A method to allow applications to regulate packets in a software defined network includes receiving a request from an application to regulate at least some of the packets, the request including at least one of a destination address range including at least one destination address, and a source address range including at least one source address, for the packets. The method further includes executing the request if it is permitted by at least one permission out of a set of permissions, wherein the permission includes a rule stating at least one type of packet regulation request that is allowed for a set of packets, the set specified by at least one of a source address range and a destination address range, the source address range including at least one source address and the destination address range including at least one destination address. A computing device can be configured to carry out the method.

A virtual switch for packet switching includes an ingress traffic steering manager executing on circuitry and coupled to receive packets from multiple virtual machines or containers, multiple data plane providers, each data plane provider having a data path coupled to selectively receive the packets from the ingress traffic steering manager, and wherein the ingress traffic steering manager classifies the received packets and selects available data paths based on the classification of the packets and a set of distribution rules.

The disclosure relates to technology for supporting a virtual switch to change data plane providers on a framework supporting multiple data plane providers. A processing device receives a request to change a first data plane provider, where the virtual switch is configured with a topology on the first data plane provider to use a flow management protocol. The virtual switch includes network interfaces connected to ports to enable communication among entities attached to the network interfaces by forwarding data packets within a first datapath of the first data plane. In response to the change, the network interfaces are disconnected, the first datapath is removed and a second datapath is created. The virtual switch is then configured to operate with the second datapath while retaining the flow management protocol and the topology, such that the entities communicate by forwarding data packets within the second datapath on the second data plane.

Systems, apparatuses, and methods for implementing an asynchronous router with virtual channel (VC) control. The asynchronous router may support multiple VCs for connections to other routers. The asynchronous router may include an interface unit on each switch boundary, with each interface unit including a data merge unit. The data merge unit may include a full detector unit for each VC, with the full detector unit counting the number of flits sent out on a respective VC and counting the number of credits released by the successor router. Whenever the successor router has no credits available, the full detector unit will assert the full signal to prevent any input requests from requesting to transmit over that particular VC. When the full signal is asserted, a timer unit may be activated to repeatedly check if any credits have been released in the successor router.

A method and an apparatus for managing one or more physical network interface cards and a physical host are provided. One or more virtual network interface cards are created, where each of the virtual network interface cards has a standard network interface card feature and an operation interface; the one or more virtual network interface cards are separately associated with one or more function modules of the physical network interface cards; and the physical network interface cards are managed by managing the one or more virtual network interface cards. In this way, differences in underlying hardware are shielded for an upper layer, and convenient and efficient centralized management are provided, thereby further improving network resource utilization.

In general, embodiments of the invention relate to routing packets between servers in different layer 2 domains. More specifically, embodiments of the invention relate to using overlay routing mechanisms in an Internet Protocol (IP) fabric to enable communication between servers in different layer 2 domains to communication. The overlay routing mechanisms may include direct routing, indirect routing, naked routing, or a combination thereof (e.g., hybrid routing).

Techniques are presented for distributing host route information of virtual machines to routing bridges (RBridges). A first RBridge receives a routing message that is associated with a virtual machine and is sent by a second RBridge. The routing message comprises of mobility attribute information associated with a mobility characteristic of the virtual machine obtained from an egress RBridge that distributes the routing message. The first RBridge adds a forwarding table attribute to the routing message that indicates whether or not the first RBridge has host route information associated with the virtual machine in a forwarding table of the first RBridge. The first RBridge also distributes the routing message including the mobility attribute information and the forwarding table attribute, to one or more RBridges in the network.

Some embodiments provide a method that uses headerspace analysis. The method receives several flow entries for distribution to a set of forwarding elements that implement a logical network. The method models each of the flow entries as a function that operates on a representation of a packet header. The method uses the modeled functions to identify a set of paths from a packet source to a packet destination. For each particular path of the identified paths, the method uses inverses of the modeled functions to determine a set of packet headers. Packets sent from the packet source with any packet header in the set of packet headers follow the particular path through the flow entries.

A software defined network (SDN) controller may configure a Layer-three gateway for a network segment in a hybrid network device within a SDN network, receive a Packet-in message encapsulated with a Layer-three data packet from a SDN network device, calculate an optimum path from source media access control (MAC) address of the data packet to destination MAC address of the data packet, and issue a flow entry to each network device in the optimum path. Subsequently, each network device may forward the data packet based on the flow entry.

A message manager is capable of analyzing a number of inputs to dynamically adjust rules used to delete messages as well as determine what kinds of messages are likely candidates to be deleted due to their being stale. If a message is determined to be a likely candidate for deletion, the message manager may query the user if they want to delete all messages with similar characteristics, e.g., sender, title, dates sent, time sent, recipients, content, context, and the like. If the user selects “yes” then the message manager may automatically update its deletion rules and further delete all messages in accordance with the user's selection.