Some embodiments provide stateful services in a chain of services identified for some data messages. The edge forwarding element receives a data message at a particular interface of the edge forwarding element that is traversing the edge forwarding element in a forward direction between two machines. The edge forwarding element identifies (1) a set of stateful services for the received data message and (2) a next hop associated with the identified set of stateful services in the forward direction and a next hop associated with the identified set of stateful services in the reverse direction. Based on the identified set of services and the next hops for the forward and reverse directions, the edge forwarding element generates and stores first and second connection tracking records for the forward and reverse data message flows, respectively used to forward data messages received subsequently for the flow.

In one embodiment, an electronic device maintains one or more tunnel-based overlays for a communication network. The communication network includes two or more physical provider networks. The device maintains a mapping between a particular application and the one or more overlays for the communication network. The device adjusts the mapping between the particular application and the one or more overlays for the communication network. The device causes one or more routers in the communication network to route traffic for the particular application according to the adjusted mapping between the application and the one or more overlays for the communication network.

Techniques are disclosed for providing a Software Defined Networking (SDN) controller with real-time or near-real time visibility of the operation of data center fabrics to determine whether the DCI was properly configured. For example, an SDN controller receives high-level configuration data that describes a desired state of a network managed by the SDN controller at a high level of abstraction. The SDN controller applies a transformation function to the high-level configuration data to generate a low-level configuration data for network devices configured to implement the desired state of the network. SDN controller configures the SDN controller as a peer to the network devices to obtain one or more routes exchanged between the network devices. The SDN controller sends the low-level configuration data to the network devices to cause the network devices to implement the desired state of the network.

Some embodiments provide a method of performing stateful services that keeps track of changes to states of service nodes to update connection tracker records when necessary. At least one global state value indicating a state of the service nodes is maintained at the edge device. The method generates a record in a connection tracker storage including the current global state value as a flow state value for a first data message in a data message flow. Each time a data message is received for the data message flow, the stored state value (i.e., a flow state value) is compared to the relevant global state value to determine if the stored action may have been updated. After a change in the global state value relevant to the flow the method examines a flow programming table to determine if the flow has been affected by a flow programming instruction(s) that caused the global state value to change.

A configuration of a service of a cloud computing system is rendered in a user interface of an electronic display, according to a discovery chain generated by a networking tool using a service discovery function to establish the configuration. The configuration includes one or more of a router, a splitter, and/or a resolver, each having one or more configuration files that are represented as a graphical element within a graphical representation of the one or more of the router, the splitter, and/or the resolver. The configuration further includes data traffic routes between pairs of the configuration files, each being represented in the UI as a line between each pair of configuration files, where each line is rendered in the UI so as to avoid crossing over any graphical element that represents a configuration file.

The present invention relates to a network packet relay device including a time synchronization module for synchronizing a time of a packet with a timestamp value of a network device, and a packet timestamp assigning method thereof, wherein a timestamp having accuracy of a UTC-format nanosecond level can be assigned to the packet at a hardware level by correcting overflow of a register of an elapsed-time counter of a processor of a switch even when the overflow occurs.

The present invention relates to: a network packet intermediary device comprising a deep packet matching module for matching a GTP control plane packet and a GTP user plane packet by controlling a GTP correlation module; and a deep packet matching method thereof, and can extract packet information of a deep step from a switch level so as to match flows of the GTP control plane packet and. the GTP user plane packet, and can provide a correlation so that the GTP control plane packet and the GTP user plane packet can be transmitted to the same outlet port.

Techniques are described in which a centralized controller, such as a software defined networking (SDN) controller, constructs a service chain that includes a physical network function (PNF) between a bare metal server (BMS) and a virtual execution element (e.g., virtual machine or container), or in some instances a remote BMS, or vice-versa. In accordance with the techniques disclosed herein, the controller may construct an inter-network service chain that includes PNFs, or a combination of PNFs and virtualized network functions (VNFs). The controller may construct an inter-network service chain to steer traffic between a BMS and a virtual execution element or remote BMS through an inter-network service chain using Virtual Extensible Local Area Network (VXLAN) as an underlying transport technology through the service chain.

Some embodiments provide a method of performing stateful services that keeps track of changes to states of service nodes to update connection tracker records when necessary. At least one global state value indicating a state of the service nodes is maintained at the edge device. The method generates a record in a connection tracker storage including the current global state value as a flow state value for a first data message in a data message flow. Each time a data message is received for the data message flow, the stored state value (i.e., a flow state value) is compared to the relevant global state value to determine if the stored action may have been updated. After a change in the global state value relevant to the flow the method examines a flow programming table to determine if the flow has been affected by a flow programming instruction(s) that caused the global state value to change.

Some embodiments configure an edge forwarding element to perform service insertion operations to identify stateful services to perform for data messages received for forwarding by the edge forwarding element at multiple virtual interfaces of the edge forwarding element. The service insertion operation, in some embodiments, includes applying a set of service insertion rules. The service insertion rules (1) specify a set of criteria and a corresponding action to take for data messages matching the criteria and (2) are associated with a set of interfaces to which the service insertion rules are applied. In some embodiments, the action is specified using a universally unique identifier (UUID) that is then used as a matching criteria for a subsequent policy lookup that identifies a type of service insertion and a set of next hop data.