A method performed by a network controller for a mobile transport network. The method includes: obtaining traffic information for a plurality of demands for connectivity from client nodes through the mobile transport network, the traffic information for each demand identifying a client node for the demand, an egress node for the demand and an amount of traffic for the demand; calculating, for each demand, one or more paths from the client node, via an ingress node, to the egress node through the mobile transport network; mapping each path for a demand to a source port in the ingress node for the demand; providing the mapping to the ingress nodes to enable routing of traffic pertaining to the demands via the paths, based on the source port; and providing the source ports to the client nodes for inclusion in traffic pertaining to the demands.

In one embodiment, a method includes determining a secure path through a first plurality of network nodes within a network and determining an alternate secure path through a second plurality of network nodes within the network. The method also includes routing network traffic through the first plurality of network nodes of the secure path and detecting a failure in the secure path using single-hop BFD authentication. The method further includes rerouting the network traffic through the second plurality of network nodes of the alternate secure path.

In one embodiment, a method includes determining a secure path through a first plurality of network nodes within a network and determining an alternate secure path through a second plurality of network nodes within the network. The method also includes routing network traffic through the first plurality of network nodes of the secure path and detecting a failure in the secure path using single-hop BFD authentication. The method further includes rerouting the network traffic through the second plurality of network nodes of the alternate secure path.

Example network devices, systems, and methods are disclosed. In an example, a network device includes memory configured to store information associated with one or more service level agreements (SLAs) for applications in a software-defined wide area network (SD-WAN) and an application-based multipath routing (AMR) module including processing circuitry. The AMR module is configured to identify, based on criteria, one or more of the applications for AMR, wherein each criterion of the criteria is associated with a corresponding property of an application. The AMR module is configured to determine a breach of one of the SLAs on each WAN link associated with a first application of the identified one or more applications. The AMR module is configured to apply, in response to determining the breach, AMR for the first application.

Example network devices, systems, and methods are disclosed. In an example, a network device includes memory configured to store information associated with one or more service level agreements (SLAs) for applications in a software-defined wide area network (SD-WAN) and an application-based multipath routing (AMR) module including processing circuitry. The AMR module is configured to identify, based on criteria, one or more of the applications for AMR, wherein each criterion of the criteria is associated with a corresponding property of an application. The AMR module is configured to determine a breach of one of the SLAs on each WAN link associated with a first application of the identified one or more applications. The AMR module is configured to apply, in response to determining the breach, AMR for the first application.

Receiving, by a network device at a receiving time, one or more packets, each packet being one of a plurality of ordered packets in one of a plurality of streams received at the network device. Determining, by the network device for each received packet, a transmit time based on one timer common to the plurality of streams. Indexing, by the network device in a data store common to the plurality of streams, each packet by the determined transmit time. Transmitting, by the network device at each particular time corresponding to a determined transmit time, all packets in the data store indexed to the particular time.

Receiving, by a network device at a receiving time, one or more packets, each packet being one of a plurality of ordered packets in one of a plurality of streams received at the network device. Determining, by the network device for each received packet, a transmit time based on one timer common to the plurality of streams. Indexing, by the network device in a data store common to the plurality of streams, each packet by the determined transmit time. Transmitting, by the network device at each particular time corresponding to a determined transmit time, all packets in the data store indexed to the particular time.

This disclosure is directed to processes and systems for generating data packets in a smart network interface controller (“SNIC”) of a host server computer. A smart packet generator (“spktgen”) controller receives a user command that contains directions for how packets are generated in the SNIC. The command is sent to a spktgen daemon that runs in a control core of the multicore processor. The spktgen daemon extracts the type of packet generator and packet parameters recorded in the command and sends the type of packet generator and packet parameters to a spktgen engine that also runs in the control core. The spktgen engine creates threads in each of one or more data cores of the multicore processor. Each thread comprises instructions for generating data packets from the data generated by data generating sources of the host in accordance with the type of packet generator and the packet parameters.

This disclosure is directed to processes and systems for generating data packets in a smart network interface controller (“SNIC”) of a host server computer. A smart packet generator (“spktgen”) controller receives a user command that contains directions for how packets are generated in the SNIC. The command is sent to a spktgen daemon that runs in a control core of the multicore processor. The spktgen daemon extracts the type of packet generator and packet parameters recorded in the command and sends the type of packet generator and packet parameters to a spktgen engine that also runs in the control core. The spktgen engine creates threads in each of one or more data cores of the multicore processor. Each thread comprises instructions for generating data packets from the data generated by data generating sources of the host in accordance with the type of packet generator and the packet parameters.

According to an embodiment of the present disclosure, there is provided a method for providing a virtual private network service in ICN name-based networking. The method comprising: receiving an interest packet; checking whether or not the interest packet includes a forwarding hint; checking, when the interest packet includes the forwarding hint, whether or not the forwarding hint includes a specific keyword; generating, when the forwarding hint includes the specific keyword, a VRF ID by extracting a VRF name from a name of the interest packet; selecting an FIB by using the generated VRF ID; executing a lookup for the FIB by using an interest name extracted from the interest packet; determining an output port by using the lookup; and transmitting the interest packet to the output port.