Techniques are described for providing logical networking functionality for managed computer networks, such as for virtual computer networks provided on behalf of users or other entities. In some situations, a user may configure or otherwise specify a network topology for a virtual computer network, such as a logical network topology that separates multiple computing nodes of the virtual computer network into multiple logical sub-networks and/or that specifies one or more logical networking devices for the virtual computer network. After a network topology is specified for a virtual computer network, logical networking functionality corresponding to the network topology may be provided in various manners, such as without physically implementing the network topology for the virtual computer network. In some situations, the computing nodes may include virtual machine nodes hosted on one or more physical computing machines or systems, such as by or on behalf of one or more users.

There is set forth herein obtaining data traffic monitoring data, the data traffic monitoring data being in dependence on monitoring of traffic received by a container of a protected computing environment; obtaining data traffic monitoring data, the data traffic monitoring data being in dependence on monitoring of traffic received by a processing resource of a computing environment; obtaining a state of the processing resource and provisioning a utility processing resource to include the state of the processing resource; and configuring the computing environment to route data traffic to the utility processing resource.

A method for configuring a fabric managed by a software-defined networking (SDN) controller includes, with a first control host installed in a first rack having a first management switch and a second control host installed in a second rack, executing controller nodes that implement an SDN controller using a controller virtual network extending between the first rack and the second rack. The first management switch is configured to route traffic between the controller virtual network and a device management network extending from the first management switch to a fabric network device of the fabric managed by the SDN controller. The method further includes configuring, with the SDN controller, via the first management switch, the fabric network device with the controller virtual network to enable communications, via the controller virtual network, between the first control host and a compute node or a storage node connected to the fabric network device.

A method for configuring a fabric managed by a software-defined networking (SDN) controller includes, with a first control host installed in a first rack having a first management switch and a second control host installed in a second rack, executing controller nodes that implement an SDN controller using a controller virtual network extending between the first rack and the second rack. The first management switch is configured to route traffic between the controller virtual network and a device management network extending from the first management switch to a fabric network device of the fabric managed by the SDN controller. The method further includes configuring, with the SDN controller, via the first management switch, the fabric network device with the controller virtual network to enable communications, via the controller virtual network, between the first control host and a compute node or a storage node connected to the fabric network device.

A gateway apparatus according to an embodiment includes a transfer destination specification unit that refers to a slice transfer table for determining a tunnel for a transfer destination when a packet with a slice ID added is received, the slice requirement abstracted indicating a requirement related to transfer priority, reliability, and whether a network function is passed through and a gateway ID abstracted indicating a gateway apparatus to be a destination and specifies a tunnel corresponding to the slice requirement and the gateway ID that are included in the slice ID and a transfer unit that transfers the packet with the tunnel specified by the destination specification unit.

A gateway apparatus according to an embodiment includes a transfer destination specification unit that refers to a slice transfer table for determining a tunnel for a transfer destination when a packet with a slice ID added is received, the slice requirement abstracted indicating a requirement related to transfer priority, reliability, and whether a network function is passed through and a gateway ID abstracted indicating a gateway apparatus to be a destination and specifies a tunnel corresponding to the slice requirement and the gateway ID that are included in the slice ID and a transfer unit that transfers the packet with the tunnel specified by the destination specification unit.

Various arrangements of hybrid cloud cellular network systems are presented herein. A cellular radio access network (RAN) that includes multiple base stations (BSs) can be in communication with a cloud computing platform. Multiple cloud-implemented national data centers (NDCs) can be present and executed on the public cloud computing platform. Network functions (NFs) are executed within each cloud-implemented NDC on the public cloud computing platform. The system further includes a cellular network database function. An instance of the cellular network database function is executed within each cloud-implemented NDC on the public cloud computing platform and updates each other instance of the cellular network database function.

It is an object of the present disclosure to reduce a packet inflow into the OF controller and suppress a load on the OF controller. The present disclosure provides a packet transfer device, in which: an OpenFlow switch extracts a first packet of a protocol determined in advance, and extracts a second packet in accordance with a rule determined in advance; a NameSpace, connected to the OpenFlow switch via a virtual interface, responds to the extracted first packet to act as proxy for the OpenFlow switch; and a virtual machine, connected to the OpenFlow switch via a virtual interface, processes the extracted second packet to act as proxy for the OpenFlow switch.

It is an object of the present disclosure to reduce a packet inflow into the OF controller and suppress a load on the OF controller. The present disclosure provides a packet transfer device, in which: an OpenFlow switch extracts a first packet of a protocol determined in advance, and extracts a second packet in accordance with a rule determined in advance; a NameSpace, connected to the OpenFlow switch via a virtual interface, responds to the extracted first packet to act as proxy for the OpenFlow switch; and a virtual machine, connected to the OpenFlow switch via a virtual interface, processes the extracted second packet to act as proxy for the OpenFlow switch.

A packet forwarding method, a system, an apparatus, and a network device are provided. The method is performed by a network device, and includes: obtaining first identification information of a first network resource required for forwarding first traffic to which a first packet belongs; determining a target port set based on the first identification information and a destination address of the first packet, where the target port set is associated with the first network resource; and selecting a first port from the target port set to forward the first packet.