A method for UE route selection policy (URSP) rule matching enhancement is proposed. When an application is executed, the upper layer of a UE sends the application information to URSP entity for matching a URSP rule. The UE finds an RSD of the matching URSP rule, and the UE tries to reuse an existing PDU session, e.g., the association of the application with the existing PDU session have certain exceptions. In one example, regarding DNN, S-NSSAI, SSC mode, and PDU session type, the above listed parameters in the RSD can either match with stored PDU session parameters of the existing PDU session or match with PDU session parameters requested by the UE during the PDU session establishment procedure.

A method for UE route selection policy (URSP) rule matching enhancement is proposed. When an application is executed, the upper layer of a UE sends the application information to URSP entity for matching a URSP rule. The UE finds an RSD of the matching URSP rule, and the UE tries to reuse an existing PDU session, e.g., the association of the application with the existing PDU session have certain exceptions. In one example, regarding DNN, S-NSSAI, SSC mode, and PDU session type, the above listed parameters in the RSD can either match with stored PDU session parameters of the existing PDU session or match with PDU session parameters requested by the UE during the PDU session establishment procedure.

According to some embodiments, a software defined wide area network (SD-WAN) includes a first region and a second region. The first region includes multiple first routing controllers and multiple first SD-WAN edge routers. The second region includes multiple second routing controllers and multiple second SD-WAN edge routers. Each first SD-WAN edge router of the first region is configured to establish Overlay Management Protocol (OMP) peering connections with the plurality of first routing controllers of the first region but to avoid establishing OMP peering connections with the plurality of second routing controllers of the second region. Each second SD-WAN edge router of the second region is configured to establish OMP peering connections with the plurality of second routing controllers of the second region but to avoid establishing OMP peering connections with the plurality of first routing controllers of the first region.

According to some embodiments, a software defined wide area network (SD-WAN) includes a first region and a second region. The first region includes multiple first routing controllers and multiple first SD-WAN edge routers. The second region includes multiple second routing controllers and multiple second SD-WAN edge routers. Each first SD-WAN edge router of the first region is configured to establish Overlay Management Protocol (OMP) peering connections with the plurality of first routing controllers of the first region but to avoid establishing OMP peering connections with the plurality of second routing controllers of the second region. Each second SD-WAN edge router of the second region is configured to establish OMP peering connections with the plurality of second routing controllers of the second region but to avoid establishing OMP peering connections with the plurality of first routing controllers of the first region.

A software-defined network (SDN) rule modification counter system provides counters that track all changes and edits to rules at SDN controllers and SDN switches on an SDN. The system compares counters at the SDN controller and SDN switch to determine if they match. If the counters do not match, a change has been made to the rules. With the addition of rule edit statistics the SDN controller will now have visibility that a rule modification was performed. The SDN controller then verifies that the state of the device is the same as its expected state as a secondary integrity check. Based on the rule modification notification, changes to a central rules table at the SDN controller and changes to rule settings at the SDN switch are made according to pre-programmed logic.

A software-defined network (SDN) rule modification counter system provides counters that track all changes and edits to rules at SDN controllers and SDN switches on an SDN. The system compares counters at the SDN controller and SDN switch to determine if they match. If the counters do not match, a change has been made to the rules. With the addition of rule edit statistics the SDN controller will now have visibility that a rule modification was performed. The SDN controller then verifies that the state of the device is the same as its expected state as a secondary integrity check. Based on the rule modification notification, changes to a central rules table at the SDN controller and changes to rule settings at the SDN switch are made according to pre-programmed logic.

A communication device is provided that makes a single or a plurality of functions desired by a service user act on a packet desired by the service user in a service for transferring a packet in a network. A communication device is provided that includes a communication unit that communicates with another node and a control unit that controls the communication by the communication unit, in which the control unit generates path information with a target node, and in the path information with the target node, at least information regarding communication with at least a single relay node that exists between the communication device and the target node, information regarding a function to be performed by the relay node, and content of processing according to the function execution result by the relay node are written.

Technologies for multi-cloud routing and policy interconnectivity are provided. An example method can include assigning different sets of data plane routers to data plane traffic associated with different address spaces in a cloud site of a multi-cloud fabric to yield a distributed mapping of data plane traffic and data plane routers. The method can further include providing, to an on-premises site in the multi-cloud fabric, routing entries from a control plane router on the cloud site, the routing entries reflecting the distributed mapping and identifying, for each address space, which data plane router handles data plane traffic for that address space; and when a data plane router is deployed at the cloud site, providing, to the on-premises site, updated routing information from the control plane router, the updated routing information identifying the data plane router as a next hop for data plane traffic associated with a respective address space.

Some embodiments of the invention provide a method of facilitating routing through a software-defined wide area network (SD-WAN) defined for an entity. A first edge forwarding node located at a first multi-machine site of the entity, the first multi-machine site at a first physical location and including a first set of machines, serves as an edge forwarding node for the first set of machines by forwarding packets between the first set of machines and other machines associated with the entity via other forwarding nodes in the SD-WAN. The first edge forwarding node receives configuration data specifying for the first edge forwarding node to serve as a hub forwarding node for forwarding a set of packets from a second set of machines associated with the entity and operating at a second multi-machine site at a second physical location to a third set of machines associated with the entity and operating at a third multi-machine site at a third physical location. The first edge forwarding node serves as a hub forwarding node to forward the set of packets from the second set of machines to the third set of machines.

Embodiments are directed to managing communication over one or more networks. A monitoring engine may be instantiated to perform actions including receiving network traffic from a physical network that may be associated with network addresses of the physical network. The monitoring engine may analyze the network traffic to associate activity with gateway identifiers (GIDs) associated with gateway computers in an overlay network such that the GIDs are separate from the network addresses. The monitoring engine may be arranged to monitor the network traffic based on monitoring rules. The monitoring engine may provide metrics associated with the gateway computers based on the monitoring of the network traffic. The monitoring engine may compare the metrics to event rules. The monitoring engine may generate events based on affirmative results of the comparison. The events may be mapped to actions based on characteristics of the events and executed.