A communication method and apparatus. A user plane network element perform refined differentiated processing on different data packets to adapt to and meet different user requirements and network conditions. A first user plane network element receives a first data packet, where the first data packet carries first indication information. The first user plane network element processes the first data packet based on the first indication information. The first indication information includes one or more of the following: synchronous transmission indication information, packet discard indication information, data type indication information, charging indication information, statistics indication information, or priority indication information.

According to an embodiment a packet forwarding device is disclosed for forwarding data packets on a link within a communication network. The packet forwarding device is further configured to perform the following steps: measuring a load of the link; detecting if the load exceeds one of a plurality of threshold indicative for a level of congestion on the link; and sending a signal to another device in the communication network signalling the level of congestion.

Method and computing devices for enforcing packet order based on packet marking. Upon occurrence of a link failure, a first device reallocates traffic initially forwarded through the failed link to an alternative link and marks the reallocated traffic with a first flag. Upon recovery of the failed link, the reallocated traffic is forwarded again through the recovered link and marked with a second flag different from the first flag. A second device calculates a reference inter-packet time for received traffic marked with the first flag. For received traffic marked with the second flag, the second device calculates a current inter-packet time. The current inter-packet time is compared with the reference inter-packet time, to determine if the traffic marked with the second flag shall be forwarded immediately or if the forwarding shall be delayed.

Method and computing devices for enforcing packet order based on packet marking. Upon occurrence of a link failure, a first device reallocates traffic initially forwarded through the failed link to an alternative link and marks the reallocated traffic with a first flag. Upon recovery of the failed link, the reallocated traffic is forwarded again through the recovered link and marked with a second flag different from the first flag. A second device calculates a reference inter-packet time for received traffic marked with the first flag. For received traffic marked with the second flag, the second device calculates a current inter-packet time. The current inter-packet time is compared with the reference inter-packet time, to determine if the traffic marked with the second flag shall be forwarded immediately or if the forwarding shall be delayed.

Described herein are systems, methods, and software to manage the identification of control packets in an encapsulation header. In one implementation, a computing system may receive a Geneve packet at a network interface and determine that the Geneve packet includes an Operations and Management (OAM) flag. Once the OAM flag is identified, the computing system can select a processing queue from a plurality of processing queues for a main processing system of the computing system based on the OAM flag and assign the Geneve packet to the processing queue.

Described herein are systems, methods, and software to manage the identification of control packets in an encapsulation header. In one implementation, a computing system may receive a Geneve packet at a network interface and determine that the Geneve packet includes an Operations and Management (OAM) flag. Once the OAM flag is identified, the computing system can select a processing queue from a plurality of processing queues for a main processing system of the computing system based on the OAM flag and assign the Geneve packet to the processing queue.

Techniques and screening messages based on tags in an automotive environment, such as, messages communicated via a communication bus, like the CAN bus. Messages can be tagged with either a binary or probabilistic tag indicating whether the message is fraudulent. ECUs coupled to the CAN bus can receive the messages and the message tags and can determine whether to fully consume the message based on the tag.

Techniques and screening messages based on tags in an automotive environment, such as, messages communicated via a communication bus, like the CAN bus. Messages can be tagged with either a binary or probabilistic tag indicating whether the message is fraudulent. ECUs coupled to the CAN bus can receive the messages and the message tags and can determine whether to fully consume the message based on the tag.

A computer-implemented method for protecting a processing environment from malicious incoming network traffic may be provided. The method comprises: in response to receiving incoming network traffic comprising a data packet, performing a packet and traffic analysis of the data packet to determine whether said data packet is non-malicious and malicious, and processing of the data packet in a sandbox environment. Furthermore, the method comprises: in response to detecting that the data packet is non-malicious based on the packet and traffic analysis, releasing the processed data packet from the sandbox environment for further processing in the processing environment, and in response to detecting that the data packet is malicious based on the packet and traffic analysis discarding the data packet.

A computer-implemented method for protecting a processing environment from malicious incoming network traffic may be provided. The method comprises: in response to receiving incoming network traffic comprising a data packet, performing a packet and traffic analysis of the data packet to determine whether said data packet is non-malicious and malicious, and processing of the data packet in a sandbox environment. Furthermore, the method comprises: in response to detecting that the data packet is non-malicious based on the packet and traffic analysis, releasing the processed data packet from the sandbox environment for further processing in the processing environment, and in response to detecting that the data packet is malicious based on the packet and traffic analysis discarding the data packet.