relay UE to transfer the data from a receiver buffer to a transmit buffer and to retransmit the data from the transmit buffer, an indication for the relay UE to retransmit the data to an indicated destination node, or some combination thereof. The method includes transmitting second information indicating a remaining packet delay budget to the at least one UE.

In a slice-based network, switches can be programmed to perform routing functions based on a slice identifier. The switch can receive a packet and determine a slice identifier for the packet based on packet header information. The switch can use the slice identifier to determine a next hop. Using the slice identifier with a multi-path table, the switch can select an egress interface for sending the packet to the next hop. The multi-path table can ensure that traffic for a slice stays on the same interface link to the next hop, even when a link aggregation group (“LAG”) is used for creation of a virtual channel across multiple interfaces or ports.

Disclosed herein are systems and methods for creating an ultra-lightweight multi-tenant network virtualization model by augmenting an OSI layer 4 tuple (protocol, source IP address, destination IP address, source port, destination port) with additional private gateway-specific source and destination augmented addresses. A unique OpenVPN Augmented Address (OAA) may be created and assigned to each device on a network such as a mesh-linked system. This OAA may form part of a packet shim created with routing path information for both the source and the destination resources. Once created, the shim may be inserted into a packet header for transmission. Once the initial packet is transmitted, each hop creates its own resources for managing transmission of subsequent packets in this session. The packet shim operates to establish a communications session on layer 4 (Transport) between the requestor and the target resource which is intermediate-device agnostic.

A method for content caching in information centric network virtualization includes receiving, by a first node, a first data packet; in response to a cache distance identifier hop of the first data packet being less than a preset maximum cache distance, setting hop=hop+1 and sending the first data packet to a next node by the first node; in response to the hop being not less than the preset maximum cache distance and there being available cache space in the first node, setting hop=0, storing the first data packet, and sending the first data packet to the next node by the first node. The node determines whether to cache a data packet based on the cache distance identifier of the data packet, which comprehensively considers the cache energy consumption caused by caching the data packet in the node and the transmission energy consumption caused by transmission of the data packet in the link, thereby effectively reducing the total energy consumption of the network.

A data processing method implemented by a controller includes receiving a processing request from a specified node that carries identifiers of a plurality of computing nodes, where the plurality of computing nodes are configured to execute a specified calculation task, determining a target switching device from switching devices that are configured to connect to the plurality of computing nodes, and separately sending, to the target switching device and the specified node, routing information that indicates data forwarding paths between the plurality of computing nodes and the target switching device. The target switching device is configured to combine, based on the routing information, data reported by the plurality of computing nodes, and then send combined data to each computing node. The specified node is configured to send the routing information to each computing node, and each computing node may report data to the target switching device based on the routing information.

Methods and systems are provided for performing lossy dropping and ECN marking in a flow-based network. The system can maintain state information of individual packet flows, which can be set up or released dynamically based on injected data. Each flow can be provided with a flow-specific input queue upon arriving at a switch. Packets of a respective flow are acknowledged after reaching the egress point of the network, and the acknowledgement packets are sent back to the ingress point of the flow along the same data path. As a result, each switch can obtain state information of each flow and perform per-flow packet dropping and ECN marking.

The embodiments herein relate to a method and a system for switch data frames in a network comprising a plurality of switch devices. The method comprising: assigning to each switch device, a SW-ID, exchanging SW-IDs between switch devices; building a routing table, for each switch device; receiving a frame at a switch device. If the frame is a broadcast frame, generating separate copies of the frame; modifying a destination MAC address of each generated copy of the frame by including in the destination MAC address an indicator value; and further including the SW-ID of a corresponding switch device and based on the routing table and the cost indicating in the routing table, transmitting or forwarding each modified frame towards the switch device having the SW-ID indicated in the frame.