An exact-match flow table structure stores flow entries. Each flow entry includes a Flow Id. A flow entry is generated from an incoming packet. The flow table structure determines whether there is a stored flow entry, the Flow Id of which is an exact-match for the generated Flow Id. In one novel aspect, a programmable reduce table circuit is used to generate a Flow Id. A selected subset of bits of an incoming packet is supplied as an address to an SRAM, so that the SRAM outputs a data value. The data value is supplied to a programmable lookup circuit such that the lookup circuit performs a selected type of lookup operation, and outputs a result value of a reduced number of bits. A multiplexer circuit is used to form a Flow Id such that the result value is a part of the Flow Id.

Methods and devices for processing packets are provided. The processing device may include an input interface for receiving data units containing header information of respective packets; a first module configurable to perform packet filtering based on the received data units; a second module configurable to perform traffic analysis based on the received data units; a third module configurable to perform load balancing based on the received data units; and a fourth module configurable to perform route lookups based on the received data units.

Sending traffic policies includes identifying a location of an issue source with a first router in a network layer of an interconnected network and sending to a second router located along a route towards the issue source a traffic policy that addresses an issue caused with the issue source.

Methods, systems, and computer readable media for implementing a policy for a router are disclosed. One method includes providing a meta administrator interface configured to facilitate the specification of one or more rules that form a policy definition. The method further includes automatically generating, based on the policy definition, an administrator interface for inputting rule data associated with the policy definition. Even further, the method includes storing the input rule data in one or more data structures associated with a router.

Techniques are described for providing managed virtual computer networks that have a configured logical network topology with virtual networking devices, such as by a network-accessible configurable network service, with corresponding networking functionality provided for communications between multiple computing nodes of the virtual computer network by emulating functionality that would be provided by the virtual networking devices if they were physically present. In some situations, the networking functionality provided for a managed computer network of a client includes receiving routing communications directed to the virtual networking devices and using included routing cost information to update the configuration of the managed computer network, and/or includes determining actual cost information corresponding to use of an underlying substrate network and providing routing cost information to the client that reflects the determined actual cost information, so as to enable the client to modify the configuration of the managed computer network accordingly.

A digital data communications network that supports efficient, scalable routing of data and use of network resources by combining a recursive division of the network into hierarchical sub-networks with repeating parameterized general purpose link communication protocols and an addressing methodology that reflects the physical structure of the underlying network hardware. The sub-division of the network enhances security by reducing the amount of the network visible to an attack and by insulating the network hardware itself from attack. The fixed bandwidth range at each sub-network level allows quality of service to be assured and controlled. The routing of data is aided by a topological addressing scheme that allows data packets to be forwarded towards their destination based on only local knowledge of the network structure, with automatic support for mobility and multicasting. The repeating structures in the network greatly simplify network management and reduce the effort to engineer new network capabilities.

In one embodiment, a traffic engineering (TE) label switched path (LSP) is established between a head-end node in a local domain and a tail-end node in a remote domain. The TE-LSP spans one or more intervening domains located between the local domain and the remote domain. The head-end node sends a routing information request over the TE-LSP to a target node on the TE-LSP that is in the remote domain. The head end node receives routing information from the target node. The received routing information includes a list of address prefixes reachable by the target node. The head end node uses the received routing information to calculate routes reachable via the TE-LSP to the target node. The calculated routes have a next-hop interface set to be the TE-LSP. The calculated routes are inserted into a routing table of the head-end node.

A Secure Location Session Manager (SLSM) is an intelligent router for open mobile alliance (OMA) Secure User Plane Location (SUPL) Version 1.0 (and later) messages best implemented when multiple, geo-diverse SUPL servers are deployed in a distributed environment, such as an active-active redundant configuration within a wireless carrier's network. In a standalone option, the SLSM acts as a “middleman” for all SUPL positioning messages between a mobile device and a responsible SUPL server. In an embedded option, the SLSM resides within an existing server. The SLSM manages and stores session information for all pending and ongoing SUPL positioning sessions in internal tables for routing and load balancing purposes. The external interfaces of the SLSM consist of OMA ULP messages.

A computationally implemented system and method that is designed to, but is not limited to: electronically processing mobile operating system object code at least partially from mobile device storage to direct to one or more origination mobile communication device display surfaces an origination mobile communication device user interface presentation of communication characteristics information regarding one or more mobile operating system based communication devices for operation as one or more ad hoc intermediary relays of one or more fallback communication networks upon initiation thereof for communication between an origination mobile communication device and a destination electronic communication device. In addition to the foregoing, other method aspects are described in the claims, drawings, and text forming a part of the present disclosure.

An apparatus generates routing data that defines, in a system in which a plurality of switches are connected to each other in a tree-shaped structure, a communication route between a plurality of end switches located at a lower level in the tree-shaped structure and a plurality of upper-level switches located at a level higher than the plurality of end switches in the tree-shaped structure, so that a first upper-level switch that switches communication data from a first node connected to a first end switch among the plurality of end switches to a second node connected to a second end switch among the plurality of end switches is identical with a second upper-level switch that switches communication data from the second node to the first node. The apparatus stores the generated routing data in a memory provided for the apparatus.