Described herein is a system and method for flow state save/restore of a virtual filtering platform. A first instance of a driver manages policy and flow state for ongoing flows between client device(s) and virtual machine(s). The virtual filtering platform is transitioned from the first instance of a driver to a second instance of the driver by serializing the policy and state for the ongoing flows on the first instance of the driver using a one pass algorithm. The serialized policy and state for the ongoing flows can be de-serialized with the ongoing flows re-established and/or reconciled on the second instance of the driver in accordance with the de-serialized policy and state for the plurality of ongoing flows. In some embodiments, a memory management technique can use a single operating system memory allocation call to allocate memory for the transition, with the technique managing utilization of the allocation memory.

A system incorporated in a slice-based network can implement a first virtual infrastructure manager (“VIM”) at a first region. The first VIM can be associated with a first internet protocol (“IP”) prefix range, and configured to receive a second IP prefix range associated with a second region having a second VIM. For compliance with requirements from a software license agreement (“SLA”), the first VIM can monitor a performance of a first virtual network function (“VNF”) of a network slice. In the event of a performance threshold violation, the first VIM can map portions of a workload associated with the violated threshold to the first region and the second region based on respective workload flow data associated with each of the first and second IP prefix ranges. The first VIM can instantiate a second VNF in the region having a workload portion that corresponds to a higher network resource consumption.

Systems and methods implement closed loop analytics feedback for a transport network. A network device, such as a Network Data Analytics Function (NWDAF), receives, from a commissioning network function, an analytic information request for analytic event information and sends, to the commissioning network function, an analytic report that is responsive to the analytic information request wherein the analytic report includes a unique analytic report identifier. The network device receives, from the commissioning network function, a feedback event message that includes the analytic report identifier and a change description for a network parameter change influenced by the analytic report.

Example methods and systems for logical network health check. One example may comprise obtaining network configuration information and network realization information associated with a logical network; processing the network configuration information and the network realization information to determine the following: (a) network configuration health information specifying a network configuration issue and a first remediation action; and (b) network realization health information specifying a network realization issue and a second remediation action; and providing, to a user device, multiple user interfaces (UIs) specifying the first health information and the second health information along with a visualization of the logical network. In response to detecting an instruction initiated by the user device using at least one of the multiple UIs, the first remediation action or the second remediation action may be performed.

A network control device includes a storage and a processor. The storage stores an identifying value and a severity value for each of network elements. The identifying values are hierarchized based on inclusion relationships between the network elements. The severity values respectively indicate a severity in sharing a risk of a failure in the network elements. When first and second paths are designated, the processor detects, for each of a plurality of target identifying values corresponding to a plurality of network elements implementing the first path, a longest matched identifying value having a longest region matching the target identifying value from among a plurality of identifying values corresponding to a plurality of network elements implementing the second path. The processor calculates a sum of severity values corresponding to the detected longest matched identifying values, and evaluates the second path for the first path based on the sum.

A packet processing method includes receiving, by a forwarding plane device, a first packet transmitted by a user, where an identity of the user is comprised in the first packet, and a forwarding table is comprised in the forwarding plane device, determining, by the forwarding plane device, an identity of a service according to a corresponding relationship between the identity of the user and the identity of the service as well as the identity of the user in the first packet, generating, by the forwarding plane device, a second packet by encapsulating the first packet with the identity of the service, and transmitting the second packet to a network device to enable the network device to manage the service according to the identity of the service in the second packet.

Embodiments of the present invention provide a packet processing method, a forwarding plane device and a network device, the method includes: receiving, by a forwarding plane device, a first packet transmitted by a user, where an identity of the user is comprised in the first packet, and a forwarding table is comprised in the forwarding plane device; determining, by the forwarding plane device, an identity of a service according to a corresponding relationship between the identity of the user and the identity of the service as well as the identity of the user in the first packet; generating, by the forwarding plane device, a second packet by encapsulating the first packet with the identity of the service; and transmitting the second packet to a network device, to enable the network device to manage the service according to the identity of the service in the second packet.

Disclosed is an improved approach for managing floating/virtual IP addresses in a virtualization system. Where a bare metal cloud provider does not provide adequate facilities to implement broadcast operations, the approach would capture broadcast packets, and from the captured packets, generate calls to the cloud provider to implement configuration changes to reflect the changes desired by the broadcast packets.

A method supports service level agreement monitoring in a software defined network. The software defined network has forwarding elements and a software defined network controller for controlling the forwarding elements. Data flows are transmitted between a first end-path forwarding element, of the forwarding elements, and a second end-path forwarding element, of the forwarding elements, via at least one intermediate forwarding element, of the forwarding elements. The software defined network controller configures the intermediate forwarding element such that a probe triggering packet is generated based on local information of the intermediate forwarding element. The software defined network controller configures at least one of the first end-path forwarding element or the second end-path forwarding element such that an end-to-end probing is triggered based on receiving the probe triggering packet. The end-to-end probing is performed in order to detect a service level agreement violation.

Computer program products, methods, and apparatuses, for providing and implementing the efficient detection of network component failures and restart conditions are described.