A system that enables end-user devices that operate within different enterprise networks to exchange data with one another. In particular, the disclosed system uses unique IP addresses that are dedicated solely to supporting a predefined communication service between enterprise computer networks, in order to identify and route each data packet according to the communications service. As part of the communications service, the data packets are transmitted, for example, from a first local service provider network hosting a first enterprise network, through a participating backbone service provider network on the public Internet and based on deterministic routing, and to a second local service provider network hosting a second enterprise network. In handling the data packets in this way, the disclosed system creates an Internet wide-area-network (WAN): the data packets are transmitted over the Internet and conceivably over a large geographic distance between enterprise networks.

Compute nodes can execute virtual routers to implement a forwarding plane for one or more virtual networks having virtual network destinations hosted by the compute nodes. In one example, a method includes generating, by a software-defined networking (SDN) controller that manages a plurality of compute nodes, based on a unique identifier of a virtual network, a route target value for the virtual network, wherein the virtual network comprises virtual network endpoints executing on the compute nodes; and outputting, by the SDN controller and to a routing protocol peer device, a virtual private network (VPN) route that includes the route target value for the virtual network and a virtual network prefix associated with the virtual network, the VPN route for routing to the plurality of compute nodes executing the virtual network endpoints of the virtual network.

This disclosure describes techniques for improving route advertisements. In one example, generating, by a software-defined networking (SDN) controller that manages a plurality of compute nodes, based on a unique identifier of a virtual network, a route target value for the virtual network, wherein the virtual network comprises virtual network endpoints executing on the compute nodes; and outputting, by the SDN controller and to a routing protocol peer device, a virtual private network (VPN) route that includes the route target value for the virtual network and a virtual network prefix associated with the virtual network, the VPN route for routing to the plurality of compute nodes executing the virtual network endpoints of the virtual network.

Via a tunnel configured on a Virtual eXtensible Local Area Network (VXLAN) Tunnel End Point (VTEP), a notification message is received from a peer VTEP over the tunnel. The received notification message contains VXLAN Network Identifiers (VNIs) of VXLANs currently configured on the peer VTEP. For each of VXLANs currently configured on the VTEP, when the same VXLAN as the VXLAN configured on the VTEP exists in the VXLANs indicated by the VNIs contained in the received notification message and when the VXLAN configured on the VTEP has not been associated with the tunnel, the VXLAN configured on the VTEP is associated with the tunnel.

A source Medium Access Control (MAC) address is learned upon receiving a data message from a local network, and a learned local MAC address entry is added to a MAC address forwarding table. A source MAC address is not learned upon receiving a data message from a tunnel. When a local MAC address entry in the MAC address forwarding table changes, a synchronization message is sent via each tunnel associated with a Virtual Extensible Local Area Network (VXLAN) in the changed local MAC address entry, and is saved into a database corresponding to the tunnel. Each tunnel corresponds to one database.

An Ethernet switch for a vehicle, a method of controlling the Ethernet switch are provided. The method includes detecting a first connection between a connector of the diagnostic device and a first port of the Ethernet switch and establishing a second connection with the diagnostic device by referring to a virtual local area network identifier (VLAN ID) table. A third connection is established between the controller and an electronic control unit (ECU) of the vehicle by referring to the VLAN ID table. A certificate-based secure access procedure is performed between the diagnostic device and the controller. A mode of the Ethernet switch is switched from a lock mode to an unlock mode and a fourth connection is established between the diagnostic device and the ECU by referring to the VLAN ID table.

In one embodiment, a method includes activating a first network apparatus within a network and determining, by the first network apparatus, that a Scalable Group Tag (SGT) Exchange Protocol (SXP) is configured on the first network apparatus. The method also includes costing out the first network apparatus in response to determining that the SXP is configured on the first network apparatus. Costing out the first network apparatus prevents Internet Protocol (IP) traffic from flowing through the first network apparatus. The method further includes receiving, by the first network apparatus, IP-to-SGT bindings from an SXP speaker, receiving an end-of-exchange message from the SXP speaker, and costing in the first network apparatus in response to receiving the end-of-exchange message. Costing in the first network apparatus allows the IP traffic to flow through the first network apparatus.

This disclosure describes techniques for improving route advertisements. In one example, generating, by a software-defined networking (SDN) controller that manages a plurality of compute nodes, based on a unique identifier of a virtual network, a route target value for the virtual network, wherein the virtual network comprises virtual network endpoints executing on the compute nodes; and outputting, by the SDN controller and to a routing protocol peer device, a virtual private network (VPN) route that includes the route target value for the virtual network and a virtual network prefix associated with the virtual network, the VPN route for routing to the plurality of compute nodes executing the virtual network endpoints of the virtual network.

There is provided a system that comprises an IP-routed interregional distribution network, and a user-network interface (UNI) that employs (a) a first virtual broadcast domain (VBD), (b) a second VBD, (c) a virtual extensible local area network (VXLAN), and (d) a protocol transformation stack. The UNI is adapted for layer 2 connection to a user device via the first VBD, and adapted for layer 3 communication over the IP-routed interregional distribution network via the VXLAN. The protocol transformation stack is adapted to convert a layer 2 broadcast domain to/from an IP-routable form by mapping the first VBD to the second VBD, and encapsulating the second VBD into the VXLAN.

Embodiments of this application provide a method and an apparatus for obtaining a network slice identifier. In the method, a wireless access device receives a first service packet sent by a terminal; the wireless access device obtains a second service packet based on the first service packet, where the second service packet includes the first service packet and a network slice identifier; and the wireless access device sends the second service packet to a forwarding device.