This application provides a packet processing method and a device. In this application, a control identifier field is added to a packet, and the control identifier field indicates whether forwarding of the packet is allowed when a resource corresponding to a slice identifier fails to be matched. The control identifier field and a slice identifier of a network slice are carried in the packet, so that the slice identifier and the control identifier field are transmitted on a network together. When a receive end fails to match the resource corresponding to the slice identifier, the receive end can discard the packet based on the control identifier field, instead of forwarding the packet by using routing information.

A Self-Describing Packet block (SDPB) is defined that allows concurrent processing of various fixed headers in a packet block defined to take advantage of multiple cores in a networking node forwarding path architecture. SPDB allows concurrent processing of various pieces of header data, metadata, and conditional commands carried in the same data packet by checking a serialization flag set upon creation of the data packet, without needing to serialize the processing or even parsing of the packet. When one or h more commands in one or more sub-blocks may be processed concurrently, the one or more commands are distributed to multiple processing resources for processing the commands in parallel. This architecture allows multiple unique functionalities each with their own separate outcome (execution of commands, doing service chaining, performing telemetry, allows virtualization and path steering) to be performed concurrently with simplified packet architecture without incurring additional encapsulation overhead.

The present disclosure relates to systems, methods, and computer-readable media for data from a first multi-dimensional memory block to a second multi-dimensional memory block. For example, systems described herein facilitate transferring data between memory blocks having different shapes from one another. The systems described herein facilitate transferring data between different shaped memory blocks by identifying shape properties and other characteristics of the data and generating a plurality of network packets having control data based on the identified shape properties and other characteristics. This data included within the network packets enables memory controllers to determine memory addresses on a destination memory block to write data from the network packets. Features described herein facilitate efficient transfer of data without generating a linearized copy that relies on constant availability of significant memory resources.

A plurality of switches may be arranged according to a spine and leaf topology in which each spine switch is connected to all leaf switches. A leaf switch includes a memory configured to store a plurality of policies, each of the plurality of policies being associated with a respective source identifier value and a respective destination address; a network interface communicatively coupled to one of the spine switches; and a processor implemented in circuitry and configured to: receive a packet from the spine switch via the network interface, the packet being encapsulated with a Virtual Extensible Local Area Network (VXLAN) header; extract a source identifier value from the VXLAN header; determine a destination address for the packet; determine a policy of the plurality of policies to apply to the packet according to the source identifier value and the destination address; and apply the policy to the packet.

A user plane function (UPF) node may receive a packet for traffic associated with a user equipment (UE). During packet classification, the UPF node may identify that a packet filter for the packet is not found in a packet filter set of an existing Quality of Service (QoS) Flow. In response, the UPF node may configure the packet filter in the packet filter set of the QoS Flow based on a flow tuple of the packet. The UPF node may send, to a control plane function node, a message which indicates a request for adding the flow tuple to the QoS Flow. The message may be for triggering communication of a message which indicates a session modification command for receipt by the UE, for adding an uplink packet filter that is based on the flow tuple for the QoS Flow.

Network traffic flows can be processed by routers, switches, or service nodes. Service nodes may be ASICs that can provide the functionality of a switch or a router. Service nodes can be configured in a circular replication chain, thereby providing benefits such as high reliability. The service nodes can implement methods that include receiving a first packet that includes a source address in a source address field and that includes a destination address in a destination address field. The first packet can be routed to a selected service node that is in the replication chain that includes a plurality of service nodes that are configured for chain replication of a service state information. A service node configured for NAT or some other service can use the first packet to produce a translated packet that can be transmitted toward a destination indicated by the destination address.

A method and system for implementing L3VPN based on a two-dimensional routing protocol. The method includes the following steps of: activating an L3VPN network to obtain a route destined to each user site; sending, by a user in a source user site, a packet to a user in a target user site, and sending the packet to an entry of a first edge routing device; performing encapsulation by the first edge routing device based on a public network IP address of the packet; and forwarding, by means of matching of two-dimensional routing, the encapsulated packet to an exit of the first edge routing device for decapsulation, and forwarding the same to the target user site via an entry of a second edge routing device.

[Problem] Change the distribution logic flexibly. [Solution] A control apparatus includes a communication unit (NIC20) configured to receive a packet from a network, a plurality of first control units (3a, 3b, 3c, 3d) configured to function as a plurality of virtual control units (VM1a, 1b, 1c, . . . ), a distribution circuit (Balancer 10a) configured to distribute the received packet to a plurality of dispatchers, a plurality of second control units (Dispatcher 4a, 4b, 4c, and 4d) configured to distribute the packet distributed by the distribution circuit to the plurality of virtual control units (VM1a, 1b, 1c, . . . ), in which the distribution circuit is configured by a PLD.

The present technology discloses data communication in a network. A node in the network receives an internet protocol (IP) data packet. The IP data packet has a header and a payload. The node performs actions on the IP data packet based on specifications in the header of the IP data packet. The node then forwards the IP data packet based on the specifications in the header of the IP data packet to a next hop node in the network.

The present disclosure is directed to a method of detecting anomalous behaviors based on a temporal profile. The method can include collecting, by a control system comprising a processor and memory, a set of network data communicated by a plurality of network nodes over a network during a time duration. The method can include identifying, by the control system, one or more seasonalities from the set of network data. The method can include generating, by the control system, a temporal profile based on the one or more identified seasonalities. The method can include detecting, by the control system and based on the temporal profile, an anomalous behavior performed by one of the plurality of network nodes. The method can include identifying, by the control system and based on the temporal profile, a root cause for the anomalous behavior.