A device implementing the subject system may include at least one processor configured to receive, by a first system process, a first network address that corresponds to a domain name that was resolved by a second system process, the resolving having been responsive to a resolution request therefor by an application process. The at least one processor may be further configured to receive, by the first system process, a second network address for which a network connection was opened by the application process. The at least one processor may be further configured to, responsive to determining that the application process opened a network connection for a network address for which the application process did not provide, to the second system process, a resolution request for the corresponding domain name, provide, by the first system process, an indication of the network address in conjunction with an indication of the application process.

A device implementing the subject system may include at least one processor configured to receive, by a first system process, a first network address that corresponds to a domain name that was resolved by a second system process, the resolving having been responsive to a resolution request therefor by an application process. The at least one processor may be further configured to receive, by the first system process, a second network address for which a network connection was opened by the application process. The at least one processor may be further configured to, responsive to determining that the application process opened a network connection for a network address for which the application process did not provide, to the second system process, a resolution request for the corresponding domain name, provide, by the first system process, an indication of the network address in conjunction with an indication of the application process.

Embodiments of the disclosure include a method comprising storing a first identifier of a first host device in an Address Resolution Protocol (ARP) cache of a first VXLAN Tunnel Endpoint (VTEP); making a first determination that an age of the first identifier exceeds a defined age threshold; sending, as a result of the first determination, a first request to the first host device to confirm liveness of the first identifier; and removing the first identifier from the ARP cache as a result of failing to receive a first response from the first host device within a defined time period.

Embodiments of the disclosure include a method comprising storing a first identifier of a first host device in an Address Resolution Protocol (ARP) cache of a first VXLAN Tunnel Endpoint (VTEP); making a first determination that an age of the first identifier exceeds a defined age threshold; sending, as a result of the first determination, a first request to the first host device to confirm liveness of the first identifier; and removing the first identifier from the ARP cache as a result of failing to receive a first response from the first host device within a defined time period.

One aspect provides a method and system for managing address resolution requests in a network. During operation, a gateway of the network advertises a route for sending address resolution requests and determines whether a cached entry corresponding to an address resolution request received via the route exists in a neighbor table. In response to determining that the cached entry exists, the gateway responds to the address resolution request based on the cached entry; in response to determining that the cached entry does not exist, the gateway replicates the address resolution request to edge devices in the network, thereby facilitating discovery of a target host corresponding to the address resolution request.

In a cable network, embodiments detect and remediate a non-responsive customer premise equipment (CPE) device in a customer's premise with minimal or no interaction with a customer. Embodiments may detect and remediate a non-responsive CPE device without rebooting the non-responsive CPE device or the associated cable modem. Embodiments include troubleshooting a data link layer (e.g., Open System Interconnection (OSI) layer 2, or media access control (MAC) layer) and a network layer (e.g., OSI layer 3, or Internet layer) between a service operator network and the non-responsive CPE device. Embodiments include a guided integration and a proactive integration method, computer program product, and system to reduce and/or eliminate the need for a customer service representative to reboot a cable modem, and/or for a customer to reboot a non-responsive CPE device resulting in a fast and less disruptive service experience for the customer.

In a cable network, embodiments detect and remediate a non-responsive customer premise equipment (CPE) device in a customer's premise with minimal or no interaction with a customer. Embodiments may detect and remediate a non-responsive CPE device without rebooting the non-responsive CPE device or the associated cable modem. Embodiments include troubleshooting a data link layer (e.g., Open System Interconnection (OSI) layer 2, or media access control (MAC) layer) and a network layer (e.g., OSI layer 3, or Internet layer) between a service operator network and the non-responsive CPE device. Embodiments include a guided integration and a proactive integration method, computer program product, and system to reduce and/or eliminate the need for a customer service representative to reboot a cable modem, and/or for a customer to reboot a non-responsive CPE device resulting in a fast and less disruptive service experience for the customer.

Systems, methods, and computer-readable media for preserving source host context when firewall policies are applied to traffic in an enterprise network fabric. A data packet to a destination host from a source host can be received at a first border node instance in an enterprise network fabric as part of network traffic. The data packet can include a context associated with the source host. Further, the data packet can be sent to a firewall of the enterprise network fabric and can be received at a second border node instance after the firewall applies a firewall policy to the data packet. The data packet can then be selectively encapsulated with the context associated with the source host at the second border node instance for applying one or more policies to control transmission of the network traffic through the enterprise network fabric.

A network management apparatus includes a first controller, a memory, and a second controller. The first controller configured to operate a first virtual machine including a first container monitoring the mirror packet and a virtual switch transferring the mirror packet. The memory configured to store a destination information of the mirror packet and an address corresponding to the first container in association with each other. The second controller configured to cause the virtual switch to perform an operation to transmit the address corresponding to the first container from the virtual switch and cause the virtual machine to perform an operation to transfer the mirror packet to the first container from the first virtual machine, using the address corresponding to the first container when the virtual machine receives the mirror packet from the virtual switch and requests address resolution for the destination information of the mirror packet.

Some embodiments provide a method for a network controller that manages multiple logical networks implemented by multiple managed forwarding elements (MFEs) operating on multiple host machines. The method receives a notification from a particular MFE that an interface corresponding to a logical port of a logical forwarding element has connected to the particular MFE and has a particular logical network address. The method assigns a unique physical network address to the interface. Each of multiple interfaces connected to the particular MFE is assigned a different physical network address. The method provides the assigned unique physical network address to the particular MFE for the particular MFE to convert data messages sent from the particular logical network address to have the unique physical network address.