Systems and methods for support server high availability with network link bonding for cloud overlay networks are disclosed herein. The method can include selecting a compute instance, identifying a plurality of Network Virtualization Devices (“NVD”) for association with the compute instance, and creating a number of Virtualized Network Interface Cards (“VNIC”), each of which VNICs can reside in one of the plurality of NVDs. The method can include overlaying an IP address of the compute instance to each of the VNICs, such that each of the VNICs share a common IP address, designating a network path formed by one of the VNICs in one of the NVDs as an active network path and another of the network paths as an inactive network path, and activating the inactive network path when the active network path fails.

A data transceiver device in a repeater according to an exemplary embodiment includes: a radio unit assigned with a unique port number for uniquely identifying the radio unit and a layer splitter connected to the radio unit; a transfer unit configured to transfer an inbound packet to the layer splitter identified by the unique port number when the inbound packet including the unique port number as an internal port number is received; and the layer splitter configured to transfer the inbound packet to the radio unit corresponding to the unique port number when the inbound packet is received through transfer unit.

A packet is received by a hypervisor from a first container, the packet to be provided to a second container, the packet including a header including a first network address associated with the second container. A network policy is identified for the packet in view of the first network address. A second network address corresponding to the second container is determined in view of the network policy. A network address translation is performed by the hypervisor to modify the header of the packet to include the second network address corresponding to the second container.

Some embodiments of the invention provide a method for adding routable subnets to a logical network that connects multiple machines and is implemented by a software defined network (SDN). The method receives an intent-based API that includes a request to add a routable subnet to the logical network. The method defines (i) a VLAN (virtual local area network) tag associated with the routable subnet, (ii) a first identifier associated with a first logical switch to which at least a first machine in the multiple machines that executes a set of containers belonging to the routable subnet attaches, and (iii) a second identifier associated with a second logical switch designated for the routable subnet. The method generates an API call that maps the VLAN tag and the first identifier to the second identifier. The method provides the API call to a management and control cluster of the SDN to direct the management and control cluster to implement the routable subnet.

Some embodiments of the invention provide novel methods for facilitating a distributed SNAT (dSNAT) middlebox service operation for a first network at a host computer in the first network on which the dSNAT middlebox service operation is performed and a gateway device between the first network and a second network. The novel methods enable dSNAT that provides stateful SNAT at multiple host computers, thus avoiding the bottleneck problem associated with providing stateful SNAT at gateways and also significantly reduces the need to redirect packets received at the wrong host by using a capacity of off-the-shelf gateway devices to perform IPv6 encapsulation for IPv4 packets and assigning locally unique IPv6 addresses to each host executing a dSNAT middlebox service instance that are used by the gateway device.

Various embodiments of the present application set forth a computer-implemented method that includes intercepting a first system call from a client application, wherein the first system call comprises a first request to connect to a first destination using a first set of system call parameters; determining, based on the first destination, a second set of system call parameters; generating a second system call, wherein the second system call comprises a second request to connect to a target destination using the second set of system call parameters; and causing a connection to be established from the client application to the target destination based on the second system call.

A method performed by a computing system includes receiving a first request from a first pod being executed on the computing system, responding to the first request with an Internet Protocol (IP) address and a first port range, receiving a second request from a second pod being executed on the computing system, and responding to the second request with the Internet Protocol (IP) address and a second port range that is different than the first port range. The method further includes, with a networking service implemented within the kernel, processing network traffic between external entities and the first and second pods by updating source and destination IP addresses and ports of packets of the network traffic.

Systems and methods for transparent high availability for multi-customer support with hypervisor based bond implementation. The method can include creating a network path bond between a plurality of compute instances and a plurality of Network Virtualization Devices (“NVD”), the network path bond comprising a plurality of network paths, identifying a monitoring bond coupling the plurality of NVDs to a monitoring agent, creating a number of monitoring VNICs, each of the number of monitoring VNICs residing in one of the plurality of NVDs, overlaying a unique IP address to each of the monitoring VNICs, determining with the monitoring agent a health of at least one of network paths, the network paths including an active network path and an inactive network path, and activating the inactive network path when the active network path fails.

Systems for high-performance computing. A storage control architecture is implemented by a plurality of nodes, where a node comprises combinations of executable containers that execute in cooperation with virtual machines running above a hypervisor. The containers run in a virtual machine above a hypervisor, and/or can be integrated directly into the operating system of a host node. Sensitive information such as credit card information may be isolated from the containers in a separate virtual machine that is configured to be threat resistant, and which can be accessed through a threat resistant interface module. One of the virtual machines of the node may be a node-specific control virtual machine that is configured to operate as a dedicated storage controller for a node. One of the virtual machines of the node may be a node-specific container service machine that is configured to provide storage-related and other support to a hosted executable container.

The invention is that of systems and methods for communications between one or more networks and subsequently network devices configured with a networking application for processing network based communications when the devices are on different logical and physical networks. The methods herein involve translation of remote IP addresses of LAN devices to addresses comprising headend network prefixes, to allow for LAN extension of remote to headend networks and communications between devices on the disparate networks. Data packets from a remote LAN interface are transferred to an outbound interface once translated, then forwarded via a formed bridged tunnel link to a headend network device. A server comprising a local LAN and outbound interface is further configured with a NAT module for IP address translation and an optional security module for additional authenticity verification of remote devices attempting to penetrate the headend network.