A vehicle-mounted relay device for relaying Ethernet frames includes a plurality of PHY units corresponding to a plurality of vehicle-mounted devices, a switch unit to which the plurality of PHY units are connected, and a control unit configured to monitor operating states of the plurality of PHY units. The plurality of PHY units include a predetermined PHY unit whose operating state switches between a sleep state and an active state in response to reception of a predetermined control signal that differs from the Ethernet frames. When an Ethernet frame to be transmitted from the predetermined PHY unit has been detected during a period where the predetermined PHY unit is in the sleep state, the control unit executes switching control to switch the predetermined PHY unit to the active state.

A method of operating a network device is provided. The method can include detecting a first host device that is communicatively coupled to a first interface or port of the network device, identifying a first host profile identifier corresponding to a first class of devices to which the first host device belongs, and advertising, to one or more additional network devices, network reachability or routing information for the first host device. The network reachability information can include at least the first host profile identifier associated with the first host device and a first sequence number. The first sequence number may indicate a number of mobility or roaming events taken by the first host device.

A container having a battery and one or more active systems for maintaining temperature or other characteristics of goods stored within the container relies on a battery to maintain those active systems during transit. The size of the battery required for such applications may be reduced by providing access to external power during a shipment cycle. For example, shelves within transit vehicles or warehouses can supply electricity to the active systems via a wireless or wired connection, or they may recharge the container's battery, or both. The container may also have data bridging capabilities that use short range wireless technology to communicate with nearby devices that have access to other data streams, such as GPS data and internet connectivity. When bridged with a provider, the container may have access to new data streams, or may be able to disable internal devices providing those same data streams to conserve power.

A first electronic device communicates over a wide area network by establishing a MACSec session with a second electronic device over the wide area network. The MACSec session is thereafter torn down in response to the first electronic device sensing a fault in the MACSec session. Then, one or more keep alive probes are transmitted to the second electronic device over the wide area network. A response to the keep alive probe is thereafter received. The MACSec session may then be automatically reestablished in response to receiving the probe.

Techniques for generating a per-packet initialization vector for high bandwidth encryption engines in a multipathing IP network are described herein. In examples, a network switch of a first datacenter site may receive a data packet to be sent to a second datacenter site over a network. The data packet may be encrypted according to a virtual extensible LAN (VxLAN) protocol and to be transmitted in a VxLAN tunnel created for the first datacenter site and the second datacenter site. An encryption engine implemented at the network switch may generate an initialization vector (IV) for the data packet based on a packet number (PN) associated with the data packet. The encryption engine may use the IV and information associated with a security association (SA) assigned to the packet to encrypt the data packet. In some examples, a full 64-bit PN may be used to compute the IV for the data packet.

A tunnel BFD session establishment method and device are provided. The tunnel BFD session establishment method includes: acquiring first content information, generating a first tunnel bidirectional forwarding detection (BFD) session establishment packet according to the first content information, and sending the first tunnel BFD session establishment packet to a second edge node; receiving a second tunnel BFD session establishment packet sent by the second edge node; and establishing a tunnel BFD session between the first edge node and the second edge node when the BFD status of the first edge node and the BFD status of the second edge node are a preset status. Therefore, the solution can solve a series of problems in the related art caused by that a tunnel BFD session can only be established by means of manual configuration, so as to achieve the effect of automatically establishing the tunnel BFD session.

A method for securely transmitting time-critical data within a communication system including local networks in which data are transmitted via switching, at least one network superimposed with respect to the local networks, in which data are transmitted via routing, and a gateway system for connecting the communication system to an unsecured external network, wherein network layer communication via the superimposed network is authorized only between authenticated system components, switches authenticate connected terminal devices and assign these to a physical or logical local network in accordance with a respective terminal device identity, security layer communication is authorized within the local networks implicitly based on an assignment of respective terminal devices to the same local network, communication at OSI layer 3-7 between terminal devices of different local networks or with terminal devices in the unsecured external network is authorized via zero trust proxies that are each assigned to a local network.

A first electronic device communicates over a wide area network by establishing a MACSec session with a second electronic device over the wide area network. The MACSec session is thereafter torn down in response to the first electronic device sensing a fault in the MACSec session. Then, one or more keep alive probes are transmitted to the second electronic device over the wide area network. A response to the keep alive probe is thereafter received. The MACSec session may then be automatically reestablished in response to receiving the probe.