Systems and methods for establishing a VLAN or a subinterface on a computing system using a single configuration statement are disclosed. Embodiments may include modifying a configuration statement that configures a NIC coupled to the computing system to include a new field which indicates if a VLAN should be created on the NIC port. Embodiments may also include receiving a configuration statement that includes the new field. Embodiments may further include creating a VLAN on an Ethernet computer network or a subinterface on an InfiniBand computer network based on the received configuration statement that includes the new field.

A network where FC and Ethernet storage traffic share the underlying network. The network extends FC SAN storage specific attributes to Ethernet storage devices. The network is preferably formed of FC switches, so each edge switch acts as an FCoE FCF, with internal communications done using FC. IP packets are encapsulated in FC packets for transport. Preferably, either each outward facing switch port can be configured as an Ethernet or EC port, so devices can be connected as desired. FCoE devices connected to the network are in particular virtual LANs (VLANs). The name server database is extended to include VLAN information for the device and the zoning database has automatic FCOE_VLAN zones added to provide a mechanism for enhanced soft and hard zoning. Zoning is performed with the conventional zoning restrictions enhanced by including the factor that any FCoE devices must be in the same ULAN.

Virtual desktops are hosted on one or more remote desktop hosts at one or more private locations of an enterprise, remote from a service provider location, and behind a firewall on a private computer network. The desktops are remotely managed through resources at a service provider data center, optionally along with other virtual desktops hosted on desktop hosts at the service provider data center. The remote desktop hosts can be pre-configured with known storage, compute and connectivity resources. The remote desktop hosts can be remotely managed through a resource management appliance, i.e., a management system running resource management software, which can be located at either the service provider data center or the tenant data center.

Disclosed are systems and methods for operating a configurable communication device. A network controller includes a communication interface to interface with multiple communication devices and a memory storing instructions. The network controller also includes a processor, that when executing the instructions, is configured to determine that a configurable communication device of the plurality of communication devices is to operate in a first control plane type of multiple control plane types configurable to be used by the configurable communication device. The processor is also configured to operate the configurable communication device using the first control plane type and to receive an indication that the configurable communication device is to switch to a second control plane type. Moreover, the processor is configured to cause the configurable communication device to switch to the second control plane type and operate the configurable communication device using the second control plane type.

The present disclosure describes traffic forwarding in a network where a virtual local area network (VLAN) exists in multiple network sites that are geographically dispersed and connected via virtual links. A first edge device (ED) at a first site receives, from a second ED at a second site, information identifying a VLAN of the second ED through a virtual link. The VLAN identified in the information is an active VLAN of the second ED. An association between (i) the VLAN of the second ED and (ii) the virtual link through which the information is received from the second ED is recorded. When forwarding traffic to the VLAN of the second ED, it is determined the virtual link associated with the VLAN of the second ED is determined based on the recorded association and the traffic is forwarded via the determined virtual link.

A control apparatus comprises a path generation unit configured to logically generate a plurality of forwarding paths for forwarding a broadcast packet between a plurality of domains that each includes a plurality of communication nodes; a path determination unit configured to determine different communication nodes among the plurality of communication nodes included in each domain as representative nodes that forward the broadcast packet in each of the plurality of forwarding paths; and a path setting unit configured to set control information including information regarding the representative nodes in the communication nodes on the plurality of forwarding paths.

Systems, methods, and apparatuses enable a microservice to intercept and filter network traffic generated by virtual machines (VMs) and routed by a virtual switch (vSwitch). The system assigns a unique port group and identifier (e.g., a VLAN) to each VM, and maintains a mapping between the unique identifier and a VLAN used to communicate network traffic from the vSwitch to a physical switch. When network traffic is sent from a VM, the network traffic is intercepted by a trunk and sent to a microservice. The microservice performs a mapping procedure to identify the VLAN for transmitting the network traffic to the physical switch. The microservice determines whether the network traffic requires further inspection or analysis, or whether the network traffic can be transmitted to the physical switch using the VLAN identified during the mapping procedure.

In one embodiment a network device includes a plurality of ports. The network device is adapted to receive at least one configuring instruction, and adapted, after receipt of any of the at least one configuring instruction, to configure one or more access ports, of the plurality of ports, for endpoint virtual local area network (VLAN) assignment that is in accordance with at least one VLAN assignment algorithm. The at least one VLAN assignment algorithm allows at least two endpoints to be assigned to at least two different respective VLANs of a plurality of VLANs in a network, the at least one VLAN assignment algorithm enabling the at least two endpoints to connect to a same access port of the one or more access ports and provide data which is not VLAN tagged when received at the same access port.

A computing environment, such as a cloud computing environment, may include nodes performing NAT for a plurality of workloads. An active node performs NAT for the workloads, including maintaining a NAT table. The active node may create sub-interfaces for the workloads and function as a DHCP server. The NAT table and sub-interfaces may be recreated on a standby node. Upon detecting failure, a routing table is updated to direct workloads to connect to the standby node and traffic may continue to be processed by the standby node without disrupting network or application sessions.

Systems and methods are provided for enforcing symmetric flows of cross-region network traffic through firewalls in multi-region network environments. Enforcement may be configured automatically by analyzing network policy data to identify cross-region traffic that is to be firewalled, and configuring gateway nodes in the various regions to implement symmetric bidirectional flows through any firewalls in the communication path. Beneficially, by enforcing symmetric bi-directional flows of traffic through any firewalls in a communication path, the firewalls may maintain the state of a given communication session even when the communication session is between endpoints in different regions that have different architectures.