Systems, methods, and computer-readable media provide for collection of statistics relating to network traffic between virtual machines (VMs) in a network. In an example embodiment, a virtual switch hosted on a physical server provides network address information of VMs deployed on the physical server to a virtual switch controller. The controller collects this network address information from each virtual switch under its control, and distributes the aggregate address information to each switch. In this manner, the controller and each switch within the controller's domain can learn the network address information of each VM deployed on physical servers hosting switches under the controller's control. Each virtual switch can determine a classification of a frame passing through the switch (e.g., intra-server, inter-server and intra-domain, or inter-domain traffic), and statistics relating to the traffic. In an example embodiment, the virtual switch controller can collect the statistics from each switch within its domain.

Wireless communications are described. A wireless device may be configured to transmit a first signal via a first cell group that may overlap in time with a second signal via a second cell group. The wireless device may adjust a signal transmission power of at least one of the first signal or the second signal. Additionally or alternatively, the wireless device may drop at least one of the first signal or the second signal. Adjusting and/or dropping at least one of the first signal or the second signal may be based on the overlap in time of these signals satisfying a duration threshold and a total power to transmit the first signal and the second signal exceeding a power threshold.

Aspects of the embodiments are directed to receiving an address resolution protocol (ARP) request message from a requesting virtual machine, the ARP request message comprising a request for a destination address for a destination virtual machine, wherein the destination address comprises one or both of a destination hardware address or a destination media access control address; augmenting the ARP request message with a network service header (NSH), the NSH identifying an ARP service function; and forwarding the augmented ARP request to the ARP service function.

A method and a node identification system for identifying at least one unknown mobile node in a communications network using details related to at least one known mobile node and organization of the details related to the at least one known mobile node. The method includes capturing details related to the at least one unknown mobile node and identifying an organization of the captured details related to the at least one unknown mobile node, comparing the details related to the at least one known mobile node and the organization of the details related to the at least one known mobile node with the captured details related to the at least one unknown mobile node and the organization of the captured details related to the at least one unknown mobile node, and determining a type of the at least one unknown mobile node based on the comparing.

MITM attacks are detected by intercepting network configuration traffic (name resolution, DHCP, ARP, ICMP, etc.) in order to obtain a description of network components. A computer system generates artificial requests for network configuration information and monitors responses. Multiple responses indicate a MITM attack. Responses that are different from previously-recorded responses also indicate a MITM attack. MITM attacks may be confirmed by transmitting fake credentials to a source of a response to a request for network configuration information. If the fake credentials are accepted or are subsequently used in an access attempt, then a MITM attack may be confirmed.

A network communication device includes a plurality of ports, a memory, and a processor. The plurality of ports is configured to receive a packet. A memory is configured to store a first lookup table and a second lookup table. An entry of the first lookup table includes a flag field. An entry of the second lookup table includes an entry address of the first lookup table. The processor is coupled to the memory and the plurality of ports. The network communication device is configured to: analyze the packet by a software or hardware to obtain a source Media Access Control (MAC) address; obtain, according to the source MAC address of the packet, the entry of the first lookup table; read the flag field of the entry; and determine, according to the flag field, whether the entry is referred by the second lookup table.

An apparatus for correcting MAC addresses includes a device port for connecting to a computing device with a colliding MAC address with potential to collide with MAC addresses of other computing devices within a computer network. The apparatus includes a network port for connecting to a network device connected to other computing devices. A reassignment module is configured to assign a non-colliding MAC address in place of the colliding MAC address of the computing device and a replacement module is configured to replace the colliding MAC address of a datagram received on the device port with the non-colliding MAC address and transmit the datagram with the non-colliding MAC address from the network port to the network device, and to replace the non-colliding MAC address of a datagram received on the network port with the colliding MAC address and transmit the datagram with the colliding MAC address to the computing device.

Techniques are described for extending a cellular quality of service bearer through an enterprise fabric network. In one example, a method obtaining, by a first switch of a network, a packet to be delivered to a client connected to the network via a cellular access point; identifying quality of service (QoS) bearer information associated with the packet, wherein the QoS bearer information is associated with a radio access bearer for the client and the QoS bearer information comprises a bearer indicator and a QoS class identifier; providing a fabric tunnel encapsulation for the packet, wherein the bearer indicator and the QoS class identifier are included within the fabric tunnel encapsulation of the packet; and forwarding the packet within the fabric tunnel encapsulation toward a second switch of the network via a fabric tunnel, wherein the cellular access point is connected to the network via the second switch.

Provided is an Address Resolution Protocol (ARP) learning method, which includes: determining, by a forwarding chip, an IP address of a target device; when an MAC address corresponding to the IP address of the target device is not stored in an ARP forwarding table, generating and broadcasting, by the forwarding chip, an ARP request message, wherein the ARP request message includes the IP address of the target device; receiving, by the forwarding chip, an ARP response message fed back by the target device, wherein the ARP response message includes an MAC address of the target device; and writing, by the forwarding chip, the IP address of the target device and the MAC address corresponding to the IP address into the ARP forwarding table. The present disclosure also provides a node device and a computer-readable medium.

According to an aspect, there is provided a method for determining a sequence of bus nodes in a multi-drop communication bus. The method includes for each bus node: sending a request to the bus node using an bus node physical identifier to set the bus node to a loopback mode; transmitting at least one signal to the bus node via the multi-drop communication bus; receiving from the bus node a loopback signal caused by the at least one signal; and measuring a roundtrip delay between the at least one signal and the loopback response signal. The method further includes solving the physical order of the bus nodes in the multi-drop communication bus based on the roundtrip delays.