For logical multicasting in overlay networks, at a data processing system, an original unicast packet is received from a first component in a first computing node in an overlay network. To cause multicasting in the overlay network the received original unicast packet was unicast by the first computing node only to the data processing system, and a multicast data structure for the overlay network is maintained only by the data processing system, the multicast data structure containing information of each receiver that is configured to receive unicast packets during logical multicasting in the overlay network. From a set of subscriber receivers in the multicast data structure, a subset of the subscriber receivers is selected. A copy of the original unicast packet is unicast to each subscriber receiver in the subset.

A network device is configured to provide, via an Ethernet segment with a customer network, active-active multi-homing L2 virtual bridge connectivity to the customer network using an EVPN instance (EVI) and L3 routing using an IRB interface that is a L3 routing interface assigned to the EVI; to receive, from a peer PE device of the EVPN instance, an EVPN route comprising an L2-L3 binding for a customer device of the customer network and associating the L2-L3 binding with the Ethernet segment, the L2-L3 binding comprising an L2 and an L3 address assigned to the customer device, wherein the peer PE device provides, with the network device and via the Ethernet segment, active-active multi-homing L2 virtual bridge connectivity to the customer network; and to forward, via the Ethernet segment and based at least on the L2-L3 binding received from the peer PE device, an L3 packet to the customer device.

A control apparatus, includes a first unit configured to be capable of specifying an identification rule to identify a packet based on a user of a virtual network including a plurality of virtual nodes; and a second unit configured to be capable of sending an instruction to a physical node corresponding to each of the virtual nodes of the virtual network, wherein each of the virtual nodes includes a predetermined network function being capable of providing a first packet operation to the packet, wherein the instruction includes that the physical node provides a second packet operation to the packet so as to emulate the first packet operation.

One embodiment of the present invention provides a switch system. The switch includes a port that couples to a server hosting a number of virtual machines. The switch also includes a link tracking module. During operation, the link tracking module determines that reachability to at least one end host coupled to a virtual cluster switch of which the switch is a member is disrupted. The link tracking module then determines that at least one virtual machine coupled to the port is affected by the disrupted reachability, and communicates to the server hosting the affected virtual machine about the disrupted reachability.

Transaction data is identified and a flit is generated to include three or more slots and a floating field to be used as an extension of any one of two or more of the slots. In another aspect, the flit is to include two or more slots, a payload, and a cyclic redundancy check (CRC) field to be encoded with a 16-bit CRC value generated based on the payload. The flit is sent over a serial data link to a device for processing, based at least in part on the three or more slots.

The present invention discloses a method and an apparatus for establishing a link between virtualized network functions. The method includes obtaining an internet protocol (IP) address of a connection point (CP) of a first virtualized network function (VNF) and identification information of the CP. The method also includes determining identification information of a second VNF corresponding to the identification information of the CP of the first VNF, sending the IP address of the CP of the first VNF and the identification information of the CP to the second VNF corresponding to the identification information of the second VNF. Additionally, the method includes starting a link connection establishment process between a CP of the second VNF and the CP of the first VNF.

The present disclosure generally relates to a first network device in a primary region that can failover network traffic into a second network device in a failover region. The first network device can receive routing criteria identifying how traffic originating in the primary region should be routed. The first network device can transmit this routing criteria to the second network device in the failover region. Based on determining the occurrence of a failover event, the first network device may transmit network traffic originating in the primary region to the second network device in the failover region. The second network device can determine how to route the network traffic based on the routing criteria of the primary region. In some embodiments, the second network device can determine how to route the network traffic based on the routing criteria of the failover region.

Techniques and architecture are described for providing broadcast/multicast support using VXLAN in and among private on-premises/cloud networks and public cloud networks by defining peer groups comprising VXLAN tunnel endpoints (VTEPs) within clustered network security devices. For example, a static peer group comprising two or more virtual extensible local access network (VXLAN) tunnel end points (VTEPs) is defined. The two or more VTEPs may each comprise a data interface of a network security device. Based at least in part on the static peer group, an overlay network comprising the two or more VTEPs is defined. A network security device discovers available VTEPs within the static peer group. The network security device establishes a mesh network of available VTEPs.

Domain name system (DNS) configuration during virtual private network (VPN) connection includes transmitting, to a VPN entry server, from a client device, via a VPN tunnel between the VPN entry server and the client device, a first request for first content, wherein the first request identifies a first external source for the first content, and wherein a first DNS server is configured as an operative DNS server for the VPN tunnel, and receiving, by the client device, from the VPN entry server, via the VPN tunnel, the first content, wherein the VPN entry server obtained the first content from the first VPN system exit server identified by the VPN entry server using a second DNS server as the operative DNS server for the VPN tunnel, and the first VPN system exit server obtained the first content from the first external source.

In one embodiment, a time period is identified in which probe packets are to be sent along a path in a network based on predicted user traffic along the path. The probe packets are then sent during the identified time period along the path. Conditions of the network path are monitored during the time period. The rate at which the packets are sent during the time period is dynamically adjusted based on the monitored conditions. Results of the monitored conditions are collected, to determine an available bandwidth limit along the path.