The present application relates to communications between a partner network and a wide area network (WAN) via the Internet. Although Internet service providers may act as autonomous systems, the WAN may control routing from the partner network by advertising unicast border gateway protocol (BGP) address prefixes for a plurality of front-end devices in the WAN. An agent in the partner network measures a plurality of paths to a service within the WAN. Each of the plurality of paths is associated with one of the plurality of front-end devices and a respective unicast BGP address prefix. The WAN selects a path within the WAN for the service. The WAN exports a routing rule to the agent. The agent forwards data packets for the service to the respective BGP address prefix via the Internet. The WAN receives data packets for the service of the partner network at the selected device.

Described are examples for providing a system for managing configuration and policies for a virtualized wide area network (vWAN) support on a wide area network (WAN). The vWAN includes a plurality of virtual network entities associated with geographic locations including the physical computing resources of the WAN and virtual connections between the virtual network entities. The system includes a network safety component for managing configurations and policies of the vWAN on the WAN. The network safety component receives a change to a policy or configuration of the vWAN from an operator of a network connected to the vWAN. The network safety component evaluates a set of safety rules for the operator based on the change and a network state of a physical WAN underlying the vWAN. The network safety component generates an error message in response to at least one of the set of safety rules failing the evaluation.

Systems and methods for aggregating samples of Proactive Network Maintenance (PNM) data representing state information of a communications network. Each sample may be associated with one of a plurality of different frequency ranges, where the samples are aggregated over a temporal range and aggregated over a frequency range. The data aggregated in this manner may then be used to configure the network.

In general, techniques are described for providing user nomadicity in wireline broadband networks. A network device positioned in a wireline broadband network comprising a processor and an interface may be configured to perform the techniques. The processor may be configured to execute a first virtual customer premises equipment to provide, to a first subscriber, access to the wireline broadband network from a first subscription point in accordance with a first subscription. The processor may also be configured to provide, to a second subscriber, access to the wireline broadband network from the first subscription point in accordance with a second subscription. The interface may be configured to forward, in accordance with the first subscription, traffic received from the first subscription point and associated with the first subscriber, and forward, in accordance with the second subscription, traffic received from the first subscription point and associated with the second subscriber.

Apparatus and methods for guaranteeing a quality of experience (QoE) associated with data provision services in an enhanced data delivery network. In one embodiment, a network architecture having service delivery over at least portions of extant infrastructure (e.g., a hybrid fiber coax infrastructure) is disclosed, which includes standards-compliant ultra-low latency and high data rate services (e.g., 5G NR services) via a common service provider. In one exemplary implementation, “over-the-top” voice data services may enable exchange of voice traffic with client devices in the aforementioned network. A distribution node may use a detection rule to identify received packets as voice traffic, and cause a dedicated bearer to attach to the default bearer, thereby enabling delivery of high-quality voice traffic by at least prioritizing the identified packets thereafter and sustaining the delivery even in a congested network environment, and improving the quality of service (QoS) and QoE for the user(s).

Systems, methods, and devices for identifying and responding to illegitimate devices on a service provider network include computing devices that are configured to collect dynamic host configuration protocol (DHCP) information related to a device (e.g., a modem, etc.) that establishes or requests to establish an internet protocol (IP) connection to the service provider network. The computing devices may determine features based on the collected DHCP information, apply the determined features to a classification model, and predict whether the device is an illegitimate device based on a result of applying the determined features to the classification model. The computing devices may perform a responsive action (e.g., blacklist or quarantine the device, etc.) in response to predicting that the device is an illegitimate device.

Described are examples for providing a system for managing configuration and policies for a virtualized wide area network (vWAN) support on a wide area network (WAN). The vWAN includes a plurality of virtual network entities associated with geographic locations including the physical computing resources of the WAN and virtual connections between the virtual network entities. The system includes a network safety component for managing configurations and policies of the vWAN on the WAN. The network safety component receives a change to a policy or configuration of the vWAN from an operator of a network connected to the vWAN. The network safety component evaluates a set of safety rules for the operator based on the change and a network state of a physical WAN underlying the vWAN. The network safety component generates an error message in response to at least one of the set of safety rules failing the evaluation.

A network access method includes receiving, by a first access point, a first network identifier and a first password of a second access point from a server, setting, by the first access point, a first network based on a first network identifier and a first password of the second access point, sending, by an intelligent device, a first network connection request, establishing, by the first access point, a first network connection between the first access point and the intelligent device in response to the first network connection request, sending, by the first access point, a second network identifier or a second password of the first access point to the intelligent device by the first network connection, and sending, by the intelligent device, a second network connection request to the first access point based on the second network identifier or the second password of the first access point.

Described are examples for providing a system for managing configuration and policies for a virtualized wide area network (vWAN) support on a wide area network (WAN). The vWAN includes a plurality of virtual network entities associated with geographic locations including the physical computing resources of the WAN and virtual connections between the virtual network entities. The system includes a network safety component for managing configurations and policies of the vWAN on the WAN. The network safety component receives a change to a policy or configuration of the vWAN from an operator of a network connected to the vWAN. The network safety component evaluates a set of safety rules for the operator based on the change and a network state of a physical WAN underlying the vWAN. The network safety component generates an error message in response to at least one of the set of safety rules failing the evaluation.

An access control method. A BNG CP may receive a first message from first user equipment. The first message is used by the first user equipment to request to access a network, a primary gateway through which the first user equipment accesses the network is a first BNG, and a backup gateway through which the first user equipment accesses the network is a second BNG. After receiving the first message, the BNG CP may determine, from a first network segment, an IP address assigned to the first user equipment, and send the IP address of the first user equipment to the first user equipment. The first network segment is only used to assign an IP address to user equipment that accesses the network by using the first BNG as a primary gateway and the second BNG as a backup gateway.