Domain name system (DNS) configuration during virtual private network (VPN) connection includes transmitting, to a VPN entry server, from a client device, via a VPN tunnel between the VPN entry server and the client device, a first request for first content, wherein the first request identifies a first external source for the first content, and wherein a first DNS server is configured as an operative DNS server for the VPN tunnel, and receiving, by the client device, from the VPN entry server, via the VPN tunnel, the first content, wherein the VPN entry server obtained the first content from the first VPN system exit server identified by the VPN entry server using a second DNS server as the operative DNS server for the VPN tunnel, and the first VPN system exit server obtained the first content from the first external source.

Domain name system (DNS) configuration during virtual private network (VPN) connection includes establishing a VPN tunnel between a client device and a VPN system entry server, which includes configuring a first DNS server as an operative DNS server for the VPN tunnel, and obtaining first content by transmitting to the VPN entry server, a first request that identifies a first external source for the first content, receiving from the VPN entry server a DNS configuration message indicating a second DNS server, configuring the second DNS server as the operative DNS server, and receiving from the VPN entry server, via the VPN tunnel, the first content, wherein the VPN entry server obtained the first content from the first VPN system exit server identified by the VPN entry server using the second DNS server, and the first VPN system exit server obtained the first content from the first external source.

A distributed storage system includes multiple resource nodes each having associated storage media. The resource nodes are configured to operate a first protocol between the resource nodes that exchanges availability and performance information for storage elements in the associated storage media. The resource nodes also operate a second protocol that dynamically distributes and redistributes data between the different resource nodes based on the availability and performance information for the storage elements. Relative distances may be identified between the different resource nodes and the second protocol may weight the availability and performance information based on the relative distances. The second protocol also may identify types of unshared use, shared use, and concurrent use for different portions of the data and distribute the portions of the data to other resource nodes based on the identified types of use.

Systems, methods, and computer-readable media for OAM in overlay networks. In response to receiving a packet associated with an OAM operation from a device in an overlay network, the system generates an OAM packet. The system can be coupled with the overlay network and can include a tunnel endpoint interface associated with an underlay address and a virtual interface associated with an overlay address. The overlay address can be an anycast address assigned to the system and another device in the overlay network. Next, the system determines that a destination address associated with the packet is not reachable through the virtual interface, the destination address corresponding to a destination node in the overlay network. The system also determines that the destination address is reachable through the tunnel endpoint interface. The system then provides the underlay address associated with the tunnel endpoint interface as a source address in the OAM packet.

The present invention provides a network system of a railcar, the network system being capable of efficiently performing maintenance work. One example of the network system of the railcar of the present invention includes: intra-car networks (N1 to N3) to which first and second apparatuses are connected; an inter-car network (NA) for transmission of information between the apparatuses mounted on different cars; routers (R1 to R3) each provided and connected between the corresponding intra-car network (N1 to N3) and the inter-car network (NA) and each including a network address translation portion configured to mutually convert a private address of the first apparatus and an IP address of the inter-car network (NA); and a maintenance transmission path forming unit configured to form a transmission path through which the transmission and reception of the information are performed between a maintenance terminal (5) and a maintenance target apparatus selected from the first and second apparatuses, the transmission path not passing through the network address translation portion of the car on which the maintenance target apparatus is mounted.

Systems and methods for connecting devices via a virtual global network are disclosed. In one embodiment the network system may comprise a first device in communication with a first endpoint device and a second device in communication with a second endpoint device. The first and second devices may be connected with a communication path. The communication path may comprise one or more intermediate tunnels connecting each endpoint device to one or more intermediate access point servers and one or more control servers.

A packet processing method and a gateway device are provided. The method includes: A first gateway device receives, by using a first link, a first one-arm BFD echo packet returned by a network device, where the first one-arm BFD echo packet includes identification information, and the identification information is used to uniquely identify a second gateway device. The first gateway device determines, based on the identification information, to forward the first one-arm BFD echo packet to the second gateway device. The first gateway device sends the first one-arm BFD echo packet to the second gateway device. The network device is multi-homed connected to the first gateway device and the second gateway device. The first gateway device and the second gateway device form a multi-active gateway. According to the method, efficiency of detecting, by using a one-arm BFD echo session in a VXLAN multi-active gateway scenario is improved.

A method is provided in one example embodiment and includes configuring on a network element a first tunnel from the network element to a first network, wherein the configuring comprises mapping a nexthop address of the local network element to a transport address of the tunnel on the network to create a first nexthop-to-transport mapping for the network element; and advertising the first nexthop-to-transport mapping along with routing information for the network element to remote network elements.

A network node in a service function chaining system receives a media stream from an endpoint device. The media stream is associated with a media session between the endpoint and at least one other endpoint. The network node determines a path for the media stream. The path includes an ordered list of functions to process the media stream. The network node determines a session identifier for the media stream and encapsulates the media stream with a header. The header includes an indication of the path and the session identifier.

There is disclosed in one example a computing apparatus, including: a hardware platform including a processor and a memory; a network interface; an operating system including a native internet protocol (IP) stack; and a security agent, including instructions encoded within the memory to instruct the processor to: establish a split virtual private network (VPN) tunnel with a remote VPN service; receive outgoing network traffic; direct a first portion of the outgoing traffic to the VPN tunnel, including determining that the first portion includes an outgoing domain name service (DNS) request; and direct a second portion of the outgoing traffic to the native IP stack.