A network device includes at least one communication ingress port, ingress packet processing circuitry and a packet-action cache memory (PACM). The at least one communication ingress port is configured to receive packets including packet headers from a network. The ingress packet processing circuitry is configured to receive the packets and to process the packets in accordance with respective packet actions specified for the packets. The PACM is configured to store one or more of the packet actions in association with one or more respective fingerprints which are calculated over the packet headers of the corresponding packets, for use by the ingress packet processing circuitry. The fingerprints are smaller than the corresponding packet headers.

A packet sending method includes obtaining, by a client device, an Internet Protocol (IP) anycast address of the anycast server cluster and an IP unicast address of the target server, generating, by the client device, an IP detection packet, where the IP detection packet is used to detect whether the target server is reachable based on the IP anycast address, and the IP detection packet includes the IP anycast address and the IP unicast address of the target server, and instructs the target server to replace the IP unicast address of the target server with the IP anycast address, and sending, by the client device, the IP detection packet to the target server.

Some aspects of the methods and systems presented relate to performing stateless address translation between IPv4 capable devices to IPv6 capable networks and devices. Stateless address translation may form a new IPv6 addresses by combining the IPv4 address of a device with an IPv6 prefix address assigned to the translator. The translation may also combine the IPv4 destination address and UDP port information with the new IPv6 address. Existing Domain Name Systems (DNSs) may be leveraged for resolving the IPv4 and IPv6 addresses across different networks.

Some embodiments of the invention provide a forwarding element that can be configured through in-band data-plane messages from a remote controller that is a physically separate machine from the forwarding element. The forwarding element of some embodiments has data plane circuits that include several configurable message-processing stages, several storage queues, and a data-plane configurator. A set of one or more message-processing stages of the data plane are configured (1) to process configuration messages received by the data plane from the remote controller and (2) to store the configuration messages in a set of one or more storage queues. The data-plane configurator receives the configuration messages stored in the set of storage queues and configures one or more of the configurable message-processing stages based on configuration data in the configuration messages.

Data-driven intelligent networking systems and methods are provided. The system can accommodate dynamic traffic while applying injection limits to different traffic classes at an ingress edge port. The system can maintain state information of individual packet flows, which can be set up or released dynamically based on injected data. Each flow can be provided with a flow-specific input queue upon arriving at a switch. Packets of a respective flow can be acknowledged after reaching the egress point of the network, and the acknowledgement packets can be sent back to the ingress point of the flow along the same data path. Furthermore, an edge switch can dynamically allocate the ingress port bandwidth among the traffic classes that are active at a given moment.

A method and network device for network traffic flooding. Specifically, the method and network device disclosed herein implement the mitigation of the lack of data-link layer (or L2 ) addressing resolutions, usually learned by or programmed manually into the network device, through the flooding of affected network traffic across identified network broadcast domains. Flooding of the network traffic in the aforementioned manner may ensure that at least the destination(s) of the network traffic receives the network traffic at least in scenarios where which it is unknown out of which particular physical network interface(s) should the network traffic be transmitted to reach the destination(s).

A method of utilizing the same hardware network interface card (NIC) in a gateway of a datacenter to communicate datacenter tenant packet traffic and packet traffic for a set of applications that execute in the user space of the gateway and utilize a network stack in the kernel space of the gateway. The method sends and receives packets for the datacenter tenant packet traffic through a packet datapath in the user space. The method sends incoming packets from the NIC to the set of applications through the datapath in the user space, a user-kernel transport driver connecting the kernel network stack to the datapath in the user space, and the kernel network stack. The method receives outgoing packets at the NIC from the set of applications through the kernel network stack, the user-kernel transport driver, and the data path in the user space.

A method including: receiving, at a video conferencing device, a packet of a video conferencing media stream, the video conferencing device including a processor; determining, by the video conferencing device, whether a length of the packet is sufficiently long to contain media; sending a request to a Look-up Table memory using the media stream ID as an input value while in parallel determining, with the processor, whether the packet is a valid media packet; in response to receiving a destination address in a media processing network from the Look-up Table memory and determining that the packet is a valid media packet, modifying, by the video conferencing device, a header of the packet with the destination address received from the Look-up Table memory; and transmitting, by the video conferencing device, the packet to the modified destination address.

One embodiment of the present invention provides a switch in a network of interconnected switches. The switch includes a storage device, a hardware management apparatus, and a layer-2 management apparatus. The storage device stores a forwarding table, which includes an entry comprising a MAC address and an egress port for the MAC address. The hardware management apparatus determines whether a destination MAC address of a frame is present in a hardware table in memory of the switch. The layer-2 management apparatus, in response to a determination that the destination MAC address is not present in the hardware table, looks up a first entry comprising the destination MAC address in the forwarding table, and creates a second entry comprising the destination MAC address in the hardware table based on the first entry.

An integrated circuit includes an exact-match flow table structure, a crossbar switch, and an egress packet modifier. Each flow entry includes an egress action value, an egress flow number, and an egress port number. A Flow Id is generated from an incoming packet. The Flow Id is used to obtain a matching flow entry. A portion of the packet is communicated across the crossbar switch to the egress packet modifier, along with the egress action value and flow number. The egress action value is used to obtain non-flow specific header information stored in a first egress memory. The egress flow number is used to obtain flow specific header information stored in a second egress memory. The egress packet modifier adds the header information onto the portion of the packet, thereby generating a complete packet. The complete packet is then output from an egress port indicated by the egress port number.