A method for fetching a content from a web server to a client device is disclosed, using tunnel devices serving as intermediate devices. The tunnel device is selected based on an attribute, such as IP Geolocation. A tunnel bank server stores a list of available tunnels that may be used, associated with values of various attribute types. The tunnel devices initiate communication with the tunnel bank server, and stays connected to it, for allowing a communication session initiated by the tunnel bank server. Upon receiving a request from a client to a content and for specific attribute types and values, a tunnel is selected by the tunnel bank server, and is used as a tunnel for retrieving the required content from the web server, using standard protocol such as SOCKS, WebSocket or HTTP Proxy. The client only communicates with a super proxy server that manages the content fetching scheme.

Methods, devices, and systems for point value change notification are described herein. One system (100) includes a message broker (108) to receive data from a data acquisition (DAQ) system, a first building management system (BMS) instance (104) connected to the message broker (108) to process a first portion of the DAQ data, a second BMS instance (104) connected to the message broker (108) to process a second portion of the DAQ data, and a web application (118) connected to the message broker (108) to generate a notification of a change in point value of a portion of the first portion or the second portion of the DAQ data, where the first BMS instance (104) and the second BMS instance (104) are provisioned with a plurality of computing resources deployed in a computing environment (102, 502) and are ultimately executed on hardware.

Some embodiments provide a novel method for sharing data between user-space processes and kernel-space processes without copying the data. The method dedicates, by a driver of a network interface controller (NIC), a memory address space for a user-space process. The method allocates a virtual region of the memory address space for zero-copy operations. The method maps the virtual region to a memory address space of the kernel. The method allows access to the virtual region by both the user-space process and a kernel-space process.

Systems and methods for Transmission Control Protocol (TCP) acknowledgement (ACK) packet suppression are described. In various implementations, these systems and methods may be applicable to low-power communications. For example, a method may include receive a transport packet at a transport layer; de-encapsulating the transport packet using a transport protocol to identify a security packet; communicating the security packet to a security layer by the transport layer; communicating an acknowledgement signal to the transport layer from the security layer in response to receiving the security packet; suppressing an acknowledgement packet at the transport layer in response to receiving the acknowledgement signal; adding an acknowledgment indication to a next data packet to be sent after the suppress action; and sending the next data packet.

A method for data transmission may be implemented on an electronic device having one or more processors. The one or more processors may include a master queue including a master queue head and a plurality of primary ports that are connected to each other using a serial link. The method may include operating the master queue head to obtain a message. The method may also include operating the master queue head to segment the message into a plurality of segments. The method may also include operating the master queue head to transmit the plurality of segments to a first primary port of the plurality of primary ports in the master queue. The method may also include operating the first primary port to transmit the plurality of segments to a second primary port of the plurality of primary ports in the master queue.

A method for fetching a content from a web server to a client device is disclosed, using tunnel devices serving as intermediate devices. The tunnel device is selected based on an attribute, such as IP Geolocation. A tunnel bank server stores a list of available tunnels that may be used, associated with values of various attribute types. The tunnel devices initiate communication with the tunnel bank server, and stays connected to it, for allowing a communication session initiated by the tunnel bank server. Upon receiving a request from a client to a content and for specific attribute types and values, a tunnel is selected by the tunnel bank server, and is used as a tunnel for retrieving the required content from the web server, using standard protocol such as SOCKS, WebSocket or HTTP Proxy. The client only communicates with a super proxy server that manages the content fetching scheme.

A system includes a hypervisor, a virtual machine (VM), and a host system. The VM includes a kernel and an application and the VM is in communication with the hypervisor. The host system includes a memory and one or more processors, where the one or more processors are in communication with the memory. The host system hosts the VM and the hypervisor. The one or more processors is configured to perform creating, via the kernel, a first socket accessible to the application. A second socket in communication with an endpoint is created at the host system. A virtual communication channel between the hypervisor and the kernel of the VM connects the first socket to the hypervisor. The hypervisor is configured to transmit inputs/outputs (I/Os) received from the application through the virtual channel to the endpoint via the second socket.

Systems and methods include intercepting traffic on a mobile device based on a set of rules; determining whether a connection associated with the traffic is allowed based on a local map associated with an application; responsive to the connection being allowed or blocked based on the local map, one of forwarding the traffic associated with the connection when allowed and generating a block of the connection at the mobile device when blocked; and, responsive to the connection not having an entry in the local map, forwarding a request for the connection to a cloud-based system for processing therein. The cloud-based system is configured to allow or block the connection based on the connection not having an entry in the local map.

Traffic is received at an interface of a compute server. Identity information associated with the traffic is determined including an identifier of a customer to which the traffic is attributable. An egress policy configured for the first customer is used to determine whether the traffic is allowed to be transmitted to a destination where that destination is a resource of a second customer. If the traffic is allowed to be transmitted, the traffic and identity information is transmitted over a cross-customer GRE tunnel to a namespace of the second costumer on the compute server. An ingress policy configured for the second customer is used to determine whether the traffic is allowed to be transmitted to the destination, and if it is, then the traffic is transmitted.

A TOE component obtains a first storage address, where the first storage address is an address of a first storage block in a memory, the first storage block stores a target TCP packet, and the target TCP packet includes a packet header and a TCP payload. The TOE component obtains the packet header from the first storage block based on the first storage address. The TOE component performs TCP-related protocol processing based on the packet header, where the TCP payload is not read out of the first storage block by the TOE component when the TOE component performs TCP-related protocol processing based on the packet header.