A communication apparatus which includes a plurality of network interfaces stores the address of the communication apparatus in a network in association with one of the plurality of network interfaces, decides, if there is a signal to be transmitted, a network interface to be used to transmit the signal out of the plurality of network interfaces, determines whether one or more first addresses associated with the decided network interface are stored, and performs control, if at least one of the first addresses is stored, so as to select the second address out of the first addresses based on a value at least used to set a communicable range, and transmit the signal to be transmitted by using the second address as a transmission source address.

A wireless communication device, comprising radio frequency transceivers which transmit outbound messages to targeted receivers, and receive the inbound messages addressed to the respective transceiver; each having a processor which controls the transceiver to establish communication sessions according to a protocol, and processes targeting and address information. The transceiver communicates with a telephone device having a telephone address book containing information which defines the targets and address for a telephone network and perhaps other networks. The address book entries are human editable through a human machine user interface. The address book entries are intended for centrally controlled switch networks having hierarchically formatted address information, but since these are at least quasi-unique, they are used as address labels in an unswitched peer-to-peer network formed of the transceivers. This permits a common address scheme across the peer-to-peer network and switched network of the telephone device.

An access-control device that controls access to encrypted messages. During operation, the access-control device can receive an access key for a corrupted message, and can receive a cover message digest associated with the corrupted message. The access-control device stores the access key in association with the cover message digest, and stores the cover message digest in a block chain. A respective block of the block chain includes at least one cover message digest, and a hash value of a previous block of the block chain.

Embodiments of the present invention provide an access network system, and a data packet processing method and apparatus. The system includes: a controller, configured to perform configuration a flow table for a switching module and a protocol function for at least one functional module; the switching module, configured to send a first data packet to a first functional module of the at least one functional module according to the flow table configured by the controller, where the first functional module is a functional module first indicated in the flow table to process the first data packet; and the at least one functional module, configured to process the first data packet according to the protocol function configured by the controller.

Systems, methods, and computer-readable media provide for collection of statistics relating to network traffic between virtual machines (VMs) in a network. In an example embodiment, a virtual switch hosted on a physical server provides network address information of VMs deployed on the physical server to a virtual switch controller. The controller collects this network address information from each virtual switch under its control, and distributes the aggregate address information to each switch. In this manner, the controller and each switch within the controller's domain can learn the network address information of each VM deployed on physical servers hosting switches under the controller's control. Each virtual switch can determine a classification of a frame passing through the switch (e.g., intra-server, inter-server and intra-domain, or inter-domain traffic), and statistics relating to the traffic. In an example embodiment, the virtual switch controller can collect the statistics from each switch within its domain.

A communication device may be configured to access a plurality of subscriptions for a plurality of providers. For example, a communication device may be configured with at least one subscriber identity module (SIM). For a communication device having a plurality of subscriptions accessible thereto, the selection of a subscription to connect to a destination network may be configurable. The selection of a subscription from a plurality of available subscriptions may be based on a cost (e.g., financial cost, data cost, or another resource) associated with connecting to a destination network using different subscriptions. For example, a first subscription may be selected if connection to the destination network is more expensive using a second subscription and/or if the balance on the second subscription is too low.

Aspects of the embodiments are directed to receiving an address resolution protocol (ARP) request message from a requesting virtual machine, the ARP request message comprising a request for a destination address for a destination virtual machine, wherein the destination address comprises one or both of a destination hardware address or a destination media access control address; augmenting the ARP request message with a network service header (NSH), the NSH identifying an ARP service function; and forwarding the augmented ARP request to the ARP service function.

Two methods are described to enable the communication between two service layer entities that do not have registration relations. In the first method, service layer entities employ a retargeting table that stores the service layer entity to retarget the message in order to deliver the message to the destination. In a second method, an infrastructure node in a service provider employs a retargeting chain table that stores a chain of entities that can retarget the message to the destination.

The disclosure provides an approach for pre-filtering traffic in a logical network. One method includes receiving, by a hypervisor, a packet from a virtual computing instance (VCI) and determining a service path for the packet based on a service table. The method further includes setting, by the hypervisor, a pre-filter component as a next hop for the packet based on the service path. The method further includes receiving, by the pre-filter component, the packet. The method further includes making a determination, by the pre-filter component, of whether the packet requires processing by the security component. The method further includes performing, by the pre-filter component, based on the determination, one of: forwarding the packet to its destination and bypassing the security component; or forwarding the packet to the security component.

The disclosure provides an approach for pre-filtering traffic in a logical network. One method includes receiving, by a hypervisor, a packet from a virtual computing instance (VCI) and determining a service path for the packet based on a service table. The method further includes setting, by the hypervisor, a pre-filter component as a next hop for the packet based on the service path. The method further includes receiving, by the pre-filter component, the packet. The method further includes making a determination, by the pre-filter component, of whether the packet requires processing by the security component. The method further includes performing, by the pre-filter component, based on the determination, one of: forwarding the packet to its destination and bypassing the security component; or forwarding the packet to the security component.