A route processing method is implemented by a first PE device and includes receiving a VPN route that includes a second SRv6 VPN SID and a third SRv6 VPN SID from a second PE device; determining that the second SRv6 VPN SID is the same as a first SRv6 VPN SID; and establishing a second path based on the third SRv6 VPN SID, where when a first path directly connected to the first PE device and the second CE device is faulty, the second path is used by the first PE device to forward a packet to the second CE device.

A method for sharing an uplink port among network slices, an apparatus, and a non-transitory computer-readable storage medium are disclosed. The method may include: creating logical uplink ports of network slices (S201); establishing a one-to-one logical mapping between the logical uplink ports and access AC interfaces of a VXLAN in a shared slice (S202); and enabling the VXLAN in the shared slice, and transmitting, by means of a physical uplink port of the shared slice, service messages for the network slices (S203).

A proxy device coupled to a network receives communications between a client and a server on the network. The proxy device operates transparently to the client and the server, while coupled to receive and process the communications from a node on the network via a network port in a one-armed configuration. The proxy device communicates packets of the communications with an external tool coupled to the proxy device via a tool port and operates transparently to the nod and the tool. In certain embodiments, the tool may be a network security device, such as a firewall.

In a multi-person pose recognition method, a to-be-recognized image is obtained, and a circuitous pyramid network is constructed. The circuitous network pyramid includes parallel phases, and each phase includes downsampling network layers, upsampling network layers, and a first residual connection layer to connect the downsampling and upsampling network layers. The phases are interconnected by a second residual connection layer. The circuitous pyramid network is traversed, by extracting a feature map for each phase, and the feature map of the last phase is determined to be the feature map of the to-be-recognized image. Multi-pose recognition is then performed on the to-be-recognized image according to the feature map to obtain a pose recognition result for the to-be-recognized image.

Network identifiers are extracted from route advertisements. A table associates virtual network identifiers with provider edge devices. When a virtual network identifier extracted from a route advertisement matches a virtual network identifier in the table, the route advertisement is propagated to the provider edge devices associated with that virtual network identifier in the table. The route advertisement is not propagated to provider edge devices not associated with that virtual network identifier in the table.

Client device blocking may be provided. A switching device may receive data from a first client device. The data may be addressed to a second client device. Then it may be determined that both the first client device and the second client device belong to a protected group. Next, in response to determining that both the first client device and the second client device belong to the protected group, the data may be blocked from being forwarding to the second client device on a network interface of the switching device.

Top-of-rack (TOR) switches are connected to a network fabric of a data center. Each TOR switch corresponds to a rack of the data center, and is configured to provide access to the network fabric for computing devices mounted in the rack. In one method, a TOR switch is mounted in a rack. The TOR switch is connected to a network fabric of a data center. A lock is used to control physical access to the rack. A request to physically access the rack is received from a computing device (e.g., a badge implementing a security token, or a mobile device). The request includes authentication credentials. The computing device is then authenticated. In response to authenticating the computing device, the lock is configured to provide physical access to the rack.

Systems and methods for managing network traffic receives, at a grade of service device, network traffic information for a plurality of network traffic channels from a network device separate from the grade of service device. The network traffic information is compared to a threshold to determine a behavior value for each network traffic channel. Each network traffic channel is mapped to a grade of service according to the behavior value.

Techniques are described for providing fast reroute for traffic in EVPN-VXLAN. For example, a backup PE device of an Ethernet segment is configured with an additional tunnel endpoint address (“reroute tunnel endpoint address”) for a backup path associated with a second split-horizon group that is different than a tunnel endpoint address and first split-horizon group for another path used for normal traffic forwarding. The backup PE device sends the reroute tunnel endpoint address to a primary PE device of the Ethernet segment, which uses the reroute tunnel endpoint address to configure a backup path to the backup PE device over the core network. For example, the primary PE device may install the reroute tunnel endpoint address within its forwarding plane and one or more operations to cause the primary PE device to encapsulate a VXLAN header including the reroute tunnel endpoint address when rerouting the packet along the backup path.

Top-of-rack (TOR) switches are connected to a network fabric of a data center. Each TOR switch corresponds to a rack of the data center, and is configured to provide access to the network fabric for computing devices mounted in the rack. In one method, a TOR switch is mounted in a rack. The TOR switch is connected to a network fabric of a data center. A lock is used to control physical access to the rack. A request to physically access the rack is received from a computing device (e.g., a badge implementing a security token, or a mobile device). The request includes authentication credentials. The computing device is then authenticated. In response to authenticating the computing device, the lock is configured to provide physical access to the rack.