Some embodiments provide a method for handling failure at one of several peer centralized components of a logical router. At a first one of the peer centralized components of the logical router, the method detects that a second one of the peer centralized components has failed. In response to the detection, the method automatically identifies a network layer address of the failed second peer. The method assumes responsibility for data traffic to the failed peer by broadcasting a message on a logical switch that connects all of the peer centralized components and a distributed component of the logical router. The message instructs recipients to associate the identified network layer address with a data link layer address of the first peer centralized component.

There is provided a system that comprises an IP-routed interregional distribution network, and a user-network interface (UNI) that employs (a) a first virtual broadcast domain (VBD), (b) a second VBD, (c) a virtual extensible local area network (VXLAN), and (d) a protocol transformation stack. The UNI is adapted for layer 2 connection to a user device via the first VBD, and adapted for layer 3 communication over the IP-routed interregional distribution network via the VXLAN. The protocol transformation stack is adapted to convert a layer 2 broadcast domain to/from an IP-routable form by mapping the first VBD to the second VBD, and encapsulating the second VBD into the VXLAN.

A method of transmitting multicast traffic to workloads of tenants communicating over overlay networks provisioned on top of a physical network includes the steps of: detecting the multicast traffic; determining that the multicast traffic is bound for workloads of a first tenant and workloads of a second tenant; encapsulating one instance of the multicast traffic using a Layer 2 (L2) over Layer 3 (L3) encapsulation protocol to generate encapsulated traffic, wherein the encapsulated traffic includes an identifier of a first backplane network corresponding to the first tenant and an identifier of a second backplane network corresponding to the second tenant in a header portion of each packet of the encapsulated traffic; and transmitting, to a first host computing device, the encapsulated traffic with the identifiers of the first and second overlay networks.

In accordance with an example embodiment of the present disclosure Ethernet communication over IP transport is enabled. The following is performed: Ethernet communication for transmitting and receiving Ethernet frames; IP communication for transmitting and receiving IP data packets over a cellular network; transforming Ethernet frames to IP data packets and vice versa for enabling Ethernet communication over IP transport; and maintaining a header transformation table between Ethernet and IP traffic flows. The transforming comprises using the header transformation table and performing header transformation by removing Ethernet headers from received Ethernet frames and including Ethernet payload in IP data packets, and by reconstructing Ethernet headers for received IP data packets for transmission of payload from the IP data packets in Ethernet frames, wherein the transforming comprises using IPv6 headers of IP data packets to carry dynamic information from the removed Ethernet headers.

This technology enables a dynamic host configuration protocol (“DHCP”) Layer 2 relay in a Virtual Extensible Local Area Network (“VXLAN”) overlay fabric. A host device broadcasts a configuration request, such as a DHCP discover, across an Ethernet virtual private network (“EVPN”) overlay fabric. The DHCP discover is intercepted by a VXLAN Tunnel End Point (“VTEP”) device with Layer 2 bridging functionality. The VTEP device selects a centralized gateway (“CGW”) device with Layer 3 relay functionality as a destination for the DHCP discover. The VTEP device encapsulates the DHCP discover with a unicast VXLAN header comprising the media access control (“MAC”) address of the CGW device and transmits the encapsulated DHCP discover to the CGW device, resolving the destination address associated with the broadcast. The CGW device transmits the DHCP discover to an Internet Protocol (“IP”) address associated with a DHCP server that is external to the EVPN overlay fabric.

Systems and methods include determining one or more Layer 3 Virtual Private Networks (L3VPNs) supported at the router; and advertising the one or more L3 VPNs to one or more routers in the Segment Routing network with each advertisement including a service Segment Identifier (SID) for each of the one or more L3VPNs and one of a node SID for the router or an Anycast SID when the router is connected to a Multi-Home site. The steps can further include transmitting a Layer 3 (L3) packet for an L3 VPN of the one or more L3 VPNs with a destination SID and a service SID of the L3VPN. The advertisement can include encapsulation as an IPv6 prefix containing both the node SID for the router and the service SID, and wherein prefixes are treated as attributes of a route.

Techniques for utilizing a cloud service to compute an end-to-end SLA-aware path using dynamic software-defined cloud interconnect (SDCI) tunnels between a user device and an access point-of-presence (POP) node and inter-POP tunnels of the SDCI. The cloud service may include a performance aware path instantiation (PAPI) component including a POP database for storing performance metrics associated with the POPs of the SDCI, an enterprise policy database for storing user specific policies, and/or a path computation component. The path computation component may compute the path, based on the user specific policies, performance metrics associated with the POP nodes, and/or real-time contextual data associated with the user device and/or destination device. The path may include a first tunnel between the user device and the most optimal access POP node of the SDCI and a second tunnel between the access POP node, through the internal POP nodes, and to the destination device.

Disclosed are a bearer side network system, a fixed-mobile coexistence and convergence system and deployment methods therefor. The bearer side network system includes a fixed-mobile bearer Internet protocol (IP) metropolitan area network for achieving a uniform bearer of mobile communication and fixed communication, and a mobile communication core network user plane apparatus sunk to an aggregation layer of the fixed-mobile bearer IP metropolitan area network; and the mobile communication core network user plane apparatus is in a communication connection with the fixed-mobile bearer IP metropolitan area network.

Example methods and computer systems for packet handling for active-active stateful service insertion are disclosed. One example may involve a computer system detecting a packet addressed from a source address to a service endpoint address. Based on configuration information associated with the service endpoint address, the computer system may identify a first active logical service router (SR) and a second active logical SR that are both associated with the service endpoint address and configured to operate in an active-active mode. The first active logical SR may be selected over the second active logical SR by mapping tuple information to the first active logical SR. The computer system may generate an encapsulated packet by encapsulating the packet with an outer header addressed to an outer destination address associated with the first active logical SR and send the encapsulated packet towards the first active logical SR for processing according to a stateful service.

The present technology pertains to a system and method for extending enterprise networks' trusted policy frameworks to cloud-native applications. The present technology comprises sending, by an enterprise network controller, a first communication to a service mesh orchestrator for a service mesh, wherein the first communication informs the service mesh orchestrator of traffic segmentation policies to be applied to traffic originating at an enterprise network and of layer 7 extension headers which correspond to the enterprise network traffic segmentation policies.