A fabric manager includes: a processing unit having a service chain creation module configured to create a service chain by connecting some of a plurality of nodes via virtual links; wherein the some of the plurality of nodes represent respective network components of an auxiliary network configured to obtain packets from a traffic production network; and wherein the service chain is configured to control an order of the network components represented by the some of the plurality of nodes packets are to traverse.

An embedded communications network of a vehicle is a deterministic switched Ethernet network using virtual links, including a set of subscribers and a set of switches. A first subscriber is connected to a first switch and a third switch, and a second subscriber is connected to a second switch and to a fourth switch. A first virtual link is formed from the first subscriber to at least the second subscriber via a first subset of switches, and a second virtual link is formed from the first subscriber to at least the second subscriber via a second subset of switches, the switches of the first subset of switches all being separate from the switches of the second subset of switches. The communications network includes at least one connection, used by a third virtual link, between a switch of the first subset and a switch of the second subset.

Methods and apparatus to execute a workload in an edge environment are disclosed. An example apparatus includes a node scheduler to accept a task from a workload scheduler, the task including a description of a workload and tokens, a workload executor to execute the workload, the node scheduler to access a result of execution of the workload and provide the result to the workload scheduler, and a controller to access the tokens and distribute at least one of the tokens to at least one provider, the provider to provide a resource to the apparatus to execute the workload.

Systems, methods, and computer-readable media provide for collection of statistics relating to network traffic between virtual machines (VMs) in a network. In an example embodiment, a virtual switch hosted on a physical server provides network address information of VMs deployed on the physical server to a virtual switch controller. The controller collects this network address information from each virtual switch under its control, and distributes the aggregate address information to each switch. In this manner, the controller and each switch within the controller's domain can learn the network address information of each VM deployed on physical servers hosting switches under the controller's control. Each virtual switch can determine a classification of a frame passing through the switch (e.g., intra-server, inter-server and intra-domain, or inter-domain traffic), and statistics relating to the traffic. In an example embodiment, the virtual switch controller can collect the statistics from each switch within its domain.

Aspects of the embodiments are directed to receiving an address resolution protocol (ARP) request message from a requesting virtual machine, the ARP request message comprising a request for a destination address for a destination virtual machine, wherein the destination address comprises one or both of a destination hardware address or a destination media access control address; augmenting the ARP request message with a network service header (NSH), the NSH identifying an ARP service function; and forwarding the augmented ARP request to the ARP service function.

A system for multicast packet management in a first switch in an overlay tunnel fabric is provided. The system can operate the first switch as part of a virtual switch in conjunction with a second switch of the fabric. The virtual switch can operate as a gateway for the fabric. During operation, the system can receive a join request for a multicast group. The system can then determine whether to forward the join request to the second switch based on a type of a first ingress connection of the join request. Upon receiving a data packet for the multicast group, the system can determine how to forward the data packet based on respective types of a second ingress connection and an egress connection of the data packet. The type of a respective connection can indicate whether the connection includes an overlay tunnel.

Techniques for utilizing multiple network interfaces for a cloud shell are provided. The techniques include receiving, by a computer system, a command to execute an operation by the computer system, the command being received from a router via a primary virtual network interface card (vNIC). The computer system may execute the operation, generating an output of the operation. The techniques also include transmitting, by the computer system, a message comprising the output of the operation to a shell subnet via a secondary vNIC, the secondary vNIC being configured for unidirectional transmission from the computer system to the shell subnet. The shell subnet may be configured to transmit the output of the operation to an external network via a network gateway.

Devices and techniques for accelerated packet processing are described herein. The device can match an action to a portion of a network data packet and accelerate the packet-processing pipeline for the network data packet through the machine by processing the action.

A stateful packet processing system includes: a first stateful stage including a first state table and a first finite state machine (“FSM”) table; and a second stateful stage including a second state table and a second FSM table. The system performs a distribution operation defining when a flow is processed by the first and/or the second stateful stage. The first and/or second FSM table is extended with states and transitions that support the distribution operation. The first and/or second stateful stage executes an evaluation operation that executes the distribution operation. The evaluation operation provides a criterion for moving a particular flow from one of the first or second stateful stage to the other stateful stage. The first and second stateful stages are included in a software-defined networking (“SDN”) switch. The distribution operation operates within defined capabilities of a software and/or hardware pipeline of the SDN switch.

Example methods and systems are provided a network device to perform tunnel-based service insertion in a public cloud environment. An example method may comprise establishing a tunnel between the network device and a service path. The method may also comprise: in response to receiving a first encapsulated packet, identifying the service path specified by a service insertion rule; generating and sending a second encapsulated packet over the tunnel to cause the service path to process an inner packet according to one or more services. The method may further comprise: in response to receiving, from the service path via the tunnel, a third encapsulated packet that includes the inner packet processed by the service path, sending the inner packet processed by the service path, or a fourth encapsulated packet, towards a destination address of the inner packet.