Some embodiments provide a method for configuring a logical middlebox in a hosting system that includes a set of nodes. The logical middlebox is part of a logical network that includes a set of logical forwarding elements that connect a set of end machines. The method receives a set of configuration data for the logical middlebox. The method uses a stored set of tables describing physical locations of the end machines to identify a set of nodes at which to implement the logical middlebox. The method provides the logical middlebox configuration for distribution to the identified nodes.

The invention relates to a method, by a policy controller 100, for generating policy rules for data packet flows in a communications network. The policy controller 100 has access to a policy database 130 and stores a service level agreement. The service level agreement contains a plurality of different service level identifiers, each service level identifier being associated with a set of conditions that govern the policy rules to be applied to the data packet flows in the communications network. The method comprises the following steps: An authorization request is received for a data packet flow, the authorization request comprising service information for a service and a service level identifier. The policy database 130 is accessed and the set of conditions associated with the received service level identifier is determined. Further, based on the determined set of conditions, a policy rule to be applied to the data packet flow is generated. Policy controller 100 is configured to generate policy rules based on a third party or company profile, with the third party company being able to influence which policy rule should be selected by the policy controller. The authorization request may be received directly from an application function, AF 200. An input unit 230 is provided via which the third party can define and agree upon the service level agreement with an operator of the communications network. A policy control enforcing function PCEF 51 can interact with the PCRF 100 in order to enforce the policy rules.

Systems, methods, apparatuses, and software for data storage systems are provided herein. In one example, a data storage system is provided that includes storage drives each comprising a PCIe interface, and configured to store data and retrieve the data stored on associated storage media responsive to data transactions received over a switched PCIe fabric. The data storage system includes processors configured to each manage only an associated subset of the storage drives over the switched PCIe fabric. A first processor is configured to identify first data packets received over a network interface associated with the first processor within a network buffer of the first processor as comprising a storage operation associated with at least one of the plurality of storage drives managed by a second processor, and responsively transfer the first data packets into a network buffer of the second processor.

The disclosure relates in some aspects to establishing connectivity with a network using a first set of credentials and determining whether additional connectivity needs to be established (e.g., using a second set of credentials) to communicate data. The disclosure relates in some aspects to the use of multiple credentials for access and service connectivity. For example, traffic generated by a device may be authorized based on a different set of credentials than the set of credentials used to access the network (e.g., to connect to an LTE network for a PDN connection). In this way, traffic belonging to a specific service or application can be charged and policed based on service specific needs. The disclosure thus relates in some aspects to the use of access credentials and service credentials. These different types of credentials can be used to enable traffic differentiation and policing based on the credentials in use.

The present system relates to a server for providing data connectivity in a packet mode communication network. The server has a processor arranged to receive, via a first brokerage control unit, a charging rule request to allow one or more communication devices in the communication network to exchange with an application server data charged under operator specific billing. The server determines availability of the operator specific billing based on network parameters and the charging rule request, and updates the database of a Policy and Charging Rules Function (PCRF) entity in the communication network based on available operator specific billing and an identifier for the application server, for subsequent charging of data exchanged with the application server at said available operator specific billing.

In general, in an aspect, a method for providing an outbound gateway protection includes provisioning one or more worker gateways located in a first gateway virtual private cloud, the one or more worker gateways sharing configuration data with the controller gateway, provisioning one or more load balancer gateways in one or more client virtual clouds, the one or more client virtual clouds each comprising one or more clients, the one or more load balancer gateways distributing client requests among the worker gateways, assigning groups of the one or more clients to one of the one or more load balancer gateways based on requests from a majority of the worker gateways, and communicating outbound network traffic from the clients via the assigned load balancer gateways.

A troubleshooting method based on network function virtualization is provided, where the troubleshooting method may include: obtaining, by a first function management entity, fault information of a function entity; triggering, by the first function management entity, fault correlation processing according to the fault information, and formulating a troubleshooting policy according to a result of the fault correlation processing; and if the troubleshooting policy is formulated when troubleshooting time arrives, processing, by the first function management entity, a fault according to the troubleshooting policy; or if the troubleshooting policy is not formulated, processing, by the first function management entity, a fault according to a preset troubleshooting policy, where the preset troubleshooting policy is a policy formulated for a fault generated due to a reason of the function entity, so as to ensure that a service is not interrupted in a troubleshooting process, so that user experience is improved.

Embodiments of the present disclosure provide a method and an apparatus for performing communication in software-defined networking, and a communications system. The method includes: receiving a message sent by a network device, where the message includes a signaling message; determining, according to a control policy, a matching condition that matches the message, where the control policy includes a matching condition and operation information corresponding to the matching condition; processing the message according to the operation information corresponding to the matching condition that matches the message; and sending the processed message to the network device. According to the method and the apparatus for performing communication in software-defined networking, and the communications system in the present disclosure, a problem in the prior art that a control device serving as a network control center cannot communicate with a base station is resolved.

A device may identify a plurality of first values associated with network traffic of a label-switched path of a plurality of label-switched paths. The device may determine an adjustment policy based on the plurality of first values. The adjustment policy may include one or more factors associated with a plurality of second values. The plurality of second values may be determined based on the plurality of first values. The device may implement the adjustment policy in association with the label-switched path. A bandwidth reservation of the label-switched path may be adjusted based on the adjustment policy. The adjustment policy may be implemented for fewer than all of the plurality of label-switched paths.

A method is provided of managing a non-static collection of machines. A first client machine runs a first communication protocol. The non-static collection of machines includes a first linear communication orbit, the first linear communication orbit comprising a sequence of machines that run the first communication protocol, and a second linear communication orbit, the second linear communication orbit comprising a sequence of machines that run a second communication protocol distinct from the first communication protocol. The first client machine receives an instruction from a server to install the second communication protocol, installs the second communication protocol, and then submits a registration request to the server. The first client machine receives, from the server, contact information of a list of potential neighbors. The first client machine then, proactively constructs and maintains a respective local segment of the second linear communication orbit.