A telecommunication and multimedia management apparatus and method that supports voice and other media communications and that enables users to: (i) participate in multiple conversation modes, including live phone calls, conference calls, instant voice messaging or tactical communications; (ii) review the messages of conversations in either a live mode or a time-shifted mode and to seamlessly transition back and forth between the two modes; (iii) participate in multiple conversations either concurrently or simultaneously; (iv) archive the messages of conversations for later review or processing; and (v) persistently store media either created or received on the communication devices of users. The latter feature enables users to generate or review media when either disconnected from the network or network conditions are poor and to optimize the delivery of media over the network based on network conditions and the intention of the users participating in conversations.

Techniques for management of traffic in a network. The techniques provide application awareness in a Network Address Translation (NAT) system. In some examples, a first traffic is received at a first switch in a network from a first application hosted behind the first switch. The first switch identifies a first resource tag associated with the application from the first traffic. Further, the first switch identifies a first rule from the first resource tag indicating that the first traffic is to be routed through an intermediate device that performs network address translation. Moreover, the first switch transmits the traffic to an intermediate device, which perform NAT to translate the source IP address of the first traffic to a second IP address. Finally, the intermediate device sends the traffic to a destination device indicated by the first traffic.

Techniques for management of traffic in a network. The techniques provide application awareness in a Network Address Translation (NAT) system. In some examples, a first traffic is received at a first switch in a network from a first application hosted behind the first switch. The first switch identifies a first resource tag associated with the application from the first traffic. Further, the first switch identifies a first rule from the first resource tag indicating that the first traffic is to be routed through an intermediate device that performs network address translation. Moreover, the first switch transmits the traffic to an intermediate device, which perform NAT to translate the source IP address of the first traffic to a second IP address. Finally, the intermediate device sends the traffic to a destination device indicated by the first traffic.

Some embodiments provide a method for configuring a logical middlebox in a hosting system that includes a set of nodes. The logical middlebox is part of a logical network that includes a set of logical forwarding elements that connect a set of end machines. The method receives a set of configuration data for the logical middlebox. The method uses a stored set of tables describing physical locations of the end machines to identify a set of nodes at which to implement the logical middlebox. The method provides the logical middlebox configuration for distribution to the identified nodes.

Some embodiments provide a method for configuring a logical middlebox in a hosting system that includes a set of nodes. The logical middlebox is part of a logical network that includes a set of logical forwarding elements that connect a set of end machines. The method receives a set of configuration data for the logical middlebox. The method uses a stored set of tables describing physical locations of the end machines to identify a set of nodes at which to implement the logical middlebox. The method provides the logical middlebox configuration for distribution to the identified nodes.

A system that enables end-user devices that operate within different enterprise networks to exchange data with one another. In particular, the disclosed system uses unique IP addresses that are dedicated solely to supporting a predefined communication service between enterprise computer networks, in order to identify and route each data packet according to the communications service. As part of the communications service, the data packets are transmitted, for example, from a first local service provider network hosting a first enterprise network, through a participating backbone service provider network on the public Internet and based on deterministic routing, and to a second local service provider network hosting a second enterprise network. In handling the data packets in this way, the disclosed system creates an Internet wide-area-network (WAN): the data packets are transmitted over the Internet and conceivably over a large geographic distance between enterprise networks.

In an example embodiment, A PICNEEC is provided. It includes one or more Virtual Customized Rules Enforcer (VCRE) instances, each VCRE instance corresponding to a group of mobile devices and defining a set of policies personalized for the group of mobile devices. Each VCRE is configured to, upon receiving a data packet communicated between a packet-based network and a mobile device in the corresponding group via a radio network, execute one or more policy rules stored in the VCRE instance to the data packet prior to forwarding the data packet. Each VCRE instance is controlled independently of one another via direct accessing of the VCRE instance by a different customer of the mobile network provider.

The present disclosure provides example computer-implemented method, medium, and system for managing IP addresses for DPDK enabled network interfaces for cloud native pods. One example method includes creating a pod of one or more containers, where the pod connects to multiple networks through multiple network interfaces. A poll mode driver (PMD) is attached to a first network interface of the multiple network interfaces, where the PMD enables one or more data plane development kit (DPDK) applications inside the pod to manage the first network interface. A first container network interface (CNI) is created to handle the DPDK enabled first network interface. A first Internet protocol (IP) address is allocated to the first network interface using the first CNI. The first IP address is passed to the one or more DPDK applications using the first CNI.

The present disclosure provides example computer-implemented method, medium, and system for managing IP addresses for DPDK enabled network interfaces for cloud native pods. One example method includes creating a pod of one or more containers, where the pod connects to multiple networks through multiple network interfaces. A poll mode driver (PMD) is attached to a first network interface of the multiple network interfaces, where the PMD enables one or more data plane development kit (DPDK) applications inside the pod to manage the first network interface. A first container network interface (CNI) is created to handle the DPDK enabled first network interface. A first Internet protocol (IP) address is allocated to the first network interface using the first CNI. The first IP address is passed to the one or more DPDK applications using the first CNI.

The method of some embodiments protects multiple datacenters that implement an application. The datacenter include multiple DNS clusters for assigning clients to the datacenters. The method is performed at a first datacenter. The method receives, from a second datacenter, a security notification identifying a set of clients that pose a security threat. The method stores a set of identifiers associated with the set of clients on a deny-list. Prior to responding to a DNS request from a particular client, the method determines whether the particular client is on the deny-list. The method rejects the DNS request when the particular client is on the deny-list. The method processes the DNS request when the particular client is not on the deny-list.