Some embodiments establish for an entity a virtual network over several public clouds of several public cloud providers and/or in several regions. In some embodiments, the virtual network is an overlay network that spans across several public clouds to interconnect one or more private networks (e.g., networks within branches, divisions, departments of the entity or their associated datacenters), mobile users, and SaaS (Software as a Service) provider machines, and other web applications of the entity. The virtual network in some embodiments can be configured to optimize the routing of the entity's data messages to their destinations for best end-to-end performance, reliability and security, while trying to minimize the routing of this traffic through the Internet. Also, the virtual network in some embodiments can be configured to optimize the layer 4 processing of the data message flows passing through the network.

Systems, methods, and computer-readable media for preserving source host context when firewall policies are applied to traffic in an enterprise network fabric. A data packet to a destination host from a source host can be received at a first border node instance in an enterprise network fabric as part of network traffic. The data packet can include a context associated with the source host. Further, the data packet can be sent to a firewall of the enterprise network fabric and can be received at a second border node instance after the firewall applies a firewall policy to the data packet. The data packet can then be selectively encapsulated with the context associated with the source host at the second border node instance for applying one or more policies to control transmission of the network traffic through the enterprise network fabric.

Systems, methods, and computer-readable media for preserving source host context when firewall policies are applied to traffic in an enterprise network fabric. A data packet to a destination host from a source host can be received at a first border node instance in an enterprise network fabric as part of network traffic. The data packet can include a context associated with the source host. Further, the data packet can be sent to a firewall of the enterprise network fabric and can be received at a second border node instance after the firewall applies a firewall policy to the data packet. The data packet can then be selectively encapsulated with the context associated with the source host at the second border node instance for applying one or more policies to control transmission of the network traffic through the enterprise network fabric.

In general, in one aspect, the disclosure describes a Universal Plug and Play (UPnP) Remote Access Server (RAS) to provide a communication channel between UPnP Remote Access Clients (RACs) connected thereto. The UPnP RAS maintains local discovery information for UPnP devices connected to a local network and remote discovery information for remote UPnP devices communicating therewith. The UPnP RAS provides the remote UPnP devices communicating therewith with the local discovery information and the remote discovery information. The remote discovery information is utilized by a first remote UPnP device to discover a second UPnP device and vice versa. After discovery, a first remote UPnP device can communicate with a second UPnP device and vice versa.

In general, in one aspect, the disclosure describes a Universal Plug and Play (UPnP) Remote Access Server (RAS) to provide a communication channel between UPnP Remote Access Clients (RACs) connected thereto. The UPnP RAS maintains local discovery information for UPnP devices connected to a local network and remote discovery information for remote UPnP devices communicating therewith. The UPnP RAS provides the remote UPnP devices communicating therewith with the local discovery information and the remote discovery information. The remote discovery information is utilized by a first remote UPnP device to discover a second UPnP device and vice versa. After discovery, a first remote UPnP device can communicate with a second UPnP device and vice versa.

The present disclosure generally relates to wireless communication. In some aspects, a user equipment may receive an indication of an association between one or more downlink reference signals and a corresponding physical cell identifier (PCI) of multiple PCIs associated with a serving cell, wherein the one or more downlink reference signals are used to identify one or more beams associated with one or more random access channel (RACH) occasions for a RACH procedure; transmit one or more first random access messages in one or more corresponding RACH occasions associated with one or more PCIs of the multiple PCIs; and receive one or more second random access messages, that include a physical download control channel portion and a physical download shared channel portion, associated with the one or more PCIs based at least in part on transmitting the one or more first random access messages. Numerous other aspects are provided.

The present disclosure generally relates to wireless communication. In some aspects, a user equipment may receive an indication of an association between one or more downlink reference signals and a corresponding physical cell identifier (PCI) of multiple PCIs associated with a serving cell, wherein the one or more downlink reference signals are used to identify one or more beams associated with one or more random access channel (RACH) occasions for a RACH procedure; transmit one or more first random access messages in one or more corresponding RACH occasions associated with one or more PCIs of the multiple PCIs; and receive one or more second random access messages, that include a physical download control channel portion and a physical download shared channel portion, associated with the one or more PCIs based at least in part on transmitting the one or more first random access messages. Numerous other aspects are provided.

A content provider has a plurality of content provider domain names, and a content delivery network (CDN) allocates a plurality of CDN domain names to the particular content provider. The content provider domain names are mapped to the CDN domain names. CDN domain names are bound to corresponding CDN clusters. The binding of the of CDN domain names to corresponding CDN clusters is modified.

A content provider has a plurality of content provider domain names, and a content delivery network (CDN) allocates a plurality of CDN domain names to the particular content provider. The content provider domain names are mapped to the CDN domain names. CDN domain names are bound to corresponding CDN clusters. The binding of the of CDN domain names to corresponding CDN clusters is modified.

In one aspect, a computerized method includes the step of providing process monitor in a Gateway. The method includes the step of, with the process monitor, launching a Gateway Daemon (GWD). The GWD runs a GWD process that implements a Network Address Translation (NAT) process. The NAT process includes receiving a set of data packets from one or more Edge devices and forwarding the set of data packets to a public Internet. The method includes the step of receiving another set of data packets from the public Internet and forwarding the other set of data packets to the one or more Edge devices. The method includes the step of launching a Network Address Translation daemon (NATD). The method includes the step of detecting that the GWD process is interrupted; moving the NAT process to the NATD.