22 research outputs found

    Scalability and Resilience Analysis of Software-Defined Networking

    Get PDF
    Software-defined Networking (SDN) ist eine moderne Architektur fĂŒr Kommunikationsnetze, welche entwickelt wurde, um die EinfĂŒhrung von neuen Diensten und Funktionen in Netzwerke zu erleichtern. Durch eine Trennung der Weiterleitungs- und Kontrollfunktionen sind nur wenige Kontrollelemente mit Software-Updates zu versehen, um VerĂ€nderungen am Netz vornehmen zu können. Allerdings wirft die Netzstrukturierung von SDN neue Fragen bezĂŒglich Skalierbarkeit und Ausfallsicherheit auf, welche in dezentralen Netzstrukturen nicht auftreten. In dieser Arbeit befassen wir uns mit Fragestellungen zu Skalierbarkeit und Ausfallsicherheit in Bezug auf Unicast- und Multicast-Verkehr in SDN-basierten Netzen. Wir fĂŒhren eine Komprimierungstechnik fĂŒr Routingtabellen ein, welche die Skalierungsproblematik aktueller SDN WeiterleitungsgerĂ€te verbessern soll und ermitteln ihre Effizienz in einer Leistungsbewertung. Außerdem diskutieren wir unterschiedliche Methoden, um die Ausfallsicherheit in SDN zu verbessern. Wir analysieren sie auf öffentlich zugĂ€nglichen Netzwerken und benennen Vor- und Nachteile der AnsĂ€tze. Abschließend schlagen wir eine skalierbare und ausfallsichere Architektur fĂŒr Multicast-basiertes SDN vor. Wir untersuchen ihre Effizienz in einer Leistungsbewertung und zeigen ihre Umsetzbarkeit mithilfe eines Prototypen.Software-Defined Networking (SDN) is a novel architecture for communication networks that has been developed to ease the introduction of new network services and functions. It leverages the separation of the data plane and the control plane to allow network services to be deployed solely in software. Although SDN provides great flexibility, the applicability of SDN in communication networks raises several questions with regard to scalability and resilience against network failures. These concerns are not prevalent in current decentralized network architectures. In this thesis, we address scalability and resilience issues with regard to unicast and multicast traffic for SDN-based networks. We propose a new compression method for inter-domain routing tables to address hardware limitations of current SDN switches and analyze its effectiveness. We propose various resilience methods for SDN and identify their key performance indicators in the context of carrier-grade and datacenter networks. We discuss the advantages and disadvantages of these proposals and their appropriate use cases. Finally, we propose a scalable and resilient software-defined multicast architecture. We study the effectiveness of our approach and show its feasibility using a prototype implementation

    Joint energy efficiency and load balancing optimization in hybrid IP/SDN networks

    Get PDF
    Software-defined networking (SDN) is a paradigm that provides flexibility and programmability to computer networks. By introducing SDN nodes in a legacy IP network topology, network operators can benefit on higher control over the infrastructure. However, this migration is not a fast or straightforward process. Furthermore, to provide an adequate quality of service in hybrid IP/SDN networks, the coordination of both IP and SDN paradigm is fundamental. In this paper, this coordination is used to solve two optimization problems that are typically solved separately: (i) traffic load balancing and (ii) power consumption minimization. Each of these problems has opposing objectives, and thus, their joint consideration implies striking a balance between them. Therefore, this paper proposes the Hybrid Spreading Load Algorithm (HSLA) heuristic that jointly faces the problems of balancing traffic by minimizing link utilization and network's power consumption in a hybrid IP/SDN network. HSLA is evaluated over differently sized topologies using different methods to select which nodes are migrated from IP to SDN. These evaluations reveal that alternative approaches that only address one of the objectives are outperformed by HSLA

    A Hybrid SDN-based Architecture for Wireless Networks

    Get PDF
    With new possibilities brought by the Internet of Things (IoT) and edge computing, the traffic demand of wireless networks increases dramatically. A more sophisticated network management framework is required to handle the flow routing and resource allocation for different users and services. By separating the network control and data planes, Software-defined Networking (SDN) brings flexible and programmable network control, which is considered as an appropriate solution in this scenario.Although SDN has been applied in traditional networks such as data centers with great successes, several unique challenges exist in the wireless environment. Compared with wired networks, wireless links have limited capacity. The high mobility of IoT and edge devices also leads to network topology changes and unstable link qualities. Such factors restrain the scalability and robustness of an SDN control plane. In addition, the coexistence of heterogeneous wireless and IoT protocols with distinct representations of network resources making it difficult to process traffic with state-of-the-art SDN standards such as OpenFlow. In this dissertation, we design a novel architecture for the wireless network management. We propose multiple techniques to better adopt SDN to relevant scenarios. First, while maintaining the centralized control plane logically, we deploy multiple SDN controller instances to ensure their scalability and robustness. We propose algorithms to determine the controllers\u27 locations and synchronization rates that minimize the communication costs. Then, we consider handling heterogeneous protocols in Radio Access Networks (RANs). We design a network slicing orchestrator enabling allocating resources across different RANs controlled by SDN, including LTE and Wi-Fi. Finally, we combine the centralized controller with local intelligence, including deploying another SDN control plane in edge devices locally, and offloading network functions to a programmable data plane. In all these approaches, we evaluate our solutions with both large-scale emulations and prototypes implemented in real devices, demonstrating the improvements in multiple performance metrics compared with state-of-the-art methods

    Flow Delegation: Flow Table Capacity Bottleneck Mitigation for Software-defined Networks

    Get PDF
    This dissertation introduces flow delegation, a novel concept to deal with flow table capacity bottlenecks in Software-defined Networks (SDNs). Such bottlenecks occur when SDN switches provide insufficient flow table capacity which can lead to performance degradation and/or network failures. Flow delegation addresses this well-known problem by automatically relocating flow rules from a bottlenecked switch to neighboring switches with spare capacity. Different from existing work, this new approach can be used on-demand in a transparent fashion, i.e., without changes to the network applications or other parts of the infrastructure. The thesis presents a system design and architecture capable of dealing with the numerous practical challenges associated with flow delegation, introduces suitable algorithms to efficiently mitigate bottlenecks taking future knowledge and multiple objectives into account and studies feasibility, performance, overhead, and scalability of the new approach covering different scenarios

    A Scalable and Fault Tolerant OpenFlow Controller

    Get PDF
    OpenFlow provides a protocol for updating flow tables in switches. Most current OpenFlow deployments rely on a single controller to control all switches. However, as the number and size of production networks deploying OpenFlow increases, relying on a single controller for the entire network might not be feasible for several reasons. First, the amount of control traffic destined towards the centralized controller grows with the number of switches. Second, since the system is bound by the processing power of the controller, low setup times can grow significantly as demand grows with the size of the network. Finally single controller architecture has zero fault tolerance which makes it non-ideal for large enterprise level deployments. In this thesis, the existing work that has been done to build scalable and fault tolerant controllers has been explored. After learning and understanding different systems we have built our own database backed scalable and fault tolerant controller. The database that was used for this purpose is Titan Graph database, with a Cassandra backend. A custom version of a simple switch application was built to demonstrate the scalability and fault tolerance of our architecture. Some performance comparisons between our version of simple switch and the original version were also carried out. Finally in this thesis some future enhancements that we would like to implement are outlined

    Secure Diagnostics And Forensics With Network Provenance

    Get PDF
    In large-scale networks, many things can go wrong: routers can be misconfigured, programs can be buggy, and computers can be compromised by an attacker. As a result, there is a constant need to perform network diagnostics and forensics. In this dissertation, we leverage the concept of provenance to build better support for diagnostic and forensic tasks. At a high level, provenance tracks causality between network states and events, and produces a detailed explanation of any event of interest, which makes it a good starting point for investigating network problems. However, in order to use provenance for network diagnostics and forensics, several challenges need to be addressed. First, existing provenance systems cannot provide security properties on high-speed network traffic, because the cryptographic operations would cause enormous overhead when the data rates are high. To address this challenge, we design secure packet provenance, a system that comes with a novel lightweight security protocol, to maintain secure provenance with low overhead. Second, in large-scale distributed systems, the provenance of a network event can be quite complex, so it is still challenging to identify the problem root cause from the complex provenance. To address this challenge, we design differential provenance, which can identify a symptom event’s root cause by reasoning about the differences between its provenance and the provenance of a similar “reference” event. Third, provenance can only explain why a current network state came into existence, but by itself, it does not reason about changes to the network state to fix a problem. To provide operators with more diagnostic support, we design causal networks – a generalization of network provenance – to reason about network repairs that can avoid undesirable side effects in the network. Causal networks can encode multiple diagnostic goals in the same data structure, and, therefore, generate repairs that satisfy multiple constraints simultaneously. We have applied these techniques to Software-Defined Networks, Hadoop MapReduce, as well as the Internet’s data plane. Our evaluation with real-world traffic traces and network topologies shows that our systems can run with reasonable overhead, and that they can accurately identify root causes of practical problems and generate repairs without causing collateral damage

    Fully Programming the Data Plane: A Hardware/Software Approach

    Get PDF
    Les rĂ©seaux dĂ©finis par logiciel — en anglais Software-Defined Networking (SDN) — sont apparus ces derniĂšres annĂ©es comme un nouveau paradigme de rĂ©seau. SDN introduit une sĂ©paration entre les plans de gestion, de contrĂŽle et de donnĂ©es, permettant Ă  ceux-ci d’évoluer de maniĂšre indĂ©pendante, rompant ainsi avec la rigiditĂ© des rĂ©seaux traditionnels. En particulier, dans le plan de donnĂ©es, les avancĂ©es rĂ©centes ont portĂ© sur la dĂ©finition des langages de traitement de paquets, tel que P4, et sur la dĂ©finition d’architectures de commutateurs programmables, par exemple la Protocol Independent Switch Architecture (PISA). Dans cette thĂšse, nous nous intĂ©ressons a l’architecture PISA et Ă©valuons comment exploiter les FPGA comme plateforme de traitement efficace de paquets. Cette problĂ©matique est Ă©tudiĂ©e a trois niveaux d’abstraction : microarchitectural, programmation et architectural. Au niveau microarchitectural, nous avons proposĂ© une architecture efficace d’un analyseur d’entĂȘtes de paquets pour PISA. L’analyseur de paquets utilise une architecture pipelinĂ©e avec propagation en avant — en anglais feed-forward. La complexitĂ© de l’architecture est rĂ©duite par rapport Ă  l’état de l’art grĂące a l’utilisation d’optimisations algorithmiques. Finalement, l’architecture est gĂ©nĂ©rĂ©e par un compilateur P4 vers C++, combinĂ© Ă  un outil de synthĂšse de haut niveau. La solution proposĂ©e atteint un dĂ©bit de 100 Gb/s avec une latence comparable Ă  celle d’analyseurs d’entĂȘtes de paquets Ă©crits Ă  la main. Au niveau de la programmation, nous avons proposĂ© une nouvelle mĂ©thodologie de conception de synthĂšse de haut niveau visant Ă  amĂ©liorer conjointement la qualitĂ© logicielle et matĂ©rielle. Nous exploitons les fonctionnalitĂ©s du C++ moderne pour amĂ©liorer Ă  la fois la modularitĂ© et la lisibilitĂ© du code, tout en conservant (ou amĂ©liorant) les rĂ©sultats du matĂ©riel gĂ©nĂ©rĂ©. Des exemples de conception utilisant notre mĂ©thodologie, incluant pour l’analyseur d’entĂȘte de paquets, ont Ă©tĂ© rendus publics.----------ABSTRACT: Software-Defined Networking (SDN) has emerged in recent years as a new network paradigm to de-ossify communication networks. Indeed, by offering a clear separation of network concerns between the management, control, and data planes, SDN allows each of these planes to evolve independently, breaking the rigidity of traditional networks. However, while well spread in the control and management planes, this de-ossification has only recently reached the data plane with the advent of packet processing languages, e.g. P4, and novel programmable switch architectures, e.g. Protocol Independent Switch Architecture (PISA). In this work, we focus on leveraging the PISA architecture by mainly exploiting the FPGA capabilities for efficient packet processing. In this way, we address this issue at different abstraction levels: i) microarchitectural; ii) programming; and, iii) architectural. At the microarchitectural level, we have proposed an efficient FPGA-based packet parser architecture, which is a major PISA’s component. The proposed packet parser follows a feedforward pipeline architecture in which the internal microarchitectural has been meticulously optimized for FPGA implementation. The architecture is automatically generated by a P4- to-C++ compiler after several rounds of graph optimizations. The proposed solution achieves 100 Gb/s line rate with latency comparable to hand-written packet parsers. The throughput scales from 10 Gb/s to 160 Gb/s with moderate increase in resource consumption. Both the compiler and the packet parser codebase have been open-sourced to permit reproducibility. At the programming level, we have proposed a novel High-Level Synthesis (HLS) design methodology aiming at improving software and hardware quality. We have employed this novel methodology when designing the packet parser. In our work, we have exploited features of modern C++ that improves at the same time code modularity and readability while keeping (or improving) the results of the generated hardware. Design examples using our methodology have been publicly released
    corecore