A packet processor of a network device repeatedly determines a fill level of a forwarding table that is populated with associations between network addresses and network interfaces of, or coupled to, the network device. The packet processor adjusts, based on the fill level of the forwarding table, a maximum rate according to which the packet processor is permitted to send messages to a central processing unit (CPU) coupled to the packet processor, the messages indicating network addresses that are to be stored in the forwarding table by the CPU. The packet processor of the network device receives packets via network links coupled to the network device; identifies new network addresses of the packets that are not in the forwarding table; and sends messages to the CPU at a rate that does not exceed the maximum rate, the messages indicating the new network addresses are to be added to the forwarding table.

In some implementations, a router device may identify a network address assignment event. The router device may determine first location information for a deployment site of the router device based on identifying the network address assignment event. The router device may convert the first location information into second location information. The router device may identify a block of network addresses, of a group of blocks of network addresses, corresponding to a region of a set of defined regions. The router device may select, from the block of network addresses, an available network address for the router device. The router device may assign the available network address to an interface of the router device. The router device may enable routing using the interface based on assigning the available network address to the interface.

In some implementations, a router device may identify a network address assignment event. The router device may determine first location information for a deployment site of the router device based on identifying the network address assignment event. The router device may convert the first location information into second location information. The router device may identify a block of network addresses, of a group of blocks of network addresses, corresponding to a region of a set of defined regions. The router device may select, from the block of network addresses, an available network address for the router device. The router device may assign the available network address to an interface of the router device. The router device may enable routing using the interface based on assigning the available network address to the interface.

A data packet transits through a series of network nodes (a series of intermediate hops) while being transmitted from a source node to a destination node. A network node (router, gateway, server, or any network device) that handles the data packet, adds new information to the file header of the data packet. The new header information identifies the previous and next network nodes in the transmission path. The network node further validates information provided by a previous node, and generates further new header information that attests as to the validity of the information provided by the previous node. The network node secures and signs the new information cryptographically, and adds the new information to the file header. If a malicious actor attempts to tamper with the data packet, or routing thereof, the secured header information renders such tampering discoverable, enabling performance of a responsive action.

Methods and apparatus are disclosed for configuring one or more processors to implement service function chains comprising one or more virtualised service functions. A method according to one aspect, performed by a processing module (330) implemented on one or more processors (30), involves steps being performed in respect of at least one new virtualised service function (33) to be included in a service function chain of: determining a position in the service function chain at which the new virtualised service function (33) is to be included; allocating at least one internal address to the new virtualised service function, the at least one internal address being an address to be usable by a switching processor (34); and providing to the switching processor (34) an indication of the at least one internal address allocated to the new virtualised service function (33).

Methods and apparatus are disclosed for configuring one or more processors to implement service function chains comprising one or more virtualised service functions. A method according to one aspect, performed by a processing module (330) implemented on one or more processors (30), involves steps being performed in respect of at least one new virtualised service function (33) to be included in a service function chain of: determining a position in the service function chain at which the new virtualised service function (33) is to be included; allocating at least one internal address to the new virtualised service function, the at least one internal address being an address to be usable by a switching processor (34); and providing to the switching processor (34) an indication of the at least one internal address allocated to the new virtualised service function (33).

The present disclosure includes methods, systems, and non-transitory computer-readable media for validating data in a data structure used for forwarding packets by a network device comprising sending a data packet probe identifying a destination and including a segment ID, wherein the segment ID maps to a first interpretation by a receiving router to perform an action on the data packet probe to rewrite a portion of a destination address in a header of the data packet probe, and to redirect the data packet probe to the network device that initiated the data packet probe.

A control device includes an information acquisition unit that receives a source address of a packet from a node that receives the packet transmitted from a user terminal, and acquires position information about the user terminal on a basis of the source address, a determination unit that determines a hub to which the user terminal should connect, on a basis of the position information, and a control execution unit that launches an application in the hub and changes a routing such that packets transmitted from the user terminal are transmitted to the application.

A control device includes an information acquisition unit that receives a source address of a packet from a node that receives the packet transmitted from a user terminal, and acquires position information about the user terminal on a basis of the source address, a determination unit that determines a hub to which the user terminal should connect, on a basis of the position information, and a control execution unit that launches an application in the hub and changes a routing such that packets transmitted from the user terminal are transmitted to the application.

A solution for route selection includes receiving, by a network repository, from a first network function (NF), a query related to a target NF; querying, by the network repository, a route selection node for a shortest path to the target NF; receiving, by the network repository, from the route selection node, an indication of the shortest path to the target NF; and based on at least receiving the indication of the shortest path to the target NF, transmitting, by the network repository, to the first NF, a route to the target NF. In some examples, the shortest path has at least one of: a minimum number of hops, a minimum latency, a minimum jitter, and a minimum weighted transport score. In some examples, the route selection node is co-located with the network repository, which may be a network repository function (NRF).