An extended service-function chain (SFC) proxy is hosted on a network node and connected to a service path formed by one or more network nodes hosting a chain of service-functions applied to packets traversing the service path. The packets each include a service header having a service path identifier and a service index. A packet of a traffic flow destined for a service-function is received from the service path and sent to the service-function. An indication to offload the traffic flow is received from the service-function. The indication is stored in a flow table having entries each identifying a respective traffic flow. A subsequent packet of the traffic flow is received from the service path. The flow table is searched for the indication to offload the traffic flow. Upon finding the indication, the service-function is bypassed, and the subsequent packet is forwarded along the service path.

This disclosure describes techniques for scaling resources that handle, participate, and/or control routing protocol sessions. In one example, this disclosure describes a method that includes instantiating a plurality of containerized routing protocol modules, each capable of storing routing information about a network having a plurality of routers; performing network address translation to enable each of the containerized routing protocol modules to communicate with each of the plurality of routers using a public address associated with the computing system; configuring each of the containerized routing protocol modules to peer with a different subset of the plurality of routers so that each of the containerized routing protocol modules share routing information with a respective different subset of the plurality of routers; and configuring each of the containerized routing protocol modules to peer with each other to share routing information received from the different subsets of the plurality of routers.

Techniques for dynamic content delivery network (CDN) selection using the domain name service (DNS) protocol are described. A DNS resolver utilizes a network identifier provided within a DNS query seeking to resolve a domain to select between different CDNs. The selection can be based on an analysis of network metric summary data corresponding to the CDNs from the perspective of an approximate location of the requesting client, as determined via the network identifier as a proxy. The selection process and involved network metric types can be configured by the user associated with the domain via a selection policy. Network metrics can be provided by the user or collected based on reported data generated by remote clients through provided metric-generating code, and thereafter transformed into network metric summary data that is used for resolution.

Systems, methods, and apparatus to identify media devices are disclosed. An example network communications monitor includes network interface circuitry, computer readable instructions, and processor circuitry. The processor circuitry is to execute the computer readable instructions to detect, via the network interface circuitry, multiple network communications transmitted on a home network within the household, access panelist data that associates a panelist of the household with a panelist device of the panelist, determine, based on the panelist data, that one or more of the multiple network communications are associated with the panelist device, and cause storage of data identifying the one or more network communications in association with the panelist.

Systems, methods, and apparatus to identify media devices are disclosed. An example network communications monitor includes network interface circuitry, computer readable instructions, and processor circuitry. The processor circuitry is to execute the computer readable instructions to detect, via the network interface circuitry, multiple network communications transmitted on a home network within the household, access panelist data that associates a panelist of the household with a panelist device of the panelist, determine, based on the panelist data, that one or more of the multiple network communications are associated with the panelist device, and cause storage of data identifying the one or more network communications in association with the panelist.

The present disclosure provides example computer-implemented method, medium, and system for managing IP addresses for DPDK enabled network interfaces for cloud native pods. One example method includes creating a pod of one or more containers, where the pod connects to multiple networks through multiple network interfaces. A poll mode driver (PMD) is attached to a first network interface of the multiple network interfaces, where the PMD enables one or more data plane development kit (DPDK) applications inside the pod to manage the first network interface. A first container network interface (CNI) is created to handle the DPDK enabled first network interface. A first Internet protocol (IP) address is allocated to the first network interface using the first CNI. The first IP address is passed to the one or more DPDK applications using the first CNI.

The present disclosure provides example computer-implemented method, medium, and system for managing IP addresses for DPDK enabled network interfaces for cloud native pods. One example method includes creating a pod of one or more containers, where the pod connects to multiple networks through multiple network interfaces. A poll mode driver (PMD) is attached to a first network interface of the multiple network interfaces, where the PMD enables one or more data plane development kit (DPDK) applications inside the pod to manage the first network interface. A first container network interface (CNI) is created to handle the DPDK enabled first network interface. A first Internet protocol (IP) address is allocated to the first network interface using the first CNI. The first IP address is passed to the one or more DPDK applications using the first CNI.

Disclosed is a computer-implemented method for establishing a secure connection between two electronic computing devices which are located in a network environment, the two electronic computing devices being a first computing device offering the connection and a second computing device designated to accept the connection, the method comprising executing, by at least one processor of at least one computer, a connection-establishing application for exchanging an information packet between the first computing device and the second computing device comprising a secret usable for establishing the connection, and evaluating a response from the second computing device for establishing the secure connection.

A method for fetching a content from a web server to a client device is disclosed, using tunnel devices serving as intermediate devices. The tunnel device is selected based on an attribute, such as IP Geolocation. A tunnel bank server stores a list of available tunnels that may be used, associated with values of various attribute types. The tunnel devices initiate communication with the tunnel bank server, and stays connected to it, for allowing a communication session initiated by the tunnel bank server. Upon receiving a request from a client to a content and for specific attribute types and values, a tunnel is selected by the tunnel bank server, and is used as a tunnel for retrieving the required content from the web server, using standard protocol such as SOCKS, WebSocket or HTTP Proxy. The client only communicates with a super proxy server that manages the content fetching scheme.

Techniques are described for managing communications for a managed virtual computer network overlaid on a distinct substrate computer network, including for communications involving computing nodes of the managed virtual computer network that use an alternative addressing scheme to direct network packets and other network communications to intended destination locations by using textual network node monikers instead of numeric IP addresses to represent computing nodes at a layer 3 or “network layer” of a corresponding computer networking stack in use by the computing nodes. The techniques are provided without modifying or configuring the network devices of the substrate computer network, by using configured modules to manage and modify communications from the logical edge of the substrate network.