Techniques are described for providing a distributed application load-balancing architecture that supports multipath transport protocol for client devices connecting to an application service. Rather than having client devices generate new network five-tuples for new subflows to the application servers, the techniques described herein include shifting the burden to the application servers to ensure that the new network five-tuples land in the same bucket in the consistent hashing table. The application servers may receive a hashing function utilized by the load balancers to generate the hash of the network five-tuple. By having the application servers generate the hashes, the load balancers are able to continue stateless, low-level processing of the packets to route them to the correct application servers. In this way, additional subflows can be opened for client devices according to a multipath transport protocol while ensuring that the subflows are routed to the correct application server.

A system for one-sided read remote memory access is disclosed. In some embodiments, the system is configured to receive, at a responder SFA, a first packet comprising a read request to read a remote memory of a second host from a first host, wherein a payload of the first packet is mapped to be a transmit header queue (TxHQ) entry (TxHQE), and the TxHQE includes a pointer to a memory map; separate, the received packet into portions including a upper level protocol (ULP) portion, the ULP portion being the TxHQE; create a ULP header queue for the TxHQE; generate a read response based on mapping the ULP header queue into hardware as the TxHQ, wherein the TxHQE includes a pointer to data from a valid memory region of the second host identified by the memory mapping; and transmit a read response packet with the data identified by the pointer using the TxHQ to the first host.

A system for one-sided read remote memory access is disclosed. In some embodiments, the system is configured to receive, at a responder SFA, a first packet comprising a read request to read a remote memory of a second host from a first host, wherein a payload of the first packet is mapped to be a transmit header queue (TxHQ) entry (TxHQE), and the TxHQE includes a pointer to a memory map; separate, the received packet into portions including a upper level protocol (ULP) portion, the ULP portion being the TxHQE; create a ULP header queue for the TxHQE; generate a read response based on mapping the ULP header queue into hardware as the TxHQ, wherein the TxHQE includes a pointer to data from a valid memory region of the second host identified by the memory mapping; and transmit a read response packet with the data identified by the pointer using the TxHQ to the first host.

A network gateway apparatus monitors Quic user datagram protocol (UDP) Internet Connection (QUIC) packets between a first device and a second device, extracts a version of the QUIC protocol and a connection identification from an unprotected portion of the protected header in response to detecting a QUIC packet having a protected header in use, determines a salt used in encryption of the protected header based on the version of the QUIC protocol, calculates a client initial secret based on the salt and the connection identification, determines an unprotected payload of the QUIC packet based on the client initial secret, a protected payload of the QUIC packet and the unprotected portion of the protected header, and extracts a server name indication (SNI) from the unprotected payload.

Automated processes, computing systems, computing devices and other aspects of a data processing system provide improved reliability in delivering digital media content over the Internet or a similar wide area network without sacrificing data security. Content is initially placed into a secure format (e.g., secure hypertext transport protocol (HTTPS) via transport control protocol (TCP) or the like). Prior to transmission on the network, the secure data packets are encapsulated within connectionless frames, such as user datagram protocol (UDP) frames. The client device that receives the encapsulated packets extracts the underlying secure content from the connectionless frames for further processing. The encapsulation into connectionless data frames permits client and server devices to establish effective streaming sessions while preserving the security of the underlying data.

Embodiments of the present disclosure relates to the field of communication technology, which provide a method for real-time communication connection, a server, and a storage medium. The server is configured to have service processes in one-to-one correspondence with UDP ports. After receiving each respective SDP request sent by each of at least one client for resource negotiation from a TCP port of the server, the service processes send each respective SDP response to each of the at least one client based on the each respective SDP request. The each respective SDP response carries information of a UDP port corresponding to a service process that processes the each respective SDP request. The service process receives a UDP connection request sent by a client from the UDP port corresponding to the service process, and establishes a UDP connection by calling a Connect function to implement RTC connection.

A network apparatus receives a first message relating to a transport layer security (TLS) handshake process for an initialization phase of a Quic user datagram protocol (UDP) Internet Connection (QUIC) connection from a client computing device toward a target computing device, wherein the first message of the TLS handshake process comprises at least a connection identifier. The network apparatus generates a second message relating to the TLS handshake process in response to the first message, wherein a cipher suite value of the second message is set to an invalid cipher suite value for the client computing device and wherein the invalid cipher suite value is unsupported by the client computing device, and sends the second message to the client computing device to cause the client computer device to close the QUIC connection.

Disclosed herein are systems and methods for dynamically switching between synchronous and asynchronous communication channels. A communication request can be received from an application, and a request identifier can be generated for the communication request. The communication request can be transmitted to an edge server application via a first communication channel. The first communication channel can be selected from a plurality of communication channels based at least in part on a policy. In an instance in which a condition specified by the policy is detected in the transmission of the communication request, a second communication channel can be selected from the plurality of communication channels. The communication request can be transmitted to the edge server application using the second communication channel.

Disclosed herein are systems and methods for dynamically switching between synchronous and asynchronous communication channels. A communication request can be received from an application, and a request identifier can be generated for the communication request. The communication request can be transmitted to an edge server application via a first communication channel. The first communication channel can be selected from a plurality of communication channels based at least in part on a policy. In an instance in which a condition specified by the policy is detected in the transmission of the communication request, a second communication channel can be selected from the plurality of communication channels. The communication request can be transmitted to the edge server application using the second communication channel.

A data transmission method includes establishing, by a first apparatus in a distributed system, a connection to a target end; sending, by the first apparatus, connection information of the connection to a second apparatus that is in the distributed system and that transmits data to the target end; transmitting, by the second apparatus, the data to the target end based on the connection information and using a stream of the connection.