Some embodiments of the invention provide novel methods for facilitating a distributed SNAT (dSNAT) middlebox service operation for a first network at a host computer in the first network on which the dSNAT middlebox service operation is performed and a gateway device between the first network and a second network. The novel methods enable dSNAT that provides stateful SNAT at multiple host computers, thus avoiding the bottleneck problem associated with providing stateful SNAT at gateways and also significantly reduces the need to redirect packets received at the wrong host by using a capacity of off-the-shelf gateway devices to perform IPv6 encapsulation for IPv4 packets and assigning locally unique IPv6 addresses to each host executing a dSNAT middlebox service instance that are used by the gateway device.

A first network device associated with a network may establish an Internet protocol version 6 Multiprotocol BGP session with a second network device associated with the network. The first network device and second network device are both capable of forwarding both IPv4 and IPv6 packets with only an IPv6 address configured on the interface of both the first network device and second network device. The first network device may exchange Multiprotocol Reachability capability with second network device for corresponding 2-tuple Address Family Identifier/Subsequent Address Family Identifier. The first network device may advertise Internet protocol version 4 network layer reachability information and may advertise Internet protocol version 6 network layer reachability information with IPv6 extended next hop encoding using Internet Assigned Numbering Authority assigned capability code value 5 to second network device.

In some implementations, formation of loops between nodes in an RPL network may be avoided. A node that receives a neighbor-discovery message may determine, based on a parent-child status, whether the neighbor-discovery message was received from a parent of the node. If the neighbor-discovery message was received from the parent, the node may transmit an error code to the parent. In addition, the node may determine, based on a comparison of reliability rankings, whether the neighbor-discovery message was received from a node with relatively high reliability, such as a potential grandparent node. If the neighbor-discovery message was received from a high-reliability node, the node may transmit an error code to the high-reliability node. Furthermore, the node may reduce network traffic by withholding a neighbor-detection message from a child node. The node may transmit a response to neighbor-detection messages received from the child node.

A Wi-Fi controller identifies a mismatch between a first prefix of a first IPv6 address for a data packet corresponding to a first VLAN on which the data packet was sent from the station to the access point, and a prefix of a second IPv6 address for a second VLAN from which the data packet was transmitted from the access point to the Wi-Fi controller. Responsive to the VLAN mismatch identification, the Wi-Fi controller transmits a DHCP reconfiguration packet to the station using the first VLAN. The DHCP reconfiguration packet causes the station to transmit a rebind packet to the DHCP server. The rebind packet causes the DHCP server to transmit an ACK frame on the first VLAN setting the valid lifetime for the first IPv6 address to zero.

A network node may receive a packet that originated from a root network node and may process the packet to determine segment identifier (SID) information associated with a point-to-multipoint transport chain. The network node may determine, based on the SID information, that the network node is a transit leaf node in the point-to-multipoint transport chain. The network node may generate, based on determining that the network node is a transit leaf node in the point-to-multipoint transport chain, a copy of the packet and may process the copy of the packet to perform one or more actions. The network node may update, based on determining that the network node is a transit leaf node in the point-to-multipoint transport chain, the SID information and may send, after updating the SID information, the packet, with the updated SID information, to another network node.

A softAP bridge is created to support a mesh network that also works seamlessly with any home Wi-Fi AP routers by using Layer-3 techniques to simulate a Layer-2 bridge. With this softAP bridge, Wi-Fi chipsets with integrated special Wi-Fi MAC Layer-2 mesh network support (e.g., 802.11s), or external gateway hubs, are not required. To accomplish this solution, one of the wireless devices may be designated as a relay device for communicating IPv6 data packets between a home AP router and the remaining wireless devices designated as client devices.

Techniques are described for managing communications between multiple computing nodes, such as for computing nodes that are part of managed virtual computer networks provided on behalf of users or other entities. In some situations, one or more of the computing nodes of a managed virtual computer network is configured to perform actions to extend capabilities of the managed virtual computer network to other computing nodes that are not part of the managed virtual computer network, such as by forwarding communications between computing nodes of the managed virtual computer network and the other external computing nodes so as to enable the other external computing nodes to participate in the managed virtual computer network. In some situations, the computing nodes may include virtual machine nodes hosted on one or more physical computing machines or systems, such as by or on behalf of one or more users.

A Wi-Fi controller identifies a mismatch between a first prefix of a first IPv6 address for a data packet corresponding to a first VLAN on which the data packet was sent from the station to the access point, and a prefix of a second IPv6 address for a second VLAN from which the data packet was transmitted from the access point to the Wi-Fi controller. Responsive to the VLAN mismatch identification, the Wi-Fi controller transmits an RA to the station with a preferred lifetime of 0, wherein subsequent communications use the second IPv6 address.

An electronic device and method are disclosed. The electronic device includes memory storing identification of at least an external electronic device, to which an IPv6-based IP address is allocatable, a communication circuit, and a processor. The processor implements the method, including: receiving, from the external electronic device, a router solicitation including a link local address generated by the external electronic device, and identification information of the external electronic device, confirming whether the identification information of the external electronic device included in the router solicitation is stored in the memory, and if so, transmitting a router advertisement including information related to generation of the IP address to the external electronic device.

An apparatus, such as a computing node, includes a storage device for storing program instructions and a service processor for processing the program instructions to: send an out-of-band request for access to an operator panel, wherein the out-of-band request is sent over a local network domain operatively coupling a plurality of computing nodes; receive a first out-of-band reply identifying an address and one or more capabilities of an operator panel accessible over the local network domain; and negotiate an active link to the operator panel over the local network domain. Another apparatus is similar but further includes an operator panel operatively coupled to a service processor, the service processor for processing the program instructions to: receive the out-of-band request over the local network domain; send the first out-of-band message; and negotiate an active link between the operator panel and a computing node.