A network node selectively encrypts messages between a user plane node and a control plane node in a network system. The user plane node and the control plane node negotiate a connection and indicate an encryption level for the connection. The encryption level is selected from an Information Element (IE) level, a message level, or a feature level. The user plane node and the control plane node selectively encrypt at least a portion of the messages between the user plane node and the control plane node based on the encryption level for the connection.

A network element includes one or more ports and a packet processor. The one or more ports are to transmit and receive packets over a network. The packet processor is to apply a plurality of rules to the packets, each rule specifying (i) expected values for each header field of a group of header fields of the packets, including, for a given header field in the group, at least a set of multiple expected values, (ii) a group ID associated with the set, and (iii) an action to be applied to the packets whose header fields match the expected values.

A network element includes one or more ports and a packet processor. The one or more ports are to transmit and receive packets over a network. The packet processor is to apply a plurality of rules to the packets, each rule specifying (i) expected values for each header field of a group of header fields of the packets, including, for a given header field in the group, at least a set of multiple expected values, (ii) a group ID associated with the set, and (iii) an action to be applied to the packets whose header fields match the expected values.

A communication system includes a first mobile terminal, a second mobile terminal, a smart device, and a router. The first mobile terminal, the second mobile terminal, and the smart device each establish a Wi-Fi link to a Wi-Fi router. The first mobile terminal is configured to manage the smart device. The router performs similarity comparison on first connection information and second connection information based on the first connection information generated when the first mobile terminal is connected to the router and the second connection information generated when the second mobile terminal is connected to the router, for example, a connection time point and connection duration. If a similarity reaches a first threshold, the router sends prompt information to the first mobile terminal. The prompt information is used to prompt whether to share management permission on the smart device with the second mobile terminal.

Systems, devices, and methods of measuring directional latency and congestion in a communication network. A Uni-Directional Latency Determination Unit is connected in a communication network, located between an end-user device and a server. It monitors packets transported between the end-user device and the server, and it estimates a uni-directional latency of packet transport from the end-user device to the server or from the server to the end-user device. It utilizes a Transmission Control Protocol (TCP) Header and Timestamp Analyzer, to perform an analysis of data contained in timestamps of TCP packet headers of transported packets; and particularly, it analyzes data contained in a TSval field of such TCP packet headers. Congestion mitigation operations are accordingly deployed or activated.

The present technology relates to an information processing device, an information processing method, and a program that enable appropriate extraction of an ALP packet from a packet of a second packet included in a first packet regardless of a difference in interpretation of a standard.

A payload length obtained on the basis of data of a header of a second packet included in a first packet is corrected.

The present technology relates to an information processing device, an information processing method, and a program that enable appropriate extraction of an ALP packet from a packet of a second packet included in a first packet regardless of a difference in interpretation of a standard.

A payload length obtained on the basis of data of a header of a second packet included in a first packet is corrected.

A VXLAN access authentication method includes: An authentication point device receives a VXLAN authentication packet, where the VXLAN authentication packet is a VXLAN packet. The VXLAN authentication packet includes a VXLAN header and an authentication request sent by a terminal, the VXLAN header includes a first VNI, and the authentication request includes an authentication credential. The authentication point device obtains permission of the terminal or a second VNI based on the authentication credential. The permission of the terminal corresponds to the second VNI. The authentication point device sends the permission of the terminal or the second VNI to a control point device, where the control point device is a device that encapsulates the authentication request into the VXLAN authentication packet. In this application, VXLAN access authentication is performed on an overlay network, so that configuration complexity can be reduced when a VXLAN access authentication mode is modified or created.

A network device provides a search key corresponding to a packet to a TCAM. The TCAM determines that the search key matches one or more search patterns stored in the TCAM. The network device selects one search pattern among the one or more search patterns at least by analyzing respective priority information associated with the one or more search patterns. The respective priority information indicates one or more respective priority levels that are independent from one or more physical locations of the one or more search patterns within the TCAM. In connection with selecting the one search pattern, the network device determines one or more actions to be performed on the packet by the network device, the one or more actions corresponding to the selected one search pattern.

A network device provides a search key corresponding to a packet to a TCAM. The TCAM determines that the search key matches one or more search patterns stored in the TCAM. The network device selects one search pattern among the one or more search patterns at least by analyzing respective priority information associated with the one or more search patterns. The respective priority information indicates one or more respective priority levels that are independent from one or more physical locations of the one or more search patterns within the TCAM. In connection with selecting the one search pattern, the network device determines one or more actions to be performed on the packet by the network device, the one or more actions corresponding to the selected one search pattern.