Analyzing the costs/tradeoffs involved between layer 2, layer 3, layer 4 and layer 5 switching

The switching function was primarily entrusted to Layer 2 of the OSI model, i.e. the Data Link Layer. A Layer 2 switch performs forwarding decisions by analyzing the MAC (Media Access Control) address of the destination segment in the frame. The Layer 2 switch checks for the destination address and transmits the packet to the appropriate segment if the address is present in its table of known destinations. If the entry for that address is not present, the switch then forwards the packet to all segments except the one on which it came from. This is known as flooding. When it gets a reply from the destination segment, it learns the location of the new address and adds it to its table of known destinations. As number of users are increasing on the network, the speed and the bandwidth of the network is being stretched to its limits. Earlier, switching was primarily entrusted to Layer 2 (Data Link Layer) of the OSI model, but now there are switches that operate at Layer 3 (Network Layer), Layer 4 (Transport Layer) and Layer 5 (Session Layer) of the OSI model. Going from one layer to the other layer does involve some costs/tradeoffs. My thesis explores the costs and tradeoffs involved with switching based on layers 2, 3, 4 and 5 of the OSI reference model

On Performance and Scalability of Cost-Effective SNMP Managers for Large-Scale Polling

As networks grow larger in size and complexity, their monitoring is becoming an increasing challenge because of the required polling performance and also due to heterogeneity of devices. As it turns out, SNMP (Simple Network Management Protocol) is by far the most popular monitoring protocol. However, due to the increase in the number of network devices, it becomes necessary to employ multiple SNMP managers, which is not cost-effective due to the hardware requirements. Additionally, the different proprietary SNMP implementations require custom configuration very often, as new devices are being incorporated into the network. Therefore, current SNMP managers not only require capabilities for large-scale monitoring but also a high degree of flexibility and programmability. In response, we propose an SNMP manager architecture with a flexible multi-threaded architecture, which effectively reduces the hardware resources necessary to poll the increasing number of SNMP agents. In addition, it features a scripting component to deal with the different data representations caused by proprietary implementations. Our experience has shown that SNMP agents can have high variability in their response times. Actually, our findings show a strong correlation between high response times and CPU load. As a solution, we propose and analyze novel adaptive polling algorithms that decrease the load on agents' CPUs while keeping the desired polling rate for fast agents. Finally, we present several real-world use cases where we show the benefits of the polling algorithms and the scripting component, by means of extensive measurement campaignsThis work was supported by Ayudas para la formación de doctores en empresas, Doctorados Industriales, under Grant DI-16-0897

Seer: Empowering Software Defined Networking with Data Analytics

Network complexity is increasing, making network control and orchestration a challenging task. The proliferation of network information and tools for data analytics can provide an important insight into resource provisioning and optimisation. The network knowledge incorporated in software defined networking can facilitate the knowledge driven control, leveraging the network programmability. We present Seer: a flexible, highly configurable data analytics platform for network intelligence based on software defined networking and big data principles. Seer combines a computational engine with a distributed messaging system to provide a scalable, fault tolerant and real-time platform for knowledge extraction. Our first prototype uses Apache Spark for streaming analytics and open network operating system (ONOS) controller to program a network in real-time. The first application we developed aims to predict the mobility pattern of mobile devices inside a smart city environment.Comment: 8 pages, 6 figures, Big data, data analytics, data mining, knowledge centric networking (KCN), software defined networking (SDN), Seer, 2016 15th International Conference on Ubiquitous Computing and Communications and 2016 International Symposium on Cyberspace and Security (IUCC-CSS 2016

Hajautetun tietovaraston suunnittelu ja toteutus Java-kielellä

Service creation platform is a development platform that is used to create customer specific service applications to operator networks. Service applications must support high availability and high performance with sufficient level of scalability to support future traffic growth. Service creation platform is located in the operator network, and it provides business logic creation and connectivity framework to enable flexible service creation. Service applications typically connect to various operator business support systems, core messaging components and content provider applications. Service applications almost always need to read and write service execution related persistent or transient data. Previously a highly available database was used for providing such storage services for the duster of service nodes. However, highly available databases are typically either expensive or complex, and they often require additional hardware support for providing the high availability. The target of this thesis work is to design and implement a distributed data storage component, which is optimised for read access. The implementation ensures data persistence and high availability using local file system disks and transaction distribution between the cluster nodes. The component is fully integrated into the service creation platform providing the clustered data storage services for the platform itself and the applications but on top of the platform.Palvelukehitysalusta on asiakaskohtaisten palveluiden kehitystä varten luotu ohjelmisto mobiiliverkko-operaattoreille. Alustalla toteutettavat palveluohjelmistot tarjoavat operaattoreille korkean käytettävyyden ja suorituskyvyn, yhdistettynä tulevaisuuden kasvuodotukset mahdollistavaan skaalautuvuuteen. Palvelukehitysalusta asennetaan osaksi operaattorin verkkoa, ja se tarjoaa ympäristön sekä palveluiden luomista että niiden ajamista varten. Tyypillisesti palveluohjelmistot liittyvät useisiin operaattorin järjestelmiin, kuten verkon viestikeskuksiin, palvelutarjoajien sovelluksiin ja business tuki järjestelmiin. On tavallista, että palveluohjelmistot sekä käyttävät että tallentavat tietoa ohjelman suorituksen yhteydessä. Tallennettava tieto voi olla joko pysyvää, tai tilapäistä ja lyhytaikaisesti säilytettävää. Aiemmin palveluohjelmistoissa tiedon tallennukseen käytettiin korkean käytettävyyden omaavia tietokantoja. Korkean käytettävyyden tietokannat ovat tyypillisesti sekä kalliita että monimutkaisia. Lisäksi tietokannat yleensä vaativat ylimääräistä laitteistoa korkean käytettävyyden saavuttamiseksi. Tämän diplomityön aiheena on hajautetun tietovaraston suunnittelu ja toteutus. Toteutus on optimoitu tiedon lukemista varten, ja se tarjoaa tiedon pysyvän tallennuksen yhdistettynä korkeaan käytettävyyteen. Tieto hajautetaan järjestelmän kaikkiin solmuihin, ja se tallennetaan jokaisessa solmussa paikallisesti. Tietovarasto toteutetaan komponenttina, joka integroidaan osaksi palvelukehitysalustaa. Komponentti tarjoaa sekä palvelukehitysalustalle että palvelusovelluksille luotettavan tallennuspalvelun klusterissa

Techniques for Processing TCP/IP Flow Content in Network Switches at Gigabit Line Rates

The growth of the Internet has enabled it to become a critical component used by businesses, governments and individuals. While most of the traffic on the Internet is legitimate, a proportion of the traffic includes worms, computer viruses, network intrusions, computer espionage, security breaches and illegal behavior. This rogue traffic causes computer and network outages, reduces network throughput, and costs governments and companies billions of dollars each year. This dissertation investigates the problems associated with TCP stream processing in high-speed networks. It describes an architecture that simplifies the processing of TCP data streams in these environments and presents a hardware circuit capable of TCP stream processing on multi-gigabit networks for millions of simultaneous network connections. Live Internet traffic is analyzed using this new TCP processing circuit

Website Performance Evaluation and Estimation in an E-business Environment

This thesis introduces a new Predictus-model for performance evaluation and estimation in a multi-layer website environment. The model is based on soft computing ideas, i.e. simulation and statistical analysis. The aim is to improve energy consumption of the website's hardware and investment efficiency and to avoid loss of availability. The aim of optimised exploitation is reduced energy and maintenance costs on the one hand and increased end-user satisfaction due to robust and stable web services on the other. A method based on simulation of user requests is described. Instead of ordinary static parameter set, the dynamic extraction from previous log files is used. The distribution of existing requests is exploited to generate the actual based natural load. By loading the server system with valid and well-known requests, the behaviour of the server system is natural. The control back loop on the generation of work load assures the validity of the work load in the long-term. A method for identifying the actual performance of the website is described. Using the well-known load in simulation of usage by a large number of virtual users and observing the utilisation rate of server resources ensure the best information for the internal state of the system. The disturbance of the service website usage can be avoided using the mathematical extrapolation method to reach the saturation point on the single server resource

Conflict detection in software-defined networks

The SDN architecture facilitates the flexible deployment of network functions. While promoting innovation, this architecture induces yet a higher chance of conflicts compared to conventional networks. The detection of conflicts in SDN is the focus of this work. Restrictions of the formal analytical approach drive our choice of an experimental approach, in which we determine a parameter space and a methodology to perform experiments. We have created a dataset covering a number of situations occurring in SDN. The investigation of the dataset yields a conflict taxonomy composed of various classes organized in three broad types: local, distributed and hidden conflicts. Interestingly, hidden conflicts caused by side-effects of control applications‘ behaviour are completely new. We introduce the new concept of multi-property set, and the ·r (“dot r”) operator for the effective comparison of SDN rules. With these capable means, we present algorithms to detect conflicts and develop a conflict detection prototype. The evaluation of the prototype justifies the correctness and the realizability of our proposed concepts and methodologies for classifying as well as for detecting conflicts. Altogether, our work establishes a foundation for further conflict handling efforts in SDN, e.g., conflict resolution and avoidance. In addition, we point out challenges to be explored. Cuong Tran won the DAAD scholarship for his doctoral research at the Munich Network Management Team, Ludwig-Maximilians-Universität München, and achieved the degree in 2022. He loves to do research on policy conflicts in networked systems, IP multicast and alternatives, network security, and virtualized systems. Besides, teaching and sharing are also among his interests