Systems, methods, and computer-readable media are provided for enforcing policy for upstream (e.g., traffic from an endpoint to the physical network layer or hardware fabric of a data center) flood traffic (e.g., broadcast, unknown unicast, or multicast traffic) originating from a virtual endpoint via a network fabric. In one embodiment, upstream flood traffic can be transmitted using a special multicast group to which only elements of the data center fabric (e.g., physical switches, routers) are subscribed. That is, upstream flood traffic is assigned to the special multicast group, resulting in unintended endpoints not receiving the flood traffic. However, the hardware fabric receives the flood traffic and will then enforce applicable policies to route the packets to intended endpoints.

Methods, apparatus and articles of manufacture (e.g., physical storage media) to perform service specific route selection in communication networks are disclosed. Example route selection methods disclosed herein include determining respective component performance parameters for network components of a communication network based on a weighting profile associated with a first service from a plurality of different services for which traffic is to be routed in the communication network. Disclosed example route selection methods also include determining, based on the component performance parameters, respective path performance parameters for a plurality of candidate paths between two endpoints in the communication network. Disclosed example route selection methods further include selecting, based on the path performance parameters, a first one of the candidate paths to route traffic for the first service between the two endpoints.

A networking device continuously and simultaneously receives multiple sign and verify requests, without a priori knowledge of their quantity, type, sequence, length, input data or frequency. The networking device performs the corresponding signature operations and verification operations according to a rule based configuration. Each received sign and verify request is broken into multiple tasks, which are placed into a task pool with priorities, and disassociated from their originating requests and from other tasks. Multiple execution agents (each one a separate general purpose compute unit with its own memory space) repeatedly and simultaneously processes next available tasks from the pool based on priority. Asynchronous worker routines in the agents can pre-calculate certain values for higher level task processing. The output from completed tasks is placed into a repository, and the results in the repository are processed to fulfill the multiple received requests at network line speed.

Techniques for routing network traffic in a storage processor involve providing per-IP routing tables for each IP address of a virtual server and a per-server routing table. These per-IP and per-server routing tables specify its own interface(s) with external network(s). The storage processor assigns each outbound protocol data unit (PDU), generated by a particular virtual server, to either a per-IP routing table or a per-server routing table provided for that virtual server. The assignment of the routing table is based on source IP address or a connection mark associated with an outbound PDU. The per-IP or per-server routing table(s) identifies an interface through which the packet is routed to the destination IP address.

A non-transitory computer readable medium has instructions stored therein to be executed by a packet processing unit (PPU) in a communications network to allow a plurality of PPUs in the communication network to route data packets. The plurality of PPUs collectively maintain a distributed hash table (DHT). The DHT stores a distributed routing table (DRT), where the DRT includes a DRT entry that maps a key to a value. The key is based on a destination Internet Protocol (IP) address and an access point name (APN) associated with an IP session of a user entity (UE). The value represents both an IP address of one of the plurality of PPUs currently serving the IP session of the UE and an IP session identifier that identifies, to that PPU currently serving the IP session of the UE, the IP session of the UE.

One disclosure of the present specification provides a routing rule updating method for moving a specific IP flow to a specific access. The updating method can include a step of receiving a routing rule updating request message for network based IP flow mobility (NBIFOM) initiated by a network, wherein the routing rule updating request message can include: a routing rule for moving a specific IP flow of a user device from a first access to a second access; and a timer value calculated by the network. The timer value can be calculated by the network on the basis of at least one of subscriber information, load information and statistical information. The updating method can include the steps of: transmitting an acceptance message to the network in response to the routing rule updating request; and operating a timer according to the timer value.

One embodiment of the present invention relates to a method for transmitting/receiving a signal related to network-based IP flow mobility (NBIFOM) in a wireless communication system, the method comprising the steps of: a terminal receiving a routing rule from a network, in network initiated mode in which the terminal cannot generate the routing rule; transmitting a rejection of the routing rule to the network; and transmitting, to the network, information indicating the availability of an access type included in the routing rule, when the access type included in the routing rule becomes available.

A communication path switching apparatus in an application unit that executes a certain function of performing wireless communication with another communication apparatus, a data switching unit that forwards data for causing the application unit to execute the certain function, a control unit that makes the setting for causing the data switching unit to forward the data, and a virtual device unit that forwards the data forwarded from the data switching unit to the application unit based on the setting made by the control unit.

A wireless network adapter is connected to a computing device. A driver module of the wireless network adapter converts a wireless-protocol data packet received through the wireless network adapter into an Ethernet-protocol data packet. A network address translation (NAT) module determines a Socket associated with a source address and a destination address of the Ethernet-protocol data packet, and sends valid data of the Ethernet-protocol data packet through the Socket. Additionally or alternatively, the NAT module encapsulates data into the Ethernet-protocol data packet after receiving the data through the Socket, and the driver module converts the Ethernet-protocol data packet into the wireless-protocol data packet, and sends the wireless-protocol data packet through the wireless network adapter. The present disclosure can implement functions of a device hotspot and is not limited by an operating system framework.

Method and apparatus for globally optimizing a weighted flow network, including the procedures of collecting a plurality of metrics in the weighted flow network, receiving a plurality of route requests from a first node to a second node in the weighted flow network, determining K best routes out of N possible routes from the first node to the second node according to the plurality of metrics, balancing a load in the weighted flow network by distributing the plurality of route requests over the K best routes from the first node to the second node, and updating the plurality of metrics.