A method, apparatus and computer program product are provided for the efficient distribution of tunneled packets associated with multiple pieces of user equipment across central processing unit cores associated with network components. Example implementations contemplate one or more network components, such as a NodeB or gateway, which are configured with multiple IP addresses associated with multiple cores or other processors within the network component. In such example implementations, tunnels may be initialized to network endpoints such that network traffic loads imposed on the network component can be balanced by selecting one or more IP addresses from amongst the plurality of IP addresses associated with the particular network component.

A method and apparatus of a device that grows and/or shrinks a table that is shared between a writer and a plurality of readers is described. In an exemplary embodiment, a device receives an entry to be added to the shared table. In response to receiving the entry, the device remaps shared table to add a new storage segment to the shared table. The device further adds the entry to the shared table, where the entry is stored in the new storage segment. In addition, the device updates a shared table characteristic to indicate that the shared table has changed. The device further shrinks the shared table by remapping the table to remove a segment of the table.

Apparatus, methods, and systems for tuple space search-based flow classification using cuckoo hash tables and unmasked packet headers are described herein. A device can communicate with one or more hardware switches. The device can include memory to store hash table entries of a hash table. The device can include processing circuitry to perform a hash lookup in the hash table. The lookup can be based on an unmasked key include in a packet header corresponding to a received data packet. The processing circuitry can retrieve an index pointing to a sub-table, the sub-table including a set of rules for handling the data packet. Other embodiments are also described.

A system administrator can specify NAT mappings to perform NAT translations in a switch. The administrator can specify an ACL to filter packets to be translated. Filter rules generated from the ACL are stored in a first memory store in a switch and NAT rules generated from the NAT mappings are stored in a second memory store separate from the first memory store. When a packet matches one of the filter rules a tag that identifies the ACL is associated with the packet. When the tagged packet matches one of the NAT rules, the packet is translated according to the matched NAT rule.

Methods and apparatuses are described for virtualizing routing of network traffic by offloading routing decisions to a controller in communication with a plurality of network devices. For load balancing applications, the controller may make up-front decisions as to both destination and route, rather than wait until traffic has been routed to a load balancing point before determining the destination.

In one embodiment, a packet processing apparatus includes interfaces, a memory to store a representation of a routing table as a binary search tree of address prefixes, and store a marker with an embedded prefix including k marker bits providing a marker for an address prefix of a node corresponding to a prefix length greater than k, and n additional bits, such that the k marker bits concatenated with the n additional bits provide another address prefix, packet processing circuitry configured upon receiving a data packet having a destination address, to traverse the binary search tree to find a longest prefix match, compare a key with the k marker bits, extract an additional n bits from the destination address, and compare the extracted n bits with the n additional bits, and process the data packet in accordance with a forwarding action indicated by the longest prefix match.

The systems and methods described herein can enable the indirect transmission of session data between different domains. The system can pass the session data through a hashing function so that the data from a given domain remains private and secure to the specific domain. The system can generate clusters of associated domains for a given client device that the system can use to maintain a session between the client device and the domain.

Methods and systems are described managing module for locating a target storage device among a plurality of storage devices connected via a network. A computer implemented method includes sending registration information to a central directory, wherein the registration information includes at least an address of one of the plurality of storage devices, and the central directory stores the registration information in a registry. The method also includes sending a request to the central directory for an address for another one of the plurality of storage devices, receiving the address from the central directory if the address is in the registry, and conducting a successive lookup of a closest known address until the address is located if the address is not in the registry.

This disclosure describes various methods, systems, and devices related to identifying path changes of data flows in a network. An example method includes receiving, at a node, a packet including a first value. The method further includes generating a second value by inputting the first value and one or more node details into a hash function. The method includes replacing the first value with the second value in the packet. The packet including the second value is forwarded by the node.

A network element includes multiple ports and a packet classifier. The packet classifier is configured to receive rules and Rule Patterns (RPs), each RP corresponding to a subset of the rules and specifies positions of unmasked packet-header bits to be matched by the rules in the subset, to store in a RAM a grouping of the RPs into Extended RPs (ERPs), each ERP defining a superset of the unmasked bits in the RPs associated therewith, to receive packets and match each packet to one or more of the rules by accessing the ERPs in the RAM, to determine counter values, each counter value corresponding to a respective RP and is indicative of a number of the received packets that match the RP, and to adaptively modify grouping of the RPs into the ERPs depending on the counter values.