A control device is connected to a plurality of networks, dispatches a packet received from a user terminal to a network among the plurality of networks, and includes a memory and a processor configured to execute receiving a DNS query packet transmitted from the user terminal, and based on a query target of the DNS query packet, dispatching the DNS query packet to a network among the plurality of networks; and receiving a packet, determining a destination of the packet based on a destination address of the packet, and transmitting the packet to the determined destination.

A control device is connected to a plurality of networks, dispatches a packet received from a user terminal to a network among the plurality of networks, and includes a memory and a processor configured to execute receiving a DNS query packet transmitted from the user terminal, and based on a query target of the DNS query packet, dispatching the DNS query packet to a network among the plurality of networks; and receiving a packet, determining a destination of the packet based on a destination address of the packet, and transmitting the packet to the determined destination.

Methods and apparatuses for a network element having DHCP proxy functionality are described. According to one embodiment, an exemplary method includes receiving, at a network element, a request for an IP address from a subscriber, in response to the request, on behalf of the subscriber, communicating with one or more IP address providers over a network to process the request, and responding to the subscriber with respect to the request as if the network element is an IP address provider, on behalf of the one or more IP address providers.

Techniques are described herein that are capable of using entity name mapping for routing network traffic having encrypted SNI headers. A name resolution request that specifies an entity name is intercepted. Translation of the entity name to a representation of an IP address associated with the entity name is caused. A mapping that cross-references the representation of the IP address to the entity name is stored. A data transfer request that requests establishment of a connection to a destination corresponding to the representation of the IP address is intercepted. The data transfer request includes an encrypted SNI header and a payload. Establishment of the connection to the destination is initiated by providing the encrypted SNI header, the payload, and metadata toward the destination. The metadata includes the entity name based on the mapping.

Example methods for a network device to perform address resolution handling. The method may comprise: in response to a first distributed router (DR) port of a first DR instance detecting an address resolution request from a second DR port of a second DR instance, generating a modified address resolution request that is addressed from a first address associated with the first DR port instead of a second address associated with the second DR port. The modified address resolution request may be broadcasted within a logical network that is connected to the first DR instance through network extension. The method may also comprise: in response to detecting an address resolution response that includes protocol-to-hardware address mapping information associated with an endpoint located on the logical network, generating and sending a modified address resolution response towards the second DR port of the second DR instance.

A method and apparatus for addressing a message sent from a proxy node to a peer node in a communications network. The proxy node receives from a host node a plurality of multipath messages. Each message of the plurality of multipath messages has an address. The proxy node then applies a rule to assign an address for a single flow message towards the peer node. The single flow message comprises each message of the plurality of multipath messages. The single flow message is then sent towards the peer node.

An interconnection device for interconnecting two sub-networks, on which UPnP devices are connected: determines actual IP addresses and port numbers of servers of the UPnP device; allocates a port number to each server, establishes a connection with a UPnP device of the femtocell and a connection with a UPnP device of the local area network; replaces, in frames received via one of said connections, each actual server IP address and port number allocated by the interconnection device to said server; and replaces, in frames received via one of said connections, each actual IP address and port number with an IP address of the interconnection device to said server; and replaces, in said received frames, each IP address of the interconnection device and port number allocated by the interconnection device to a server with the IP address and port number of the corresponding server.

An interconnection device for interconnecting two sub-networks, on which UPnP devices are connected: determines actual IP addresses and port numbers of servers of the UPnP device; allocates a port number to each server, establishes a connection with a UPnP device of the femtocell and a connection with a UPnP device of the local area network; replaces, in frames received via one of said connections, each actual server IP address and port number allocated by the interconnection device to said server; and replaces, in frames received via one of said connections, each actual IP address and port number with an IP address of the interconnection device to said server; and replaces, in said received frames, each IP address of the interconnection device and port number allocated by the interconnection device to a server with the IP address and port number of the corresponding server.

A transmission management system includes a destination name data managing unit which manages a plurality of destination name data items which indicate a plurality of names of a destination in communications between transmission terminals, a destination name data reading unit which reads a destination name data item from the plurality of destination name data items managed by the destination name data managing unit, and a destination name data transmitting unit which transmits the destination name data item read by the destination name data reading unit to a transmission terminal capable of communicating with the destination.

Described systems and methods enable protecting client devices (e.g., personal computers and IoT devices) implementing encrypted DNS protocols against harmful or inappropriate Internet content. A DNS proxy intercepts an attempt to establish an encrypted communication session between a client device and a DNS server. Without decrypting any communications, some embodiments of the DNS proxy determine an identifier of the respective session and an identifier of the client device, and send a query tracer connecting the session identifier with the client identifier to a security server. In some embodiments, the security server obtains the domain name included in an encrypted DNS query from the DNS server and instructs the DNS server to allow or block access of the client device to the respective Internet domain according to a device- and/or user-specific access policy.