A system for private networking within a virtual infrastructure is presented. The system includes a virtual machine (VM) in a first host, the VM being associated with a first virtual network interface card (VNIC), a second VM in a second host, the second VM being associated with a second VNIC, the first and second VNICs being members of a fenced group of computers that have exclusive direct access to a private virtual network, wherein VNICs outside the fenced group do not have direct access to packets on the private virtual network, a filter in the first host that encapsulates a packet sent on the private virtual network from the first VNIC, the encapsulation adding to the packet a new header and a fence identifier for the fenced group, and a second filter in the second host that de-encapsulates the packet to extract the new header and the fence identifier.

A method for implementing load balancing, an apparatus, and a network system, where a controller obtains a port attribute of each port of a first switch in a mesh network, determines, according to the port attribute of each port of the first switch, a virtual routing and forwarding instance corresponding to each port of the first switch, where all user-side ports of the first switch correspond to a first virtual routing and forwarding instance, generates a forwarding table of the first switch according to a topology of the mesh network and the virtual routing and forwarding instance corresponding to each port of the first switch, where a first forwarding entry of the forwarding table includes the first virtual routing and forwarding instance, a destination network segment and at least two forwarding paths corresponding to the destination network segment, and sends the forwarding table to the first switch.

Use of available bits in the TEID field of the GTP header to hold information needed to recreate at least a partial state of the session, enough for it to be routed, without waiting for a full state update. The GTP PDU contains the IP Payload with the source and destination IP addresses. The embodiments use that information and the coded TEID bits to provide sufficient routing information so that the packet can be routed without the full state. The TEID is coded to include bits identifying the APN and bits identifying the QCI of the session. A bit can be used to indicate drop if the full state not available. The remaining bits are used to identify unique user sessions. Some of the TEID bits can be encoded with the charging ID. Because sufficient routing information is provided in each packet, a backup gateway does not need to checkpoint.

A method and system of accelerating monitoring of network traffic. The method may include receiving, at a network chip of a network device, a network traffic data unit; capturing, by the network chip, the network traffic data unit based on a traffic sampling rate; adding, by the network chip, a sampling header to the network traffic data unit to obtain a sampled network traffic data unit; sending the sampled network traffic data unit from the network chip to a sampling engine; receiving, from the sampling engine, a flow datagram that includes a network traffic data unit portion and a flow datagram header; generating a flow network data traffic unit that includes the flow datagram; and transmitting the flow network data traffic unit towards a collector.

Techniques for flow rate based load balancing are described. In one embodiment, a method includes receiving a packet associated with a packet flow at an ingress top-of-rack switch in a spine-leaf network. The method includes determining identification information for the packet flow, including a source and a destination. Based on the identification information, the method includes determining an instantaneous flow rate for a first path through the network from the source to the destination. The method also includes comparing the instantaneous flow rate to an average flow rate. Based on the comparison between the instantaneous flow rate to the average flow rate, the method includes assigning the packet flow to one of the first path or a second path.

A method for processing data packets in a communication network includes establishing a path for a flow of the data packets through the communication network. At a node along the path having a plurality of aggregated ports, a port is selected from among the plurality to serve as part of the path. A label is chosen responsively to the selected port. The label is attached to the data packets in the flow at a point on the path upstream from the node. Upon receiving the data packets at the node, the data packets are switched through the selected port responsively to the label.

A communication network, communication installation within an aircraft and aircraft including such a communication installation are disclosed. In one aspect, the network is adapted for interconnecting pieces of electronic equipment and includes a set of at least three network switches, each being connected to all of the other network switches of the set. Each network switch includes several communication ports. The network further includes a plurality of datalinks, each being configured to connect one network switch bidirectionally to another network switch of the set, via the corresponding communication ports. At least two separate network switches are configured to be connected directly to a same piece of electronic equipment.

A method, includes receiving a packet flow optimization policy including a flow identifier of a target packet flow, a device identifier of a to-be-adjusted forwarding device, and information about the next hop; obtaining status information of an access control list (ACL) of the to-be-adjusted forwarding device based on the device identifier, where the status information includes resource usage status information of the ACL and capability information that indicates whether the to-be-adjusted forwarding device supports packet flow forwarding that is based on the ACL; and when determining, based on the status information, that the ACL includes an idle resource and the to-be-adjusted forwarding device supports packet flow forwarding that is based on the ACL, sending an ACL record to the to-be-adjusted forwarding device, where the ACL record includes the flow identifier and the information about the next hop.

Configuration data associated with a router is converted. A selector tool identifies a first port of a first router having first data lines, and identifies a second port of a second router to receive the first data lines to be migrated from the first port. The first router and the second router use different, incompatible configuration data formats. A data transceiver captures first port configuration data associated with the first port of the first router, and a configuration data converter is to identify a type of interface associated with the captured first port configuration data and convert the captured first port configuration data from a first format compatible with the first router to a second format compatible with the second router based on the identified type of interface. A conversion file generator generates a configuration file containing the converted first port configuration data in the second format.

Systems, methods, and techniques are described for a display management of an adaptive private network (APN). A database is installed in a first node of a centralized management system including a network control node (NCN) coupled through the APN to client nodes. Timing messages sent by the NCN to the client nodes are time stamped according to a first clock in the NCN. A network time is calibrated in the client nodes based on timestamps of data which are correlated to a master time specified by the first node. The APN is polled for user specified data to be stored in the database, wherein the data is associated with a user specified period of time which is correlated to the master time. The user specified data is accessed from the database for display according to a network configuration, a user selected display type, and attributes selected by the user.