Network devices that are inserted inline into network links and process in-transit packets may significantly improve their packet-throughput performance by not assigning L3 IP addresses and L2 MAC addresses to their network interfaces and thereby process packets through a logical fast path that bypasses the slow path through the operating system kernel. When virtualizing such Bump-In-The-Wire (BITW) devices for deployment into clouds, the network interfaces must have L3 IP and L2 MAC addresses assigned to them. Thus, packets are processed through the slow path of a virtual BITW device, significantly reducing the performance. By adding new logic to the virtual BITW device and/or configuring proxies, addresses, subnets, and/or routing tables, a virtual BITW device can process packets through the fast path and potentially improve performance accordingly. For example, the virtual BITW device may be configured to enforce a virtual path (comprising the fast path) through the virtual BITW device.

A method enables communication between Session Management Function (SMF) and User Plane Function (UPF) instances which are separately deployed behind Network Address Translation (NAT) services. The method includes configuring an SMF or a UPF to initiate an association with a corresponding UPF or SMF. The SMF registers first information with a Network Repository Function (NRF) enabling the remote UPF to communicate with the SMF through a NAT service. The method further includes obtaining second information from the NRF enabling the SMF to communicate with the remote UPF through the NAT service. The method also includes sending an association request to the remote UPF based on the second information and receiving an association response from the remote UPF through the NAT service.

A method of optimizing traffic on a mobile device includes determining that an application is inactive based on historical behavior of the application and blocking traffic originating from or directed towards the application that is determined to be inactive based on historical behavior. A related mobile device is also provided.

An active-active cluster control method including: a control node receives a first query request sent by a first network processing node in an active-active cluster, configures an outbound forwarding rule based on forwarding information, generates an inbound forwarding rule, and sends the outbound forwarding rule to the first network processing node. The control node may further receive a second query request, determine that forwarding information of a second packet matches the inbound forwarding rule, obtain the recorded inbound forwarding rule, and send the inbound forwarding rule to the second network processing node. thereby avoiding problems such as a packet loss and service interruption.

A method includes setting, using at least one processor of an electronic device that includes multiple subscriber identity module (SIM) cards, a maximum Network Address Translation (NAT) interval to be a maximum value among NAT keep-alive intervals associated with the multiple SIM cards. The method also includes triggering, using the at least one processor, a partial call setup from a first SIM card of the multiple SIM cards to a second SIM card of the multiple SIM cards. The method further includes determining, using the at least one processor, whether the electronic device receives the partial call setup. In addition, the method includes, in response to determining that the electronic device receives the partial call setup, setting, using the at least one processor, the NAT keep-alive interval for each of the multiple SIM cards to be equal to the maximum NAT interval.

Network devices that are inserted inline into network links and process in-transit packets may significantly improve their packet-throughput performance by not assigning L3 IP addresses and L2 MAC addresses to their network interfaces and thereby process packets through a logical fast path that bypasses the slow path through the operating system kernel. When virtualizing such Bump-In-The-Wire (BITW) devices for deployment into clouds, the network interfaces must have L3 IP and L2 MAC addresses assigned to them. Thus, packets are processed through the slow path of a virtual BITW device, significantly reducing the performance. By adding new logic to the virtual BITW device and/or configuring proxies, addresses, subnets, and/or routing tables, a virtual BITW device can process packets through the fast path and potentially improve performance accordingly. For example, the virtual BITW device may be configured to enforce a virtual path (comprising the fast path) through the virtual BITW device.

An integrated security system integrates broadband and mobile access and control with conventional security systems and premise devices to provide a tri-mode security network having remote connectivity and access. The integrated security system delivers remote premise monitoring and control functionality to conventional monitored premise protection and complements existing premise protection equipment. The integrated security system integrates into the premise network and couples wirelessly with the conventional security panel, enabling broadband access to premise security systems. Automation devices can be added, enabling users to remotely see live video or pictures and control home devices via a personal web portal or other client device. Camera management enables automatic configuration and management of cameras in the premise network. The camera management extends to remote control and monitoring from outside the firewall of the premise network to include routing of images or video from a streaming source device to a requesting client device.

The present invention provides a method of scaling the reliability of the service of a hierarchical computing network with large number of participant nodes servicing large number of users with large volume of data by adding/subtracting a service node to/from a service node group to linearly increase/decrease the network service uptime. Also disclosed is a method of incentivizing the owner of a participant computer in a general computer network to continuously and reliably share its spare capacity and capability by rewarding/punishing the participant computer with increased/decreased uptime value if a fault incident of the participant computer is/is not detected; and making the uptime value of the participant computer visible to end users.

Techniques and architecture for routing data packets through networks that include TGWs. A data packet may be received from a TGW at an infra VPC. A TGW attachment on which the data packet was received is determined. Based at least in part on the TGW attachment, the data packet is routed to a CSR at the infra VPC. Load balancing may be achieved by defining VRF groups that include VPCs and the TGWs. Each VRF group may be assigned to an interface of one or more CSRs. Also, the VRF groups allow for supporting overlapping subnets.

By splitting CGN functions based on a control plane and a forwarding plane, a CGN control plane function is put into a BRAS CP device, and a CGN forwarding plane function is retained on a CGN card on the BRAS DP device, and CGN configuration information is distributed by the BRAS CP device to the BRAS DP device.