A label management method includes allocating, by a controller, a source label to a data stream, sending, by the controller, a first Border Gateway Protocol (BGP) update packet to an ingress network device on a label switching path (LSP) of the data stream, and sending a second BGP update packet to an egress network device on the LSP of the data stream, where the first BGP update packet includes a stream identifier of the data stream and the source label, and the second BGP update packet includes a mapping relationship between the source label and a source object of the data stream.

Techniques are presented to stitch existing virtual private networks (VPNs), such as MPLS based VPNs, with virtual private clouds (VPCs) in public cloud data centers. The stitching architecture can be realized by configuring a virtual routing application (VRA) in the VPCs and configuring virtual routing applications and a virtual routing application controller in the existing VPN. For VPCs in public clouds that do not have a VRA, traffic can be default routed to VPCs with a VRA.

Devices, systems, and methods are described that employ actionable intelligence in an emergency or other situation requiring immediate situational awareness, based on multiple types of input. Actionable intelligence is an output providing guidance or information that can be acted on to resolve an incident. The device can be configured to request re-allocation of resources based on incident severity, and bonding technology is used to provide improved speed and reliability in networking communications following a triggering event.

A primary internet connection via a gateway or router located at a premises may be used to route internet traffic from devices located at the premises. A change in the primary internet connection, such as a loss or a degradation of the connection, may occur. Based on the change in the primary internet connection, metrics of alternative internet connections, such as cellular or hotspot connections, may be used to select one of the alternative internet connections. Internet traffic may be routed via the selected alternative internet connection until the primary internet connection is reestablished or improves.

Techniques for load balancing communication sessions in a networked computing environment are described herein. The techniques may include establishing a first communication session between a client device and a first computing resource of a networked computing environment. Additionally, the techniques may include storing, in a data store, data indicating that the first communication session is associated with the first computing resource. The techniques may further include receiving, at a second computing resource of the networked computing environment, traffic associated with a second communication session that was sent by the client device, and based at least in part on accessing the data stored in the data store, establishing a traffic redirect such that the traffic and additional traffic associated with the second communication session is sent from the second computing resource to the first computing resource.

Techniques for load balancing communication sessions in a networked computing environment are described herein. The techniques may include establishing a first communication session between a client device and a first computing resource of a networked computing environment. Additionally, the techniques may include storing, in a data store, data indicating that the first communication session is associated with the first computing resource. The techniques may further include receiving, at a second computing resource of the networked computing environment, traffic associated with a second communication session that was sent by the client device, and based at least in part on accessing the data stored in the data store, establishing a traffic redirect such that the traffic and additional traffic associated with the second communication session is sent from the second computing resource to the first computing resource.

Disclosed herein are systems and methods for creating an ultra-lightweight multi-tenant network virtualization model by augmenting an OSI layer 4 tuple (protocol, source IP address, destination IP address, source port, destination port) with additional private gateway-specific source and destination augmented addresses. A unique OpenVPN Augmented Address (OAA) may be created and assigned to each device on a network such as a mesh-linked system. This OAA may form part of a packet shim created with routing path information for both the source and the destination resources. Once created, the shim may be inserted into a packet header for transmission. Once the initial packet is transmitted, each hop creates its own resources for managing transmission of subsequent packets in this session. The packet shim operates to establish a communications session on layer 4 (Transport) between the requestor and the target resource which is intermediate-device agnostic.

Disclosed herein are systems and methods for creating an ultra-lightweight multi-tenant network virtualization model by augmenting an OSI layer 4 tuple (protocol, source IP address, destination IP address, source port, destination port) with additional private gateway-specific source and destination augmented addresses. A unique OpenVPN Augmented Address (OAA) may be created and assigned to each device on a network such as a mesh-linked system. This OAA may form part of a packet shim created with routing path information for both the source and the destination resources. Once created, the shim may be inserted into a packet header for transmission. Once the initial packet is transmitted, each hop creates its own resources for managing transmission of subsequent packets in this session. The packet shim operates to establish a communications session on layer 4 (Transport) between the requestor and the target resource which is intermediate-device agnostic.

A data processing method implemented by a controller includes receiving a processing request from a specified node that carries identifiers of a plurality of computing nodes, where the plurality of computing nodes are configured to execute a specified calculation task, determining a target switching device from switching devices that are configured to connect to the plurality of computing nodes, and separately sending, to the target switching device and the specified node, routing information that indicates data forwarding paths between the plurality of computing nodes and the target switching device. The target switching device is configured to combine, based on the routing information, data reported by the plurality of computing nodes, and then send combined data to each computing node. The specified node is configured to send the routing information to each computing node, and each computing node may report data to the target switching device based on the routing information.

Methods and systems are provided for performing lossy dropping and ECN marking in a flow-based network. The system can maintain state information of individual packet flows, which can be set up or released dynamically based on injected data. Each flow can be provided with a flow-specific input queue upon arriving at a switch. Packets of a respective flow are acknowledged after reaching the egress point of the network, and the acknowledgement packets are sent back to the ingress point of the flow along the same data path. As a result, each switch can obtain state information of each flow and perform per-flow packet dropping and ECN marking.