Systems, methods, and computer-readable media for updating configurations in sensors deployed in multi-layer virtualized environments. In some examples, a system can track information of sensors and collectors in the network. In response to determining that a specific collector becomes unavailable (e.g., the specific collector is down, offline or becomes unsupported), the system can determine affected sensors corresponding to the specific collector, determine a new collector among active collectors of the network for each of the affected sensors, and dynamically update configuration and settings of the affected sensors to maintain proper collector-to-sensor mappings and other settings on the affected sensors.

Systems, methods, and computer-readable media are provided for determining a packet's round trip time (RTT) in a network. A system can receive information of a packet sent by a component of the network and further determine an expected acknowledgement (ACK) sequence number associated with the packet based upon received information of the packet. The system can receive information of a subsequent packet received by the component and determine an ACK sequence number and a receiving time of the subsequent packet. In response to determining that the ACK sequence number of the subsequent TCP packet matches the expected ACK sequence number, the system can determine a round trip time (RTT) of the packet based upon the received information of the packet and the received information of the subsequent packet.

Systems, methods, and computer-readable media are provided for determining a packet's round trip time (RTT) in a network. A system can receive information of a packet sent by a component of the network and further determine an expected acknowledgement (ACK) sequence number associated with the packet based upon received information of the packet. The system can receive information of a subsequent packet received by the component and determine an ACK sequence number and a receiving time of the subsequent packet. In response to determining that the ACK sequence number of the subsequent TCP packet matches the expected ACK sequence number, the system can determine a round trip time (RTT) of the packet based upon the received information of the packet and the received information of the subsequent packet.

In an embodiment, a method monitors a plurality of data streams passing through a router in the connectivity service provider environment, and for each of the data streams, periodically samples packets at the router. The method further generates a stream signature based at least on the payload of the sampled packets. The method further includes, for each generated stream signature, attaching information to the stream signature. Such information may, for example, include time-stamp information for the stream signature, or an identification of the router. The method may further comprise storing the stream signatures corresponding to the data streams in a database. The stored stream signatures may be compared to determine matching stream signatures. Matching signatures may identify data streams that carry identical or similar content.

A method provides for receiving network traffic from a host having a host IP address and operating in a data center, and analyzing a malware tracker for IP addresses of hosts having been infected by a malware to yield an analysis. When the analysis indicates that the host IP address has been used to communicate with an external host infected by the malware to yield an indication, the method includes assigning a reputation score, based on the indication, to the host. The method can further include applying a conditional policy associated with using the host based on the reputation score. The reputation score can include a reduced reputation score from a previous reputation score for the host.

This application provides a VXLAN packet processing method, a device, and a system. After determining that a data packet sent by a CE device is a BUM packet, a PE device encapsulates the BUM packet to generate a VXLAN packet including an ESI label and a VXLAN packet including a BUM traffic label. The VXLAN packet including the ESI label is sent to an active-active gateway, so that the gateway can block forwarding of traffic to the CE device by using an interface configured with an ESI, to avoid a loop between the PE device and the CE device. The VXLAN packet including the BUM traffic label is sent to a remote PE, to block forwarding of the VXLAN packet to the CE device by using a secondary DF interface, thereby avoiding a multi-packet problem.

Methods and apparatus for efficient data transfer within a user space network stack. Unlike prior art monolithic networking stacks, the exemplary networking stack architecture described hereinafter includes various components that span multiple domains (both in-kernel, and non-kernel). For example, unlike traditional “socket” based communication, disclosed embodiments can transfer data directly between the kernel and user space domains. Direct transfer reduces the per-byte and per-packet costs relative to socket based communication. A user space networking stack is disclosed that enables extensible, cross-platform-capable, user space control of the networking protocol stack functionality. The user space networking stack facilitates tighter integration between the protocol layers (including TLS) and the application or daemon. Exemplary systems can support multiple networking protocol stack instances (including an in-kernel traditional network stack).

Systems and methods for scheduling multiple flows in a computing system or for allocating resources to the flows in the computing system. Each flow may be associated with a target priority and a target performance. A current priority can be determined for each flow and resources are allocated based on the highest current priority. Over time, the current priorities change and each flow will receive resources as the flows are scheduled for execution. No flow is starved of resources.

A method and apparatus for transmitting a plurality of packet messages based on priority in a wireless communication system (100) is disclosed. The method includes assigning, by at least one controller and at least one network node, a priority number to each of the plurality of packet messages based on requirement of each of an application associated with each of the packet messages and providing, by the at least one controller and the at least one network node, the priority number assigned to each of the plurality of packet messages, to a socket (222/214a/214b/214c) in the wireless communication system. Further, the method includes transmitting, by at least one interface, the plurality of packet messages based on the priority number provided to the socket (222/214a/214b/214c) of each of a plurality of components in the wireless communication system, thereby providing a uniform method for priority assignment and transmission to the at least one interface.

A system and method of accessing a container environment having one or more containers is provided. The method of the disclosure includes receiving the container network namespace assigned to the container as established in a container runtime, switching from a host container network namespace to the container network namespace of the container, opening the container network interface of the container network namespace for allowing access to packets received or transmitted by the container network interface, and accessing the packets.