Service aware network devices coordinate function chains of virtual functions. The network devices are aware of which virtual functions exist and how to interconnect them in the most efficient manner and define and process service graphs that can be maintained, monitored and redirected. The network devices themselves implement and manage the service graphs, as opposed to the virtual servers that host the virtual functions.

A method for creating a secure link between any two endpoints in a network comprises: assigning a unique identifier to each endpoint of a network; for each endpoint in the network, transmitting the unique identifiers associated with each of the remaining endpoints in the network to said endpoint; establishing a secure link between a source endpoint and a destination comprising: transmitting a data-session establishment packet from the source endpoint to the destination endpoint via a symmetric NAT device; wherein the data-session establishment packet comprises the unique identifier associated with the source endpoint; performing a matching operation at the destination endpoint to match the unique identifier associated with the source endpoint with a unique identifier known to the destination endpoint; and upon matching of unique identifiers then creating a forwarding table entry for the destination endpoint based on the source address and source port associated with the source endpoint.

Described herein are systems, methods, and software to enhance the implementation of communication rules in a computing network. In one example, a method of operating a communication settings system maintains communication rules for a plurality of networks, wherein the communication rules define forwarding actions for ingress and egress packets to and from applications in the plurality of computing networks. The service further identifies a configuration request from a computing network with applications executing in the computing network, identifies a subset of the communication rules based on the plurality of applications, and provides the subset of the communication rules to the computing network.

In a system and method for performing message-based business processes among a plurality of applications, configuration data is stored in a data store in a gateway, the configuration data including information defining one or more simple transactions that can be performed by the gateway. A gateway message is received at the gateway, the gateway message including a gateway message header and a payload, the gateway message header including a routing slip block providing a template of a complex transaction in which the gateway message is participating, the complex transaction comprising one or more simple transactions performed in a defined order. The gateway executes at least one simple transaction in accordance with the template in the routing slip and the configuration data defining the one or more simple transactions.

Embodiments of the present invention relate to a centralized table aging module that efficiently and flexibly utilizes an embedded memory resource, and that enables and facilitates separate network controllers. The centralized table aging module performs aging of tables in parallel using the embedded memory resource. The table aging module performs an age marking process and an age refreshing process. The memory resource includes age mark memory and age mask memory. Age marking is applied to the age mark memory. The age mask memory provides per-entry control granularity regarding the aging of table entries.

A method and apparatus of a device that broadcasts data to multiple hardware forwarding engines is described. In an exemplary embodiment, a central processing unit of the device receives the data to broadcast to the plurality of hardware forwarding engines. The device further writes the data to a broadcast log. In addition, the device transmits a signal to one or more co-processors that the data is available to be read, wherein each of the plurality of hardware forwarding corresponds to one of the one or more co-processors. Each of these co-processors reads the data in the broadcast log by receiving the signal that the data is ready to be read from the broadcast log. In addition, each co-processor determines a broadcast log entry for the data for that co-processor. Each co-processor further reads the data from the broadcast log entry via a direct memory access in memory that stores the broadcast log and the plurality of hardware forwarding engines use the data to process network traffic.

In an embodiment an interface unit includes a transmit pipeline configured to transmit egress data, and a receive pipeline configured to receive ingress data. At least one of the transmit pipeline and the receive pipeline being may be configured to provide shared resources to a plurality of ports. The shared resources may include at least one of a data path resource and a control logic resource.

Various embodiments are described that relate to a rapid deployment communications tile. As opposed to running various data and/or power wires, a construction crew can use set of tiles that have built in data and/or power transmission capabilities. These tiles can be keyed such that they interlock together to form a relatively uniform surface, such that the surface can also be used as a floor. Further, the tiles can have hardware components that enable the data and/or power transmission capabilities. These hardware components can be environmentally protected such that their performance is not subject to environmental factors.

A method and apparatus for performing a lookup in a switching device of a packet switched network where the lookup includes a plurality of distinct operations each of which returns a result that includes a pointer to a next operation in a sequence of operations for the lookup. The method includes determining a first lookup operation to be executed, executing the first lookup operation including returning a result and determining if the result includes a pointer to another lookup operation in the sequence of operations. If the result includes a pointer to another lookup operation, the lookup operation indicated by the result is executed. Else, the lookup is terminated.

In an embodiment an interface unit includes a transmit pipeline configured to transmit egress data, and a receive pipeline configured to receive ingress data. At least one of the transmit pipeline and the receive pipeline being may be configured to provide shared resources to a plurality of ports. The shared resources may include at least one of a data path resource and a control logic resource.