Enhanced packet redirect capabilities are disclosed herein for draining traffic to a server. In an implementation, a server in an infrastructure service receives a packet from a stateless load balancer. The packet may comprise a request for content. A user space program on the server determines whether a connection identified in the packet belongs to the server. If the connection belongs to the server, the user space program handles the request for the content. If not, the server forwards the packet to a secondary server in the infrastructure service. The secondary server, to which the connection may belong, can then handle the request.

Novel tools and techniques for machine learning based quality of experience optimization are provided. A system includes one or more network elements, an orchestrator, and a server. The server may further include a processor and non-transitory computer readable media comprising instructions executable by the processor to obtain telemetry information from a first protocol layer, obtain telemetry information from a second protocol layer, modify one or more attributes of the second protocol layer, observe a state of first protocol layer performance, assign a cost associated with changes to each of the one or more attributes of the second protocol layer, and optimize the first protocol layer performance based, at least in part, on the state of first protocol layer performance and the cost associated with the changes to one or more attributes of the second protocol layer. The orchestrator may be configured to modify the one or more attributes of the second protocol layer.

Embodiments provide a TCAM-based access control list that supports disjunction operations in rules. A network frame is received. Embodiments determine set TCP flags of the network frame. Upon determining that the set TCP flags match a first entry in a numeric range table, bits of a search key corresponding to the first entry are updated. The search key accesses a second entry stored in a TCAM. The first entry further comprises an encode field to scan a TCP header of the network frame for set TCP flags, a first mask field to a condition corresponding to unset TCP flags to identify in the network frame, a second mask field to a condition corresponding to set TCP flags to identify in the network frame, and an operation field specifying a disjunction operation for comparing the set TCP flags with the first mask field and the second mask field.

Obtaining, in association with origination of outbound network traffic to be sent by a system, user account information of a user account on behalf of which the outbound network traffic is generated, and performing filtering of the outbound network traffic based on the obtained user account information of the user account on behalf of which the outbound network traffic is generated, where the filtering is further based on one or more rules, and the filtering includes determining whether to block or allow sending of the outbound network traffic from the system.

Enhanced packet redirect capabilities are disclosed herein for draining traffic to a server. In an implementation, a server in an infrastructure service receives a packet from a stateless load balancer. The packet may comprise a request for content. A user space program on the server determines whether a connection identified in the packet belongs to the server. If the connection belongs to the server, the user space program handles the request for the content. If not, the server forwards the packet to a secondary server in the infrastructure service. The secondary server, to which the connection may belong, can then handle the request.

Methods and apparatus for classifying a traffic packet service of a traffic flow to a client device, a state and/or video resolution of a streaming video player in a client device. The apparatus includes a memory, and a communication interface configured to obtain TCP/IP or UDP/IP headers of packets to a client device, at least one processor operably connected to the memory, the at least one processor configured to detect a start of a traffic flow, and buffer a first number of packets for the traffic flow, extract features from UDP/IP or TCP/IP headers of a second number of packets belonging to the detected traffic flow, and obtain a flow service classifier for classifying a service type of the traffic flow, and classify the service type of the traffic flow by applying the extracted features to the flow service classifier.

A technology is provided for improving computer network throughput. Data located in memory of a processing device may be identified. The data packets located in the memory may be sent through a tunneling interface to encapsulate the data packets using a tunneling protocol on a first computing device. Alternatively, the data packets can be sent through a split proxy interface system. The data packets received in the interface may also be encoded using random linear network coding (RLNC) to form encoded packets, using a processor. Further, the encoded packets may be sent across a packet network to a second computing device.

An example system for Transmission Control Protocol (TCP) window sizing is disclosed. The example disclosed herein comprises a data flow detection engine, a TCP connection engine, a feedback engine, and a TCP window sizing engine. The data flow detection engine is to detect the number of data flows received by a buffer from a network component. The TCP connection engine is to determine a number of TCP connections within the network component from the number of data flows. The feedback engine is to send a feedback signal to a source of at least one of the number of TCP connections based on a state of the buffer and the number of TCP connections. The TCP window sizing engine is to adjust a TCP window size based on the feedback signal.

Described is a method for estimating throughput between first and second communication devices, the method comprising: determining maximum bottleneck throughput of a communication link between the first communication device and a third communication device, wherein the communication link between the first and third communication devices applies a common access network as between a communication link between the first and second communication devices; determining Round Trip Time (RTT) between the first and second communication devices; transmitting packet by applying User Datagram Protocol (UDP) from the third communication device to the first communication device; measuring packet loss rate associated with the transmitted packet by monitoring sequence number of the packet; and translating measured packet loss rate to Transmission Control Protocol (TCP) throughput according to maximum bottleneck throughput and RTT.

Examples described herein relate to a network device apparatus that includes a network interface card to process a received packet. In some examples, based on the received packet only including one or more frames for which acknowledgement of receipt is offloaded to the network interface card, generate an acknowledgement (ACK) message to acknowledge receipt of the received packet. In some examples, a frame for which acknowledgement of receipt is offloaded to the network interface card comprises a STREAM frame compatible with quick User Datagram Protocol (UDP) Internet Connections (QUIC). In some examples, a computing platform is coupled to the network interface card. In some examples, based on the received packet only including any frame for which acknowledgement of receipt is not offloaded to the network interface, the computing platform is to generate an ACK message for the received packet.