Techniques for the transparent rolling of nodes in a cloud-delivered headend service without disrupting client traffic or making users aware of the various nodes in the system being rolled are described herein. The techniques may include receiving an indication that a first node of a network is to be rolled. Based at least in part on the indication, new connection requests may not be sent to the first intermediate node. Additionally, a client device having an existing connection through the first node may be identified. In some examples, a request may be sent to the client device to prompt the client device to establish a new connection. After determining that the new connection has been established such that the new connection flows through a second node of the network, the first node may be rolled.

Described herein are systems, methods, and software to manage virtual local area network (VLANs) over multiple data centers. In one example, a method of managing a gateway at a first data center includes receiving, at a local manager, configuration information for a VLAN segment and a global VLAN segment identifier from a global manager of the data centers. The method further includes generating a global policy engine (GPE) data structure that associates the global VLAN segment identifier with a virtual network identifier (VNI) for the first data center and one or more policy rules, wherein the policy rules are derived from IP address prefix information provided from a second gateway, such as an edge gateway.

In some embodiments, a first provider edge (PE) router is coupled to a first customer edge (CE) router; a second CE router; and a second PE router. The second PE router is coupled to the first CE router and the second CE router. The first PE router is configured with a primary label comprising a primary next hop of the first CE router and a backup next hop of the second PE router and a secondary label comprising a primary next hop of the first CE router and a backup next hop of the second CE router. The second PE router is configured with a primary label comprising a primary next hop of the first CE router and a backup next hop of the first PE router and a secondary label comprising a primary next hop of the first CE router and a backup next hop of the second CE router.

A data processing method based on network slices comprises determining on a data plane a network slice to which a data flow belongs according to network slice resource information, an uplink port receiving the data flow, virtual local area network (VLAN) information carried by the data flow, and destination media access control (MAC) address of the data flow. The method further comprises processing and forwarding the data flow through the network slice to which the data flow belongs. In the network slice resource information, different network slices sharing a VLAN on a shared uplink port are configured with different three-layer interface MAC addresses.

Techniques are described for providing fast reroute for traffic in EVPN-VXLAN. For example, a backup PE device of an Ethernet segment is configured with an additional tunnel endpoint address (“reroute tunnel endpoint address”) for a backup path associated with a second split-horizon group that is different than a tunnel endpoint address and first split-horizon group for another path used for normal traffic forwarding. The backup PE device sends the reroute tunnel endpoint address to a primary PE device of the Ethernet segment, which uses the reroute tunnel endpoint address to configure a backup path to the backup PE device over the core network. For example, the primary PE device may install the reroute tunnel endpoint address within its forwarding plane and one or more operations to cause the primary PE device to encapsulate a VXLAN header including the reroute tunnel endpoint address when rerouting the packet along the backup path.

Network components can be configured in order to allow multiple communication devices of transient users, such as hotel guests, to automatically connect to the network infrastructure. A device of the user may specify network access information that is known by all of the user's devices to configuration functionality that in turn configures the network components, such as one or more wireless access points in order to advertise the network details that are already known by the user's multiple devices.

Dynamic fabric systems and methods are disclosed for providing connections between endpoints of a communication network. An exemplary dynamic fabric system can include backplane lanes, a dynamic fabric device, and a control device. The dynamic fabric device can include local fabric lanes and a network interface device configurable to communicatively connect the local fabric lanes to a network. The dynamic fabric device can also include a local switch configurable forward messages to backplane lanes and an interconnect configurable to statically connect local fabric lanes and corresponding backplane lanes. The dynamic fabric device can also include a controller configurable to create or break these static connections. The control device can provide instructions to the dynamic fabric device to create or break the static connections based on changes in the number of active dynamic fabric devices installed in the dynamic fabric system.

Disclosed methods define VLAN time slots for one or more VLANs within an HCI environment. A management resource may control virtual application access to each VLAN in accordance with the VLAN time slots wherein only one virtual application may connect to the VLAN during a VLAN time slot. Disclosed methods may define VLAN time slots for each of the plurality of virtual applications. The VLAN time slots may be defined dynamically, wherein durations of the VLAN time slots may be re-calculated each VLAN cycle. A duration of the VLAN time slot for a particular virtual application may be determined based on the number of packets transmitted by the virtual application during a previous VLAN cycle. Each VLAN time slot may include an active interval, for transmitting packets, and an inactive interval. Each active interval may include a fixed duration base interval and a variable duration dynamic interval.

Some embodiments of the invention provide a method for cloning a set of one or more applications implemented by a first set of machines connected through a first logical network that defines a virtual private cloud (VPC) in a set of one or more datacenters. The method detects that the first logical network does not have sufficient resources to process a set of network traffic destined for the set of one or more applications implemented by the first set of machines. Based on said detecting, the method uses a set of network configuration data that configures a set of logical forwarding elements (LFEs) of the first logical network to define a cloned, second logical network for connecting a cloned, second set of machines that implement a second set of one or more applications. The method uses the cloned, second logical network to process at least a subset of the network traffic destined to the set of applications.

Template-driven locally calculated policy updates for virtualized machines in a datacenter environment are described. A central control and monitoring node calculates and pushes down policy templates to local control and monitoring nodes. The templates provide boundaries and/or a pool of networking resources, from which the local control and monitoring node is enabled to calculate policy updates for locally instantiated virtual machines and containers.