A disclosed method may include (1) receiving, at a network node within a network, a packet from another network node within the network, (2) identifying, within the packet, a slice label that indicates a network slice that has been logically partitioned on the network, (3) determining a QoS policy that corresponds to the network slice indicated by the slice label, (4) applying the QoS policy to the packet, and then upon applying the QoS policy to the packet, (5) forwarding the packet to an additional network node within the network. Various other apparatuses, systems, and methods are also disclosed.

Technology for establishing network communications over an overlay network among nodes of configurable network computer systems, such as the storage system nodes of a hyper-converged infrastructure system is disclosed. The nodes are configured for communication over an overlay network and overlay endpoints corresponding to the nodes are enabled for encapsulating network communications between overlay endpoints. The nodes may then communicate over a common overlay subnetwork even though they operate in different local subnetworks with different subnetwork configurations. An installer may be similarly configured for network communications with the nodes over the overlay subnetwork.

In one embodiment, a copy of an original packet of a traffic flow is created at an ingress leaf node of a cloud switch. The ingress leaf node forwards the original packet along a less-specific path through the cloud switch, the less-specific path based on a domain index of an egress domain for the original packet. The copy of the original packet is modified to create a more specific path learn request packet. The ingress leaf node forwards the more specific path learn request packet along the less-specific path through the cloud switch. The ingress leaf node received back a more specific path learn request reply packet that includes an indication of a fabric system port. The ingress leaf node then programs a forwarding table based on the indication of the fabric system port, to have subsequent packets of the traffic flow forwarded along a more-specific path.

A data packet from a sub-virtual routing and forwarding (sub-VRF) in a virtual routing and forwarding (VRF) is received. The VRF includes more than one sub-VRF. A value in a Border Gateway Protocol (BGP) attribute attached to the data packet is determined. Based on the value in the BGP attribute, whether to route the data packet to a different sub-VRF in the VRF is determined.

This application discloses a packet processing method and an LSR. The method includes: receiving, by an Ingress LSR of a first MPLS tunnel, a first notification packet that is based on an IGP, where the first notification packet includes an ELC flag, which is used to indicate that the first Egress LSR has ELC; after learning from the first notification packet that the first Egress LSR has ELC, inserting a label into a first packet, to generate a second packet, where the label forms an MPLS label stack, which includes, from bottom to top, a first EL, a first ELI, and a first TL; and sending the second packet to the first Egress LSR through the first MPLS tunnel.

Methods, apparatus, and systems for incorporating a dynamic interface into an expandable network device. A section of memory of the expandable network device is partitioned for the dynamic interface and the dynamic interface is loaded into the partitioned section of the memory. A hardware interface of the expandable network device is configured to communicate with the dynamic interface under a control of the dynamic interface; and a communication channel is established between a network interface of the expandable network device and the hardware interface of the expandable network device via the dynamic interface.

Techniques are described for providing security extensions to neighbor discovery in Ethernet Virtual Private Network (EVPN). For example, a network device that implements Ethernet Virtual Private Network (EVPN) receives a neighbor discovery response message including a nonce originated by a second network device and not originated by the first network device. The network device processes the neighbor discovery response message including the nonce originated by the second network device and not originated by the first network device.

A stack group merging system includes a first stack group including a first master stack device and first slave stack device(s), and a second stack group includes a second master stack device and second slave stack device(s). The first master stack device determines a first total data traffic amount transmitted by itself and the first slave stack device(s) in the first stack group. The second master stack device determines a second total data traffic amount transmitted by itself and the second slave stack device(s) in the second stack group. The first and second master stack devices exchange the first and second total data traffic amounts, and the master stack device in the stack group that transmits a higher total data traffic amount then operates as a master slave device for a merged stack group including the first and second stack group.

A Layer 2 network switch is partitionable into a plurality of switch fabrics. The single-chassis switch is partitionable into a plurality of logical switches, each associated with one of the virtual fabrics. The logical switches behave as complete and self-contained switches. A logical switch fabric can span multiple single-chassis switch chassis. Logical switches are connected by inter-switch links that can be either dedicated single-chassis links or logical links. An extended inter-switch link can be used to transport traffic for one or more logical inter-switch links. Physical ports of the chassis are assigned to logical switches and are managed by the logical switch. Legacy switches that are not partitionable into logical switches can serve as transit switches between two logical switches.

This application discloses a packet processing method and an LSR. The method includes: receiving, by an Ingress LSR of a first MPLS tunnel, a first notification packet that is based on an IGP, where the first notification packet includes an ELC flag, which is used to indicate that the first Egress LSR has ELC; after learning from the first notification packet that the first Egress LSR has ELC, inserting a label into a first packet, to generate a second packet, where the label forms an MPLS label stack, which includes, from bottom to top, a first EL, a first ELI, and a first TL; and sending the second packet to the first Egress LSR through the first MPLS tunnel. According to the solutions of this invention, a Transit LSR of the first MPLS tunnel may perform load balancing when forwarding the second packet.