One embodiment of the present invention provides a system for facilitating layer-2 subnet extension. During operation, the system can query, from a first administrative domain, a remote database of a second administrative domain for configuration information associated with one or more remote network segments. The system can obtain, from a user interface of the first administrative domain, an instruction for performing layer-2 subnet extension from a first network segment under the first administrative domain to a second network segment of the one or more remote network segments for providing a common layer-2 broadcast domain. The system can then send a remote instruction executable in the second administrative domain for configuring a remote endpoint for the extension. The system can also configure a local endpoint in the first network segment for the extension. Subsequently, the system can establish a data connection between the local and remote endpoints for the extension.

A system includes a software-defined wide area network having a software-defined wide area network control plane and a software-defined wide area network user plane; wherein the wide area network control plane is configured to operate in a first network and the wide area network user plane is configured to operate in a second network and further configured to communicate with the wide area network control plane, a serving gateway user plane in communication with the software-defined wide area network user plane, wherein the serving gateway user plane is configured to operate in the second network and further configured to communicate wirelessly with a device, and wherein the wide area network user plane is configured to route a communication between the device and a destination.

Some embodiments provide a method for handling failure at one of several peer centralized components of a logical router. At a first one of the peer centralized components of the logical router, the method detects that a second one of the peer centralized components has failed. In response to the detection, the method automatically identifies a network layer address of the failed second peer. The method assumes responsibility for data traffic to the failed peer by broadcasting a message on a logical switch that connects all of the peer centralized components and a distributed component of the logical router. The message instructs recipients to associate the identified network layer address with a data link layer address of the first peer centralized component.

A novel design of a gateway that handles traffic in and out of a network by using a datapath pipeline is provided. The datapath pipeline includes multiple stages for performing various data-plane packet-processing operations at the edge of the network. The processing stages include centralized routing stages and distributed routing stages. The processing stages can include service-providing stages such as NAT and firewall. The gateway caches the result previous packet operations and reapplies the result to subsequent packets that meet certain criteria. For packets that do not have applicable or valid result from previous packet processing operations, the gateway datapath daemon executes the pipelined packet processing stages and records a set of data from each stage of the pipeline and synthesizes those data into a cache entry for subsequent packets.

A novel method for dynamic network service allocation that maps generic services into specific configurations of service resources in a network is provided. An application that is assigned to be performed by computing resources in the network is associated with a set of generic services, and the method maps the set of generic services to the service resources based on the assignment of the application to the computing resources. The mapping of generic services is further based on a level of service that is chosen for the application, where the set of generic services are mapped to different sets of network resources according to different levels of services.

Various embodiments comprise systems, methods, architectures, mechanisms and apparatus providing a low-latency trading platform and/or communications system wherein one or more remote client devices communicate with a proxy server via a first communications channel, the proxy server being tightly coupled to (co-located and directly communicating with) a programmable hardware platform configured to communicate with an equities exchange system via a second communications channel, the location of the proxy server and hardware platform being proximate that of at least one equities exchange system, wherein the proxy server is updated by client device communications defining trade execution profiles associated with each of a plurality of equities and corresponding trading strategies, and wherein the hardware platform executes equity trades in response to substantially real time data received from the equities exchange. Various embodiments provide a mechanism for automatically provisioning the communications system in accordance with an Infrastructure as a Service (IAAS) offering from a provider of network services.

One embodiment of the present invention provides a system for facilitating layer-2 subnet extension. During operation, the system can query, from a first administrative domain, a remote database of a second administrative domain for configuration information associated with one or more remote network segments. The system can obtain, from a user interface of the first administrative domain, an instruction for performing layer-2 subnet extension from a first network segment under the first administrative domain to a second network segment of the one or more remote network segments for providing a common layer-2 broadcast domain. The system can then send a remote instruction executable in the second administrative domain for configuring a remote endpoint for the extension. The system can also configure a local endpoint in the first network segment for the extension. Subsequently, the system can establish a data connection between the local and remote endpoints for the extension.

An intelligent wireless broadband network and content delivery management within a network includes at least one datacenter, at least one network tower and a plurality of smart nodes may be provided. Each of the plurality of smart nodes may be deployed as a micro point of presence (micro POP) at the at least one datacenter the at least one tower and at each of a plurality of hub-homes within the network. An artificial intelligence (AI) capable compute unit may be configured to provide customization of the plurality of smart nodes based on usage pattern of the plurality of homes at a neighborhood level, and thereby facilitating a dynamic edge network distribution solution for better Internet experience to the end-users.

Some embodiments of the invention provide a method for deploying network elements for a set of machines in a set of one or more datacenters. The datacenter set is part of one availability zone in some embodiments. The method receives intent-based API (Application Programming Interface) requests, and parses these API requests to identify a set of network elements to connect and/or perform services for the set of machines. In some embodiments, the API is a hierarchical document that can specify multiple different compute and/or network elements at different levels of compute and/or network element hierarchy. The method performs automated processes to define a virtual private cloud (VPC) to connect the set of machines to a logical network that segregates the set of machines from other machines in the datacenter set. In some embodiments, the set of machines include virtual machines and containers, the VPC is defined with a supervisor cluster namespace, and the API requests are provided as YAML files.

A method in a virtual private network (VPN) service environment, the method including measuring, during a given interval of time, respective durations of time associated with performing a plurality of processes for configuring VPN connections; calculating average respective durations of time based at least in part on the measured respective durations of time; configuring a progress indicator to indicate a total duration of time associated with configuring a VPN connection for a user device, the total duration of time being substantially equal to a sum of the average respective durations of time; and transmitting, to the user device, information associated with the progress indicator to enable display of the progress indicator on a screen associated with the user device. Various other aspects are contemplated.