A first provider edge device may receive device information from a second provider edge device included in an Ethernet virtual private network (EVPN). The device information may identify a media access control (MAC) address and may indicate that the device is connected to the second provider edge device. The first provider edge device may receive data transmitted by the device and may determine, based on information included in the data, that the device has moved from the second provider edge device to the first provider edge device. The first provider edge device may generate a data packet including mobility information indicating that the device has moved to the first provider edge device. The first provider edge device may transmit, via a data plane of the EVPN, the data packet to the second provider edge device to permit the second provider edge device to update routing information for the device.

Cloud delivered access may be provided. A network device may provide a client device with a pre-authentication virtual network and a pre-authentication address. Next, a policy may be received in response to the client device authenticating. The client device may then be moved to a post-authentication virtual network based on the policy. A post-authentication address may then be obtained for the client device in response to moving the client device to a post-authentication virtual network. Traffic for the client device may then be translated to the post-authentication address.

According to an example, a Virtual Extensible Local Area Network Tunnel End Point (VTEP) sends a Virtual Extensible Local Area Network (VXLAN) information announcement message carrying the identifiers of VXLAN instances to the neighbor VTEPs and receive VXLAN information announcement messages from the neighbor VTEPs. If a neighbor VTEP is configured with the same VXLAN instance as the present VTEP, the present VTEP sets up a tunnel to the neighbor VTEP; and associates the tunnel with the same VXLAN instance.

A SDN controller receives a packet sent by a VTEP to be forwarded at the layer-3. The SDN controller may determine at least one VXLAN gateway that could reach the destination node of the packet and which is located in the same VXLAN with a source node of the packet, as a forwarding gateway. After forwarding gateway is determined, the SDN controller may distribute a flow entry to the VTEP, which may help VTEP to forward the packets sent from the source node to the destination node to the determined forwarding gateway.

A next-generation mobile communication network apparatus and method using link layer routing. The network apparatus uses an existing IP address as an identifier while using a link layer address as a locator, and utilizers a location server that manages mapping between the IP address and the link layer address, thereby providing mobility.

Some embodiments provide a method for implementing a logical router in a network. The method receives a definition of a logical router for implementation on a set of network elements. The method defines several routing components for the logical router. Each of the defined routing components includes a separate set of routes and separate set of logical interfaces. The method implements the several routing components in the network. In some embodiments, the several routing components include one distributed routing component and several centralized routing components.

A source Medium Access Control (MAC) address is learned upon receiving a data message from a local network, and a learned local MAC address entry is added to a MAC address forwarding table. A source MAC address is not learned upon receiving a data message from a tunnel. When a local MAC address entry in the MAC address forwarding table changes, a synchronization message is sent via each tunnel associated with a Virtual Extensible Local Area Network (VXLAN) in the changed local MAC address entry, and is saved into a database corresponding to the tunnel. Each tunnel corresponds to one database.

An embodiment provides a packet transmission method and apparatus, to resolve a problem that occurs when a packet cannot traverse a NAT device when VTEPs communicate with each other through the NAT device. The method is applied to a VXLAN including a first VTEP, a second VTEP, and a NAT device. The method includes: performing, by the first VTEP, VXLAN encapsulation on a first packet, obtaining a second packet; sending, by the first VTEP, the second packet to the second VTEP through the NAT device; and performing, by the second VTEP, VXLAN decapsulation on the received second packet, to obtain the first packet. The first packet is a packet to be sent by the first VTEP, a destination port number of the second packet is obtained based on a destination IP address of the second packet, and a source port number of the second packet is a preset port number.

One embodiment provides a system which facilitates scaling of routing in an EVPN. During operation, the system determines, in an Ethernet Virtual Private Network (EVPN), a plurality of virtual tunnel endpoints (VTEPs) coupled to a plurality of subnets, wherein a respective subnet includes one or more hosts, wherein a first VTEP is configured with a first number of host routes for a first subnet coupled to a second VTEP, and wherein each of the first number of host routes corresponds to a host residing in the first subnet. Responsive to detecting that a total number of routes configured on the first VTEP exceeds a first predetermined threshold, the system aggregates the first number of host routes by replacing the first number of host routes with a first prefix route which indicates the first subnet.

A method for offloading packet encapsulation for an overlay network is provided. The method, at a virtualization software of a host, sends a mapping table of the overlay network to a physical network interface controller (NIC) associated with the host. The mapping table maps the identification of each of a set of virtual machine (VM) of a tenant on the host to an identification of a tunnel on the overlay network. The method, at the virtualization software, receives a packet from a VM of the tenant. The method sends the packet to the physical NIC. The method, at the physical NIC, encapsulates the packet for transmission over the overlay network by using the mapping table. The method of claim also tags the packet by the virtualization software as a packet that requires encapsulation for transmission in the overlay network prior to sending the packet to the physical NIC.