Embodiments of the present invention disclose a data packet processing method and apparatus, and a device. The method includes: if a first data packet is received, determining a first cache queue that is in the first buffer and that is used to store the first data packet; buffering the first data packet in the second buffer if a state of the first cache queue is an invalid state, where a data amount of the first data packet is less than the capacity of the second buffer, and the state of the first cache queue is set to the invalid state when a current data amount of the first buffer reaches the capacity of the first buffer; and if a data amount of the second buffer reaches the capacity of the second buffer, sending all data packets that are in the second buffer to a control plane device.

One embodiment provides a network system. The network system includes an application layer to execute one or more networking applications to generate or receive data packets having flow identification (ID) information; and a packet processing layer having profiling circuitry to generate a sketch table indicative of packet flow count data; the sketch table having a plurality of buckets, each bucket includes a first section including a plurality of data fields, each data field of the first section to store flow ID and packet count data, each bucket also having a second section having a plurality of data fields, each data field of the second section to store packet count data.

Systems and methods are described for customizable data streams in a streaming data processing system. Routing criteria for the customizable data streams are defined by a user, an automated process, or any other process. The routing criteria can be defined using graphical controls. The streaming data processing system uses the routing criteria to determine data that should be used to populate a particular data stream. Further, processing pipelines are customized such that a particular processing pipeline can obtain data from a particular user defined data stream and write data to a particular user defined data stream. Data is routed through the user defined data streams and customized processing pipelines based on a data route. A data route for a set of data may include multiple user defined data streams and multiple processing pipelines. The data route can include a loop of processing pipelines and data streams.

Systems and methods are described for customizable data streams in a streaming data processing system. Routing criteria for the customizable data streams are defined by a user, an automated process, or any other process. The routing criteria can be defined using graphical controls. The streaming data processing system uses the routing criteria to determine data that should be used to populate a particular data stream. Further, processing pipelines are customized such that a particular processing pipeline can obtain data from a particular user defined data stream and write data to a particular user defined data stream. Data is routed through the user defined data streams and customized processing pipelines based on a data route. A data route for a set of data may include multiple user defined data streams and multiple processing pipelines. The data route can include a loop of processing pipelines and data streams.

A computer-implemented method for protecting a processing environment from malicious incoming network traffic may be provided. The method comprises: in response to receiving incoming network traffic comprising a data packet, performing a packet and traffic analysis of the data packet to determine whether said data packet is non-malicious and malicious, and processing of the data packet in a sandbox environment. Furthermore, the method comprises: in response to detecting that the data packet is non-malicious based on the packet and traffic analysis, releasing the processed data packet from the sandbox environment for further processing in the processing environment, and in response to detecting that the data packet is malicious based on the packet and traffic analysis discarding the data packet.

A computer-implemented method for protecting a processing environment from malicious incoming network traffic may be provided. The method comprises: in response to receiving incoming network traffic comprising a data packet, performing a packet and traffic analysis of the data packet to determine whether said data packet is non-malicious and malicious, and processing of the data packet in a sandbox environment. Furthermore, the method comprises: in response to detecting that the data packet is non-malicious based on the packet and traffic analysis, releasing the processed data packet from the sandbox environment for further processing in the processing environment, and in response to detecting that the data packet is malicious based on the packet and traffic analysis discarding the data packet.

A network device includes multiple ports, packet processing circuitry, a memory and a reserved-memory management circuit (RMMC). The ports are to communicate packets over a network. The packet processing circuitry is to process the packets using a plurality of queues. The memory is to store a shared buffer. The RMMC is to allocate segments of the shared buffer to the queues, including allocating reserve segments of the shared buffer to selected queues that meet a reserve-allocation criterion.

This application provides a buffer configuration method and a switching device, to ensure no packet loss, and belongs to the field of network technologies. The method includes: sending, by a first switching device, a first measurement frame to a second switching device; receiving, by the first switching device, a second measurement frame sent by the second switching device, where the second measurement frame is generated through triggering based on the first measurement frame; determining, by the first switching device, a buffer configuration parameter based on the first measurement frame and the second measurement frame; and setting, by the first switching device, a local buffer based on the configuration parameter. This application is used to automatically configure a buffer of a switching device, thereby reducing buffer space without packet loss.

This application provides a buffer configuration method and a switching device, to ensure no packet loss, and belongs to the field of network technologies. The method includes: sending, by a first switching device, a first measurement frame to a second switching device; receiving, by the first switching device, a second measurement frame sent by the second switching device, where the second measurement frame is generated through triggering based on the first measurement frame; determining, by the first switching device, a buffer configuration parameter based on the first measurement frame and the second measurement frame; and setting, by the first switching device, a local buffer based on the configuration parameter. This application is used to automatically configure a buffer of a switching device, thereby reducing buffer space without packet loss.

A method for allocating a resource for storing visualization information, an apparatus, and a system are provided. The method includes: a first network device determines a first queue based on a constraint condition, where the first queue is a queue that needs to be visualized. Then, the first network device allocates a first storage resource to the first queue, where the first storage resource is used to store visualization information of the first queue, and the visualization information is information used to visualize the first queue. Therefore, occupation of storage resources in the first network device is reduced.