An example according to the present disclosure relates to a technique for identifying a wireless LAN (WLAN) packet. For example, when a physical protocol data unit (PPDU) includes a legacy signal field, a field contiguous to the legacy signal field may be used to identify a type of the PPDU. A field contiguous to the legacy signal field may include information indicating that the PPDU is an extreme high throughput (EHT) PPDU. The field contiguous to the legacy signal field may include at least one of information related to a frame format, a transmission opportunity, an STA ID, and/or a bandwidth.

An example according to the present disclosure relates to a technique for identifying a wireless LAN (WLAN) packet. For example, when a physical protocol data unit (PPDU) includes a legacy signal field, a field contiguous to the legacy signal field may be used to identify a type of the PPDU. A field contiguous to the legacy signal field may include information indicating that the PPDU is an extreme high throughput (EHT) PPDU. The field contiguous to the legacy signal field may include at least one of information related to a frame format, a transmission opportunity, an STA ID, and/or a bandwidth.

A network device may receive, from an application on a user device, a first network packet associated with a packet flow. The network device may identify an application identifier of the first network packet, wherein the application identifier identifies the application on the user device. The network device may select, based on the application identifier, a security protocol, wherein the security protocol is associated with at least one of an authentication header (AH) or an encryption algorithm. The network device may selectively apply, to a second network packet associated with the packet flow, at least one of the AH or the encryption algorithm, associated with the security protocol, to generate a protected network packet. The network device may transmit the protected network packet.

A client application establishes a connection between the client application and an origin server over one or more networks. The application generates a request to establish a secure session with the origin server over the connection. The request includes information, in a header of the request, that flags traffic sent during the secure session to a network of the one or more networks as subject to one or more optimizations performed by the network. Subsequent to establishing the secure session, the application encrypts the traffic in accordance with the secure session and sends the traffic to the origin server over the connection, subject to the one or more optimizations. The infrastructure service applies the one or more optimizations to the traffic as it passes through the edge network to the origin server.

A packet forwarding method and a network device are provided, and the method is applied to the network device. The network device includes a first virtual routing and forwarding (VRF) table and a second VRF table. The method includes: the network device receives a first packet. If the first packet carries tunnel attribute information, the network device forwards the first packet based on the first VRF table. The first VRF table includes one or more local routes, and next-hop outbound interfaces of the one or more local routes are all local outbound interfaces. The network device forwards the first packet based on the first VRF table, so that a packet from a tunnel may be forwarded to a local virtual machine for processing and may not be forwarded to another tunnel endpoint device, to avoid a routing loop during packet forwarding.

A programmable switch includes an input arbiter to analyze packet headers of incoming packets and determine which of the incoming packets are part of gradient vectors received from worker computing devices that are performing reinforcement learning. The programmable switch also includes an accelerator coupled to the input arbiter, the accelerator to: receive the incoming packets from the input arbiter; asynchronously aggregate gradient values of the incoming packets, as the gradient values are received, to generate an aggregated data packet associated with a gradient segment of the gradient vectors; and transfer the aggregated data packet to the input arbiter to be transmitted to the worker computing devices, which are to update local weights based on the aggregated data packet.

A programmable switch includes an input arbiter to analyze packet headers of incoming packets and determine which of the incoming packets are part of gradient vectors received from worker computing devices that are performing reinforcement learning. The programmable switch also includes an accelerator coupled to the input arbiter, the accelerator to: receive the incoming packets from the input arbiter; asynchronously aggregate gradient values of the incoming packets, as the gradient values are received, to generate an aggregated data packet associated with a gradient segment of the gradient vectors; and transfer the aggregated data packet to the input arbiter to be transmitted to the worker computing devices, which are to update local weights based on the aggregated data packet.

The present technology pertains to a group-based network policy using Segment Routing over an IPv6 dataplane (SRv6). After a source application sends a packet, an ingress node can receive the packet, and if the source node is capable, it can identify an application policy and apply it. The ingress node indicates that the policy has been applied by including policy bits in the packet encapsulation. When the packet is received by the egress node, it can determine whether the policy was already applied, and if so, the packet is forward to the destination application. If the egress node determines that the policy has not be applied the destination application can apply the policy. Both the ingress node and egress nodes can learn of source application groups, destination application groups, and applicable policies through communication with aspects of the segment routing fabric.

The present technology pertains to a group-based network policy using Segment Routing over an IPv6 dataplane (SRv6). After a source application sends a packet, an ingress node can receive the packet, and if the source node is capable, it can identify an application policy and apply it. The ingress node indicates that the policy has been applied by including policy bits in the packet encapsulation. When the packet is received by the egress node, it can determine whether the policy was already applied, and if so, the packet is forward to the destination application. If the egress node determines that the policy has not be applied the destination application can apply the policy. Both the ingress node and egress nodes can learn of source application groups, destination application groups, and applicable policies through communication with aspects of the segment routing fabric.

An apparatus includes an interface circuit and an encoder circuit. The interface circuit is configured to send a data packet via a plurality of segments, and to send an idle value via the plurality of segments when no data packet is available. The idle value is configured to cause a segment in a receiving apparatus to idle. The encoder circuit is configured to receive a particular data packet, and, if a portion of the particular data packet has a same value as the idle value for a subset of the plurality of segments, to replace at least a portion of the data packet with a mask value to generate a modified data packet. The mask value indicates how to recreate the particular data packet. The encoder circuit is further configured to send the modified data packet to the receiving apparatus via the plurality of segments of the interface circuit.