Edge networking router devices and systems for identifying a software application are described herein. One or more embodiments include an edge networking router device for identifying a software application comprising a packet collector to receive packet data in the edge networking router device and an artificial intelligence (AI) model configured to process the packet data received by the packet collector to identify the software application, wherein the artificial intelligence (AI) model is trained using a cloud entity and received from the cloud entity.

Some embodiments of the invention provide novel methods for performing services on data messages passing through a network connecting one or more datacenters, such as software defined datacenters (SDDCs). The method of some embodiments uses service containers executing on host computers to perform different chains (e.g., ordered sequences) of services on different data message flows. For a data message of a particular data message flow that is received or generated at a host computer, the method in some embodiments uses a service classifier executing on the host computer to identify a service chain that specifies several services to perform on the data message. For each service in the identified service chain, the service classifier identifies a service container for performing the service. The service classifier then forwards the data message to a service forwarding element to forward the data message through the service containers identified for the identified service chain. The service classifier and service forwarding element are implemented in some embodiments as processes that are defined as hooks in the virtual interface endpoints (e.g., virtual Ethernet ports) of the host computer's operating system (e.g., Linux operating system) over which the service containers execute.

Methods and apparatus for efficient data transfer within a user space network stack. Unlike prior art monolithic networking stacks, the exemplary networking stack architecture described hereinafter includes various components that span multiple domains (both in-kernel, and non-kernel). For example, unlike traditional “socket” based communication, disclosed embodiments can transfer data directly between the kernel and user space domains. Direct transfer reduces the per-byte and per-packet costs relative to socket based communication. A user space networking stack is disclosed that enables extensible, cross-platform-capable, user space control of the networking protocol stack functionality. The user space networking stack facilitates tighter integration between the protocol layers (including TLS) and the application or daemon. Exemplary systems can support multiple networking protocol stack instances (including an in-kernel traditional network stack).

Methods and apparatus for dynamic packet pool configuration in networking stack architectures. Unlike prior art monolithic memory allocations, embodiments of the present disclosure enable packet pools associated with non-kernel space applications to dynamically allocate additional memory allocations to a given non-kernel space application, or conversely, de-allocate memory allocations to a given non-kernel space application. Variants also disclose the splitting up of a memory allocation into device accessible portions and kernel accessible portions. Other variants disclose sizing certain segment allocations so as to be a multiple of a physical address page size. Such a variant enables a single input/output (I/O) bus address lookup for the given segment so as to minimize look up costs associated with an I/O lookup for the given segment.

A control method for data transmission and a terminal are provided. The control method for data transmission includes: determining, when a terminal has established a user-plane bearer link with a network and before transmitting data to be transmitted, whether or not a destination address of the data to be transmitted is recorded in a pre-created address whitelist; acquiring, if the destination address of the data to be transmitted is not recorded in the address whitelist, an application identifier corresponding to the data to be transmitted, and conducting access control decision based on the application identifier to obtain a decision result; and transmitting, when the decision result indicates that transmission of the data to be transmitted is permitted, the data to be transmitted through the user-plane bearer link.

Described embodiments provide for dynamically optimizing the number of application layer streams that may be multiplexed into a single transport layer connection, providing the advantages of application layer multiplexing without incurring unnecessary congestion-based network delays. A device may monitor net bandwidth and packet loss rates for a connection, and may dynamically increase and decrease a number of concurrent application layer streams to balance throughput and congestion avoidance. As congestion increases, the device may reduce concurrent stream limits in order to spawn additional transport layer connections, allowing faster congestion recovery and reduced performance impairment.

A method of reducing network traffic includes blocking, at a mobile device, a first channel to reduce network signaling in a network and to reduce battery consumption. The first channel includes a non-common channel. The method includes offloading application traffic of an application onto a second channel. The second channel may include a common channel. The method may include monitoring the application traffic of the application over the second channel, unblocking the first channel based on the monitored application traffic so that the application can perform an action, and re-blocking the first channel after the action has been completed. The method may include unblocking the first channel when user activity is detected, wherein the user activity includes whether the mobile device is being interacted with.

Device Assisted Services (DAS) for protecting network capacity is provided. In some embodiments, DAS for protecting network capacity includes monitoring a network service usage activity of the communications device in network communication; classifying the network service usage activity for differential network access control for protecting network capacity; and associating the network service usage activity with a network service usage control policy based on a classification of the network service usage activity to facilitate differential network access control for protecting network capacity.

According to certain embodiments, a method by a wireless device is provided for mapping of application data packets onto bearers. The method includes associating at least one tag value with a bearer upon establishment of the bearer. A tag is attached to a packet when passing the packet to a lower layer. The packet is mapped onto the bearer, and a path to transmit the packet is selected.

Methods and apparatus, including computer program products, are provided for QoE/QoS management. In some example embodiments, there is provided a method. The method may include detecting, by an enforcement point, an initiation of a session for an application; requesting, by the enforcement point, a first level quality of experience policy for the detected session; receiving, from a policy server, the first level quality of experience policy for the detected session; deriving, based on the first level quality of experience policy, a second level quality of experience target and/or a quality of service target for the detected session; enforcing, by the enforcement point, the second level quality of experience target and/or the quality of service target on the detected session. Related apparatus, systems, methods, and articles are also described.