In one embodiment, a data packet message is provided which includes a routing header configured to accommodate both a deterministic source route and a probabilistic source route for encoding a nodal source route. The nodal source route is selectively encoded with one or both of a deterministic source route and a probabilistic source route based upon one or more predetermined criteria.

The present disclosure discloses a method and network device for control plane protection for various tables using storm prevention entries. Specifically, the disclosed system receives a first packet, and creates an inactive entry in a table. The system then forwards the first packet from a first processor to a second processor for processing. Also, the system associates the inactive entry with a timestamp indicating when the first packet is forwarded to the second processor, and determines a configured interval (CI) associated with the table. Further, the system compares a difference between a current timestamp and the timestamp associated with the inactive entry against the CI upon receiving a second packet. If the difference is longer than the CI, the system associates the inactive entry with the current timestamp, and forwards the second packet to the second processor for processing. Otherwise, the system discards the second packet.

A data packet extraction method and apparatus is disclosed. Two hash values calculated based on quintuple information of different data packets of a same session are the same, that is, two calculated remainders are also the same at a same sampling ratio. When one remainder of the two calculated remainders is a preset sampling remainder, all the data packets in a network that belong to the session are extracted, so as to implement data packet extraction based on a session. When the quintuple information of the different data packets of the same session matches a first mapping table, either all the data packets of the same session can match the first mapping table, or none of the data packets of the same session can match the first mapping table, so as to implement data packet extraction based on a session.

The invention relates to a method for generating a request, from a formal language instruction defining a set of ports of an interconnection network, said request including an addressing command for each one of the ports defined in the instruction, said method including the following steps: Receiving, by a communication module, a formal language instruction defining a set of ports, Processing, by a processing module, the formal language instruction so as to generate a set of numbers encoded on at least one byte, each number including position bits, each one of the position bits allowing to identify a port and at least one authorization bit, the at least one authorization bit allowing to define access rights on the ports, and Encoding, by an encoding module, the set of numbers so as to generate the request including the addressing command.

In one embodiment, a particular service chain data packet is received by a particular service node, with the service chain data packet including a header identifying service chain information. The particular service node applies a service to the particular service chain data packet. The particular service node adds service-layer operations data to the particular service chain data packet, with the service-layer operations data related to the current service function or the particular service node. Subsequently, the particular service node sends the particular service chain data packet with the service-layer operations data from the particular service node. In one embodiment, networking operations data is also added to the particular service chain data packet. In one embodiment, an egress service node removes the service-layer (and possibly networking) operations data and forwards to another system, possibly after processing this operations data.

A network switch, includes: a port configured to receive a packet from one of a first information processing device and a second information processing device: a processor configured to process the packet, wherein the processor performs operations of: extracting first information which is used for creating a request packet requesting a response of a first virtual machine executed by the first information processing device from the packet which is transmitted by the first virtual machine to a second virtual machine executed by the second information processing device; creating the request packet using the first information; transmitting the request packet to the first virtual machine; and determining an operation state of the first virtual machine based on if a response packet for the request packet is received from the first virtual machine.

Examples disclosed herein relate to controlling an unknown flow inflow to an SDN controller in a software defined network (SDN). In an example, an optimizer may be provided, between a switch and an SDN controller, to intercept an unknown flow from the switch to the SDN controller, in a software defined network. A portion of a data packet from each data packet in a plurality of data packets from the unknown flow may be aggregated at the optimizer. Only the aggregated portion of the data packet from each data packet may be sent, from the optimizer to the SDN controller, in a single package.

Techniques for configuring shared routing tables for network devices are provided. In some embodiments, a shared routing context is configured to include common routes across several local routing contexts. When a first packet is received at a first local routing context that is to be routed using one of the common routes, NAT operations may be performed on the first packet and then the shared routing context is used to process the first packet. Similarly, when a second packet is received at a second local routing context that is to be routed using the same common route, NAT operations may be performed on the second packet and then the shared routing context is used to process the second packet.

Some embodiments provide a method for implementing a logical router in a network. The method receives a definition of a logical router for implementation on a set of network elements. The method defines several routing components for the logical router. Each of the defined routing components includes a separate set of routes and separate set of logical interfaces. The method implements the several routing components in the network. In some embodiments, the several routing components include one distributed routing component and several centralized routing components.

A method and system provide an information centric network with a software defined network based on an information centric networking protocol on top of a physical network based on the internet protocol. There are forwarding elements in the physical network and a controller in the software defined network for controlling the forwarding elements. A publicly routable network address per domain for outside data object requests of named data objects is announced via the information centric network, and upon a first packet of an object request being received by an ingress element of the information centric network, the first packet is forwarded to the controller. The controller determines an object source for the requested named data object, encodes a message id into a header of the packet and establishes a forwarding path to forward the packet and further packets to the determined object source.