A method including receiving, at a first VPN server during an established VPN connection, a first data request and a second data request from a user device; transmitting, by the first VPN server during the established VPN connection, the first data request and the second data request to a second VPN server; and receiving, by the first VPN server from the second VPN server during the established VPN connection, first data associated with the first data request and second data associated with the second data request, the first data being retrieved by the second VPN server using a first exit IP address associated with the second VPN server and the second data being retrieved by the second VPN server using a second exit IP address associated with the second VPN server, the second exit IP address being different from the first exit IP address. Various other aspects are contemplated.

A method including receiving, at a first VPN server during an established VPN connection, a first data request and a second data request from a user device; transmitting, by the first VPN server during the established VPN connection, the first data request and the second data request to a second VPN server; and receiving, by the first VPN server from the second VPN server during the established VPN connection, first data associated with the first data request and second data associated with the second data request, the first data being retrieved by the second VPN server using a first exit IP address associated with the second VPN server and the second data being retrieved by the second VPN server using a second exit IP address associated with the second VPN server, the second exit IP address being different from the first exit IP address. Various other aspects are contemplated.

A privatized link between an origin server and a content delivery network is provided. A privatized link can be a direct connection that does not route over the internet. Another privatized link is one that rotates IP addresses. An origin server may be assigned to use a set of multiple IP addresses for communication with the content delivery network. However, at any given time, the origin server is only using a small number of IP addresses. When one of the IP addresses being used to communicate with the content delivery network comes under attack, the origin server switches to another IP address in the set in order to continue serving content to the content delivery network via an IP address that is not under attack.

Some embodiments of the invention provide a method of sending data in a network that includes at least one worker node executing one or more sets of containers and a virtual switch, the virtual switch including a gateway interface, a virtual local area network (VLAN) tunnel interface, and a set of virtual Ethernet interfaces associated with the one or more sets of containers. The method configures the gateway interface of the worker node to associate the gateway interface with multiple subnets that are each associated with a namespace. The worker node executes at least (1) first and second sets of containers of a first namespace, and (2) a third set of containers of a second namespace. The method sends data between the first and second sets of containers through a first virtual Ethernet interface associated with the first set of containers and a second virtual Ethernet interface associated with the second set of containers. The method sends data between the first set of containers and the third set of containers through the first virtual Ethernet interface associated with the first set of containers, the gateway interface, and a third virtual Ethernet interface associated with the third set of containers.

Some embodiments of the invention provide a method of sending data in a network that includes at least one worker node executing one or more sets of containers and a virtual switch, the virtual switch including a gateway interface, a virtual local area network (VLAN) tunnel interface, and a set of virtual Ethernet interfaces associated with the one or more sets of containers. The method configures the gateway interface of the worker node to associate the gateway interface with multiple subnets that are each associated with a namespace. The worker node executes at least (1) first and second sets of containers of a first namespace, and (2) a third set of containers of a second namespace. The method sends data between the first and second sets of containers through a first virtual Ethernet interface associated with the first set of containers and a second virtual Ethernet interface associated with the second set of containers. The method sends data between the first set of containers and the third set of containers through the first virtual Ethernet interface associated with the first set of containers, the gateway interface, and a third virtual Ethernet interface associated with the third set of containers.

In some embodiments, a network regulator device protects a local network of client systems (e.g. Internet-of-things devices such as smartphones, home appliances, wearables, etc.) against computer security threats. When introduced to the local network, some embodiments of network regulator take over some network services from a router, and automatically install the network regulator as gateway to the local network. The network regulator then carries out an automatic device discovery procedure and distribute device-specific utility agents to the protected client systems. An exemplary utility agent detects when its host device has left the local network, and in response, sets up a virtual private network (VPN) tunnel with a security server to maintain protection of the respective device.

Example implementations described herein are directed to systems and methods for managing internet protocol (IP) address assignment to servers on rack(s) based on their physical locations within the rack(s). Through the example implementations, the physical location of a server within a data center rack can be determined based on the IP address. Example implementations can involve issuing a ping local to determine a plurality of servers; retrieving power on time, current system time, and operating system (OS) uptime for each of the plurality of servers; determining a power on order for the plurality of servers; determining physical locations of the plurality of servers within one or more racks based on installation instructions and power on order; and assigning IP addresses to the plurality of servers based on the physical locations.

Example implementations described herein are directed to systems and methods for managing internet protocol (IP) address assignment to servers on rack(s) based on their physical locations within the rack(s). Through the example implementations, the physical location of a server within a data center rack can be determined based on the IP address. Example implementations can involve issuing a ping local to determine a plurality of servers; retrieving power on time, current system time, and operating system (OS) uptime for each of the plurality of servers; determining a power on order for the plurality of servers; determining physical locations of the plurality of servers within one or more racks based on installation instructions and power on order; and assigning IP addresses to the plurality of servers based on the physical locations.

A plurality of virtual internet protocol addresses for a first single network interface card of a node of a storage cluster are provided to a client. A separate connection is established between the client and the node for each of the plurality of virtual internet protocol addresses. The separate connections are utilized together in parallel to transfer data between the client and the node.

A plurality of virtual internet protocol addresses for a first single network interface card of a node of a storage cluster are provided to a client. A separate connection is established between the client and the node for each of the plurality of virtual internet protocol addresses. The separate connections are utilized together in parallel to transfer data between the client and the node.