A method and system are disclosed for handling a received content word in a system comprising a memory of memory words, wherein: each memory word comprises Bloom Filter structures. The method comprises hashing the content word into a fixed-size word, pointing to the memory word corresponding to an address of the fixed-size word, pointing to, and reading, the Bloom Filter structure in the pointed memory word corresponding to an address in the fixed-size word, and reading and writing the content of the Bloom Filter structures so as to keep track of a number of occurrences of the received content word over a sliding window of time.

Disclosed are techniques for generating and examining a signature that corresponds to a plurality of data packets. The data packets can be packets forwarded by a network device. By examining the signature, information pertaining to the plurality of data packets can be determined. A determination can be made if one of the plurality of data packets is not received by the network device.

The systems and methods described herein can enable the indirect transmission of session data between different domains. The system can pass the session data through a hashing function so that the data from a given domain remains private and secure to the specific domain. The system can generate clusters of associated domains for a given client device that the system can use to maintain a session between the client device and the domain.

Technology related to disaggregating network traffic is disclosed. In one example, a method can include determining whether individual network flows are members within a first subset of the network flows. A second subset of the first subset of network flows can be learned in response to determining a change in a number of servers available to service the network flows. A first network packet can be forwarded to a first server in response to the first network packet being a member of the first subset of network flows and a member of the learned second subset of the first subset of network flows. A second network packet can be forwarded to a second server in response to the second network packet being a member of the first subset of network flows but not a member of the learned second subset of the first subset of network flows.

This disclosure describes various methods, systems, and devices related to identifying path changes of data flows in a network. An example method includes receiving, at a node, a packet including a first path signature. The method further includes generating a second path signature by inputting the first path signature and one or more node details into a hash function. The method includes replacing the first path signature with the second path signature in the packet. The packet including the second path signature is forwarded by the node.

Techniques are described for dynamically mapping hash indices to member interfaces of an aggregated interface in a hash data structure. As one example, a network device may compute net weights for the member links of a link aggregation group (LAG) and respective utilization values of hash indices in a hash map for the LAG. The network device may generate binary trees based on the net weights and utilization values of the member links of the LAG, and may map values, e.g., median values, of one or more nodes of the binary trees to member interfaces, and update the hash data structure based on the mapping.

A hash collision prevention system includes a plurality of host devices and a plurality of networking devices. A host device address generation system retrieves network addressing information associated with the plurality of host devices, and identifies a hashing function utilized by the plurality of networking devices in transmitting data packets associated with the plurality of host devices. The host device address generation system then uses the hashing function and the network addressing information to determine a plurality of host device addresses that do not produce a hash collision, and provides the plurality of host device addresses for provisioning to the plurality of host devices.

Techniques are presented for evaluating Equal Cost Multi-Path (ECMP) performance in a network that includes a plurality of nodes. According to an example embodiment, a method is provided that includes obtaining information indicating equal cost multi-path (ECMP) paths in the network and a branch node in the network. For the branch node in the network, the method includes instantiating a virtual network function that simulates an ECMP hashing algorithm employed by the branch node to select one of multiple egress interface of the branch node; providing to the virtual network function for the branch node, a query containing entropy information as input to the ECMP hashing algorithm that returns interface selection results; and obtaining from the virtual network function a reply that includes the interface selection results. The method further includes evaluating ECMP performance in the network based on the interface selection results obtained for the branch node.

A system for smart device networking includes an endpoint that enables communication with a connected device, a bridge that communicates with the endpoint over a PAN and relays PAN communications to a WAN, and a router that connects to the bridge through the WAN and routes communication to and from the endpoint.

Methods and apparatuses are described for virtualizing routing of network traffic by offloading routing decisions to a controller in communication with a plurality of network devices. For load balancing applications, the controller may make up-front decisions as to both destination and route, rather than wait until traffic has been routed to a load balancing point before determining the destination.