Evolving SDN for Low-Power IoT Networks

Software Defined Networking (SDN) offers a flexible and scalable architecture that abstracts decision making away from individual devices and provides a programmable network platform. However, implementing a centralized SDN architecture within the constraints of a low-power wireless network faces considerable challenges. Not only is controller traffic subject to jitter due to unreliable links and network contention, but the overhead generated by SDN can severely affect the performance of other traffic. This paper addresses the challenge of bringing high-overhead SDN architecture to IEEE 802.15.4 networks. We explore how traditional SDN needs to evolve in order to overcome the constraints of low-power wireless networks, and discuss protocol and architectural optimizations necessary to reduce SDN control overhead - the main barrier to successful implementation. We argue that interoperability with the existing protocol stack is necessary to provide a platform for controller discovery and coexistence with legacy networks. We consequently introduce {\mu}SDN, a lightweight SDN framework for Contiki, with both IPv6 and underlying routing protocol interoperability, as well as optimizing a number of elements within the SDN architecture to reduce control overhead to practical levels. We evaluate {\mu}SDN in terms of latency, energy, and packet delivery. Through this evaluation we show how the cost of SDN control overhead (both bootstrapping and management) can be reduced to a point where comparable performance and scalability is achieved against an IEEE 802.15.4-2012 RPL-based network. Additionally, we demonstrate {\mu}SDN through simulation: providing a use-case where the SDN configurability can be used to provide Quality of Service (QoS) for critical network flows experiencing interference, and we achieve considerable reductions in delay and jitter in comparison to a scenario without SDN

Deploying elastic routing capability in an SDN/NFV-enabled environment

SDN and NFV are two paradigms that introduce unseen flexibility in telecom networks. Where previously telecom services were provided by dedicated hardware and associated (vendor-specific) protocols, SDN enables to control telecom networks through specialized software running on controllers. NFV enables highly optimized packet-processing network functions to run on generic/multi-purpose hardware such as x86 servers. Although the possibilities of SDN and NFV are well-known, concrete control and orchestration architectures are still under design and few prototype validations are available. In this demo we demonstrate the dynamic up-and downscaling of an elastic router supporting NFV-based network management, for example needed in a VPN service. The framework which enables this elasticity is the UNIFY ESCAPE environment, which is a PoC following an ETSI NFV MANO-conform architecture. This demo is one of the first to demonstrate a fully closed control loop for scaling NFs in an SDN/NFV control and orchestration architecture

A service-oriented approach for dynamic chaining of virtual network functions over multi-provider software-defined networks

Emerging technologies such as Software-Defined Networks (SDN) and Network Function Virtualization (NFV) promise to address cost reduction and flexibility in network operation while enabling innovative network service delivery models. However, operational network service delivery solutions still need to be developed that actually exploit these technologies, especially at the multi-provider level. Indeed, the implementation of network functions as software running over a virtualized infrastructure and provisioned on a service basis let one envisage an ecosystem of network services that are dynamically and flexibly assembled by orchestrating Virtual Network Functions even across different provider domains, thereby coping with changeable user and service requirements and context conditions. In this paper we propose an approach that adopts Service-Oriented Architecture (SOA) technology-agnostic architectural guidelines in the design of a solution for orchestrating and dynamically chaining Virtual Network Functions. We discuss how SOA, NFV, and SDN may complement each other in realizing dynamic network function chaining through service composition specification, service selection, service delivery, and placement tasks. Then, we describe the architecture of a SOA-inspired NFV orchestrator, which leverages SDN-based network control capabilities to address an effective delivery of elastic chains of Virtual Network Functions. Preliminary results of prototype implementation and testing activities are also presented. The benefits for Network Service Providers are also described that derive from the adaptive network service provisioning in a multi-provider environment through the orchestration of computing and networking services to provide end users with an enhanced service experience

Fault Tolerance Using an SDN Pattern Framework

Software Defined Networking (SDN) and Network Function Virtualization (NFV) are a promising combination for programmable connectivity, rapid service provisioning and service chaining as they offer the necessary end-to-end optimizations. However, with the actual exponential growth of connected devices, future networks such as SDN/NFV require an open-solutions architecture, facilitated by standards and a strong ecosystem. Such networks need to support communication services that offers guarantees about fault tolerance, redundancy, resilience and security. The construction of complex networks preserving Security and Dependability (S&D) properties is necessary to avoid system vulnerabilities, which may occur in the various layers of SDN architectures. In this work, we propose a pattern framework build in an SDN controller able to import design patterns in a rule-based language in order to provide fault tolerance in SDN networks. To evaluate the importance and the functionality of this framework, fault tolerance patterns are proposed to guarantee network connectivity, detection and restoration of network traffic in SDN network infrastructures

SCOR: Software-defined Constrained Optimal Routing Platform for SDN

A Software-defined Constrained Optimal Routing (SCOR) platform is introduced as a Northbound interface in SDN architecture. It is based on constraint programming techniques and is implemented in MiniZinc modelling language. Using constraint programming techniques in this Northbound interface has created an efficient tool for implementing complex Quality of Service routing applications in a few lines of code. The code includes only the problem statement and the solution is found by a general solver program. A routing framework is introduced based on SDN's architecture model which uses SCOR as its Northbound interface and an upper layer of applications implemented in SCOR. Performance of a few implemented routing applications are evaluated in different network topologies, network sizes and various number of concurrent flows.Comment: 19 pages, 11 figures, 11 algorithms, 3 table

A proposal for an SDN-based SIEPON architecture

Passive Optical Network (PON) elements such as Optical Line Terminal (OLT) and Optical Network Units (ONUs) are currently managed by inflexible legacy network management systems. Software-Defined Networking (SDN) is a new networking paradigm that improves the operation and management of networks. In this paper, we propose a novel architecture, based on the SDN concept, for Ethernet Passive Optical Networks (EPON) that includes the Service Interoperability standard (SIEPON). In our proposal, the OLT is partially virtualized and some of its functionalities are allocated to the core network management system, while the OLT itself is replaced by an OpenFlow (OF) switch. A new MultiPoint MAC Control (MPMC) sublayer extension based on the OpenFlow protocol is presented. This would allow the SDN controller to manage and enhance the resource utilization, flow monitoring, bandwidth assignment, quality-of-service (QoS) guarantees, and energy management of the optical network access, to name a few possibilities. The OpenFlow switch is extended with synchronous ports to retain the time-critical nature of the EPON network. OpenFlow messages are also extended with new functionalities to implement the concept of EPON Service Paths (ESPs). Our simulation-based results demonstrate the effectiveness of the new architecture, while retaining a similar (or improved) performance in terms of delay and throughput when compared to legacy PONs.Peer ReviewedPostprint (author's final draft

Mitigating DDoS attacks using OpenFlow-based software defined networking

Over the last years, Distributed Denial-of-Service (DDoS) attacks have become an increasing threat on the Internet, with recent attacks reaching traffic volumes of up to 500 Gbps. To make matters worse, web-based facilities that offer “DDoS-as-a-service” (i.e., Booters) allow for the layman to launch attacks in the order of tens of Gbps in exchange for only a few euros. A recent development in networking is the principle of Software Defined Networking (SDN), and related technologies such as OpenFlow. In SDN, the control plane and data plane of the network are decoupled. This has several advantages, such as centralized control over forwarding decisions, dynamic updating of forwarding rules, and easier and more flexible network configuration. Given these advantages, we expect SDN to be well-suited for DDoS attack mitigation. Typical mitigation solutions, however, are not built using SDN. In this paper we propose to design and to develop an OpenFlow-based mitigation architecture for DDoS attacks. The research involves looking at the applicability of OpenFlow, as well as studying existing solutions built on other technologies. The research is as yet in its beginning phase and will contribute towards a Ph.D. thesis after four years

A control and management architecture supporting autonomic NFV services

The proposed control, orchestration and management (COM) architecture is presented from a high-level point of view; it enables the dynamic provisioning of services such as network data connectivity or generic network slicing instances based on virtual network functions (VNF). The COM is based on Software Defined Networking (SDN) principles and is hierarchical, with a dedicated controller per technology domain. Along with the SDN control plane for the provisioning of connectivity, an ETSI NFV management and orchestration system is responsible for the instantiation of Network Services, understood in this context as interconnected VNFs. A key, novel component of the COM architecture is the monitoring and data analytics (MDA) system, able to collect monitoring data from the network, datacenters and applications which outputs can be used to proactively reconfigure resources thus adapting to future conditions, like load or degradations. To illustrate the COM architecture, a use case of a Content Delivery Network service taking advantage of the MDA ability to collect and deliver monitoring data is experimentally demonstrated.Peer ReviewedPostprint (author's final draft

Network service chaining using segment routing in multi-layer networks

Network service chaining, originally conceived in the network function virtualization (NFV) framework for software defined networks (SDN), is becoming an attractive solution for enabling service differentiation enforcement to microflows generated by data centers, 5G fronthaul and Internet of Things (IoT) cloud/fog nodes, and traversing a metro-core network. However, the current IP/MPLS-over optical multi-layer network is practically unable to provide such service chain enforcement. First, MPLS granularity prevents microflows from being conveyed in dedicated paths. Second, service configuration for a huge number of selected flows with different requirements is prone to scalability concerns, even considering the deployment of a SDN network. In this paper, effective service chaining enforcement along traffic engineered (TE) paths is proposed using segment routing and extended traffic steering mechanisms for mapping micro-flows. The proposed control architecture is based on an extended SDN controller encompassing a stateful path computation element (PCE) handling microflow computation and placement supporting service chains, whereas segment routing allows automatic service enforcement without the need for continuous configuration of the service node. The proposed solution is experimentally evaluated in segment routing over an elastic optical network (EON) network testbed with a deep packet inspection service supporting dynamic and automatic flow enforcement using Border Gateway Protocol with Flow Specification (BGP Flowspec) and OpenFlow protocols as alternative traffic steering enablers. Scalability of flow computation, placement, and steering are also evaluated showing the effectiveness of the proposed solution