Systems and methods for transparent high availability for customer virtual machines using a hypervisor-based side channel bonding and monitoring are disclosed herein. The method can include creating a network path bond between at least one compute instance and a plurality of Network Virtualization Devices (“NVD”), the network path bond including a plurality of network paths, each network path connecting the compute instance with the Virtualized Network Interface Card (“VNIC”) of one of the plurality of NVDs, identifying a first one of the network paths as an active network path and a second one of the network paths as an inactive network path, performing a health check on the active network path, determining that the active network path failed the health check, marking the first one of the network paths as failed subsequent to determining that the active network path failed the health check, and identifying the second one of the network paths as the active network path.

An example first device may include a processor to establish a plurality of links associating between the first network device and a second network device, the plurality of links corresponding to a plurality of virtual local area networks (VLANs) that a plurality of client devices associated with the first network device belong to; create a mapping between the plurality of links and the plurality of VLANs; and forward data received from a particular client device among the plurality of client devices in a particular VLAN of the plurality of VLANs to the second network device via a particular link corresponding to the particular VLAN based on the mapping.

A method for resolution of inter-network domain names between telecommunications networks includes storing, at a security edge protection proxy (SEPP) of a home network, a mapping between a domain name and a network address of a producer network function of the home network. The method includes receiving, at the SEPP of the home network, a request message from a consumer network function of a visitor network. The method includes resolving, at the SEPP of the home network, a request message domain name of the request message using the mapping between the domain name and the network address of the producer network function of the home network.

The present disclosure is directed systems and methods for control embedding data packets for ARP queries, the methods including the steps of receiving a data plane packet from a first user device, the data plane packet requesting a hardware address associated with a second user device; generating a northbound control plane packet for transmission to a control plane node, the northbound control plane packet for requesting from the control plane node the hardware address associated with the second user device; embedding the data plane packet in the northbound control plane packet; and forwarding the northbound control plane packet with the data plane packet to the control plane node for respective processing of the northbound control plane packet and the data plane packet.

A migration process for migration of a virtual machine from a source host to a destination host has initiated is determined. The source host and the destination host are part of a network. A multicast address that is mapped to a group comprising the source host and the destination host is obtained. Host in the network to begin encapsulating packets addressed to the virtual machine and send the encapsulated packets using the multicast address in a destination address field of the encapsulated packets is notified.

A Media Access Control address (MAC) learning method includes: parsing out packet header and packet verification parameter of a packet from an input/output port; generating a port identifier corresponding to the input/output port; starting first-stage procedure for the packet header; and starting second-stage procedure for the packet verification parameter. The first-stage procedure includes: performing, according to a MAC forwarding table and the port identifier, learning processing for source MAC address of the packet header to generate learning result; generating status parameter according to the learning result; and associating and storing the status parameter, the port identifier, and a hash address corresponding to the source MAC address into a memory. The second-stage procedure includes: obtaining the status parameter and the hash address from the memory according to the port identifier; and updating the MAC forwarding table according to the packet verification parameter, the obtained status parameter, and the obtained hash address.

A network fabric deployment system includes a fabric deployment management system that is coupled to a DHCP server. The fabric deployment management system generates a cloud-based network fabric that is based on a network fabric topology file and that includes a plurality of cloud-based networking devices that are assigned a physical networking device identifier that identifies a corresponding physical networking device. The fabric deployment management system configures and validates each of the plurality of cloud-based networking devices causing each physical networking device identifier being mapped to an IP address at the DHCP server and then retrieves a deployment image file from each of the plurality of cloud-based networking devices that have been configured and validated, and stores each of the deployment image files in a database in association with the physical networking device identifier such that the corresponding physical networking device boots from that deployment image file.

A system and method for managing a plurality of network-enabled client devices such as networking equipment and Internet of Things (IoT) devices which employs a distributed ledger, or blockchain, to store network configuration information for each client device. Access to the distributed ledger may be provided through a proxy computing system that is configured to exchange control messages with the client devices. Network configuration information is defined in smart contracts stored in the distributed ledger which are executed on registration of the network-enabled client device in the distributed ledger.

A system and method for managing a plurality of network-enabled client devices such as networking equipment and Internet of Things (IoT) devices which employs a distributed ledger, or blockchain, to store network configuration information for each client device. Access to the distributed ledger may be provided through a proxy computing system that is configured to exchange control messages with the client devices. Network configuration information is defined in smart contracts stored in the distributed ledger which are executed on registration of the network-enabled client device in the distributed ledger.

A method in a cloud network to detect compromises within an enterprise network based on tokens tunneled outside of the enterprise network to the cloud network. The method includes receiving, at a tunnel gateway server within the cloud network, a first set of packets via a tunnel across a public network from a first server within the enterprise network, where the first set of packets were generated responsive to the first server receiving a second set of packets that originated from within the enterprise network and that included data and a source enterprise network address, where the first set of packets does not include the source enterprise network address and the data includes a token. The method further includes transmitting, by the tunnel gateway server, the data within a third set of packets to a second server that acts as if it were an enterprise server within the enterprise network.