The present disclosure is directed systems and methods for control embedding data packets for ARP queries, the methods including the steps of receiving a data plane packet from a first user device, the data plane packet requesting a hardware address associated with a second user device; generating a northbound control plane packet for transmission to a control plane node, the northbound control plane packet for requesting from the control plane node the hardware address associated with the second user device; embedding the data plane packet in the northbound control plane packet; and forwarding the northbound control plane packet with the data plane packet to the control plane node for respective processing of the northbound control plane packet and the data plane packet.

Systems and methods are provided for distributing a domain name service (DNS) response cache in a DNS resolving system on a network. The systems and methods described herein may improve response times for client queries and also protect the DNS resolving system from DNS related cyber attacks

Systems and methods are provided for distributing a domain name service (DNS) response cache in a DNS resolving system on a network. The systems and methods described herein may improve response times for client queries and also protect the DNS resolving system from DNS related cyber attacks

Embodiments are presented for collaborative device address generation between a wireless client device and a network infrastructure component, such as a wireless access point. The wireless client device and network infrastructure component share information to facilitate collaborative generation of a sequence of device addresses. This shared information includes, in some embodiments, key information and moving factor information. The key information and moving factor information is used to generate a token. A sequence of tokens is generated by updating the moving factor as each token is generated. A corresponding sequence of device addresses are then derived based on the sequence of tokens. Since the wireless client device and the network infrastructure device apply equivalent methods to generate respective sequences of addresses, the network infrastructure is able to efficiently identify a source wireless client device when observing a new device address on a wireless network.

A network controller provides proactive notification of a wireless client device's address rotation to layer 2 (L2) and/or layer 3 (L3) devices. Traditional methods of device address discovery rely on broadcasting of address queries across a plurality of links until a path to a device having the queried address responds. As device address changes become more frequent in an effort to improve user privacy, traditional methods of address discovery impose a large burden on networks, reducing their performance and efficiency. By proactively propagating address changes to upstream devices, the need for broadcast oriented address discovery techniques is reduced, resulting in improved network performance.

A device implementing the subject system may include at least one processor configured to receive, by a first system process, a first network address that corresponds to a domain name that was resolved by a second system process, the resolving having been responsive to a resolution request therefor by an application process. The at least one processor may be further configured to receive, by the first system process, a second network address for which a network connection was opened by the application process. The at least one processor may be further configured to, responsive to determining that the application process opened a network connection for a network address for which the application process did not provide, to the second system process, a resolution request for the corresponding domain name, provide, by the first system process, an indication of the network address in conjunction with an indication of the application process.

Embodiments of the disclosure include a method comprising storing a first identifier of a first host device in an Address Resolution Protocol (ARP) cache of a first VXLAN Tunnel Endpoint (VTEP); making a first determination that an age of the first identifier exceeds a defined age threshold; sending, as a result of the first determination, a first request to the first host device to confirm liveness of the first identifier; and removing the first identifier from the ARP cache as a result of failing to receive a first response from the first host device within a defined time period.

Embodiments of the disclosure include a method comprising storing a first identifier of a first host device in an Address Resolution Protocol (ARP) cache of a first VXLAN Tunnel Endpoint (VTEP); making a first determination that an age of the first identifier exceeds a defined age threshold; sending, as a result of the first determination, a first request to the first host device to confirm liveness of the first identifier; and removing the first identifier from the ARP cache as a result of failing to receive a first response from the first host device within a defined time period.

One aspect provides a method and system for managing address resolution requests in a network. During operation, a gateway of the network advertises a route for sending address resolution requests and determines whether a cached entry corresponding to an address resolution request received via the route exists in a neighbor table. In response to determining that the cached entry exists, the gateway responds to the address resolution request based on the cached entry; in response to determining that the cached entry does not exist, the gateway replicates the address resolution request to edge devices in the network, thereby facilitating discovery of a target host corresponding to the address resolution request.

A network management apparatus includes a first controller, a memory, and a second controller. The first controller configured to operate a first virtual machine including a first container monitoring the mirror packet and a virtual switch transferring the mirror packet. The memory configured to store a destination information of the mirror packet and an address corresponding to the first container in association with each other. The second controller configured to cause the virtual switch to perform an operation to transmit the address corresponding to the first container from the virtual switch and cause the virtual machine to perform an operation to transfer the mirror packet to the first container from the first virtual machine, using the address corresponding to the first container when the virtual machine receives the mirror packet from the virtual switch and requests address resolution for the destination information of the mirror packet.