Some embodiments provide a novel method for deploying different virtual networks over several public cloud datacenters for different entities. For each entity, the method (1) identifies a set of public cloud datacenters of one or more public cloud providers to connect a set of machines of the entity, (2) deploys managed forwarding nodes (MFNs) for the entity in the identified set of public cloud datacenters, and then (3) configures the MFNs to implement a virtual network that connects the entity's set of machines across its identified set of public cloud datacenters. In some embodiments, the method identifies the set of public cloud datacenters for an entity by receiving input from the entity's network administrator. In some embodiments, this input specifies the public cloud providers to use and/or the public cloud regions in which the virtual network should be defined. Conjunctively, or alternatively, this input in some embodiments specifies actual public cloud datacenters to use.

Some embodiments provide novel methods for performing services for machines operating in one or more datacenters. For instance, for a group of related guest machines (e.g., a group of tenant machines), some embodiments define two different forwarding planes: (1) a guest forwarding plane and (2) a service forwarding plane. The guest forwarding plane connects to the machines in the group and performs L2 and/or L3 forwarding for these machines. The service forwarding plane (1) connects to the service nodes that perform services on data messages sent to and from these machines, and (2) forwards these data messages to the service nodes. In some embodiments, the guest machines do not connect directly with the service forwarding plane. For instance, in some embodiments, each forwarding plane connects to a machine or service node through a port that receives data messages from, or supplies data messages to, the machine or service node. In such embodiments, the service forwarding plane does not have a port that directly receives data messages from, or supplies data messages to, any guest machine. Instead, in some such embodiments, data associated with a guest machine is routed to a port proxy module executing on the same host computer, and this other module has a service plane port. This port proxy module in some embodiments indirectly can connect more than one guest machine on the same host to the service plane (i.e., can serve as the port proxy module for more than one guest machine on the same host).

Each switch unit in a networking system shares its local state information among other switch units in the networking system, collectively referred to as the shared forwarding state. Each switch unit creates a respective set of output queues that correspond to ports on other switch unites based on the shared forwarding state. A received packet on an ingress switch unit operating in accordance with a first routing protocol instance can be enqueued on an output queue in the ingress switch; the packet is subsequently processed by the egress switch unit, operating in accordance with a second routing protocol instance that corresponds to the output queue.

A network switch to support flexible lookup key generation comprises a control CPU configured to run a network switch control stack. The network switch control stacks is configured to manage and control operations of a switching logic circuitry, provide a flexible key having a plurality of possible fields that constitute part of a lookup key to a table, and enable a user to dynamically select at deployment or runtime a subset of the fields in the flexible key to form the lookup key and thus define a lookup key format for the table. The switching logic circuitry provisioned and controlled by the network switch control stack is configured to maintain said table to be searched via the lookup key in a memory cluster and process a received data packet based on search result of the table using the lookup key generated from the dynamically selected fields in the flexible key.

Method of and a compiler for controlling a network based on a logical network model. The compiler determines physical and/or virtual resources, comprising of physical nodes and physical links, against which the logical model can be compiled. The network has known physical nodes, unknown physical nodes and logical nodes. The known physical nodes are “physical nodes” which are existing or still to be setup (virtual) nodes in the network. The known physical nodes are interconnected by physical links in accordance with a physical network layout. The logical network model has logical nodes indicated with a logical node name which refers to at least one known physical node or one unknown physical node in the network. The method uses a depth-mapping relation defining how the logical nodes are mapped to the known physical nodes and the unknown physical nodes. The term “unknown physical node” is used to define an imaginary physical node to which logical nodes can be mapped through depth-mappings and which are to be substituted by a physical node of the network of which the physical node name is stored. The method includes creating logical links between the logical nodes in dependence on the paths between the known physical nodes and/or the unknown physical nodes and on the depth-mapping relation. Known physical nodes are determined for unknown physical nodes and known physical paths are determined for unknown physical paths between unknown physical nodes by performing a search. The method uses edge-relationships between logical link, logical path, physical link, physical path and depth-mapping relations. Logical paths in the logical network are transformed into a physical path comprising of physical links between the physical nodes through recursive calculation and forwarding instructions are created for the physical nodes, in dependence on the edge-relationships and point-of-attachment names between physical links and physical nodes.

In a message transmission method, an access controller receives a first message from an access node, and the first message includes a first identifier. The access controller obtains a line identifier according to the first identifier. The access controller obtains a second message according to the line identifier, and the second message includes the line identifier. The access controller sends the second message to a relay server.

Various embodiments are described wherein a set of devices are configured to be a logical mesh network. Each device has a logical mesh network address. Further, the set of logical mesh network addresses form a sequence from a first address to a last address, and intermediate addresses having both a preceding and a next address. The devices store forwarding information used to determine how to forward a received logical mesh network packet. Other embodiments are described and claimed.

A packet forwarding method includes receiving N Time-Sensitive Networking (TSN) packet flows, where each of the N TSN packet flows corresponds to a constraint condition that defines duration of a cycle, a maximum quantity of packets that are allowed to be transmitted in the cycle, and a maximum length of a single packet, and forwarding the N TSN packet flows based on a new constraint condition, where the new constraint condition is based on the constraint condition corresponding to each of the N TSN packet flows and defines duration of a new cycle, a new maximum quantity of new packets that are allowed to be transmitted in the new cycle, and a new maximum length of a new packet, where each of the N TSN packet flows is forwarded in a case in which a corresponding constraint condition is complied with.

This embodiment provides a user packet forwarding control method and a processing node. A processing node receives a processed user packet sent by a first target value-added server (VAS), and the processing node correspondingly generates a target processing identifier according to the processed user packet, so that the processing node determines, according to the target processing identifier, that the user packet has been processed by the first target VAS. Each processing node can determine VASs that have processed the user packet, without the need to change the original user packet, thereby effectively ensuring that each VAS provides a normal value-added service to the user packet, and avoiding a fault in a process of forwarding the user packet between value-added servers.

A wireless communication unit is arranged to communicate with one or more wireless mobile communication units. The wireless communication unit comprises: a cellular receiver arranged to receive content from a network server using a conventional client server mechanism; a processor operably coupled to the cellular receiver and configured to convert the received content into a bundle format that can be transmitted into a delay tolerant network; at least one memory operably coupled to the processor and configured to store the bundle formatted content; and at least one short-range wireless circuit operably coupled to the at least one memory and configured to extract the bundle formatted content from the at least one memory and transmit the extracted bundle formatted content to at least one wireless mobile communication unit using a short-range wireless communication technology.