The invention enables high-availability, high-scale, high security and disaster recovery for API computing, including in terms of capture of data traffic passing through proxies, routing communications between clients and servers, and load balancing and/or forwarding functions. The invention inter alia provides (i) a scalable cluster of proxies configured to route communications between clients and servers, without any single point of failure, (ii) proxy nodes configured for implementing the scalable cluster (iii) efficient methods of configuring the proxy cluster, (iv) natural resiliency of clusters and/or proxy nodes within a cluster, (v) methods for scaling of clusters, (vi) configurability of clusters to span multiple servers, multiple racks and multiple datacenters, thereby ensuring high availability and disaster recovery (vii) switching between proxies or between servers without loss of session.

The invention enables high-availability, high-scale, high security and disaster recovery for API computing, including in terms of capture of data traffic passing through proxies, routing communications between clients and servers, and load balancing and/or forwarding functions. The invention inter alia provides (i) a scalable cluster of proxies configured to route communications between clients and servers, without any single point of failure, (ii) proxy nodes configured for implementing the scalable cluster (iii) efficient methods of configuring the proxy cluster, (iv) natural resiliency of clusters and/or proxy nodes within a cluster, (v) methods for scaling of clusters, (vi) configurability of clusters to span multiple servers, multiple racks and multiple datacenters, thereby ensuring high availability and disaster recovery (vii) switching between proxies or between servers without loss of session.

A method includes: a first node monitors a status of a connection between the first node and a center system, and switches to the standby node working mode when the status of the connection between the first node and the center system is disconnected. The center system monitors a status of a connection between the center system and the first node, and sends a switch-to-master command to a second node when the status of the connection between the center system and the first node is disconnected. The second node switches to the master node working mode based on the switch-to-master command. Accordingly, whether a master node is switched to a standby node is determined through connectivity detection between the node and the center system, and whether a standby node is switched to a master node is determined based on an indication of the center system.

In implementations of systems for session-based routing, a computing device implements a routing system to receive session data describing a session ID as a character sequence including non-embedded characters and at least one embedded character at a pre-determined index of the character sequence. The routing system extracts the at least one embedded character and determines a processing device configuration corresponding to the at least one embedded character from ledger data describing processing device configurations. The routing system maps the session data to a particular processing device based on the processing device configuration and the non-embedded characters of the character sequence.

In implementations of systems for session-based routing, a computing device implements a routing system to receive session data describing a session ID as a character sequence including non-embedded characters and at least one embedded character at a pre-determined index of the character sequence. The routing system extracts the at least one embedded character and determines a processing device configuration corresponding to the at least one embedded character from ledger data describing processing device configurations. The routing system maps the session data to a particular processing device based on the processing device configuration and the non-embedded characters of the character sequence.

A physical network element is provided which is configured to operate as a plurality of separated routing entities, each functioning independently of the others, wherein the physical network element is characterized in that: a) each of the plurality of routing entities is provided with its own control, management and data planes, as well as with a dedicated routing information base table and a forwarding information base table; and b) all of the plurality of routing entities are configured to operate while sharing at least one member of a group that consists of: (i) one or more packet processors comprised in the physical network element; (ii) one or more central processing units (CPUs) comprised in the physical network element; (iii) one or more fabrics comprised in the physical network element; and (iv) one or more network interfaces comprised in the physical network element.

Some embodiments of the invention provide a system for implementing multiple logical routers. The system includes a Kubernetes cluster that includes multiple nodes, with each node executing a set of pods. The set of pods include a first pod for performing a first set of data message processing operations for the multiple logical routers and at least one respective separate pod for each respective logical router of the multiple logical routers. Each respective pod is for performing a respective second set of data message processing operations for the respective logical router.

The disclosure is directed to a method and system including a first node that stores a first multipoint mesh VPN database including a plurality of underlay addresses in an underlay network for a plurality of nodes, respectively, and a plurality of VPN addresses in a multipoint mesh VPN for the plurality of nodes, respectively. The first node also receives a second multipoint mesh VPN database from a second node, the second multipoint mesh VPN database including underlay and VPN addresses for the third node. The first node further receives a third multipoint mesh VPN database from the third node, the third multipoint mesh VPN database including underlay and VPN addresses for the second node. The first node additionally compares the databases to determine if underlay addresses and VPN addresses are missing from the first multipoint mesh VPN database.

The disclosure is directed to a method and system including a first node that stores a first multipoint mesh VPN database including a plurality of underlay addresses in an underlay network for a plurality of nodes, respectively, and a plurality of VPN addresses in a multipoint mesh VPN for the plurality of nodes, respectively. The first node also receives a second multipoint mesh VPN database from a second node, the second multipoint mesh VPN database including underlay and VPN addresses for the third node. The first node further receives a third multipoint mesh VPN database from the third node, the third multipoint mesh VPN database including underlay and VPN addresses for the second node. The first node additionally compares the databases to determine if underlay addresses and VPN addresses are missing from the first multipoint mesh VPN database.

This application provides a data transmission method, a device, and a network system. The method is applied to a backbone device, and the backbone device is connected to at least two access devices. After obtaining first data that needs to be sent to a first user device, the backbone device determines a first tunnel interface identifier corresponding to the first user device. The first user device is a single-homing user device. The backbone device sends, based on the first tunnel interface identifier, a first data packet including the first data to a first access device of the at least two access devices. The first access device is configured with the first tunnel interface identifier. This can optimize a data forwarding path, implement traffic optimization for the single-homing user device, and reduce traffic pressure of the network system.