Methods and systems for an accelerated and offload dual border relay. A method includes receiving, by a hardware border relay from a network device, an Internet Protocol (IP) packet, determining, by the hardware border relay, a packet type of the IP packet, translating, by the hardware border relay provisioned with IPv6 transition technology rules, the IP packet to a hardware translated IP packet when the IP packet is a first type, translating, by the offload border relay provisioned with MAP-T rules, the IP packet to an offload translated IP packet when the IP packet is a second type, transmitting, by the offload border relay to the hardware border relay, the offload translated IP packet when the IP packet is the second type, and transmitting, by the hardware border relay, one of the offload translated IP packet and the hardware translated IP packet to another network device.

Systems, devices, and methods for resolving the original private Internet Protocol (IP) address of a User Equipment (UE) device in a cellular communication network; particularly where the UE device is behind a Network Address Translation (NAT) service which replaces the original private IP address of the UE device with a replacement public IP address. An IP address resolver performs an active resolution process which injects a new IP packet to the network, or performs a passive or comparison-based resolution process which compares headers of IP packets, to determine a pair of (i) an original private IP address of a particular UE device, and (ii) a replacement public IP address that is assigned to the UE device by a User Plane Function (UPF) unit. The correlation data or IP address mapping data is provided to servers or applications, to enable them to provide services to the UE device using its original private IP address.

In an approach, a processor creates a local first Pod API object in a first lower Kubernetes cluster based on a first Pod API object in an upper Kubernetes cluster, where: the local first Pod API object includes internal and external network descriptions for a Pod described in the local first Pod API object, and the upper cluster manages the first and second lower Kubernetes cluster. A processor adds an annotation for the Pod to the local first Pod API object and the first Pod API object. A processor creates a local endpoint API object in the first lower cluster based on an endpoint API object in the upper cluster and annotations of Pods in the upper cluster. A processor redirects the first request to the endpoint of the second Pod described in the local endpoint API object.

In an approach, a processor creates a local first Pod API object in a first lower Kubernetes cluster based on a first Pod API object in an upper Kubernetes cluster, where: the local first Pod API object includes internal and external network descriptions for a Pod described in the local first Pod API object, and the upper cluster manages the first and second lower Kubernetes cluster. A processor adds an annotation for the Pod to the local first Pod API object and the first Pod API object. A processor creates a local endpoint API object in the first lower cluster based on an endpoint API object in the upper cluster and annotations of Pods in the upper cluster. A processor redirects the first request to the endpoint of the second Pod described in the local endpoint API object.

Some embodiments establish for an entity a virtual network over several public clouds of several public cloud providers and/or in several regions. In some embodiments, the virtual network is an overlay network that spans across several public clouds to interconnect one or more private networks (e.g., networks within branches, divisions, departments of the entity or their associated datacenters), mobile users, and SaaS (Software as a Service) provider machines, and other web applications of the entity. The virtual network in some embodiments can be configured to optimize the routing of the entity's data messages to their destinations for best end-to-end performance, reliability and security, while trying to minimize the routing of this traffic through the Internet. Also, the virtual network in some embodiments can be configured to optimize the layer 4 processing of the data message flows passing through the network.

Some embodiments establish for an entity a virtual network over several public clouds of several public cloud providers and/or in several regions. In some embodiments, the virtual network is an overlay network that spans across several public clouds to interconnect one or more private networks (e.g., networks within branches, divisions, departments of the entity or their associated datacenters), mobile users, and SaaS (Software as a Service) provider machines, and other web applications of the entity. The virtual network in some embodiments can be configured to optimize the routing of the entity's data messages to their destinations for best end-to-end performance, reliability and security, while trying to minimize the routing of this traffic through the Internet. Also, the virtual network in some embodiments can be configured to optimize the layer 4 processing of the data message flows passing through the network.

A method for coordinating distributed network address translation (NAT) in a network within which several logical networks are implemented. The logical networks include several tenant logical networks and at least one service logical network that include service virtual machines (VMs) that are accessed by VMs of the tenant logical networks. The method defines a group of replacement IP address and port number pairs. Each pair is used to uniquely identify a VM across all tenant logical networks. The method sends to at least one host that is hosting a VM of a particular tenant logical network, a set of replacement IP address and port number pairs. Each replacement IP address and port number pair can be used by the host to replace a source IP address and a source port number in a packet that is destined from the particular VM to a VM of the particular service logical network.

A method for coordinating distributed network address translation (NAT) in a network within which several logical networks are implemented. The logical networks include several tenant logical networks and at least one service logical network that include service virtual machines (VMs) that are accessed by VMs of the tenant logical networks. The method defines a group of replacement IP address and port number pairs. Each pair is used to uniquely identify a VM across all tenant logical networks. The method sends to at least one host that is hosting a VM of a particular tenant logical network, a set of replacement IP address and port number pairs. Each replacement IP address and port number pair can be used by the host to replace a source IP address and a source port number in a packet that is destined from the particular VM to a VM of the particular service logical network.

A switch device for relaying flow data in an in-vehicle network, being equipped with an acquiring section for acquiring correspondence information indicating at least a correspondence relationship among a transmission destination IP address, a transmission source IP address, transmission destination port information, transmission source port information and a transmission destination MAC address and a relay section for acquiring the transmission destination MAC address from the correspondence information on the basis of the transmission destination IP address, the transmission source IP address, the transmission destination port information and the transmission source port information included in a frame that is received by the switch device and constitutes the flow data and for performing transmission processing to transmit the frame including the acquired transmission destination MAC address.

A switch device for relaying flow data in an in-vehicle network, being equipped with an acquiring section for acquiring correspondence information indicating at least a correspondence relationship among a transmission destination IP address, a transmission source IP address, transmission destination port information, transmission source port information and a transmission destination MAC address and a relay section for acquiring the transmission destination MAC address from the correspondence information on the basis of the transmission destination IP address, the transmission source IP address, the transmission destination port information and the transmission source port information included in a frame that is received by the switch device and constitutes the flow data and for performing transmission processing to transmit the frame including the acquired transmission destination MAC address.