Methods and system for directing traffic flows to a fast data path or a slow data path are disclosed. Parsers can produce packet header vectors (PHVs) for use in match-action units. The PHVs are also used to generate feature vectors for the traffic flows. A flow training engine produces a classification model. Feature vectors input to the classification model result in output predictions predicting if a traffic flow will be long lived or short lived. The classification models are used by network appliances to install traffic flows into fast data paths or the slow data paths based on the predictions.

A layer 2 (L2) switch receives session information and destination information included in upstream communication transmitted from a network device, and compresses the received session information and destination information. Then, the L2 switch stores compressed information that has been compressed, into a memory unit that stores a session table to be referred to when downstream communication is received.

A first ingress interface on a switch receives a first control packet for establishing a Transmission Control Protocol (TCP) session and selects a first engine running on a first line card in the switch. A second ingress interface receives a second control packet and selects the same first engine. Data associated with the TCP session received by the first or second ingress interface subsequent to establishing the TCP session is to be forwarded to the first engine. The first ingress interface receives a third control packet and sends, to the selected first engine, a notification indicating the TCP session which is to be tracked. The first or second ingress interface receives a fourth packet with a payload associated with the TCP session and forwards, to the selected first engine, a copy of the fourth packet, thereby facilitating a plurality of engine instances to support application identification.

Virtual machine environments are provided in the switches that form a network, with the virtual machines executing network services previously performed by dedicated appliances. The virtual machines can be executed on a single multi-core processor in combination with normal switch functions or on dedicated services processor boards. Packet processors analyze incoming packets and add a services tag containing services entries to any packets. Each switch reviews the services tag and performs any network services resident on that switch. This allows services to be deployed at the optimal locations in the network. The network services may be deployed by use of drag and drop operations. A topology view is presented, along with network services that may be deployed. Services may be selected and dragged to a single switch or multiple switches. The management tool deploys the network services software, with virtual machines being instantiated on the switches as needed.

Virtual machine environments are provided in the switches that form a network, with the virtual machines executing network services previously performed by dedicated appliances. The virtual machines can be executed on a single multi-core processor in combination with normal switch functions or on dedicated services processor boards. Packet processors analyze incoming packets and add a services tag containing services entries to any packets. Each switch reviews the services tag and performs any network services resident on that switch. This allows services to be deployed at the optimal locations in the network. The network services may be deployed by use of drag and drop operations. A topology view is presented, along with network services that may be deployed. Services may be selected and dragged to a single switch or multiple switches. The management tool deploys the network services software, with virtual machines being instantiated on the switches as needed.

A network hub device used for building a simple network configuration in an in-vehicle network system is provided. A network hub device (30) is coupled to a trunk network through which a digital control signal is transmitted via a communication port (41) and performs input/output of a signal to/from an in-vehicle device via a communication port (42 to 48). A distributing/aggregating section (51) distributes digital control signals received by the communication port (41) to a plurality of signal paths, aggregates digital control signals received via the plurality of signal paths, and transmits an aggregated signal to the communication port (41). A signal conversion section (60) is provided between one of the signal paths and a communication port (45 to 48), and one of the signal paths is coupled to the communication port (42).

The present subject matter relates to methods, circuitry and equipment providing a multi-functional, cost effective, media independent, open platform device for communication services using differential signaling interfaces. The methods, circuitry and equipment comprise a plurality of input amplifiers, output amplifiers, and retimers. A non-blocking cross-point switch may be used to switch any differential signals from the cross-point switch input to output. The device aggregates communication services from a plurality of lower service capacity connectors and interfaces to a single higher capacity connector and interfaces. The device can establish a demarcation point with a single device capable of supporting any communication services, any physical media interfaces, from any location.

In one embodiment, a networking device in a network detects an traffic flow conveyed in the network via the networking device. The networking device generates flow data for the traffic flow. The networking device performs a classification of the traffic flow using the flow data as input to a machine learning-based classifier. The networking device performs a mediation action based on the classification of the traffic flow.

Apparatus including a first interface to a host processor, a second interface to transmit and receive data packets having headers and payloads, to and from a packet communication network, a memory holding context information regarding a flow of the data and assigning serial numbers to the data packets in the flow, according to a session-layer protocol, and processing circuitry between the first and second interfaces and having acceleration logic, to decode the data records according to the session-layer protocol, using and updating the context information based on the serial numbers and the data records of the received packets, and processing circuitry writing the decoded data records through the first interface to a host memory. The acceleration logic, upon receiving in a given flow a data packet containing a serial number that is out of order, reconstructs the context information and applies that context information in decoding data records in subsequent data packets in the flow.

This disclosure describes various ways in which a client agent can be incorporated into multiple virtual machines of a server cluster to keep track of the location of each instance of services running on the server cluster and facilitate rapid connection of different services on the server cluster as needed. When a first service requests connection to a second service, a client agent co-located with the first service is able to forward the request to a virtual network interface card (VNIC) associated with the second service. The VNIC is configured to forward the request to an available instance of the second service. The location of the services are determined and stored on one or more service registries right after the service instances are instantiated, removing the need for a search when new requests are received.