Some embodiments establish for an entity a virtual network over several public clouds of several public cloud providers and/or in several regions. In some embodiments, the virtual network is an overlay network that spans across several public clouds to interconnect one or more private networks (e.g., networks within branches, divisions, departments of the entity or their associated datacenters), mobile users, and SaaS (Software as a Service) provider machines, and other web applications of the entity. The virtual network in some embodiments can be configured to optimize the routing of the entity's data messages to their destinations for best end-to-end performance, reliability and security, while trying to minimize the routing of this traffic through the Internet. Also, the virtual network in some embodiments can be configured to optimize the layer 4 processing of the data message flows passing through the network.

A method, computer program product, and computer system for implementing a backend service for blocking free processing of physical entities events, including add, remove, update, query. Physical entities blocking delays may be delegated to maintenance tasks, which may run under a single thread with a scheduler and may merge successive pending events.

Methods are provided in which a domain name system (DNS) service obtains a lookup request for information about a source of a traffic flow being transmitted to a network resource external of a service cluster and performs, based on the lookup request, a lookup operation for a microservice that is the source of the traffic flow, among a plurality of microservices of the service cluster registered with the DNS service. The methods further include providing information about the microservice based on the lookup operation. The information includes at least a name of the microservice for visibility of the microservice external of the service cluster.

A controller in a wireless system that may switch between two modes. In a first mode, the controller communicates directly with a wireless transceiver, using a first wireless protocol, and receives audio signal directly from the wireless transceiver, using a second wireless protocol. In a second mode, the controller communicates with a wireless transceiver via a wireless access point, using the first wireless protocol, and receives audio signal from the wireless transceiver via a wireless access point, using the second wireless protocol.

Embodiments include methods performed by a V2X user equipment (UE) for service discovery from a V2X application server (AS). Such methods include sending, to a first address associated with the V2X AS, a first request for further address information associated with the V2X AS. Such methods include receiving, from the first address via unicast signaling, a first response including the requested further address information, which facilitates UE discovery of V2X services available via unicast communication between the V2X UE and a radio access network (RAN). Other embodiments include complementary methods performed by a V2X AS, as well as V2X UE and V2X AS apparatus configured to perform such methods.

A method for establishing a trusted session between a first computing device and a computer server includes obtaining identifying information for the first computing device and a second computing device. The identifying information includes identifying information corresponding to the networks to which each of the computing devices are directly connected. Based on the identifying information it may be determined that there is sufficient correspondence between the first and second computing devices. If so, an indication is sent to the second computing device requesting confirmation that the first computing device should be authenticated to the account. An indication confirming this may then be received and, responsive thereto, the first computing device is authenticated to the account. Related computer systems and computer-readable media are also disclosed.

A method for establishing a trusted session between a first computing device and a computer server includes obtaining identifying information for the first computing device and a second computing device. The identifying information includes identifying information corresponding to the networks to which each of the computing devices are directly connected. Based on the identifying information it may be determined that there is sufficient correspondence between the first and second computing devices. If so, an indication is sent to the second computing device requesting confirmation that the first computing device should be authenticated to the account. An indication confirming this may then be received and, responsive thereto, the first computing device is authenticated to the account. Related computer systems and computer-readable media are also disclosed.

A method for automatic domain name system (DNS) configuration for 5G core (5GC) network functions (NFs) includes, at an NF repository function (NRF) including at least one processor, receiving a message concerning a 5GC network function. The method further includes determining a first DNS resource record parameter for the 5GC NF. The method further includes determining a second DNS resource record parameter for the 5GC NF. The method further includes automatically configuring a DNS with a mapping between the first and second DNS resource record parameters for the 5GC NF.

A method is implemented by a router and includes: upon receiving a query on an Internet Protocol (IP) address for a domain name, sending the query to a DNS server in order for the DNS server to translate the domain name to an IP address and to transmit a DNS response containing the domain name and the IP address to the router; recording the domain name and the IP address in a table; sending the DNS response to an endpoint device so as to enable the endpoint device to establish a link with an application server via the router based on the IP address; finding the domain name in the lookup table based on the IP address; and determining a type of a service provided by the application server based on the domain name with reference to another table.

An approach to establish connections between clusters having overlapping IP address ranges. A method includes receiving, at a service discovery server, from a first node in a first cluster, a service discovery request including a unique name, determining, at the service discovery server, that the unique name resolves to a destination IP address of a second node in a second cluster, determining that the destination IP address overlaps with an IP address range associated with the first cluster, in response to determining that the destination IP address overlaps with the IP address range belonging to the first cluster, configuring a gateway to expect a network connection request from the first node that includes an IP address of the gateway, and sending a service discovery response to the first node, the service discovery response including the IP address of the gateway, but not the destination IP address.