Systems and methods for creating loopback packets for transmission through a section of a network for the purpose of testing the operability of links and nodes in this section of the network are provided. A method, according to one implementation, includes a step of obtaining information, by a Network Element (NE), about the topology of the network related to at least the nodes in direct communication with a peer node. The method also includes a step of generating one or more loopback packets, where each loopback packet includes at least a header having a path list including one or more nodes of the plurality of nodes in the network. Each path list defines an order of nodes through which the respective loopback packet is to be transmitted.

As described herein, a router signals a source device to establish a new stateful communication session with a destination device by changing a network path used by traffic associated with the session. In one example, a router forwards traffic of a first stateful routing session established by the source device along a first path. In response to determining that that the first path should not be used, the router forwards a packet of the first session along a second path. The destination device recognizes the change in path, which causes the destination device to reject the packet, which in turn causes the source device to establish a second stateful routing session. The router forwards subsequent traffic of the second stateful routing session along the second path.

As described herein, a router signals a source device to establish a new stateful communication session with a destination device by changing a network path used by traffic associated with the session. In one example, a router forwards traffic of a first stateful routing session established by the source device along a first path. In response to determining that that the first path should not be used, the router forwards a packet of the first session along a second path. The destination device recognizes the change in path, which causes the destination device to reject the packet, which in turn causes the source device to establish a second stateful routing session. The router forwards subsequent traffic of the second stateful routing session along the second path.

Systems and methods include detecting whether a monitored network has a unique configuration; responsive to the unique configuration, determining an ingress point for flow samples; and utilizing the determined ingress point for the flow samples to generate a traffic report for the monitored network. The unique configuration is an inter-Autonomous System (AS) option-C Virtual Private Network (VPN) network where control and data planes are asymmetric. The approach provides traffic projection based on the flow samples with the asymmetric flows.

Systems and methods include detecting whether a monitored network has a unique configuration; responsive to the unique configuration, determining an ingress point for flow samples; and utilizing the determined ingress point for the flow samples to generate a traffic report for the monitored network. The unique configuration is an inter-Autonomous System (AS) option-C Virtual Private Network (VPN) network where control and data planes are asymmetric. The approach provides traffic projection based on the flow samples with the asymmetric flows.

A method for establishing a fully private, information secure interconnection between a source and a destination over a data network with at least a portion of a public infrastructure. The method comprising at the source creating n shares of a source data according to a predetermined secret sharing scheme, and encrypting the n shares using (n, k) secret sharing. Further, defining for at least one node vi a directed edge (Vi1, Vi2) that has a k−1 capacity. All outgoing links of vi are connected to vi2. Additionally, using a maximum flow algorithm to define the maximum number of shares outgoing from vi2, and therefore from vi, on each outgoing link. The number of shares forwarded by node vi does not exceed the number of maximum shares that were defined by the maximum flow algorithm.

A method for establishing a fully private, information secure interconnection between a source and a destination over a data network with at least a portion of a public infrastructure. The method comprising at the source creating n shares of a source data according to a predetermined secret sharing scheme, and encrypting the n shares using (n, k) secret sharing. Further, defining for at least one node vi a directed edge (Vi1, Vi2) that has a k−1 capacity. All outgoing links of vi are connected to vi2. Additionally, using a maximum flow algorithm to define the maximum number of shares outgoing from vi2, and therefore from vi, on each outgoing link. The number of shares forwarded by node vi does not exceed the number of maximum shares that were defined by the maximum flow algorithm.

A system, method, and computer-readable medium for performing a traffic routing operation. The traffic routing operation includes: establishing a plurality of virtual private network (VPN) connections within an information handling system; obtaining a configuration policy for each of the plurality of VPN connections, the configuration policy for each of the plurality of VPN connections comprising an indication of at least one type of supported link of a plurality of links; configuring a plurality of queues for packets being communicated via the plurality of virtual private network connections, the plurality of queues being greater than the plurality of VPN connections; creating a tunnel indication for each of the plurality of VPN connections; mapping the tunnel indication for each of the plurality of VP connections to a respective queue of the plurality of queues; and, mapping each queue of the plurality of queues to a link of a particular VPN connection.

A system and method for distributing packets in a network arc disclosed. The method comprises a step of receiving at least one data packet at a first node front a second node. The method also comprises a step of determining a current set of weights which are applied by the second node to distribute data packets across the first plurality of links. The received data packets are analysed to determine if the current set of weights are to be adjusted (step S102). When it is determined that the current set of weights is to be adjusted, an adjusted set of weights is generated by determining an adjustment factor (step S104). The adjustment factor is applied to the current weight for the selected link and at least one other current w eight in the current set of w eights.

A load distribution apparatus connected, via a network, to a plurality of relay apparatuses that relay communication performed by a terminal, and to the terminal, including: storage means configured to store relay apparatus identifiers that identify each of the plurality of relay apparatuses, installation site information that indicates installation sites of each of the plurality of relay apparatuses, and load information that indicates loads of each of the plurality of relay apparatuses; load management means configured to collect the load information from each of the plurality of relay apparatuses to store the load information in the storage means; selection means configured, when receiving a request from the terminal, to select a relay apparatus for relaying communication performed by the terminal from among the plurality of relay apparatuses based on the installation site information or the load information; and transmission means configured to transmit, to the terminal that transmits the request, a relay apparatus identifier of the relay apparatus selected by the selection means.