In one embodiment, a computer-implemented method of managing a virtual local area network (VLAN) domain associated with a network is provided. In this embodiment, the method comprises: defining a VLAN domain comprising a list of a plurality of connectively coupled ports of the network associated with the VLAN domain; and assigning at least one VLAN associated with the plurality of connectively coupled ports. In another embodiment, a system for managing virtual local area networks (VLANs) in a network is provided. In this embodiment, the system comprises a network provisioning module for defining a VLAN domain comprising a list of a plurality of connectively coupled ports of the network associated with the VLAN domain and assigning at least one VLAN associated with the plurality of connectively coupled ports. The system further comprises a a network monitoring system operable to gather actual network element configuration data from a plurality of network elements associated with one or more VLAN domains, wherein the actual network element configuration data identifies one or more VLANs that at least some of the plurality of network elements are actually allocated to; and a VLAN services module operable to correlate the actual network element configuration data with administrative VLAN data. The administrative VLAN data identifies one or more VLANs recognized by a business process. In one particular embodiment, the system is further operable to determine one or more VLANs that are not commonly identified in both the actual network element configuration data and the administrative VLAN data.

In general, this disclosure describes a programmable network platform for dynamically programming a cloud exchange to provide a layer three (L3) routing instance as a service to customers of the cloud exchange. In one example, a cloud exchange comprises an L3 network located within a data center and configured with an L3 routing instance for an enterprise; and for the L3 routing instance, respective first and second attachment circuits for first and second cloud service provider networks co-located within the data center, wherein the L3 routing instance stores a route to a subnet of the second cloud service provider network to cause the L3 routing instance to forward packets, received from the first cloud service provider network via the first attachment circuit, to the second cloud service provider network via the second attachment circuit.

A network device supporting TRILL protocol includes a memory, a processor, and a communication interface. The memory includes a lookup table stored therein. The processor is coupled to the memory. The communication interface is coupled to the processor. The communication interface includes a trunk port and an access port and is configured to receive a first packet. When the processor determines that an output port corresponding to a destination address of the first packet is the trunk port, and determines that there is a lack of nickname information corresponding to the destination address according to the look up table, a second packet is transmitted through the trunk port of the communication interface. The second packet includes an enable local bit. The second packet and the first packet include the same payload information.

Apparatus and methods described herein relate to an apparatus including a set of ports and a processor operatively coupled to each port of the set of ports. A port from the set of ports can be associated with a port of a multi-chassis aggregate (MCAE) interface and a virtual local area network (VLAN). The processor can generate an untagged data unit and tagged data units. The processor can send the untagged data unit and the tagged data units via the port from the set of ports, and can receive a tagged data unit included in the tagged data units, and/or the untagged data unit. The processor can also forward the received data unit to a destination network peer when the received tagged data unit is associated with the VLAN, and can disable the port of the MCAE interface in response to the port from the set of ports receiving the data unit, when the received data unit is associated with the VLAN.

Using a hash function, an L2/L3 switch can produce an FID for a data packet. The L2/L3 switch can select, from among potentially several stored VLAN flooding tables, a particular VLAN flooding table that is associated with a particular VLAN on which the data packet is to be carried. The rows of the particular VLAN flooding table can specify different combinations of the particular VLAN's egress ports. The L2/L3 switch can locate, in the particular VLAN flooding table, a particular row that specifies the FID. The L2/L3 switch can read, from the particular row, a specified subset of the egress ports that are associated with the particular VLAN. The L2/L3 switch can transmit copies of the data packet out each of the egress ports specified in the subset, toward analytic servers connected to those egress ports.

Some embodiments provide a system that allows for the use of direct host return ports (abbreviated DHR ports) on managed forwarding elements to bypass gateways in managed networks. The DHR ports provide a direct connection from certain managed forwarding elements in the managed network to remote destinations that are external to the managed network. Managed networks can include both a logical abstraction layer and physical machine layer. At the logical abstraction layer, the DHR port is treated as a port on certain logical forwarding elements. The DHR port transmits the packet to the routing tables of the physical layer machine that hosts the logical forwarding element without any intervening transmission to other logical forwarding elements. The routing tables of the physical layer machine then strip any logical context associated with a packet and forwarding the packet to the remote destination without any intervening forwarding to a physical gateway provider.

A network edge device may be placed at a location to participate in a VLAN using a specific VLAN ID without expressly programming the network edge device to use that specific VLAN ID. The network edge device is connected to a network to receive ingressing frames from the network and to send egressing frames to the network. The network edge device copies a specific VLAN ID from an ingressing VLAN message into memory and subsequently reads the specific VLAN ID from the memory for use in tagging frames egressing from the network edge device with the specific VLAN ID so that the egressing frames are VLAN conformant. The network edge device may communicate with non-edge devices at the same location as the network edge device.

An embodiment of the invention may include a method, computer program product, and computer system for handling virtual network traffic. The embodiment may include a computing device receiving a data packet by a virtual LAN (VLAN) located on a switch. The embodiment may include determining a virtual device, located on a physical device, associated with the data packet. The embodiment may include determining a tagged access port between the switch and the physical device, wherein the tagged access port handles all network traffic between the switch and the physical device. The embodiment may include determining a VLAN-ID based on the tagged access port and the virtual device. The embodiment may include routing the data packet to the virtual device based on the VLAN-ID.

A process executing on a network connected device provides distinct Internet Protocol addresses to a plurality of workload applications. The process determines that a first of the plurality of workload applications will not be providing in-situ Operations, Administration and Management (iOAM) data in packets processed by the first of the plurality of workload applications. The process receives a packet processed by the first of the plurality of workload applications. The process inserts iOAM data for the first of the plurality of workload applications into the packet.

A packet-transmission method, a local edge device and a machine-readable storage medium are provided. The method includes: receiving a first notification message from an opposite edge device, parsing out a first host route from the first notification message, and adding a first forwarding table entry to a software forwarding table, wherein the first forwarding table entry includes a correspondence between the first host route and an interface receiving the first notification message; inquiring, after receiving a packet, a hardware forwarding table according to a destination address of the packet, if there is no forwarding table entry matched with the destination address in the hardware forwarding table, inquiring the software forwarding table according to the destination address of the packet, if there is a forwarding table entry matched with the destination address in the software forwarding table, sending the packet according to the forwarding table entry matched with the destination address.