Some embodiments establish for an entity a virtual network over several public clouds of several public cloud providers and/or in several regions. In some embodiments, the virtual network is an overlay network that spans across several public clouds to interconnect one or more private networks (e.g., networks within branches, divisions, departments of the entity or their associated datacenters), mobile users, and SaaS (Software as a Service) provider machines, and other web applications of the entity. The virtual network in some embodiments can be configured to optimize the routing of the entity's data messages to their destinations for best end-to-end performance, reliability and security, while trying to minimize the routing of this traffic through the Internet. Also, the virtual network in some embodiments can be configured to optimize the layer 4 processing of the data message flows passing through the network.

A mechanism is disclosed for implementing conditional commands carried by network data packets. A data flow including a data packet is received. The data packet includes a conditional command. A condition and a command are obtained from the conditional command. The mechanism determines that the condition is satisfied. Based on the determination that the condition is satisfied, the command is executed to alter handling of the data flow, alter handling of the data packet, or alter a context for the data flow.

This disclosure describes various methods, systems, and devices related to dynamic service node discovery in a network. In an example method, an intermediary node receives a Link Layer Discovery Protocol (LLDP) message from a first node. The LLDP message includes a discovery Type-Length-Value (TLV) that indicates a location of a service node in the network. The method further includes forwarding the LLDP message to a second node.

Embodiments of the present disclosure relate to a method, a device and a computer program product for managing a distributed system. The method comprises sending heartbeat messages from a master node to a plurality of slave nodes, the master node and the plurality of slave nodes being included in a plurality of nodes in the distributed system, and the plurality of nodes being divided into one or more partitions. The method further comprises, in response to receiving a response to the heartbeat messages from a portion of slave nodes in the plurality of slave nodes, determining respective states of the one or more partitions. In addition, the method further comprises a state of a first slave node in the plurality of slave nodes at least based on the respective states of the one or more partitions, the master node failing to receive a response to the heartbeat messages from the first slave node.

An information processing apparatus includes a processor configured to acquire information regarding multiple transient states of a network including multiple nodes when the network undergoes clustering in which the multiple nodes are classified into multiple clusters. The multiple transient states each represent a transient state of the network on a way to a final result of the clustering. The processor is also configured to determine a common node by using the information regarding the acquired multiple transient states. The common node is used in the clustering in the multiple transient states.

Systems and methods include, in a node having a plurality of Media Access Control (MAC) addresses with a source MAC address for an application and with the node connected to Network Termination Equipment (NTE) having flooding disabled, configuring the node to periodically send a packet to the NTE with the source MAC address for the application to pre-populate a forwarding database in the NTE; and transmitting the packet to the NTE periodically such that the NTE receives the packet and installs the source MAC address in its forwarding database for reachability thereto despite the disabled flooding. The plurality of Media Access Control (MAC) addresses can include a chassis MAC address and the source MAC address for the application. The packet can be a no-operation packet which requires no processing by the NTE except installation of the source MAC address for the application.

In one embodiment, network nodes coordinate recording of In-Situ Operations, Administration, and Maintenance (IOAM) data in packets traversing the network nodes, including a node adding IOAM data of another node to packets on behalf of the another node. After receiving a particular packet, a network node adds first IOAM data and second IOAM data to the particular packet, with the first IOAM data related to the first network node and the second IOAM data related to a second network node. The packet is then sent from the first network node. The coordinated offloading of the adding of IOAM data to packets allows a node to free up resources currently used for IOAM operations to be used for other packet processing operations, while still having IOAM data related to the node recorded in packets. The coordinated offloading may include control plane communication (e.g., via a routing or other protocol).

A disclosed method may include (1) receiving, at a local gateway device included in a network, a query message that initiates a topology discovery process from a remote gateway device included in the network, (2) identifying, within the query message, at least one characteristic of a first interface included on the remote gateway device, (3) selecting, for the first interface, a second interface included on the local gateway device based at least in part on the characteristic of the first interface identified within the query message, and then (4) sending, to the remote gateway device, a response message that (A) includes at least one characteristic of the second interface included on the local gateway device and (B) enables the remote gateway device to map the first interface to the second interface in connection with the topology discovery process. Various other apparatuses, systems, and methods are also disclosed.

A method for distributing network function (NF) topology information among proxy nodes and for using the NF topology information for inter-proxy node message routing includes configuring a first proxy node as a leader service communications proxy (SCP). The method further includes configuring a plurality of second proxy nodes as worker proxy nodes. The method further includes registering the worker proxy nodes with the leader SCP. The method further includes subscribing, by the worker proxy nodes and with the leader SCP, to receive NF topology information from the leader SCP. The method further includes, at the leader SCP, receiving NF topology information from the worker proxy nodes and communicating the NF topology information to the worker proxy nodes subscribed to receive the NF topology information. The method further includes, at the worker proxy nodes, using the NF topology information to route messages to proxy nodes serving destination NFs.

Various systems and methods for providing network services are described herein. In one example, a method includes receiving, via a first processor, a network packet from a source device. The method can also include sending, via the first processor, the network packet to a second processor if a service subsystem and a service are responsive. Furthermore, the method can include modifying, via the second processor, the network packet or generating a new packet based on the service. The method can also include receiving, via the first processor, the modified network packet or the new network packet from the second processor. The method can also further include sending, via the first processor, the modified network packet or the new network packet to a destination device.