Methods, systems, and computer-readable mediums for an alternate control channel for a network protocol stack are disclosed. In some embodiments a controller device provides instructions to one or more source devices. The controller device instructs the one or more source devices to override network parameters associated with network communication performed by the source devices. The network parameters to be overridden may include transport level source ports, source network addresses, or source link level addresses. In some embodiments, a range of override values are specified. In some of these aspects, a source device may perform time division multiplexing via the multiple override values, such that data generated by a single device may appear to be transmitted by multiple devices.

A Mapping of Address and Port using Translation (MAP-T) border relay controller for managing and controlling a MAP-T network. Configuration and performance data are collected, by a border relay configuration collector, from one or more MAP-T border relay nodes of a MAP-T network. Internet Protocol (IP) flow data are collected, by an IP flow data collector, across one or more Internet peering routers coupled to the MAP-T network. A network anomaly that impairs performance of the MAP-T network is analyzed, by a logic algorithm module, using the configuration and performance data collected by the border relay configuration collector and the IP flow data collector. A network translation capability of the MAP-T network is reconfigured based on the analysis of the network anomaly and/or availability of network resources.

A novel design of a gateway that handles traffic in and out of a network by using a datapath pipeline is provided. The datapath pipeline includes multiple stages for performing various data-plane packet-processing operations at the edge of the network. The processing stages include centralized routing stages and distributed routing stages. The processing stages can include service-providing stages such as NAT and firewall. The gateway caches the result previous packet operations and reapplies the result to subsequent packets that meet certain criteria. For packets that do not have applicable or valid result from previous packet processing operations, the gateway datapath daemon executes the pipelined packet processing stages and records a set of data from each stage of the pipeline and synthesizes those data into a cache entry for subsequent packets.

A system and method for facilitating controlled access by a client device to one or more services provided by a server are disclosed. The client device's access to the services provided by the server may be dynamically controlled by a controller, which may generate instructions to an agent to effectuate the access control. The agent may be configured to control one or more access components associated with the server. The instructions generated by the controller may instruct the agent to cause the access control components to grant or remove the client device's access to the services provided by the server. In some implementations, the controller may generate such instructions based on a status of a session established between the controller and the client device.

Some embodiments provide a method for handling failure at one of several peer centralized components of a logical router. At a first one of the peer centralized components of the logical router, the method detects that a second one of the peer centralized components has failed. In response to the detection, the method automatically identifies a network layer address of the failed second peer. The method assumes responsibility for data traffic to the failed peer by broadcasting a message on a logical switch that connects all of the peer centralized components and a distributed component of the logical router. The message instructs recipients to associate the identified network layer address with a data link layer address of the first peer centralized component.

A method of routing a packet in a network is described. The network includes a plurality of nodes implementing Information Centric Networking (ICN) routing or content centric networking and routing. The method includes receiving the packet at a node implementing ICN routing, the packet comprising an Internet Protocol (IP) header and a packet payload, wherein the packet comprises a request packet for requesting content from the network. The method further includes extracting from the packet payload a content identifier for the requested content and forwarding the packet to a next hop node in the network based on the content identifier extracted from the packet payload.

An example embodiment may include a computational instance and a computing device within a remote network management platform. The computing device may be configured to: receive, from a client device of the managed network, a request to redirect, to a second URL, future requests addressed to a first URL; provide, to the client device, instructions to generate a certificate that binds an identity of the entity that operates the managed network to the first URL; receive, from the client device, the certificate; store the certificate and a corresponding cryptographic key; and generate a mapping between the first URL and the second URL. The computational instance may be configured to, in response to receiving a content request referencing the destination, generate a content response containing content from the destination, where any hyperlinks to the second URL in the content are replaced with hyperlinks to the first URL.

Systems and methods include, in a cloud node, receiving Mobile Device Management (MDM) data from a central authority, wherein the MDM data includes policy metadata specifying MDM functions for mobile devices associated with users of an enterprise; communicating to an application on a mobile device associated with a user, via a tunnel, wherein the application is configured for service discovery and connectivity; and providing the MDM data to the mobile device associated with the user via the tunnel.

In some embodiments, a method receives a packet for a flow from a first application in a first workload to a second application in a second workload. The packet includes an inner header that includes layer 4 information for the first application. The method determines if a setting indicates an outer source port in an outer header should be generated using layer 4 information from the inner header. The setting is based on an analysis of packet types in the flow to determine if fragmented packets are sent. When the setting indicates the outer source port in the outer header should be generated using layer 4 information from the inner header, the method generates the outer source port using the layer 4 information for the first application from the inner header. The packet is encapsulated using the outer header, wherein the outer header includes the outer source port.

The disclosure includes a doorbell having a visitor detection system that can comprise at least one of a camera, a microphone, and a motion detector. The method for using the doorbell can comprise recording, via the camera, video data that represents a video. The method can also comprise recording, via the microphone, audio data that represents audio. The method of using the doorbell can comprise transmitting at least a portion of the video data and at least a portion of the audio data, to a remote computing device that is communicatively coupled to the doorbell. The method can also comprise transmitting the video data and the audio data to a remote server that is communicatively coupled to the doorbell.