Proactive controller assignment schemes in SDN for fast recovery

​© 2020 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.A sizeable software defined network with a single controller responsible for all forwarding elements is potentially failure-prone and inadequate for dynamic network loads. To this end, having multiple controllers improves resilience and distributes network control overhead. However, when there is a disruption in the control plane, a rapid and performant controller-switch assignment is critical, which is a challenging technical question. In this work, we propose a proactive switch assignment approach in case of controller failures using a genetic algorithm based heuristic that considers controller load distribution, reassignment cost and probability of failure. Moreover, we compare the performance of our scheme with random and greedy algorithms. Experiment results show that our proposed PREFCP framework has better performance in terms of probability of failure and controller load distributio

Design Concept for a Failover Mechanism in Distributed SDN Controllers

Software defined networking allows the separation of the control plane and data plane in networking. It provides scalability, programmability, and centralized control. It will use these traits to reach ubiquitous connectivity. Like all concepts software defined networking does not offer these advantages without a cost. By utilizing a centralized controller, a single point of failure is created. To address this issue, this paper proposes a distributed controller failover. This failover will provide a mechanism for recovery when controllers are not located in the same location. This failover mechanism is based on number of hops from orphan nodes to the controller in addition to the link connection. This mechanism was simulated in Long Term Evolution telecommunications architecture

OpenDaylight vs. Floodlight: Comparative Analysis of a Load Balancing Algorithm for Software Defined Networking

This paper presents the proposal of a load balancing algorithm implemented in two of the most popular controllers for Software Defined Networks (SDN): OpenDaylight and Floodlight. A comparative study in terms of the available bandwidth and delay time of the packet forwarding was performed by means of simulation modeling in a base network in which a shortest path algorithm was implemented as well. The results show that the proposed load balancing algorithm improves significantly the performance of a SDN in terms of the offered QoS of a OpenDaylight based controller. The effect of the proposed load balancing algorithm in the Floodlight controller shows a smaller impact mainly on the bandwidth allocation due to its in-build modules that by default perform specific routing and forwarding operations efficiently according to the traffic demand

Multi-controller Based Software-Defined Networking: A Survey

Software-Defined Networking (SDN) is a novel network paradigm that enables flexible management for networks. As the network size increases, the single centralized controller cannot meet the increasing demand for flow processing. Thus, the promising solution for SDN with large-scale networks is the multi-controller. In this paper, we present a compressive survey for multi-controller research in SDN. First, we introduce the overview of multi-controller, including the origin of multi-controller and its challenges. Then, we classify multi-controller research into four aspects (scalability, consistency, reliability, load balancing) depending on the process of implementing the multi-controller. Finally, we propose some relevant research issues to deal with in the future and conclude the multi-controller research

Amaru: plug&play resilient in-band control for SDN

Software-Defined Networking (SDN) is a pillar of next-generation networks. ImplementingSDN requires the establishment of a decoupled control communication, which might be installed either as anout-of-band or in-band network. While the benefits of in-band control networks seem apparent, no standardprotocol exists and most of setups are based on ad-hoc solutions. This article defines Amaru, a protocolthat provides plug&play resilient in-band control for SDN with low-complexity and high scalability. Amarufollows an exploration mechanism to find all possible paths between the controller and any node of thenetwork, which drastically reduces convergence time and exchanged messages, while increasing robustness.Routing is based on masked MAC addresses, which also simplifies routing tables, minimizing the numberof entries to one per path, independently of the network size. We evaluated Amaru with three differentimplementations and diverse types of networks and failures, and obtained excellent results, providing almoston-the-fly rerouting and low recovery time.Comunidad de MadridUniversidad de Alcal

Policy Conflict Management in Distributed SDN Environments

abstract: The ease of programmability in Software-Defined Networking (SDN) makes it a great platform for implementation of various initiatives that involve application deployment, dynamic topology changes, and decentralized network management in a multi-tenant data center environment. However, implementing security solutions in such an environment is fraught with policy conflicts and consistency issues with the hardness of this problem being affected by the distribution scheme for the SDN controllers. In this dissertation, a formalism for flow rule conflicts in SDN environments is introduced. This formalism is realized in Brew, a security policy analysis framework implemented on an OpenDaylight SDN controller. Brew has comprehensive conflict detection and resolution modules to ensure that no two flow rules in a distributed SDN-based cloud environment have conflicts at any layer; thereby assuring consistent conflict-free security policy implementation and preventing information leakage. Techniques for global prioritization of flow rules in a decentralized environment are presented, using which all SDN flow rule conflicts are recognized and classified. Strategies for unassisted resolution of these conflicts are also detailed. Alternately, if administrator input is desired to resolve conflicts, a novel visualization scheme is implemented to help the administrators view the conflicts in an aesthetic manner. The correctness, feasibility and scalability of the Brew proof-of-concept prototype is demonstrated. Flow rule conflict avoidance using a buddy address space management technique is studied as an alternate to conflict detection and resolution in highly dynamic cloud systems attempting to implement an SDN-based Moving Target Defense (MTD) countermeasures.Dissertation/ThesisDoctoral Dissertation Computer Science 201