A system and network devices for packet processing, a network device including a processor and instructions for receiving a first packet sent by a second network node, the first packet including a format of a segment identifier of the second network node describing a length and a location of each field in the segment identifier, obtaining the format based on the first packet, the segment identifier having a first field, and including a determined value of the first field in the segment identifier in a second packet sent to the second network node, the value of the first field in the segment identifier being determined based on a segment routing policy and the format, and the determined value of the first field indicating to the second network node to process the second packet.

A method for identifying and controlling remote user equipment on a network side includes: receiving, by a session management device, an identifier of a remote user equipment, and generating, based on the identifier, a policy related to the remote user equipment, where the policy includes the identifier of the remote user equipment; sending the policy to a user plane function device; and identifying, by the user plane function device, a packet of the remote user equipment based on the policy, and implementing policy control on the remote user equipment based on the policy. According to the method, the network side can be compatible with service access of the remote user equipment and can perform service management and policy control on the remote user equipment.

A method for identifying and controlling remote user equipment on a network side includes: receiving, by a session management device, an identifier of a remote user equipment, and generating, based on the identifier, a policy related to the remote user equipment, where the policy includes the identifier of the remote user equipment; sending the policy to a user plane function device; and identifying, by the user plane function device, a packet of the remote user equipment based on the policy, and implementing policy control on the remote user equipment based on the policy. According to the method, the network side can be compatible with service access of the remote user equipment and can perform service management and policy control on the remote user equipment.

The present disclosure discloses a method, device and storage medium for creating a bi-directional segment routing (SR) tunnel, the method includes: carrying out capability negotiation for whether to support creation of a bi-directional SR tunnel by messaging during a process in which a first network element establishes a session with a second network element; and if support, sending, by the first network element, an SR tunnel create message carrying a bi-directional flag bit to the second network element so that the second network element is capable of determining, in accordance with the bi-directional flag bit, whether a bi-directional tunnel or a unidirectional tunnel is to be created.

The present disclosure discloses a method, device and storage medium for creating a bi-directional segment routing (SR) tunnel, the method includes: carrying out capability negotiation for whether to support creation of a bi-directional SR tunnel by messaging during a process in which a first network element establishes a session with a second network element; and if support, sending, by the first network element, an SR tunnel create message carrying a bi-directional flag bit to the second network element so that the second network element is capable of determining, in accordance with the bi-directional flag bit, whether a bi-directional tunnel or a unidirectional tunnel is to be created.

In some embodiments, a method sets a threshold for utilization of a first table, wherein the utilization is based on layer 3 addresses and layer 2 addresses being stored in the first table. When a utilization of the first table does not meet the threshold, the method stores a layer 3 address in the first table. The first table uses a first type of lookup to determine a next hop address for the layer 3 addresses or the layer 2 addresses, and the first table also stores one or more layer 2 addresses. When the utilization of the first table meets the threshold, the method stores the layer 3 address in a second table where the second table uses a second type of lookup to determine the next hop address for layer 3 addresses.

In some embodiments, a method sets a threshold for utilization of a first table, wherein the utilization is based on layer 3 addresses and layer 2 addresses being stored in the first table. When a utilization of the first table does not meet the threshold, the method stores a layer 3 address in the first table. The first table uses a first type of lookup to determine a next hop address for the layer 3 addresses or the layer 2 addresses, and the first table also stores one or more layer 2 addresses. When the utilization of the first table meets the threshold, the method stores the layer 3 address in a second table where the second table uses a second type of lookup to determine the next hop address for layer 3 addresses.

Techniques for using global virtual network instance (VNI) labels in a multi-domain network to route network data with a multi-tenant network overlay are described herein. A routing device provisioned in a network domain of the multi-domain network may register with a service discovery system of the network domain for use of network configuration data to establish routes through the multi-domain network with network nodes. Each network domain of the multi-domain network may include an application programming interface (API) server for processing API requests to make changes to configurations of a network domain. A border gateway protocol (BGP) large community may be utilized to encode global VNI labels, network addresses, local next hop nodes, and/or additional network information and sent to routing devices provisioned in separate network domains. A service chain may be signaled by global VNI labels to route network traffic through various services prior to reaching a destination endpoint.

A method is disclosed, comprising: receiving a first and a second Internet Protocol (IP) packet at a mesh network node; tagging the first and the second IP packet at the mesh network node based on a type of traffic by adding an IP options header to each of the first and the second IP packet; forwarding the first and the second IP packet toward a mesh gateway node; filtering the first and the second IP packet at the mesh gateway node based on the added IP options header by assigning each of the first and the second IP packet to one of a plurality of message queues, each of the plurality of message queues having a limited forwarding throughput; and forwarding the first and the second IP packet from the mesh gateway node toward a mobile operator core network, thereby providing packet flow filtering based on IP header and traffic type.

A method is disclosed, comprising: receiving a first and a second Internet Protocol (IP) packet at a mesh network node; tagging the first and the second IP packet at the mesh network node based on a type of traffic by adding an IP options header to each of the first and the second IP packet; forwarding the first and the second IP packet toward a mesh gateway node; filtering the first and the second IP packet at the mesh gateway node based on the added IP options header by assigning each of the first and the second IP packet to one of a plurality of message queues, each of the plurality of message queues having a limited forwarding throughput; and forwarding the first and the second IP packet from the mesh gateway node toward a mobile operator core network, thereby providing packet flow filtering based on IP header and traffic type.