Systems and methods for allocating a per-interface access control list (ACL) counter are disclosed. An ACL is applied to a data packet received at an interface of the network element. In response to matching the highest priority ACL rule, a counter value is obtained based on a combination of a base index and an expansion index value. The base index, expansion index, and counter values are stored in their respective tables. The counter value is uniquely associated with the specific ACL rule hit and the interface used to receive the data packet. Systems and methods also allocate a next set of expansion and counter tables when their storage capacity is exceeded. When the next set of tables are allocated, the older set of tables along with their index mappings and entries are preserved.

A method including communicating, by a first device in communication with a second device in a mesh network, meshnet data with the second device based at least in part on utilizing a meshnet local port dedicated for communicating the meshnet data; and transmitting, by the first device to a control infrastructure device, a binding request based at least in part on utilizing the meshnet local port, the binding request requesting the control infrastructure to determine a currently allocated public port associated with the first device. Various other aspects are contemplated.

Properties associated with computing resources are received. At least a portion of the received properties is used to cluster the computing resources into one or more operating groups. At least a portion of the received properties is used to determine a recommendation of an operation schedule for at least one of the one or more operating groups. The recommendation is provided. A feedback is received in response to the recommendation.

A network system that implements quality of service (QoS) by rate limiting at a logical network entity is provided. The logical network entity includes multiple transport nodes for transporting network traffic in and out of the logical network entity. The system monitors traffic loads of the multiple transport nodes of the logical network entity. The system allocates a local CR and a local BS to each of the multiple transport nodes. The allocated local CR and the local BS are determined based on the CR and BS parameters of the logical network entity and based on the monitored traffic loads. Each transport node of the logical network entity in turn controls an amount of data being processed by the transport node based on a token bucket value that is computed based on the local CR and the local BS of the transport node.

Cloud-based computing systems, although claimed to have virtually unlimited resources, could get oversubscribed due to budget constraints of cloud users. The disclosed invention proposes a mechanism to identify various types of “mergeable” tasks. The system also determines when it is appropriate to aggregate tasks and how to allocate them so that the QoS of other tasks is not affected. Experimental results under real-world workload settings show that the disclosed system can improve robustness of the system in the face of oversubscription and also saves the overall time of using cloud services by more than 14%.

Techniques are described for providing a cloud data collector (CDC) application for managing the generation of infrastructure templates. The CDC application provides graphical user interfaces that enable a user to provide inputs indicating configurations of data to be ingested by the data intake and query system, each configuration including one or more user accounts, in addition to data sources and regions associated with data sources. Using the configurations provided as input to the CDC application, the CDC application generates an infrastructure template that can be used to configure the service provider network to provide the requested security data to the data intake and query system.

A traffic shaping circuit regulates packets transferred by a transmission resource into a network (e.g., a network on a chip) on behalf of a client. The packet transfers are selectively enabled or disabled based on a current budget value. The budget value is modified based on a packet-transfer cost in response to transferring a packet into the network. The rate of packet transfers into the network is monitored. A cost-adjustment signal is generated based on the rate of packet transfers. The packet-transfer cost is modified in response to the cost-adjustment signal for accounting for a subsequent-packet transfer into the network. The cost-adjustment signal may indicate an increase or decrease of the packet-transfer cost and/or a budget limit, both of which are read from a cost table comprising records ordered based on respective packet-transfer cost values. The packet-transfer cost and/or a budget limit are configurable.

Embodiments described herein relate to techniques for distributing shaped subinterfaces among physical interfaces of a port channel. Such techniques include receiving a request to configure a shape rate for a port channel subinterface; generating a physical interface set specifying: a first physical interface and a first allocated bandwidth associated with the first physical interface; and a second physical interface and a second allocated bandwidth associated with the second physical interface; making a selection, using the physical interface set, of the first physical interface based on the first allocated bandwidth being lesser than the second allocated bandwidth; assigning the first physical interface as a first anchor interface for the first port channel subinterface; and adding the first shape rate to the first allocated bandwidth to obtain a first new allocated bandwidth for the first physical interface.

Some embodiments provide policy-driven methods for deploying edge forwarding elements in a public or private SDDC for tenants or applications. For instance, the method of some embodiments allows administrators to create different traffic groups for different applications and/or tenants, deploys edge forwarding elements for the different traffic groups, and configures forwarding elements in the SDDC to direct data message flows of the applications and/or tenants through the edge forwarding elements deployed for them. The policy-driven method of some embodiments also dynamically deploys edge forwarding elements in the SDDC for applications and/or tenants after detecting the need for the edge forwarding elements based on monitored traffic flow conditions.

Systems and methods for enabling links between various devices is provided. The systems and methods may include a platform that enables different devices to access spatial models of a resource. The platform may enable the different devices to define and/or modify assignment conditions for access rights to resources. Further, the platform may enable definition of assignment conditions before or after the access rights are available for assignment.