In one embodiment, a method according to the present disclosure includes receiving a topology change advertisement at a remote core edge node and performing a network address information removal operation. The topology change advertisement is received from a core edge node that is in communication with an access network. The topology change advertisement indicates that a topology change has occurred in the access network. The network address information removal operation removes network address information stored by the remote core edge node. The network address information is used by the remote core edge node in participating in communications with the core edge node.

In one embodiment, a method according to the present disclosure includes receiving a topology change advertisement at a remote core edge node and performing a network address information removal operation. The topology change advertisement is received from a core edge node that is in communication with an access network. The topology change advertisement indicates that a topology change has occurred in the access network. The network address information removal operation removes network address information stored by the remote core edge node. The network address information is used by the remote core edge node in participating in communications with the core edge node.

Top-of-rack (TOR) switches are connected to a network fabric of a data center. Each TOR switch corresponds to a rack of the data center, and is configured to provide access to the network fabric for computing devices mounted in the rack. In one method, a client device of a user is used to select various network service options. The service options correspond to services that can be provided to computing equipment of the user that is mounted in various racks of the data center. In response to receiving the selection of one or more service options, the network fabric of the data center is configured to connect the computing equipment to the selected services. In one approach, the network fabric is configured by creating and/or configuring one or more virtual networks to provide the connection to the services.

Top-of-rack (TOR) switches are connected to a network fabric of a data center. Each TOR switch corresponds to a rack of the data center, and is configured to provide access to the network fabric for computing devices mounted in the rack. In one method, a client device of a user is used to select various network service options. The service options correspond to services that can be provided to computing equipment of the user that is mounted in various racks of the data center. In response to receiving the selection of one or more service options, the network fabric of the data center is configured to connect the computing equipment to the selected services. In one approach, the network fabric is configured by creating and/or configuring one or more virtual networks to provide the connection to the services.

Disclosed are various examples for segregating virtual private network (VPN) traffic based on the originating client application. A tunnel endpoint receives, through a network tunnel, network traffic sent by a client application executed by a client device. The tunnel endpoint identifies characteristics of the client application or the client device. The tunnel endpoint then selects a particular virtual local area network (VLAN) from multiple VLANs based at least in part on the characteristics. The tunnel endpoint then forwards the network traffic to an internal network gateway of an organization using the particular VLAN.

Aspects of the disclosure provide a method for generating a Layer 2 path indication by a processor. The method includes receiving, by the processor, a request for providing a Layer 2 path indication between a first host and a second host in a network. Nodes in the network are configured to form a plurality of sub-networks to enable data transfer from one host to another host within a sub-network via a Layer 2 path formed of a sequence of intermediate nodes in the same sub-network. The method further includes identifying, by the processor, a sub-network within the network to which the first host and the second host belong, and determining, by the processor, within the sub-network a sequence of intermediate nodes on a path for Layer 2 data transfer between the first host and the second host.

A method of processing one or more packets includes receiving, at a first processing unit, a first packet including first information bits. The first information bits indicate a first control parameter. The method also includes determining whether the first control parameter will be utilized to process the first packet in at least a second processing unit and, at least partially in response to determining that the first control parameter will not be utilized to process the first packet in at least the second processing unit, replacing one or more bits of the first information bits in the first packet with second information bits. The second information bits indicate a second control parameter. The method also includes providing the first packet including the second information bits to the second processing unit.

An apparatus receives an upper layer packet that includes data from a source device, a virtual private network (VPN) identification, a destination address, and a destination option type. The apparatus authenticates the upper layer packet by comparing the VPN identification of the received upper layer packet to a customer VPN identification. The apparatus determines whether the apparatus recognizes the destination option type of the upper layer packet. The apparatus discards the upper layer packet on a condition that the apparatus does not recognize the destination option type. The apparatus decapsulates the upper layer packet into a lower layer packet and transmits the decapsulated packet to a destination on a condition that the apparatus recognizes the destination option type.

An Ethernet switch for a vehicle, a method of controlling the Ethernet switch are provided. The method includes detecting a first connection between a connector of the diagnostic device and a first port of the Ethernet switch and establishing a second connection with the diagnostic device by referring to a virtual local area network identifier (VLAN ID) table. A third connection is established between the controller and an electronic control unit (ECU) of the vehicle by referring to the VLAN ID table. A certificate-based secure access procedure is performed between the diagnostic device and the controller. A mode of the Ethernet switch is switched from a lock mode to an unlock mode and a fourth connection is established between the diagnostic device and the ECU by referring to the VLAN ID table.

An Ethernet switch for a vehicle, a method of controlling the Ethernet switch are provided. The method includes detecting a first connection between a connector of the diagnostic device and a first port of the Ethernet switch and establishing a second connection with the diagnostic device by referring to a virtual local area network identifier (VLAN ID) table. A third connection is established between the controller and an electronic control unit (ECU) of the vehicle by referring to the VLAN ID table. A certificate-based secure access procedure is performed between the diagnostic device and the controller. A mode of the Ethernet switch is switched from a lock mode to an unlock mode and a fourth connection is established between the diagnostic device and the ECU by referring to the VLAN ID table.