Example security systems for use between at least one upstream router and at least one downstream router, are described. A group or pool of security devices can be used to provide stateful security to bidirectional packet flows between upstream and downstream routers. The packets of the bidirectional flows are forwarded to particular security devices based on a consistent hash ring process. For a given flow, bidirectional state information is synchronized among some, but not all, of the security devices. The security devices among which such bidirectional flow state information is shared are determined using the same consistent hash ring process.

A method may include receiving, at a target, from a server, a command, information to identify data, and access information to perform a data transfer using a memory access protocol, and performing, based on the command, based on the access information, the data transfer between the target and a client using the memory access protocol. The information to identify the data may include an object key, and the object key and the access information may be encoded, at least partially, in an encoded object key. The method may further include sending, based on the data transfer, from the target to the server, a completion. The method may further include sending, based on the completion, from the server to the client, an indication of success. The method may further include reconstructing the data based on the parity data.

A method may include receiving, at a target, from a server, a command, information to identify data, and access information to perform a data transfer using a memory access protocol, and performing, based on the command, based on the access information, the data transfer between the target and a client using the memory access protocol. The information to identify the data may include an object key, and the object key and the access information may be encoded, at least partially, in an encoded object key. The method may further include sending, based on the data transfer, from the target to the server, a completion. The method may further include sending, based on the completion, from the server to the client, an indication of success. The method may further include reconstructing the data based on the parity data.

Examples described herein relate to a network interface device comprising: circuitry, when operational, to: in response to congestion related to a link, cause transmission of link event information to at least one sender of packets to the link, wherein the link event information is to identify congestion information of at least one link other than the link.

Examples described herein relate to a network interface device comprising: circuitry, when operational, to: in response to congestion related to a link, cause transmission of link event information to at least one sender of packets to the link, wherein the link event information is to identify congestion information of at least one link other than the link.

Rapid channel failure detection and recovery in wireless communication networks is needed in order to meet, among other things, carrier class Ethernet channel standards. Thus, resilient wireless packet communications is provided using a physical layer link aggregation protocol with a hardware-assisted rapid channel failure detection algorithm and load balancing, preferably in combination. This functionality may be implemented in a Gigabit Ethernet data access card with an engine configured accordingly. In networks with various topologies, these features may be provided in combination with their existing protocols.

Rapid channel failure detection and recovery in wireless communication networks is needed in order to meet, among other things, carrier class Ethernet channel standards. Thus, resilient wireless packet communications is provided using a physical layer link aggregation protocol with a hardware-assisted rapid channel failure detection algorithm and load balancing, preferably in combination. This functionality may be implemented in a Gigabit Ethernet data access card with an engine configured accordingly. In networks with various topologies, these features may be provided in combination with their existing protocols.

As described herein, a router signals a source device to establish a new stateful communication session with a destination device by changing a network path used by traffic associated with the session. In one example, a router forwards traffic of a first stateful routing session established by the source device along a first path. In response to determining that that the first path should not be used, the router forwards a packet of the first session along a second path. The destination device recognizes the change in path, which causes the destination device to reject the packet, which in turn causes the source device to establish a second stateful routing session. The router forwards subsequent traffic of the second stateful routing session along the second path.

As described herein, a router signals a source device to establish a new stateful communication session with a destination device by changing a network path used by traffic associated with the session. In one example, a router forwards traffic of a first stateful routing session established by the source device along a first path. In response to determining that that the first path should not be used, the router forwards a packet of the first session along a second path. The destination device recognizes the change in path, which causes the destination device to reject the packet, which in turn causes the source device to establish a second stateful routing session. The router forwards subsequent traffic of the second stateful routing session along the second path.

In one embodiment, a primary tunnel is established from a head-end node to a destination along a path including one or more protected network elements for which a fast reroute path is available to pass traffic around the one or more network elements in the event of their failure. A first path quality measures path quality prior to failure of the one or more protected network elements. A second path quality measures path quality subsequent to failure of the one or more protected network elements, while the fast reroute path is being used to pass traffic of the primary tunnel. A determination is made whether to reestablish the primary tunnel over a new path that does not include the one or more failed protected network elements, or to continue to utilize the path with the fast reroute path, in response to a difference between the first path quality and the second path quality.