A method and an apparatus for transmitting a multimedia data packet are provided. The method includes generating Media Abstraction Layer (MAL) information for abstracting information on the multimedia data to be transmitted, generating a multimedia data packet including said MAL information, and transmitting the generated multimedia data packet to a network entity.

Separating and isolating multiple network stacks in a network element may enable a network element to simultaneously operate within multiple forwarding planes respectively corresponding to the multiple network stacks. In addition to the network stack, other protocols and routing tools may also be instantiated for each desired forwarding plane. The different instantiations of the network stacks may be executed in parallel in respective memory spaces that are distinct and separate. In this manner, each forwarding plane may operate independently on the network element from other forwarding planes.

Examples of techniques for upgrading a descriptor engine for a network interface card (NIC) are disclosed. An example method may include: quiescing a transmit stream to the NIC; stopping a descriptor engine from providing new receive descriptors to the NIC; creating a copy in a memory of any receive descriptors already available to the NIC prior to the stopping the descriptor engine; setting a controller to redirect inbound traffic to the memory; logging a current configuration, state, and receive pointers of the descriptor engine; updating the descriptor engine; restoring a transmit configuration and a transmit state of the descriptor engine; and enabling a transmit stream of a data router such that transmit packets are created by the descriptor engine for transmission by the NIC.

The present disclosure discloses a method and system for restarting the network service with zero downtime, comprising: a) listening, by an original process of the network service, on a first port; (b) configuring and initiating a transition process, wherein the configuring includes causing the transition process to listen on a second port different from the first port of the original process; (c) running a connection tracking module and, meanwhile adding an iptables rule to redirect a connection directed to the first port to the second port; (d) waiting until existing connections on the original process are processed completely, then exiting the original process; (e) initiating a new process on the first port according to a new configuring file; (f) reconfiguring the iptables rule to cancel port redirection; and (g) waiting until existing connections on the transition process are processed completely, then exiting the transition process.

A method and an apparatus for transmitting a multimedia data packet are provided. The method includes generating Media Abstraction Layer (MAL) information for abstracting information on the multimedia data to be transmitted, generating a multimedia data packet including said MAL information, and transmitting the generated multimedia data packet to a network entity.

Among other things, embodiments of the present disclosure allow multiple virtual private network connections to be created without the need for administrative privileges, and allow network traffic to be routed using a single virtual adapter instead of a dedicated virtual adapter for each virtual network connection.

Software that generates a message containing operations for multiple layers in a multi-layer environment, by performing the following operations: (i) receiving an operation to perform across a multilayer computing environment; (ii) generating a message for performing the operation across the multilayer computing environment, wherein the message includes a plurality of layer portions that include sub-operation(s) of the operation, wherein each layer portion corresponds to a respective layer in the multilayer computing environment; and (iii) orchestrating performance of the operation by sending the message between layers in the multilayer computing environment according to a sequence for performing sub-operation(s) indicated in the message, wherein when the message is located at a respective layer, the layer performs a respective set of sub-operation(s) according to the respectively corresponding layer portion for the layer in the message.

Software that generates a message containing program instructions for multiple layers in a multi-layer environment, by performing the following operations: (i) receiving an operation to perform across a multilayer computing environment; (ii) generating a message for performing the operation across the multilayer computing environment, wherein the message includes a plurality of layer portions, wherein each layer portion corresponds to a respective layer in the multilayer computing environment and includes computer program instructions for performing a set of sub-operation(s) of the operation; and (iii) orchestrating, by one or more processors, performance of the operation by sending the message between layers in the multilayer computing environment, wherein when the message is located at a respective layer, the layer performs its respective set of sub-operation(s) according to the computer program instructions included in the layer's respectively corresponding layer portion of the message.

Typically, clients request a service from a computer hosting multiple services by specifying a destination port number associated with the desired service. In embodiments, the functionality of such a host computer is enhanced by having it condition client access to services available at a particular port number based on client authentication and/or authorization. A host computer can change the service(s) available at a given port number on a client by client basis, enabling access to service(s) for trusted clients unavailable to untrusted clients. Preferably, client trust is based on client authentication via a certificate and a valid, signed transport layer security (TLS) handshake (or similar mechanism in other protocol contexts). In some embodiments, an authorization step can be added following authentication. The systems and methods disclosed herein find wide uses in bundling services on ports, as well as protecting access to services from untrusted and/or malicious clients, among others.

Apparatus and methods for hybrid access to a core network. In one embodiment, a wireless router enables a subscriber device to connect to a core network via an intermediate network (e.g., a Wi-Fi network) rather than the network traditionally associated with the core network (e.g., a cellular network). In one implementation, a Wi-Fi Access Point (AP) is configured to directly connect to a Long Term Evolution (LTE) core network as a logical evolved NodeB (eNB).