Network traffic flows can be processed by routers, switches, or service nodes. Service nodes may be ASICs that can provide the functionality of a switch or a router. Service nodes can be configured in a circular replication chain, thereby providing benefits such as high reliability. The service nodes can implement methods that include receiving a first packet that includes a source address in a source address field and that includes a destination address in a destination address field, routing the first packet to a selected service node that is in a circular replication chain that includes a plurality of service nodes that have local flow tables and are configured for chain replication of the local flow tables, producing a second packet by using a matching flow table entry of the first packet to process the first packet, and sending the second packet toward a destination indicated by the destination address.

A method performed by a computing system includes receiving a first request from a first pod being executed on the computing system, responding to the first request with an Internet Protocol (IP) address and a first port range, receiving a second request from a second pod being executed on the computing system, and responding to the second request with the Internet Protocol (IP) address and a second port range that is different than the first port range. The method further includes, with a networking service implemented within the kernel, processing network traffic between external entities and the first and second pods by updating source and destination IP addresses and ports of packets of the network traffic.

In some embodiments, a method receives a packet for a flow from a first application in a first workload to a second application in a second workload. The packet includes an inner header that includes layer 4 information for the first application. The method determines if a setting indicates an outer source port in an outer header should be generated using layer 4 information from the inner header. The setting is based on an analysis of packet types in the flow to determine if fragmented packets are sent. When the setting indicates the outer source port in the outer header should be generated using layer 4 information from the inner header, the method generates the outer source port using the layer 4 information for the first application from the inner header. The packet is encapsulated using the outer header, wherein the outer header includes the outer source port.

A method for controlling network congestion, including overlaying an overlay network packet header on an encapsulation outer layer of a transmit packet, where the overlay network packet header includes an outer Internet Protocol (IP) header, and an explicit congestion notification (ECN) identifier of an ECN is set in the outer IP header, decapsulating the overlay network packet header for an encapsulated reply packet, where an inner congestion identifier that is based on the ECN identifier is obtained from an IP header of the decapsulated reply packet through matching, and if the decapsulated reply packet is a User Datagram Protocol (UDP) packet, forwarding the UDP packet to a preset slow channel.

Technologies for performing secure session establishment in remote desktop infrastructure environments are disclosed. A remote desktop client application obtains client candidate network addresses using the Interactivity Connectivity Establishment (“ICE”) protocol and provides the client candidate network addresses to an instance of a remote desktop server application. The instance of the remote desktop server application obtains server candidate network addresses also using the ICE protocol and provides the server candidate network addresses to the remote desktop client application. The remote desktop client application and remote desktop server application evaluate the client network addresses and select a pair of network addresses for establishing a remote desktop networking session using the ICE protocol. The remote desktop client application and remote desktop server establish the network session using a remote desktop protocol over User Datagram Protocol (“UDP”). Additional remote desktop transport channels can be established in a similar fashion.

A network edge computing method includes receiving, by an edge data node, a service request at least processed by network edge computation scheduling; and routing, according to a service port involved in the service request, the service request to a container of the edge data node, to be processed by the container.

In some embodiments, a computer-implemented method for an automated proxying TCP fingerprints comprises: receiving, at a proxy server, a request from a source host, to establish a first communications connection between the source host and a destination host; establishing, by the proxy server, a second communications connection between the source host and the proxy server; determining a plurality of fingerprint values specific to the source host; establishing by the proxy server, using at least the plurality of fingerprint values specific to the source host, a third communications connection between the proxy server and the destination host; facilitating, by the proxy server, communications between the source host and proxy server via the second communications connection and between the proxy server and the destination host via the third communications connection.

An example embodiment may include a computational instance and a computing device within a remote network management platform. The computing device may be configured to: receive, from a client device of the managed network, a request to redirect, to a second URL, future requests addressed to a first URL; provide, to the client device, instructions to generate a certificate that binds an identity of the entity that operates the managed network to the first URL; receive, from the client device, the certificate; store the certificate and a corresponding cryptographic key; and generate a mapping between the first URL and the second URL. The computational instance may be configured to, in response to receiving a content request referencing the destination, generate a content response containing content from the destination, where any hyperlinks to the second URL in the content are replaced with hyperlinks to the first URL.

A method for configuring identical network components wherein network components are each connected to a physical port of a network switch via a network cable. An additional network station is also connected to the network switch. Configuration messages are transmitted from the additional network station to the network components wherein the configuration message of each network component communicates the physical port of the network switch to which the network component is connected. The network component performs a reconfiguration of its function in the network corresponding to the connection to the physical port.

The disclosure includes a doorbell having a visitor detection system that can comprise at least one of a camera, a microphone, and a motion detector. The method for using the doorbell can comprise recording, via the camera, video data that represents a video. The method can also comprise recording, via the microphone, audio data that represents audio. The method of using the doorbell can comprise transmitting at least a portion of the video data and at least a portion of the audio data, to a remote computing device that is communicatively coupled to the doorbell. The method can also comprise transmitting the video data and the audio data to a remote server that is communicatively coupled to the doorbell.