A method and system for packet-optical in-band telemetry (POINT) that may be used in a packet-optical network is disclosed herein. An intermediate POINT device may receive a packet including at least a header and a payload at a packet layer. The POINT device may read intent information from the header, and the intent information may indicate a type of telemetry data to be collected. The POINT device may translate the intent information from the packet layer to generate a device-specific action in an optical layer to the type of telemetry data indicated by the intent. The POINT device may execute the device-specific action in the optical layer to generate a response corresponding to the intent, associate the response with the intent, and encode the response in the packet layer for downstream data forwarding.

The present technology pertains to receiving a tag associating at least one routing domain in an on-premises site with at least one virtual network in a cloud environment associated with a cloud service provider. The present technology also pertains to the automation of populating route and propagation tables with the cloud service provider.

Some embodiments establish for an entity a virtual network over several public clouds of several public cloud providers and/or in several regions. In some embodiments, the virtual network is an overlay network that spans across several public clouds to interconnect one or more private networks (e.g., networks within branches, divisions, departments of the entity or their associated datacenters), mobile users, and SaaS (Software as a Service) provider machines, and other web applications of the entity. The virtual network in some embodiments can be configured to optimize the routing of the entity's data messages to their destinations for best end-to-end performance, reliability and security, while trying to minimize the routing of this traffic through the Internet. Also, the virtual network in some embodiments can be configured to optimize the layer 4 processing of the data message flows passing through the network.

A distributed routing system may include a first network device. The first network device may receive a packet that includes a first virtual local area network (VLAN) tag. The first network device may identify a packet priority based on a port via which the packet is received and information included in the first VLAN tag. The first network device may assign a forwarding class to the packet based on the packet priority. The first network device may generate a second VLAN tag that identifies the forwarding class. The first network device may add the second VLAN tag to the packet while keeping the first VLAN tag in the packet. The first network device may transmit the packet, including the first VLAN tag and the second VLAN tag, to a second network device included in the distributed routing system.

Some embodiments provide a hosting system for provisioning and managing servers (e.g., virtual servers, dedicated servers) in a switched network. In some embodiments, the hosting system receives a configuration for one or more servers for a particular entity (e.g., customer, user). The hosting system then identifies a grid identity and a set of virtual local area network (VLAN) identities for the particular entity. The hosting system then deploys the configuration for the one or more servers on one or more grid-specific hardware nodes using the grid identity and the set of VLAN identities. In some embodiments, the hosting system identifies a local VLAN identity that is associated with a grid-independent hardware node, where a grid-independent hardware node and grid-specific hardware nodes may co-exist in the same switched network.

Various embodiments establish a virtual private network (VPN) between a remote network and a private network. In one embodiment, a first system in the remote network establishes a connection with a central system through a public network. The central system is situated between the first system and a second system in the private network. The first system receives, from the central system and based on establishing the connection, a set of VPN information associated with at least the second system. The first system disconnects from the central system and establishes a VPN directly with the second system through the public network based on the set of VPN information.

A host computer and method for multicasting data between networking interfaces of hypervisors in a distributed computer system uses a Virtual Extensible LAN Network Identifier (VNI) assigned to a multicast group and an identifier of a VXLAN Tunnel End Point (VTEP) of the host computer associated to the VNI so that data being multicast for the multicast group can be routed to the networking interfaces via VTEPs associated with the VNI.

A method and system for elastic timestamping for use in computing and networking applications including telemetry is disclosed herein. A device that is part of a system may initially generate a variable size timestamp or elastic n-dimensional timestamp (ENTS) with n time dimensions fields for a corresponding event in the system for which timing or temporal order information is needed. The device may select a subset of the n time dimensions fields of the ENTS based on a relevant time granularity of the corresponding event to generate a compact ENTS with a reduced size. The device may communicate the compact ENTS for further processing. In an example, the ENTS may be generated for a device-specific action performed to gather telemetry data in response to received telemetry intent at the device, and the compact ENTS may be communicated with a corresponding telemetry response.

A method and system for flow tracing for use in a packet-optical network is disclosed herein. A device in the packet-optical network may receive a packet including a header and payload. The device may read intent information from the header, and translate the intent information to generate a device-specific action in an optical layer to provide one or more globally unique identifiers (IDs) associated with the device. The device may execute the device-specific action in the optical layer to generate a response including the globally unique IDs corresponding to the intent, where the response forms part of the flow trace. The device may associate the response with the intent, and encode the response for downstream data forwarding. The device may further add multi-layer proof-of-transit (POT) information to the response that may be used to securely verify the path indicated in the SmartFlow flow trace.

A method and system for packet-optical in-band telemetry (POINT) that may be used in a packet-optical network is disclosed herein. An intermediate POINT device may receive a packet including at least a header and a payload at a packet layer. The POINT device may read intent information from the header, and the intent information may indicate a type of telemetry data to be collected. The POINT device may translate the intent information from the packet layer to generate a device-specific action in an optical layer to the type of telemetry data indicated by the intent. The POINT device may execute the device-specific action in the optical layer to generate a response corresponding to the intent, associate the response with the intent, and encode the response in the packet layer for downstream data forwarding.