Seamless Application Delivery Using Software Defined Exchanges

One of the main challenges in delivering content over the Internet today is the absence of a centralized monitoring and control system [38]. Software Defined Networking has paved the way to provide a much needed control over network traffic. OpenFlow is now being standardized as part of the Open Networking Foundation, and Software Defined Exchanges (SDXes) provide a framework to use OpenFlow for multi-domain routing. Prototype deployments of Software Defined Exchanges have recently come into existence as a platform for Future Internet Architecture to eliminate the need for core routing technology used in today’s Internet. In this work, we look at how application delivery, in particular, Dynamic Adaptive Streaming over HTTP (DASH) and Nowcasting take advantage of a Software Defined Exchange. We compare unsophisticated controllers to more sophisticated ones which we call a ”load balancer” and find that implementing a good controller for inter-domain routing can result in better network utilization and application performance. We then design, develop and evaluate a prototype for a Content Distribution Network (CDN) that uses resources at SDXes to provide higher quality bitrates for a DASH client

Exploring Path Computation Techniques in Software-Defined Networking: A Review and Performance Evaluation of Centralized, Distributed, and Hybrid Approaches

Software-Defined Networking (SDN) is a networking paradigm that allows network administrators to dynamically manage network traffic flows and optimize network performance. One of the key benefits of SDN is the ability to compute and direct traffic along efficient paths through the network. In recent years, researchers have proposed various SDN-based path computation techniques to improve network performance and reduce congestion. This review paper provides a comprehensive overview of SDN-based path computation techniques, including both centralized and distributed approaches. We discuss the advantages and limitations of each approach and provide a critical analysis of the existing literature. In particular, we focus on recent advances in SDN-based path computation techniques, including Dynamic Shortest Path (DSP), Distributed Flow-Aware Path Computation (DFAPC), and Hybrid Path Computation (HPC). We evaluate three SDN-based path computation algorithms: centralized, distributed, and hybrid, focusing on optimal path determination for network nodes. Test scenarios with random graph simulations are used to compare their performance. The centralized algorithm employs global network knowledge, the distributed algorithm relies on local information, and the hybrid approach combines both. Experimental results demonstrate the hybrid algorithm's superiority in minimizing path costs, striking a balance between optimization and efficiency. The centralized algorithm ranks second, while the distributed algorithm incurs higher costs due to limited local knowledge. This research offers insights into efficient path computation and informs future SDN advancements. We also discuss the challenges associated with implementing SDN-based path computation techniques, including scalability, security, and interoperability. Furthermore, we highlight the potential applications of SDN-based path computation techniques in various domains, including data center networks, wireless networks, and the Internet of Things (IoT). Finally, we conclude that SDN-based path computation techniques have the potential to significantly improvement in-order to improve network performance and reduce congestion. However, further research is needed to evaluate the effectiveness of these techniques under different network conditions and traffic patterns. With the rapid growth of SDN technology, we expect to see continued development and refinement of SDN-based path computation techniques in the future

Hybrid SDN Evolution: A Comprehensive Survey of the State-of-the-Art

Software-Defined Networking (SDN) is an evolutionary networking paradigm which has been adopted by large network and cloud providers, among which are Tech Giants. However, embracing a new and futuristic paradigm as an alternative to well-established and mature legacy networking paradigm requires a lot of time along with considerable financial resources and technical expertise. Consequently, many enterprises can not afford it. A compromise solution then is a hybrid networking environment (a.k.a. Hybrid SDN (hSDN)) in which SDN functionalities are leveraged while existing traditional network infrastructures are acknowledged. Recently, hSDN has been seen as a viable networking solution for a diverse range of businesses and organizations. Accordingly, the body of literature on hSDN research has improved remarkably. On this account, we present this paper as a comprehensive state-of-the-art survey which expands upon hSDN from many different perspectives

Enhancing Security and Robustness for SDN-Enabled Cloud Networks

Software-Defined Networking is an emerging network architecture which promises to solve the limitations associated with current cloud computing systems based on traditional network. The main idea behind SDN is to separate control plane from networking devices, thereby providing a centralized control layer integrable to cloud-based infrastructure. The integration of SDN and Cloud Computing brings an immense benefits to network deployment and management, however, this model still faces many critical challenges with regards to availability, scalability and security. In this study, we present a security and robustness SDN-Enabled Cloud model using OpenStack and OpenDaylight. In particular, we design and implement a security clustering-based SDN Controller for monitoring and managing cloud networking, and a hardware platform to accelerate packet processing in virtual switches. We evaluate our proposed model on a practical cloud testbed consisting of several physical and virtual nodes. The experiment results show that the SDN controller cluster significantly improve robustness for the network even in case of being attacked by abnormal network traffic; while the hardware-accelerated switches can be operated in highperformance and well-adapted to the cloud environment

Control logic distribution trade-offs in software-defined wireless networks

The SDN (Software-Defined Networks) architecture separates the data and the control planes of the networks. It logically centralizes the control of a network in a central point that is an SDN controller, which acts as a brain of the network and is in charge of telling each network node how to forward incoming packets by installing the appropriate forwarding rules. One of the main advantages it brings is programmability through this single entity (the logical controller) with which network management applications must interact to apply their policies. Through agreed-upon APIs, the network managers can exploit the full potential of SDN. SDN generally assumes ideal control channels between the SDN controller and the network nodes, which may not be the case in challenging environments that are becoming more common due to dense deployment of small cells (SCs) with reduced coverage in 5G and beyond 5G deployments. In 5G and beyond 5G use cases, cost-effective wireless transport networks are required to connect the SCs. In this context, mmWave technology is a good player to connect the SCs as mmWave provides larger radio spectrum chunks that in turn provide larger bandwidth and higher data rate. To manage the dense deployment of SCs in the mobile networks, on the network management/control front, network programmability and virtualization are also an integral part of 5G and beyond 5G networks. In this regard, to provide end-to-end connectivity, management and orchestration of all the segments of the networks ranging from RAN (Radio Access Network), transport network to the core is vital. On the transport networks side (the main focus of the dissertation), SDN plays an important role as SDN enables programmability and virtualization in the network. Though SDN Provides huge flexibility in network management by splitting the control plane from the data plane, it has some limitations in wireless networks context as separation of the control plane from the data plane introduce the extra points of failure in the SDN paradigm (e.g., control communication channel failure, SDN controller failure). In the wide-area networks (WAN) scenarios where in-band channels (e.g., microwave or mmWave links) are responsible to carry control traffic between the forwarding nodes and the SDN controller, the assumption of the availability of a reliable network may not be possible as the performance of the wireless link changes with the environmental conditions, which leads to a high risk of experiencing channel impairments, which might cause centralized SDN operation failure by affecting communication between the transport component of SCs and the SDN controller. To overcome SDN from failure, the dissertation presents a hybrid SDN scheme that explores the benefits of centralized and distributed operations depending on control communication channel conditions. Our hybrid SDN approach combines both centralized and distributed modes in the same node to form a hybrid control plane architecture. We introduce a local agent in the node that is composed of a monitoring framework to detect reliability of the control communication channel and a decision module that conceive a novel control logic switching algorithm to make a decision whether to operate in a centralized or distributed mode. We evaluate the proposed solution under a variety of unreliable network conditions (e.g., link impairments, control packet loss) to investigate the operational performance of the hybrid SDN during high loss conditions. The experimental results show that the proposed hybrid SDN solution substantially improves the aggregated throughput, particularly when control channel packet loss ratios increase, which in turn keeps the network operational in hard conditions where the centralized SDN would result in a non-operational network.La arquitectura SDN (Software-Defined Networks) separa los planos de datos y control de las redes. Centraliza lógicamente el control de una red en un controlador SDN. Una de las principales ventajas que aporta es la programabilidad a través de esta única entidad (el controlador lógico) con la que las aplicaciones de gestión de red deben interactuar para aplicar sus políticas. SDN generalmente asume canales de control ideales entre el controlador SDN y los nodos de la red, lo que puede no ser el caso en entornos inalámbricos (o menos estables) que se están volviendo más comunes debido al despliegue denso de celdas pequeñas (SC) con cobertura reducida en 5G (y más allá). En los casos de uso de futuras redes, se requieren redes de transporte inalámbricas rentables para conectar los SC. En este contexto, la tecnología mmWave es apropiada para conectar las SC, ya que mmWave proporciona fragmentos de espectro más grandes que, a su vez, proporcionan un mayor ancho de banda y una mayor velocidad de datos. Para administrar el despliegue denso de SC en redes móviles, se requiere administración/control de la red, de la virtualización y de la programabilidad de la red, ay que son parte integral de las redes 5G/6G. En este sentido, para proporcionar conectividad de extremo a extremo, es vital la gestión y la orquestación de todos los segmentos de red que van desde la RAN (Red de acceso radio), la red de transporte hasta el núcleo de la red. Por lo que respecte a las redes de transporte (el enfoque principal de la tesis), SDN juega un papel importante ya que SDN permite la programabilidad y la virtualización en la red. Aunque SDN proporciona una gran flexibilidad en la gestión de redes al dividir el plano de control del plano de datos, tiene algunas limitaciones en el contexto de las redes inalámbricas, ya que la separación del plano de control del plano de datos introduce puntos adicionales de fallo en el paradigma SDN (p. ej., fallo del canal de comunicación, fallo del controlador SDN). En los escenarios de redes de área extendida (WAN) donde los canales en-banda (p. ej., enlaces de microondas o mmWave) son responsables de transportar el tráfico de control entre los nodos de red y el controlador SDN, la suposición de la disponibilidad de una red confiable puede no ser posible, ya que el rendimiento del enlace inalámbrico cambia con las condiciones ambientales, lo que conduce a un alto riesgo de experimentar deterioros en el canal, lo que podría causar errores en la operación SDN centralizada al afectar la comunicación entre el componente de transporte de los SC y el controlador SDN. Para superar estos problemas de SDN, la tesis presenta un esquema de SDN híbrido que explora los beneficios de las operaciones centralizadas y distribuidas según sean las condiciones del canal de comunicación de control. Nuestro enfoque SDN híbrido combina los modos centralizados y distribuidos en el mismo nodo para formar una arquitectura de plano de control híbrido. Introducimos un agente local en el nodo que se compone de un marco de monitorización para detectar la confiabilidad del canal de comunicación de control y un módulo de decisión que concibe un algoritmo de conmutación de lógica de control novedoso para tomar la decisión de operar en un modo centralizado o distribuido. Evaluamos la solución propuesta bajo una variedad de condiciones de red poco confiables (p. ej., deterioros de enlace, pérdida de paquetes de control) para investigar el rendimiento operativo de la SDN híbrida durante condiciones de alta pérdida. Los resultados experimentales muestran que la solución SDN híbrida propuesta mejora sustancialmente el rendimiento agregado, particularmente cuando aumentan las tasas de pérdida de paquetes del canal de control, lo que a su vez mantiene la red operativa en condiciones difíciles donde la SDN centralizada daría como resultado una red no operativa.Postprint (published version

A study of the applicability of software-defined networking in industrial networks

173 p.Las redes industriales interconectan sensores y actuadores para llevar a cabo funciones de monitorización, control y protección en diferentes entornos, tales como sistemas de transporte o sistemas de automatización industrial. Estos sistemas ciberfísicos generalmente están soportados por múltiples redes de datos, ya sean cableadas o inalámbricas, a las cuales demandan nuevas prestaciones, de forma que el control y gestión de tales redes deben estar acoplados a las condiciones del propio sistema industrial. De este modo, aparecen requisitos relacionados con la flexibilidad, mantenibilidad y adaptabilidad, al mismo tiempo que las restricciones de calidad de servicio no se vean afectadas. Sin embargo, las estrategias de control de red tradicionales generalmente no se adaptan eficientemente a entornos cada vez más dinámicos y heterogéneos.Tras definir un conjunto de requerimientos de red y analizar las limitaciones de las soluciones actuales, se deduce que un control provisto independientemente de los propios dispositivos de red añadiría flexibilidad a dichas redes. Por consiguiente, la presente tesis explora la aplicabilidad de las redes definidas por software (Software-Defined Networking, SDN) en sistemas de automatización industrial. Para llevar a cabo este enfoque, se ha tomado como caso de estudio las redes de automatización basadas en el estándar IEC 61850, el cual es ampliamente usado en el diseño de las redes de comunicaciones en sistemas de distribución de energía, tales como las subestaciones eléctricas. El estándar IEC 61850 define diferentes servicios y protocolos con altos requisitos en terminos de latencia y disponibilidad de la red, los cuales han de ser satisfechos mediante técnicas de ingeniería de tráfico. Como resultado, aprovechando la flexibilidad y programabilidad ofrecidas por las redes definidas por software, en esta tesis se propone una arquitectura de control basada en el protocolo OpenFlow que, incluyendo tecnologías de gestión y monitorización de red, permite establecer políticas de tráfico acorde a su prioridad y al estado de la red.Además, las subestaciones eléctricas son un ejemplo representativo de infraestructura crítica, que son aquellas en las que un fallo puede resultar en graves pérdidas económicas, daños físicos y materiales. De esta forma, tales sistemas deben ser extremadamente seguros y robustos, por lo que es conveniente la implementación de topologías redundantes que ofrezcan un tiempo de reacción ante fallos mínimo. Con tal objetivo, el estándar IEC 62439-3 define los protocolos Parallel Redundancy Protocol (PRP) y High-availability Seamless Redundancy (HSR), los cuales garantizan un tiempo de recuperación nulo en caso de fallo mediante la redundancia activa de datos en redes Ethernet. Sin embargo, la gestión de redes basadas en PRP y HSR es estática e inflexible, lo que, añadido a la reducción de ancho de banda debida la duplicación de datos, hace difícil un control eficiente de los recursos disponibles. En dicho sentido, esta tesis propone control de la redundancia basado en el paradigma SDN para un aprovechamiento eficiente de topologías malladas, al mismo tiempo que se garantiza la disponibilidad de las aplicaciones de control y monitorización. En particular, se discute cómo el protocolo OpenFlow permite a un controlador externo configurar múltiples caminos redundantes entre dispositivos con varias interfaces de red, así como en entornos inalámbricos. De esta forma, los servicios críticos pueden protegerse en situaciones de interferencia y movilidad.La evaluación de la idoneidad de las soluciones propuestas ha sido llevada a cabo, principalmente, mediante la emulación de diferentes topologías y tipos de tráfico. Igualmente, se ha estudiado analítica y experimentalmente cómo afecta a la latencia el poder reducir el número de saltos en las comunicaciones con respecto al uso de un árbol de expansión, así como balancear la carga en una red de nivel 2. Además, se ha realizado un análisis de la mejora de la eficiencia en el uso de los recursos de red y la robustez alcanzada con la combinación de los protocolos PRP y HSR con un control llevado a cabo mediante OpenFlow. Estos resultados muestran que el modelo SDN podría mejorar significativamente las prestaciones de una red industrial de misión crítica

Enhancing Data Security for Cloud Computing Applications through Distributed Blockchain-based SDN Architecture in IoT Networks

Blockchain (BC) and Software Defined Networking (SDN) are some of the most prominent emerging technologies in recent research. These technologies provide security, integrity, as well as confidentiality in their respective applications. Cloud computing has also been a popular comprehensive technology for several years. Confidential information is often shared with the cloud infrastructure to give customers access to remote resources, such as computation and storage operations. However, cloud computing also presents substantial security threats, issues, and challenges. Therefore, to overcome these difficulties, we propose integrating Blockchain and SDN in the cloud computing platform. In this research, we introduce the architecture to better secure clouds. Moreover, we leverage a distributed Blockchain approach to convey security, confidentiality, privacy, integrity, adaptability, and scalability in the proposed architecture. BC provides a distributed or decentralized and efficient environment for users. Also, we present an SDN approach to improving the reliability, stability, and load balancing capabilities of the cloud infrastructure. Finally, we provide an experimental evaluation of the performance of our SDN and BC-based implementation using different parameters, also monitoring some attacks in the system and proving its efficacy.Comment: 12 Pages 16 Figures 3 Table

On the Integration of Blockchain and SDN: Overview, Applications, and Future Perspectives

Blockchain (BC) and software-defined networking (SDN) are leading technologies which have recently found applications in several network-related scenarios and have consequently experienced a growing interest in the research community. Indeed, current networks connect a massive number of objects over the Internet and in this complex scenario, to ensure security, privacy, confidentiality, and programmability, the utilization of BC and SDN have been successfully proposed. In this work, we provide a comprehensive survey regarding these two recent research trends and review the related state-of-the-art literature. We first describe the main features of each technology and discuss their most common and used variants. Furthermore, we envision the integration of such technologies to jointly take advantage of these latter efficiently. Indeed, we consider their group-wise utilization—named BC–SDN—based on the need for stronger security and privacy. Additionally, we cover the application fields of these technologies both individually and combined. Finally, we discuss the open issues of reviewed research and describe potential directions for future avenues regarding the integration of BC and SDN. To summarize, the contribution of the present survey spans from an overview of the literature background on BC and SDN to the discussion of the benefits and limitations of BC–SDN integration in different fields, which also raises open challenges and possible future avenues examined herein. To the best of our knowledge, compared to existing surveys, this is the first work that analyzes the aforementioned aspects in light of a broad BC–SDN integration, with a specific focus on security and privacy issues in actual utilization scenarios