A method performed by a computing system includes receiving a first request from a first pod being executed on the computing system, responding to the first request with an Internet Protocol (IP) address and a first port range, receiving a second request from a second pod being executed on the computing system, and responding to the second request with the Internet Protocol (IP) address and a second port range that is different than the first port range. The method further includes, with a networking service implemented within the kernel, processing network traffic between external entities and the first and second pods by updating source and destination IP addresses and ports of packets of the network traffic.

A method, system and apparatus for image capture, analysis and transmission are provided. A link aggregation method involves identifying controller network ports to a source connected to the same subnetwork; producing packets associating corresponding controller network ports selected by the source CPU for substantially uniform selection; and transmitting the packets to their corresponding network ports. An image analysis method involves producing by a camera an indication whether a region of an image differs by a threshold extent from a corresponding region of a reference image; transmitting the indication and image data to a controller via a communications network; and storing at the controller the image data and the indication in association therewith. The controller may perform operations according to positive indications. A transmission method involves receiving user input in respect of a video stream and transmitting, in accordance with the user input, selected data packets of selected image frames thereof.

Methods and systems are provided for cooperating routers in communication networks. The cooperating routers conduct a handshake to exchange information with respect to “cooperation types” which they are capable of performing and/or are configured to perform. In an exemplary “emergency connection” cooperation type, one cooperating router may use the ISP connection of another cooperating router to send and receive packets. In an exemplary “bandwidth sharing” cooperation type, one cooperating router may make excess bandwidth available for use by other cooperating routers. In an exemplary “latency optimization” cooperation type, one cooperating router may use another cooperating router to transmit duplicates of packets or to implement suppression techniques.

A novel design of a gateway that handles traffic in and out of a network by using a datapath pipeline is provided. The datapath pipeline includes multiple stages for performing various data-plane packet-processing operations at the edge of the network. The processing stages include centralized routing stages and distributed routing stages. The processing stages can include service-providing stages such as NAT and firewall. The gateway caches the result previous packet operations and reapplies the result to subsequent packets that meet certain criteria. For packets that do not have applicable or valid result from previous packet processing operations, the gateway datapath daemon executes the pipelined packet processing stages and records a set of data from each stage of the pipeline and synthesizes those data into a cache entry for subsequent packets.

This application discloses a session management method, a network device, and a communications system. According to embodiments of the present invention, an intermediate session management entity is selected based on UE location information and PDU session requirement information. In this way, an intermediate session management entity near UE can provide a service for a PDU session, and a delay of data transmission is reduced. In addition, the intermediate session management entity selects a user plane entity based on the UE location information and the PDU requirement information, and the intermediate session management entity is responsible for managing user plane entities within a specified area, and does not need to manage user plane entities in the entire PDU session, thereby reducing management complexity.

A client application establishes a connection between the client application and an origin server over one or more networks. The application generates a request to establish a secure session with the origin server over the connection. The request includes information, in a header of the request, that flags traffic sent during the secure session to a network of the one or more networks as subject to one or more optimizations performed by the network. Subsequent to establishing the secure session, the application encrypts the traffic in accordance with the secure session and sends the traffic to the origin server over the connection, subject to the one or more optimizations. The infrastructure service applies the one or more optimizations to the traffic as it passes through the edge network to the origin server.

A novel algorithm for packet classification that is based on a novel search structure for packet classification rules is provided. Addresses from all the containers are merged and maintained in a single Trie. Each entry in the Trie has additional information that can be traced back to the container from where the address originated. This information is used to keep the Trie in sync with the containers when the container definition dynamically changes.

A network system includes a communication apparatus, and a control apparatus configured to control the communication apparatus. The communication apparatus includes a memory configured to store program instructions, and a processor configured to execute the instructions to receive an address of a destination virtual machine from the control apparatus, receive a packet from a source virtual machine, identify, based on the address of the destination virtual machine corresponding to the received packet, an identifier of an edge node connected to the destination virtual machine, and add the identifier of the edge node to the received packet.

A method of utilizing the same hardware network interface card (NIC) in a gateway of a datacenter to communicate datacenter tenant packet traffic and packet traffic for a set of applications that execute in the user space of the gateway and utilize a network stack in the kernel space of the gateway. The method sends and receives packets for the datacenter tenant packet traffic through a packet datapath in the user space. The method sends incoming packets from the NIC to the set of applications through the datapath in the user space, a user-kernel transport driver connecting the kernel network stack to the datapath in the user space, and the kernel network stack. The method receives outgoing packets at the NIC from the set of applications through the kernel network stack, the user-kernel transport driver, and the data path in the user space.

A routing device and a method thereof are provided. The routing device includes a network interface that assists in connecting to at least two source networks and a destination network, a processor connected to the network interface, and a non-transitory storage storing instructions executed by the processor. The processor routes only one of messages received from the at least two source networks to the destination network based on message reception states from the at least two source networks.