A queue management method, system, and recording medium include Selective Acknowledgments (SACK) examining to examine SACK blocks of a forwarder to selectively drop packets in a forward flow queue based on a reverse flow queue and MultiPath Transmission Control Protocol (MPTCP) examining configured to perform a first examining to examine multipath headers to recognize MPTCP flows based on a comparison between two subflows being a part of a same superflow and a second examining to examine the reverse flow queue to determine if redundant data has been sent based on a result of the first examining, a packet in the forward flow queue from a prior transmission being dropped from the forward flow queue sent from the forwarder to a receiver if a metadata of the packet does not match a metadata of an acknowledged packet in the reverse flow queue.

Various embodiments comprise systems, methods, mechanisms, and apparatus providing a traffic management function suitable for use at an intermediate Transmission Control Protocol (TCP) node (e.g., a cable modem) through which TCP uplink (UL) and downlink (DL) session traffic flows via respective linked UL and DL buffers is configured to manage ACK/NACK message insertion into the DL buffer to provide accelerated TCP UL packet size increases to so as to rapidly increase TCP UL data flow through the intermediate network node, and to provide constrained TCP UL packet size so as to rapidly decrease TCP UL data flow (apply backpressure) so as to avoid a buffer overflow condition.

The present technology relates to a communication system and a control apparatus that enable to properly find out a state of a network in which streaming is performed. A transmission apparatus performs streaming to a reception apparatus, and a control apparatus manages the state of a network that connects the reception apparatus and the transmission apparatus and includes a first communication line and a second communication line. The first communication line is unstable in connection state as compared with the second communication line, and the control apparatus manages the state of the network on the basis of a packet transmitted from the transmission apparatus to the reception apparatus. The present technology can be applied to a communication system that performs streaming by UDP.

Some embodiments of the invention provide a method for reporting congestion in a network that includes several forwarding elements. In a data plane circuit of one of the forwarding elements, the method detects that a queue in the switching circuit of the data plane circuit is congested, while a particular data message is stored in the queue as it is being processed through the data plane circuit. In the data plane circuit, the method then generates a report regarding the detected queue congestion, and sends this report to a data collector external to the forwarding element. To send the report, the data plane circuit in some embodiments duplicates the particular data message, stores it in the duplicate data message information regarding the detected queue congestion, and sends the duplicate data message to the external data collector.

A queue management method, system, and recording medium include Selective Acknowledgments (SACK) examining to examine SACK blocks of the forwarder to selectively drop packets in the forward flow queue based on a reverse flow queue and MultiPath Transmission Control Protocol (MPTCP) examining configured to examine multipath headers to recognize MPTCP flows and examine the reverse flow queue to determine if redundant data has been sent such that the dropping drops the redundant data.

A steering rule provision method for traffic distribution in a network and a network entity performing the same network. A session management function (SMF) may transmit a first message including a multi-access rule (MAR) to a user plane function (UPF), when establishing or modifying a packet data unit (PDU) session for ATSSS (Access Traffic Steering, Switching, and Splitting). The SMF may receive a second message that is a response message to the first message from the UPF.

Methods, systems, and computer readable media can be operable to facilitate the spoofing of domain name system requests by a customer premise equipment (CPE) device. The CPE device may detect and block a DNS (domain name system) request received from a client device, and the CPE device may generate a DNS response that includes a pre-configured redirect address. The CPE device may block an identified DNS request when the CPE device is unable to retrieve content associated with the DNS request. The CPE device may output the DNS response to the client device from which the DNS request was received, and in response, the client device may output a request on the pre-configured redirect address that is included within the DNS response. The redirect address may direct the client device to an alternate content source.

To suppress reduction in facility utilization efficiency occurring on for a communication carrier and reduction in feeling quality occurring on users caused by a relay device arranged at a boundary between two networks comprising a mobile network. The relay device comprises a proxy part that terminates each of TCP communications with a data providing side apparatus and with a data transmission destination apparatus to be a transmission destination of data received from the data providing side apparatus; a transmission buffer that stores data to be transmitted to the data transmission destination apparatus among data received from the data providing side apparatus; a reception ability prospecting part that prospects reception ability of the data transmission destination apparatus based on vacant volume of the transmission buffer; and a transfer rate control part that instructs the data providing side apparatus of a transfer rate based on the reception ability of the data transmission destination apparatus.

The present technology relates to a communication system and a control apparatus that enable to properly find out a state of a network in which streaming is performed.

A transmission apparatus performs streaming to a reception apparatus, and a control apparatus manages the state of a network that connects the reception apparatus and the transmission apparatus and includes a first communication line and a second communication line. The first communication line is unstable in connection state as compared with the second communication line, and the control apparatus manages the state of the network on the basis of a packet transmitted from the transmission apparatus to the reception apparatus. The present technology can be applied to a communication system that performs streaming by UDP.

Endpoint security systems and methods include a distance estimation module configured to calculate a travel distance between a source Internet Protocol (IP) address and an IP address for a target network endpoint system from a received packet received by a network gateway system based on time-to-live (TTL) information from the received packet. A machine learning model is configured to estimate an expected travel distance between the source IP address and the target network endpoint system IP address based on a sparse set of known source/target distances. A spoof detection module is configured to determine that the received packet has a spoofed source IP address based on a comparison between the calculated travel distance and the expected travel distance. A security module is configured to perform a security action at the network gateway system responsive to the determination that the received packet has a spoofed source IP address.