A method for identifying VLANs associated with a network includes gathering actual network element configuration data from a plurality of network elements in the network, wherein the actual network element configuration data identifies one or more VLANs that at least some of the plurality of network elements are actually allocated to; correlating the actual network element configuration data with administrative VLAN data; and determining one or more VLANs that are not commonly identified in both the actual network element configuration data and the administrative VLAN data. A system includes a network monitoring system operable to gather actual network element configuration data from a plurality of network elements at one or more logical network sites, wherein the actual network element configuration data identifies one or more VLANs that at least some of the plurality of network elements are actually allocated to; and a VLAN services module operable to correlate the actual network element configuration data with administrative VLAN data, and further operable to determine one or more VLANs that are not commonly identified in both the actual network element configuration data and the administrative VLAN data.

A network controller provides proactive notification of a wireless client device's address rotation to layer 2 (L2) and/or layer 3 (L3) devices. Traditional methods of device address discovery rely on broadcasting of address queries across a plurality of links until a path to a device having the queried address responds. As device address changes become more frequent in an effort to improve user privacy, traditional methods of address discovery impose a large burden on networks, reducing their performance and efficiency. By proactively propagating address changes to upstream devices, the need for broadcast oriented address discovery techniques is reduced, resulting in improved network performance.

An object is to provide a means for causing wirings and device setting configurations to conform between communication devices and then establishing communication by generating a device setting configuration in accordance with wirings between the communication devices and reflecting the device setting configuration in interfaces of the communication devices. A device setting configuration for establishing communication between communication devices is generated based on information regarding an adjacent device acquired from each communication device, using a network setting information database configured to hold, in an associated manner, information regarding the communication device, information regarding the adjacent device connected directly to the communication device via a communication cable, and information regarding a device setting configuration to be set for an interface of the communication device used to connect to the adjacent device.

This application provides a data transmission method, a device, and a network system. The method is applied to a backbone device, and the backbone device is connected to at least two access devices. After obtaining first data that needs to be sent to a first user device, the backbone device determines a first tunnel interface identifier corresponding to the first user device. The first user device is a single-homing user device. The backbone device sends, based on the first tunnel interface identifier, a first data packet including the first data to a first access device of the at least two access devices. The first access device is configured with the first tunnel interface identifier. This can optimize a data forwarding path, implement traffic optimization for the single-homing user device, and reduce traffic pressure of the network system.

The following description is directed to configuring gateways in computer networks. For example, a method includes receiving a first request from a client associated with a configurable network. The first request can request associating a set of network addresses assigned to the configurable network to a gateway. A second request can be received from a client associated with the gateway. The second request can request accepting the association of the first request. It can be determined that the set of network addresses do not overlap with a network address space that is accessible using the gateway. Routing information can be generated for the gateway. The generated routing information can be used to configure the gateway for forwarding network packets between the client private network and the configurable network.

In an embodiment, a computer-implemented method provides mechanisms for identifying a source location in a service chaining topology. In an embodiment, a method comprises: receiving a query, from a service plane implementation module executing on a host of a service virtual machine (“SVM”), for a location of a source host implementing a guest virtual machine (“source GVM”) that originated a packet in a computer network and that serviced the packet; in response to receiving the query, performing a search of bindings associated with one or more virtual network identifiers (“VNIs”) or service virtual network identifiers (“SVNIs”) to identify a particular binding that includes a MAC address of the host implementing the source GVM; identifying, in the particular binding, the location of the source host; and providing the location of the source host to the host of the SVM to facilitate forwarding of the packet from the SVM to the GVM.

The present application is directed a computer-implemented method for enhancing security on a network. The method includes a step of receiving, from user equipment on the network, information including a source IP address and a destination IP address. The method also includes a step of receiving, from a VPN service provider, credentials of a VPN server. The method also includes a step of creating a policy such that traffic associated with the information of the user equipment is routed to the VPN server. The method further includes a step of sending the traffic of the user equipment to the VPN server. The application is also directed to a system and method for securing web traffic on a network.

Aspects of the subject disclosure may include, for example, instantiating a virtual provider edge router (VPE) of a network operator on a layer 3 public cloud network operated by a cloud operator, establishing a virtual layer 2 bridging domain over the layer 3 public cloud network between a core network of the network operator and the VPE, wherein the virtual layer 2 bridging domain shields infrastructure addressing of the core network of the network operator, and establishing an Interior Gateway Protocol (IGP) of the network operator on top of the virtual layer 2 bridging domain for layer 2 communication between the core network of the network operator and the VPE over the layer 3 public cloud network. Other embodiments are disclosed.

A Wi-Fi controller identifies a mismatch between a first prefix of a first IPv6 address for a data packet corresponding to a first VLAN on which the data packet was sent from the station to the access point, and a prefix of a second IPv6 address for a second VLAN from which the data packet was transmitted from the access point to the Wi-Fi controller. Responsive to the VLAN mismatch identification, the Wi-Fi controller transmits a DHCP reconfiguration packet to the station using the first VLAN. The DHCP reconfiguration packet causes the station to transmit a rebind packet to the DHCP server. The rebind packet causes the DHCP server to transmit an ACK frame on the first VLAN setting the valid lifetime for the first IPv6 address to zero.

The present invention provides a base station deployment configuration method. The method includes: receiving, by a base station after being powered on for a first time, a virtual local area network identity and composite information, receiving, by the base station, a plurality of ping packets, and learning, by the base station, the received virtual local area network identity in the service packet and virtual local area network identities in all the received ping packets; traversing, by the base station, the learned virtual local area network identities, and sending a DHCP request to a DHCP server; receiving, by the base station, a DHCP response message returned by the DHCP server; and establishing, by the base station, an OM IP address connection to a management channel of the wireless network manager according to the OM IP address, and receiving a complete configuration delivered through the management channel.