A network function virtualization service includes an action implementation layer and an action decisions layer. On a flow of network traffic received at the service, the action implementation layer performs a packet processing action determined at the action decisions layer.

Provided are a network system and a network bandwidth control management method capable of preventing packets that need to preferentially flow from being discarded at a time of high load. A network system includes an external switch that is provided between a virtualization platform and an external network and configured to control a bandwidth amount of packets flowing into an open virtual switch, and an network control management device that is configured to modify a configuration of bandwidth control and priority control of the external switch in response to addition or deletion of a service of the virtualization platform based on information acquired from compute nodes, a network node, and a controller node.

Generally, this disclosure describes techniques for buffer management based on link status. A host platform may include a Baseboard Management Controller (BMC) and a network controller that includes a buffer used by the BMC. When a network controller is in a lower power link state, the BMC may attempt to send data to the link partner which causes the network controller to transition out of the low power state. However, this transition may take longer than the buffer's ability to buffer the incoming flow from the BMC. Accordingly, to avoid the need for larger buffer space, a buffer manager is used to provide flow control management of the buffer based on link status.

In accordance with embodiments disclosed herein, there are provided methods, systems, mechanisms, techniques, and apparatuses for traffic aggregation on multiple WAN backhauls and multiple distinct LAN networks; for traffic load balancing on multiple WAN backhauls and multiple distinct LAN networks; and for performing self-healing operations utilizing multiple WAN backhauls serving multiple distinct LAN networks. For example, in one embodiment, a first Local Area Network (LAN) access device is to establish a first LAN; a second LAN access device is to establish a second LAN; a first Wide Area Network (WAN) backhaul connection is to provide the first LAN access device with WAN connectivity; a second WAN backhaul connection is to provide the second LAN access device with WAN connectivity; and a traffic aggregation unit is to form a logically bonded WAN interface over the first WAN backhaul and the second WAN backhaul. In some embodiments an optional traffic de-aggregation unit may be used.

In a communication system having multiple nodes communicably connected via a ring network, at least two of the nodes each includes: a packet distributor that receives an ordinary packet and an interrupt packet from another node and distributes the received packets; and an output switching unit that outputs the ordinary packet and the interrupt packet that are not addressed to the own node such that the interrupt packet is output more preferentially than the ordinary packet. When the output switching unit receives the interrupt packet while outputting the ordinary packet, the output switching unit outputs the interrupt packet by embedding it into the ordinary packet that is being output at a position between the header and trailer of the ordinary packet. When the ordinary packet transmitted from the other node contains an interrupt packet embedded therein, the packet distributor extracts the interrupt packet and distributes the extracted interrupt packet.

A method for redundant transmission of data telegrams between automation devices of an installation by a communication network requires a ring topology. A sending device sends out two data telegrams in different transmission directions of the communication network and a receiving device processes the data telegram arriving at the receiving device first and discards the other data telegram as a duplicate. To ensure fast transmission of data telegrams having important content, the sending automation device assigns a priority level and data telegrams having a high priority level are sent according to a first communication protocol and data telegrams having a low priority level are sent according to a different second communication protocol. A network component arranged between the sending device and the receiving device receives the data telegram, recognizes the priority level based on the communication protocol used, and forwards the data telegram taking into consideration the priority level.

A slotted message access protocol can be implemented for transmitting short packets. Each beacon period may be divided into multiple time slots. At least one time slot may be assigned to a network device per beacon period based, at least in part, on latency specifications of packets that the network device is configured to transmit. In one example, some of the unassigned time slots may be designated as contention-based time slots. Network devices may contend with each other to gain control of and transmit packets during a contention-based time slot based on the priority level of the packets to be transmitted. Network devices may also use an encryption key and an initialization vector for securely exchanging short packets. Furthermore, a repeater network device may be designated to retransmit a packet, received from an original transmitting network device, during a communication time slot assigned to the original transmitting network device.

In accordance with embodiments disclosed herein, there are provided methods, systems, mechanisms, techniques, and apparatuses for traffic aggregation on multiple WAN backhauls and multiple distinct LAN networks; for traffic load balancing on multiple WAN backhauls and multiple distinct LAN networks; and for performing self-healing operations utilizing multiple WAN backhauls serving multiple distinct LAN networks. For example, in one embodiment, a first Local Area Network (LAN) access device is to establish a first LAN; a second LAN access device is to establish a second LAN; a first Wide Area Network (WAN) backhaul connection is to provide the first LAN access device with WAN connectivity; a second WAN backhaul connection is to provide the second LAN access device with WAN connectivity; and a traffic aggregation unit is to form a logically bonded WAN interface over the first WAN backhaul and the second WAN backhaul. In some embodiments an optional traffic de-aggregation unit may be used.

Dynamic segmentation of network traffic through the use of Pre-Shared Keys (PSKs). Each defined network segment uses a different pre-shared key and a message authentication code (MAC)-signing algorithm to sign data packets with segment-specific MACs. As such, only those computer hosts/nodes that are in the network segment (i.e., have been assigned the same pre-shared key for generating and decoding the MAC signed data packets) are capable or reading the segment's network traffic. By implementing segment-specific MAC signed data packets, the present invention allows for confidential data transmission absent the need to encrypt the actual contents/data being transmitted.

A network and method for connecting devices on a Local Area Network (“LAN”) to the Internet via a Network Address Translation (“NAT”) enabled gateway and server. The gateway includes an Internet address for enabling the gateway to be addressed by the server and the LAN. A plurality of ports on the gateway enables the gateway to receive and transmit data to and from the server and the LAN. A processor divides the ports on the gateway into at least a first range and a second range of port numbers. Classified traffic identified as suitable for a higher level of QoS is assigned to the first range of port numbers, and classified traffic identified as suitable for a lower level of QoS is assigned to the second range. The gateway provides devices on the LAN with a level of QoS depending upon the port numbers to which they are assigned.