Instantiating a Network Service described by a Forwarding Graph comprising Virtual Network Functions, VNF instances, which are interconnected via communication links. This includes splitting the Forwarding Graph into n VNF Elementary Graphs, VNF EGs. Each of the VNF EGs for a VNF Instance includes routing information for forwarding, by that VNF instance and to another VNF instance, packets output by that VNF instance based on a packet class identifier included in the packet. Each of the VNF EGs is transmitted to the corresponding VNF instance for that VNF EG. Each of the VNF instances, when outputting a packet handled by it, then transmits the packet to a next VNF instance based on the packet class identifier included in the packet.

Embodiments of this application relate to the field of communication technologies, and provide a routing information publishing method. The method includes: An edge transport device connected to a first edge device in a first network domain receives, based on a control plane protocol message, first routing information that is from a controller and that includes an address of a second edge device in a second network domain and a destination address of the second network domain, and sends the first routing information to the first edge device, so that the first edge device generates, based on the first routing information, a forwarding table that is of the first edge device and that is used to indicate a forwarding relationship between the first network domain and the second network domain.

Embodiments of this application relate to the field of communication technologies, and provide a routing information publishing method. The method includes: An edge transport device connected to a first edge device in a first network domain receives, based on a control plane protocol message, first routing information that is from a controller and that includes an address of a second edge device in a second network domain and a destination address of the second network domain, and sends the first routing information to the first edge device, so that the first edge device generates, based on the first routing information, a forwarding table that is of the first edge device and that is used to indicate a forwarding relationship between the first network domain and the second network domain.

Provided are methods and apparatuses for updating a route. In the present disclosure, when an access device receives a first host route and a first sequence number sent by a BGP peer of the access device, regardless of the value of the first sequence number, the first host route is used as a route used by the access device to forward data to a target host, and a recorded first ARP entry corresponding to the target host is deleted, so as to trigger the BGP peer of the access device, for example, a convergence device, to withdraw host routes associated with the first ARP entry based on the existing route withdrawal mechanism.

In general, the disclosure describes techniques for measuring edge-based quality of experience (QoE) metrics. For instance, a network device may construct a topological representation of a network, including indications of nodes and links connecting the nodes within the network. For each of the links, the network device may select a node device of the two node devices connected by the respective link to measure one or more QoE metrics for the respective link, with the non-selected node device not measuring the QoE metrics. In response to selecting the selected node device, the network device may receive a set of one or more QoE metrics for the respective link for data flows flowing from the selected node device to the non-selected node device. The network device may store the QoE metrics and determine counter QoE metrics for data flows flowing from the non-selected node device to the selected node device.

A machine learning technology-based fault management system for network equipment that supports SDN OpenFlow protocol that includes an L2 switch or a router, which is network equipment connected to a client; and an Artificial Intelligence (AI)-based Software Defined Network (SDN) controller requested for management commands for each scenario when the L2 switch or the router, which is network equipment connected to the client, encounters a network fault so that a Simple Network Management System (SNMP) agent installed in the L2 switch and the router determines the type of fault occurred on a network and AI is employed to recover from a current fault through learning results from past data. An effect is achieved that not only service quality is improved through real-time fault management using an AI-based automatic response against a network fault but also a fault is precisely overcome by using the AI-based automatic response.

The present invention relates to a DDoS attack detection and mitigation method for an industrial SDN network, and belongs to the field of network security. According to the method, by means of the cooperation between an east-west interface of an SDN controller in an industrial backhaul network and a system manager of an industrial access network, in conjunction with the features of the industrial backhaul network and an industrial access network data packet, a flow entry matching field of an OpenFlow switch is extended, and a flow table 0 is set to be a “flow table dedicated to DDoS attack mitigation” for defending against an attacking data flow in a timely manner. By using the SDN controller of an industrial backhaul network and a DDoS attack detection and mitigation system, an attacking data flow is identified and a DDoS attack source is found, and the policy of mitigating a DDoS attack is implemented by means of scheduling a system manager of the industrial access network. According to the present invention, the normal traffic of an industrial backhaul network and an industrial access network is ensured, and a threat posed by a DDoS attack to the security of an industrial network is overcome.

Methods, systems, and apparatus, including computer-readable storage media, optimizing interior gateway protocol (IGP) metrics using reinforcement learning (RL) for a network domain. The system can receive a topology (G) of a network domain, a set of flows (F), and an objective function. The system can optimize, using reinforcement learning, the objective function based on the received topology and the one or more flows F. The system can determine updated IGP metrics based on the optimization of the objective function. The IGP metrics for the metric domain may be updated with the updated IGP metrics.

A network control system that includes several controllers for managing several switching elements. Each controller includes a network information base (NIB) storage that stores data regarding the switching elements and a secondary storage for facilitating replication of at least a portion of data across the NIB storages of the different controllers. In some embodiments, the primary purpose for one or more of the secondary storage structures is to back up the data in the NIB. In these or other embodiments, one or more of the secondary storage structures serve a purpose other than backing up the data in the NIB. In some embodiments, the NIB is stored in system memory while the system operates for fast access of the NIB records. In some embodiments, one or more of the secondary storage structures are stored on disks which can be slower to access.

Methods, systems, and apparatus, including computer-readable storage media, optimizing interior gateway protocol (IGP) metrics using reinforcement learning (RL) for a network domain. The system can receive a topology (G) of a network domain, a set of flows (F), and an objective function. The system can optimize, using reinforcement learning, the objective function based on the received topology and the one or more flows F. The system can determine updated IGP metrics based on the optimization of the objective function. The IGP metrics for the metric domain may be updated with the updated IGP metrics.