The subject technology addresses a need for improving utilization of network bandwidth in a multicast network environment. More specifically, the disclosed technology provides solutions for extending multipathing to tenant multicast traffic in an overlay network, which enables greater bandwidth utilization for multicast traffic. In some aspects, nodes in the overlay network can be connected by virtual or logical links, each of which corresponds to a path, perhaps through many physical links, in the underlying network.

A method includes identifying a plurality of local tracklets from a plurality of targets, creating a plurality of global tracklets from the plurality of local tracklets, wherein each global tracklet comprises a set of local tracklet of the plurality of local tracklets, wherein the set of local tracklet corresponds to a target of the plurality of targets; extracting motion features of the target from the each global tracklet of the plurality of global tracklets, wherein the motion features of each target of the plurality of targets from each global tracklet of the plurality of global tracklets are distinguishable from the motion features of remaining targets of the plurality of targets from remaining global tracklets; transforming the motion features into an address code by using a hashing process; and transmitting a plurality of address codes and a transformation parameter of the hashing process to a communication device.

Technologies for providing streamlined provisioning of accelerated functions in a disaggregated architecture include a compute sled. The compute sled includes a network interface controller and circuitry to determine whether to accelerate a function of a workload executed by the compute sled, and send, to a memory sled and in response to a determination to accelerate the function, a data set on which the function is to operate. The circuitry is also to receive, from the memory sled, a service identifier indicative of a memory location independent handle for data associated with the function, send, to a compute device, a request to schedule acceleration of the function on the data set, receive a notification of completion of the acceleration of the function, and obtain, in response to receipt of the notification and using the service identifier, a resultant data set from the memory sled. The resultant data set was produced by an accelerator device during acceleration of the function on the data set. Other embodiments are also described and claimed.

In one embodiment, a Segment Routing network node provides processing and network efficiencies in protecting Internet Protocol version 6 (IPv6) Segment Routing (SRv6) packets and functions using Security Segment Identifiers, which are included in Segment Lists of a Segment Routing Header of a SRv6 packet. The Security Segment Identifier provides, inter alia, origin authentication, integrity of information in one or more headers of the packet, and/or anti-replay protection. In one embodiment, a Security Segment Identifier includes a value determined based on a secured portion of the packet. A typically secured portion includes the Source and Destination Addresses, one or more Segment Identifiers in a Segment List and the Segments Left value. In one embodiment, the Destination Address and/or a Segment Identifier in the Segment List includes and an anti-replay value (e.g., sequence number or portion thereof) which is also in the secured portion of the packet.

Programmatically defined fields of metadata for a network packet may be generated. Instructions indicating different portions of data from different headers of a network packet may be stored at a packet processor. When a network packet is received, the different portions of the data may be extracted from the different headers of the packet according to the instructions and provided to other stages of the packet processor for processing. Different portions of the same programmatically defined field may be utilized at different stages in the packet processor. The programmatically defined field may be used to generate a hash value that selects an entry in a lookup table describing a forwarding decision for a network packet.

Systems, methods, and computer-readable media relate to providing a network management service. A system is configured to request first network information from a first component of a network using a public IP address for the first component, wherein the first network information includes private IP addresses for a second component in the network and translate, based on a mapping information for a private IP address space to a public IP address space, the private IP address for a second component to a public IP address for the second component. The system is further configured to request second network information from the second component using the public IP address and provide a network management service for the network based on the second network information.

Some embodiments provide a method for selecting a transmit queue of a network interface card (NIC) of a host computer for an outbound data message. The NIC includes multiple transmit queues and multiple receive queues. Each of the transmit queues is individually associated with a different receive queue, and the MC performs a load balancing operation to distribute inbound data messages among multiple receive queues. The method extracts a set of header values from a header of the outbound data message. The method uses the extracted set of header values to identify a receive queue which the NIC would select for a corresponding inbound data message upon which the NIC performed the load balancing operation. The method selects a transmit queue associated with the identified receive queue to process the outbound data message.

The present disclosure relates to handling of packet flows between a pair of network security zones in a communications network. A packet that is sent from one of the network security zones toward the other of the network security zones is directed to a packet processing service chain, based on a packet handling classification of a packet flow of which the packet is a part. The service chain has multiple identical service chain instances to perform a service on packets, and the packet is directed to one of the service chain instances within the service chain. A packet that is processed by any of the service chain instances is transmitted to the other network security zone.

In a network device, a hash-based lookup system includes a hash generator configured to apply respective hash functions to a lookup key to generate respective hash values. Each hash function corresponds to a respective logical hash bank in a hash table. A number of hash values generated by the hash generator corresponds to the number of logical hash banks in the hash table, and the number of hash values generated by the hash generator is configurable. The hash-based lookup system also includes an address generator that is configured to generate respective addresses to a memory that stores the hash table, the respective addresses within respective address spaces of respective logical hash banks of the hash table. The address generator uses i) a parameter N that specifies the number of logical hash banks in the hash table, and ii) N hash values generated by the hash generator, to generate the respective addresses.

Retrieving content in an Internet Protocol version 6 (IPv6) network may be provided. A lookup request associated with content may be received from a network node at a server having a mapping database. A response having an ordered list of more than one IPv6 addresses may be generated. The ordered list of the more than on IPv6 addresses may include IPV6 prefixes. Each of the more than one IPv6 addresses may include a first portion having a content identifier and a second portion having an indication of a location of the content. The response may be transmitted to the network node.