A novel design of a gateway that handles traffic in and out of a network by using a datapath pipeline is provided. The datapath pipeline includes multiple stages for performing various data-plane packet-processing operations at the edge of the network. The processing stages include centralized routing stages and distributed routing stages. The processing stages can include service-providing stages such as NAT and firewall. The gateway caches the result previous packet operations and reapplies the result to subsequent packets that meet certain criteria. For packets that do not have applicable or valid result from previous packet processing operations, the gateway datapath daemon executes the pipelined packet processing stages and records a set of data from each stage of the pipeline and synthesizes those data into a cache entry for subsequent packets.

A method performed by a network node to change a transport path for a user plane session in a radio communications network. The path prolongs along a first part between an antenna endpoint of a network node and a Packet Processing Function (PPF) instance serving the network node and a second part between the PPF instance and a Core Network (CN) endpoint. The network node identifies available CN endpoints in a CN, available PPF instances in a Radio Access Network (RAN) and of available antenna endpoints in the RAN that are available for the user plane session and comprises a number of possible transport paths for the user plane session. When detecting a change event related to the user plane session, the network node controls whether or not to change the transport path to any of the a number of possible transport paths for the user plane session.

A model-driven system automatically deploys a virtualized service, including multiple service components, on a distributed cloud infrastructure. A master service orchestrator causes a cloud platform orchestrator to retrieve a cloud services archive file, extract a cloud resource configuration template and create cloud resources at appropriate data centers as specified. The master service orchestrator also causes a software defined network controller to retrieve the cloud services archive file, to extract a cloud network configuration template and to configure layer 1 through layer 3 virtual network functions and to set up routes between them. Additionally, the master service orchestrator causes an application controller to retrieve the cloud services archive file, to extract a deployment orchestration plan and to configure and start layer 4 through layer 7 application components and bring them to a state of operational readiness.

Some embodiments provide a method for handling failure at one of several peer centralized components of a logical router. At a first one of the peer centralized components of the logical router, the method detects that a second one of the peer centralized components has failed. In response to the detection, the method automatically identifies a network layer address of the failed second peer. The method assumes responsibility for data traffic to the failed peer by broadcasting a message on a logical switch that connects all of the peer centralized components and a distributed component of the logical router. The message instructs recipients to associate the identified network layer address with a data link layer address of the first peer centralized component.

A novel method for dynamic network service allocation that maps generic services into specific configurations of service resources in a network is provided. An application that is assigned to be performed by computing resources in the network is associated with a set of generic services, and the method maps the set of generic services to the service resources based on the assignment of the application to the computing resources. The mapping of generic services is further based on a level of service that is chosen for the application, where the set of generic services are mapped to different sets of network resources according to different levels of services.

The application is at least directed to a core network including a non-transitory memory including instructions stored thereon for transferring infrequent small data to a service capability or application server on a 5G network. The core network also includes a processor operably coupled to the non-transitory memory. The processor is configured to execute the instructions of detecting a relay user equipment (UE) sending a data transfer request message to the core network based on uplink traffic generated at a remote UE and control information of the remote UE. The processor is also configured to execute the instructions of querying a database in the core network for subscription information of the remote UE based on the control information. The processor is also configured to execute the instructions of receiving the subscription information from the database. The processor is further configured to execute the instructions of processing the received subscription information. The processor is even further configured to execute the instructions of selecting a network function for transmitting the uplink traffic to the server based on the processing instruction.

A comprehensive integrated system and method includes (i) proactively monitoring a network for degraded service and to proactively make repairs to components before service outages, (ii) identifying the root causes of hard alarms and failures on a layer 1 transport network and generate trouble tickets; and (iii) after repair, verifying that repaired backbone network meets or exceeds performance criteria of Service Level Agreements (SLAs) with customers. A method includes surveilling first equipment in a network wherein the first equipment is in a controlled portion of the network, observing a set of messages wherein the set of messages relate to second equipment in a leased portion of the network, and detecting a fault in the network based on the surveilling step or the observing step. A fault based on the observing step includes the steps of receiving a first message at a first server indicating that a fault was detected in a portion of a leased network, receiving a second message at a second server indicating that the fault was detected in a portion of the leased network, and isolating the fault based on the first message and the second message.

An automated infrastructure switch system is disclosed, wherein an infrastructure switch is configured to automatically provision resources between electronic devices when those electronic devices are connected to internal network transceivers of the switch. The infrastructure switch automatically sets up a private cloud system for the connected devices, which can be connected to other private cloud systems on-demand. A cloud server can maintain connectivity between discrete private cloud systems, while also automatically providing access to common resources via a public cloud.

A dynamic provisioning system includes a computer-executed portal that controls a router to, when a request message is received over a broadcast virtual local area network (VLAN), control the router to establish a dedicated VLAN between the customer communication device and the portal over a dedicated VLAN. The dedicated connection directing communication traffic from the customer computing device to the portal while inhibiting other communication traffic from the customer computing device. The portal also generates a user interface at the customer computing device using the dedicated connection in which the user interface to receive unique identifying information from the customer computing device. The portal also authenticates the customer computing device using the unique identifying information such that, when the customer computing device has been authenticated, receives selection of a communication service from the customer computing device, and establishes the selected communication service for the customer computing device.

A method for establishing end-to-end tunnels extending across multiple domains using a network element. The method includes receiving a request from a customer controller to implement a virtual network (VN) created by the customer controller, wherein the VN identifies the end-to-end tunnels extending across the multiple domains, mapping the VN to available resources based on network constraints in response to the request, and transmitting, after the VN has been mapped, a message to a network controller managing one of the domains that includes a network path used to form a portion of one of the end-to-end tunnels, wherein the message includes an association object having a Type-Length-Value (TLV) field containing a virtual network identifier binding the network path to the VN.