A method for establishing a communication through multiple distinct communication paths deployed over different network operators includes collecting location information of network nodes of available distinct paths between a source node and destination node, comparing location information of the network nodes to identify possibly co-located network nodes, determining path segment lengths of consecutive path segments between the nodes of each path, estimating whether path segments of the paths intersect based on locations of the network nodes and the path segment lengths, selecting multiple paths that do not include intersecting path segments and/or co-located network nodes, and establishing communication between the source node and destination node over both selected paths.

Networks comprising multiple non-overlapping communication topologies are presented. The networks can include a fabric of interconnected network nodes capable of providing multiple communication paths among edge devices. A topology manager constructs communication topologies according to restriction criteria based on required security levels (e.g., top secret, secret, unclassified, etc.). Established topologies do not have overlapping networking infrastructure to within the bounds of the restriction criteria as allowed by the security levels.

Techniques are described for advertising constraint-based path computation (e.g., flexible-algorithm) through a constrained network topology. For example, a network device comprises a memory and one or more programmable processors operably coupled to the memory, wherein the one or more programmable processors are configured to generate a packet including a segment identifier (SID) offset, wherein the SID offset is an offset value associated with the flexible-algorithm. The one or more programmable processors of the network device are also configured to send, to at least one other network device of the plurality of network devices, the SID offset to enable the at least one other network device to derive a node segment identifier for the at least one other network device to participate in the flexible-algorithm.

Networks comprising multiple non-overlapping communication topologies are presented. The networks can include a fabric of interconnected network nodes capable of providing multiple communication paths among edge devices. A topology manager constructs communication topologies according to restriction criteria based on required security levels (e.g., top secret, secret, unclassified, etc.). Established topologies do not have overlapping networking infrastructure to within the bounds of the restriction criteria as allowed by the security levels.

A method and an apparatus for obtaining information about a forwarding path of a data packet in segment routing (SR) include, when a first path indicated by a plurality of path identifiers in initial information is a unique shortest path from a start node on the first path to an end node on the first path, the first path is indicated using a node-segment identifier (SID) of the end node on the first path instead of the path identifiers.

A path discovery process is provided for discovering a lowest cost combination of a plurality of paths from the source node to the destination node via links between pairs of nodes along the paths. A path discovery messages from a source node is forwarded through the network. Prior to forwarding the path discovery message a node tests one or more conditions for disabling the forwarding. Upon receiving an instance of the path discovery message, this may include testing whether no other instance of the path discovery message has both smaller cost and a previous path that contains only nodes that occur also in the path of the received instance. Furthermore, this may include testing whether a destination of the path discovery message was also a node to which a preceding node along the path has a further link, and a cost of the path from the preceding node to the next node via said further link is not larger than the cost of the path from the preceding node to the next node. Furthermore, this may include testing whether the node has a further link to the destination node and the cost associated with the link to the next node is not less than the cost associated with the further link to the destination node.

Techniques are described for advertising constraint-based path computation (e.g., flexible-algorithm) through a constrained network topology. For example, a network device comprises a memory and one or more programmable processors operably coupled to the memory, wherein the one or more programmable processors are configured to generate a packet including a segment identifier (SID) offset, wherein the SID offset is an offset value associated with the flexible-algorithm. The one or more programmable processors of the network device are also configured to send, to at least one other network device of the plurality of network devices, the SID offset to enable the at least one other network device to derive a node segment identifier for the at least one other network device to participate in the flexible-algorithm.

An electronic device and a control method thereof are provided. The electronic device includes an Internet protocol (IP) address corresponding to a domain name of a web page when a user command inputting the domain name is received, identifies a number of hops included in a network path connecting a server corresponding to the obtained IP address and the electronic device to each other, and determines that a man-in-the-middle attack exists in a network when a communication connection with the server is established on the basis of a smaller number of hops than the identified number of hops.

Techniques for migrating a plurality of communications services in a data communication network are disclosed. Aspects include accessing a migration map for the plurality of communications services in the data communication network; identifying a communications dependency between a first service and a second service in the plurality of communications services, wherein according to the migration map the first service is configured to migrate from a first route to a second route, the second service is configured to migrate from a third route to a fourth route, and the third route overlaps with the second route; determining, based on the identified communications dependency, a migration sequence for migrating the plurality of communications services in the data communication network; and migrating the plurality of communications services from a first plurality of configurations to a second plurality of configurations according to the migration sequence.

Techniques for migrating a plurality of communications services in a data communication network are disclosed. Aspects include accessing a migration map for the plurality of communications services in the data communication network; identifying a communications dependency between a first service and a second service in the plurality of communications services, wherein according to the migration map the first service is configured to migrate from a first route to a second route, the second service is configured to migrate from a third route to a fourth route, and the third route overlaps with the second route; determining, based on the identified communications dependency, a migration sequence for migrating the plurality of communications services in the data communication network; and migrating the plurality of communications services from a first plurality of configurations to a second plurality of configurations according to the migration sequence.