The application discloses a packet transmission method, an apparatus, and a network device. In an embodiment, a first network device obtains identification information corresponding to a service flow, and reserves a forwarding resource based on the identification information. The forwarding resource is used by the first network device to forward the service flow to a second network device. The first network device further sends a packet including the identification information to the second network device, and the second network device reserves a corresponding forwarding resource based on the identification information in the packet. Network devices perform resource reservation hop by hop by sending the packet including the identification information, and do not need to perform resource reservation based on a transmission path that is pre-calculated and planned, so that load of the network device or a controller is reduced, and resource reservation flexibility is improved.

Disclosed herein is a method performed by a network node and a network node performing the method, which implements a DNS function in a mobile network, the method comprising the actions: receiving; a DNS query that originated at a UE; in response to receiving; the DNS query, determining; to trigger dynamic activation of Local Break Out, LBO, for a session of the UE at a breakout site of the mobile network for traffic between the UE and an edge AS site that is connected to the breakout site; and upon determining; to trigger dynamic activation of LBO for the session of the UE at the breakout site of the mobile network for traffic between the UE and the edge AS site, triggering; dynamic activation of LBO for the session of the UE at the breakout site of the mobile network for traffic between the UE and the edge AS site.

The present application relates to communications between a partner network and a wide area network (WAN) via the Internet. Although Internet service providers may act as autonomous systems, the WAN may control routing from the partner network by advertising unicast border gateway protocol (BGP) address prefixes for a plurality of front-end devices in the WAN. An agent in the partner network measures a plurality of paths to a service within the WAN. Each of the plurality of paths is associated with one of the plurality of front-end devices and a respective unicast BGP address prefix. The WAN selects a path within the WAN for the service. The WAN exports a routing rule to the agent. The agent forwards data packets for the service to the respective BGP address prefix via the Internet. The WAN receives data packets for the service of the partner network at the selected device.

Techniques for using computer networking protocol extensions to route control-plane traffic and data-plane traffic associated with a common application are described herein. For instance, a traffic flow associated with an application may be established such that control-plane traffic is sent to a control-plane node associated with the application and data-plane traffic is sent to a data-plane node associated with the application. When a client device sends an authentication request to connect to the application, the control-plane node may send an indication of a hostname to be used by the client device to send data-plane traffic to the data-node. As such, when a packet including the hostname corresponding with the data-plane node is received, the packet may be forwarded to the data-plane node.

Techniques are described herein for service chaining in fabric networks such that hardware resources can be preserved without service nodes needing additional capabilities. The techniques may include storing a first configuration associated with a first VRF instance of a service forwarding node that is connected to a first service of a service chain sequence. The first configuration may indicate an identifier and a type associated with a second service of the service chain sequence where traffic is to be sent after the first service. Additionally, the techniques may also include storing a second configuration associated with a second VRF instance of the service forwarding node that is connected to the second service. The second configuration may indicate that the second service is a last service of the service chain sequence. When traffic is received at the service forwarding node, the service forwarding node can determine whether the traffic is pre-service traffic or post-service traffic.

In one embodiment, a device clusters traffic characteristics of traffic associated with a plurality of online applications into one or more clusters. The device determines representative traffic characteristics for a particular cluster in the one or more clusters. The device generates, based on the representative traffic characteristics, a probing strategy for the plurality of online applications associated with the particular cluster. The device causes path probes to be sent along one or more network paths in accordance with the probing strategy

In one embodiment, a device obtains telemetry data for network paths to a plurality of servers for an online application. The telemetry data includes application experience metrics based on feedback provided by users of the online application. The device decomposes the telemetry data for the network paths from different vantage points. The device also identifies, using the decomposed telemetry data, a particular endpoint of the online application as a cause of application experience degradation for the online application. The device provides an alert indicative of the particular endpoint of the online application being the cause of quality of experience degradation for the online application.

Embodiments of the present disclosure relate to a method, apparatus, and computer readable medium for providing a security service for a data center. According to the method, a packet terminating at or originating from the data center is received. At least one label is determined for the packet, each label indicating a security requirement for the packet. Based on the at least one label, a security service chain is selected for the packet, the security service chain including an ordered set of security functions deployed in the data center and to be applied to the packet. The packet is transmitted to the selected security service chain in association with the at least one label, the packet being processed by the ordered set of security functions in the security service chain.

The present application includes operations related to routing communications. In some embodiments, the operations may include receiving, from a third-party communication address, an incoming communication directed toward a general communication address associated with a communication system. The operations may also include routing the incoming communication to a specific communication address associated with the communication system instead of to the general communication address based on a previous outgoing communication being from the specific communication address and being directed toward the third-party communication address.

Systems and methods for contextual messaging and information routing in a distributed ledger network are disclosed. According to one embodiment, a method may include a distributed application executed by a sending entity node in a distributed ledger network: receiving a message or communication from a sending entity; identifying a context for the message or communication; retrieving capabilities of other nodes in the distributed ledger network; identifying potential receiving entities for the message or communication based on the capabilities; retrieving routing preferences for the sending entity; applying the routing preferences for the sending entity to identify a receiving entity from the potential receiving entities; and sending the message or communication to a receiving node for the receiving entity using the routing preferences, wherein the receiving node is configured to route the message or communication to the receiving entity using routing preferences for the receiving entity.