A system and method are disclosed for enabling interoperability between asymmetric and symmetric Integrated Routing and Bridging (IRB) modes. A system is configured to receive a route advertisement, examine the label fields of the route advertisement, and determine whether Layer 2 or Layer 3 information is conveyed. The system is further configured to build a route advertisement to advertise to a second device based on whether Layer 2 or Layer 3 information is conveyed in the first route advertisement.

Approaches for a virtualized Cable Modem Termination System (CMTS) for providing high speed data services to a remote physical device (RPD). The virtualized Cable Modem Termination System (CMTS) comprises a core routing engine (CRE) for performing packet switching and routing and one or more physical or virtual compute servers (CS) that each perform CMTS functions for the one or more remote physical devices (RPDs). Each physical or virtual compute server (CS) connects to the core routing engine (CRE) with a Link Aggregation Group (LAG) of two or more Ethernet links.

Mobile device security, device management, and policy enforcement are described in a cloud-based system where the “cloud” is used to pervasively enforce security and policy and perform device management regardless of device type, platform, location, etc. A method includes receiving one or more mobile profiles for one or more mobile devices each associated with a user from an enterprise; responsive to enrollment of a mobile device of the one or more mobile devices, communicating to the mobile device; determining an associated mobile profile of the one or more mobile profiles for the mobile device; and configuring the mobile device based on the associated mobile profile.

A transport path group for uplink transmission over a fronthaul interface. The transport path group may include (i) an address of a first source port of a radio unit (RU), (ii) an address of a first destination port of a distributed unit (DU), and (iii) an address of a second source port of the RU, an address of a second destination port of the DU, and/or a flow identifier (e.g., a virtualized local area network (VLAN)). A request for user data conveyed by the DU and received by the RU may identify the transport path group. The RU may use the fronthaul interface to convey to the DU first and second portions of the requested user data over first and second different paths from the RU to the DU. The RU may employ load balancing parameters to convey the first and second portions of the requested user data.

A connectivity enablement device includes one or more processors, one or more memories and a hardware input port. The memories store program instructions that when executed examine a token obtained from a token transfer device inserted into the port, and cause one or more messages to be transmitted to a virtualized computing service. The messages indicate (a) the connectivity enablement device, (b) the token transfer device, (c) the token's source and (d) a server. An indication that the server has been configured within an isolated virtual network is obtained at the connectivity enablement device.

Techniques are described for extending a cellular quality of service bearer through an enterprise fabric network. In one example, a method obtaining, by a first switch of a network, a packet to be delivered to a client connected to the network via a cellular access point; identifying quality of service (QoS) bearer information associated with the packet, wherein the QoS bearer information is associated with a radio access bearer for the client and the QoS bearer information comprises a bearer indicator and a QoS class identifier; providing a fabric tunnel encapsulation for the packet, wherein the bearer indicator and the QoS class identifier are included within the fabric tunnel encapsulation of the packet; and forwarding the packet within the fabric tunnel encapsulation toward a second switch of the network via a fabric tunnel, wherein the cellular access point is connected to the network via the second switch.

This application provides a VNF instantiation method and apparatus, applied to various NFV systems, to implement an existing VNFD model—defined VNF. The method includes: An NFVO obtains a VNFD, where the VNFD is for instantiating a VNF, the VNFD includes first indication information and resource requirement information of a first internal network, and the first indication information indicates that the resource requirement information of the first internal network is externally visible. Then, the NFVO sends an external network instantiation request to a VIM, where the external network instantiation request is used by the VIM to instantiate, based on the resource requirement information of the first internal network, an external network connected to the VNF. Then, the NFVO sends a VNF instantiation request to a VNFM. The VNF instantiation request is used by the VNFM to instantiate the VNF based on the VNFD.

A hybrid state for a virtual machine (VM) in a cloud computing system enables a VM to communicate with other VMs that belong to a virtual network (VNET VMs) while maintaining connectivity with other VMs that do not belong to the virtual network (non-VNET VMs). A non-VNET VM can be transitioned to a hybrid VM that operates in a hybrid state. The hybrid VM can be assigned a private virtual IP address (VNET address) for communication with other VNET VMs. The hybrid VM can continue to use a physical IP address to communicate with other non-VNET VMs. In this way, the hybrid VM is able to maintain connectivity with other non-VNET VMs during and after migration to the VNET. A network stack can be configured to process data packets that are destined for non-VNET VMs differently from data packets that are destined for VNET VMs.

A software-defined wide area network (SD-WAN) environment that leverages network virtualization management deployment is provided. Edge security services managed by the network virtualization management deployment are made available in the SD-WAN environment. Cloud gateways forward SD-WAN traffic to managed service nodes to apply security services. Network traffic is encapsulated with corresponding metadata to ensure that services can be performed according to the desired policy. Point-to-point tunnels are established between cloud gateways and the managed service nodes to transport the metadata to the managed service nodes using an overlay logical network. Virtual network identifiers (VNIs) in the metadata are used by the managed service nodes to identify tenants/policies. A managed service node receiving a packet uses provider service routers (T0-SR) and tenant service routers (T1-SRs) based on the VNI to apply the prescribed services for the tenant, and the resulting traffic is returned to the cloud gateway that originated the traffic.

Disclosed are various approaches for detecting user availability. A work pattern can be generated based upon user activity data taken from various sources. A work pattern can be provided to an email client or another requesting service for predicted availability of a user.