Techniques are described for extending a cellular quality of service bearer through an enterprise fabric network. In one example, a method obtaining, by a first switch of a network, a packet to be delivered to a client connected to the network via a cellular access point; identifying quality of service (QoS) bearer information associated with the packet, wherein the QoS bearer information is associated with a radio access bearer for the client and the QoS bearer information comprises a bearer indicator and a QoS class identifier; providing a fabric tunnel encapsulation for the packet, wherein the bearer indicator and the QoS class identifier are included within the fabric tunnel encapsulation of the packet; and forwarding the packet within the fabric tunnel encapsulation toward a second switch of the network via a fabric tunnel, wherein the cellular access point is connected to the network via the second switch.

Techniques are described for extending a cellular quality of service bearer through an enterprise fabric network. In one example, a method obtaining, by a first switch of a network, a packet to be delivered to a client connected to the network via a cellular access point; identifying quality of service (QoS) bearer information associated with the packet, wherein the QoS bearer information is associated with a radio access bearer for the client and the QoS bearer information comprises a bearer indicator and a QoS class identifier; providing a fabric tunnel encapsulation for the packet, wherein the bearer indicator and the QoS class identifier are included within the fabric tunnel encapsulation of the packet; and forwarding the packet within the fabric tunnel encapsulation toward a second switch of the network via a fabric tunnel, wherein the cellular access point is connected to the network via the second switch.

An apparatus is described. The apparatus includes electronic circuitry to support multiple flows within a network. The electronic circuitry to determine respective telemetry information for the multiple flows and inject an alarm message into a particular one of the multiple flows upon an alarm condition being reached for the particular one flow. The alarm message includes a multi-bit error code that describes the alarm condition. The multi-bit error code is one of multiple, possible multi-bit error codes.

An apparatus is described. The apparatus includes electronic circuitry to support multiple flows within a network. The electronic circuitry to determine respective telemetry information for the multiple flows and inject an alarm message into a particular one of the multiple flows upon an alarm condition being reached for the particular one flow. The alarm message includes a multi-bit error code that describes the alarm condition. The multi-bit error code is one of multiple, possible multi-bit error codes.

A system for one-sided read remote memory access is disclosed. In some embodiments, the system is configured to receive, at a responder SFA, a first packet comprising a read request to read a remote memory of a second host from a first host, wherein a payload of the first packet is mapped to be a transmit header queue (TxHQ) entry (TxHQE), and the TxHQE includes a pointer to a memory map; separate, the received packet into portions including a upper level protocol (ULP) portion, the ULP portion being the TxHQE; create a ULP header queue for the TxHQE; generate a read response based on mapping the ULP header queue into hardware as the TxHQ, wherein the TxHQE includes a pointer to data from a valid memory region of the second host identified by the memory mapping; and transmit a read response packet with the data identified by the pointer using the TxHQ to the first host.

A system for one-sided read remote memory access is disclosed. In some embodiments, the system is configured to receive, at a responder SFA, a first packet comprising a read request to read a remote memory of a second host from a first host, wherein a payload of the first packet is mapped to be a transmit header queue (TxHQ) entry (TxHQE), and the TxHQE includes a pointer to a memory map; separate, the received packet into portions including a upper level protocol (ULP) portion, the ULP portion being the TxHQE; create a ULP header queue for the TxHQE; generate a read response based on mapping the ULP header queue into hardware as the TxHQ, wherein the TxHQE includes a pointer to data from a valid memory region of the second host identified by the memory mapping; and transmit a read response packet with the data identified by the pointer using the TxHQ to the first host.

A method and apparatus for managing requests in a computer network. A request for a resource from a first node is received by a second node. The request for a resource comprises a header with a timeout indication corresponding to an amount of time the first node will wait for a response to its request for the resource. The second node sends to the first node a response to the request for the resource prior to the end of the amount of time indicated in the timeout indication. The response to the request comprises either the resource or an error message.

A method and apparatus for managing requests in a computer network. A request for a resource from a first node is received by a second node. The request for a resource comprises a header with a timeout indication corresponding to an amount of time the first node will wait for a response to its request for the resource. The second node sends to the first node a response to the request for the resource prior to the end of the amount of time indicated in the timeout indication. The response to the request comprises either the resource or an error message.

A network attack detection method and apparatus is provided. The network protection device obtains first key data from received first network traffic, and matches the first key data with an attack signature in a signature database to obtain a first matching result; if the network protection device determines, based on the first matching result, that the first network traffic is aggressive, the network protection device obtains a target attack detection model based on the first network traffic, where the target attack detection model is used to identify one or more attack signatures that are different from the attack signature in the signature database; and when the network protection device receives second network traffic, the network protection device determines, based on the target attack detection model, whether the second network traffic is aggressive.

A network attack detection method and apparatus is provided. The network protection device obtains first key data from received first network traffic, and matches the first key data with an attack signature in a signature database to obtain a first matching result; if the network protection device determines, based on the first matching result, that the first network traffic is aggressive, the network protection device obtains a target attack detection model based on the first network traffic, where the target attack detection model is used to identify one or more attack signatures that are different from the attack signature in the signature database; and when the network protection device receives second network traffic, the network protection device determines, based on the target attack detection model, whether the second network traffic is aggressive.