A service provider server is provided for use with a network node, and a cable modem. The service provider server includes a memory and a processor configured to execute instructions stored on the memory to cause the service provider server to provide a first downstream service flow to the cable modem by way of the network node, the first downstream service flow having a first set of privileges, receive a first upstream service flow from the cable modem by way of the network node, provide a second downstream service flow to the cable modem by way of the network node, the second downstream service flow having a second set of privileges that are different from the first set of privileges, and receive a second upstream service flow from the cable modem by way of the network node.

This disclosure describes techniques to operate a control plane in a network fabric. The techniques include determining a stateless rule corresponding to communication between a first segment of the network fabric and a second segment of the network fabric. The techniques further include configuring the control plane to enforce the stateless rule.

This disclosure describes techniques for employing a collaborate traffic balancer in communications among network devices. The techniques include dynamic traffic engineering concepts to improve network communications. The techniques may include causing a headend device to establish a secure communication session between a client device and a server in a resource infrastructure supporting the service. The techniques may include selecting a tunnel for the secure communication session to reach the resource infrastructure. The techniques may further include migrating the secure communication session from a current tunnel to a new tunnel where a degradation in quality of the secure communication session is predicted.

A first network device may communicate, in association with a tunnel establishment network protocol, with a second network device to cause a network tunnel between the first network device and the second network device to be established. The first network device may determine, based on communicating with the second network device to cause the network tunnel to be established, that the network tunnel is to support network micro-tunnel functionality within the network tunnel. The first network device may communicate, based on determining that the network tunnel is to support network micro-tunnel functionality, with the second network device to identify a traffic class, of one or more traffic classes, to which network micro-tunnel functionality within the network tunnel is to be applied. The first network device may cause a network micro-tunnel to be established within the network tunnel for traffic associated with the traffic class.

A network node may receive a packet having an inner internet protocol (IP) header and an outer IP header. The inner IP header may be encrypted. A loose source routing (LSR) field of the outer IP header may identify a recipient address. The network node may determine, based on the recipient address identified in the LSR field, a tunnel endpoint associated with a receiving network node. The network node may update the outer IP header of the packet to obtain an updated packet with an updated outer IP header. A source address of the updated outer IP header may be updated to a tunnel endpoint associated with the network node, and the destination address of the updated outer IP header may be updated to a tunnel endpoint associated with the receiving network node. The network node may route the updated packet according to the updated outer IP header.

Presented herein are techniques to facilitate infrastructure and policy orchestration in a shared workspace network environment. In one example, a method may include obtaining, by a service broker, a reservation request from a consumer network for a consumer, wherein the reservation request seeks a reservation to reserve, at least in part, at least one workspace device for the consumer for a workspace for a particular day and a particular time period; based on determining that the at least one workspace device is available, providing a response to the consumer network that includes a first indicator for identifying the reservation of the workspace and at least one second indicator identifying the at least one workspace device; and upon receiving a session request from the consumer network that includes the second indicator, establishing a management tunnel to interconnect the consumer network and the at least one workspace device via the service broker.

A method may include receiving a data flow of an application directed to the destination in a software-defined network (SDN). The method may also include identifying a classification of the application. The method may additionally include identifying a set of performance thresholds associated with the classification of the application. The method may also include determining a current performance of the data flow of the application in the SDN. The method may also include generating a performance score for the application based on the set of performance thresholds and the current performance of the data flow of the application in the SDN. The method may further include causing the performance score for the application to be presented via an interface.

A broadband network gateway (BNG) in a wireline network. The BNG includes an interworking function in a control plane (IF-CP), the IF-CP configured to use a control plane interface (N1′/N2′) between the BNG in the wireline network and a fifth generation (5G) core in a 5G network to couple a control plane of the BNG to a control plane of the 5G core; an interworking function in a user plane (IF-UP), the IF-UP configured to use a user plane interface (N3′) between the BNG in the wireline network and the 5G core in the 5G network to couple a user plane of the BNG to a user plane of the 5G core; and a transmitter configured to transmit data packets toward the 5G core after the user plane of the BNG and the user plane of the 5G core have been coupled.

In one embodiment, an offload platform is an compute platform, adjunct to a router or other packet switching device, that performs packet processing operations including determining an egress forwarding value corresponding to the next-hop node of the packet switching device to which to send an offload-platform processed packet. The offload platform downloads forwarding information from the router, and augments it, such as, but not limited to, representing interfaces of the router as identifiable virtual interface(s) on the offload platform, and including each of one or more next-hop nodes of the router represented as an identifiable virtual adjacency and identifiable tunnel (e.g., identified by the egress forwarding value). In one embodiment, the egress forwarding value is an Multiprotocol Label Switching (MPLS) label or Segment Routing Identifier. The router identifies packets of certain packet flows to send to the adjunct offload platform, rather than processing per its routing information base.

Methods and systems include managing bandwidth in Fibre Channel over Internet Protocol (FCIP) communication channels. A method includes monitoring traffic demand at an FCIP communication channel and, in response to an anticipated period of throughput demand on the FCIP communication channel, reallocating physical throughput bandwidth of the FCIP communication channel by configuring bandwidth of one or more tunnels of the FCIP communication channel.