SDN based testbeds for evaluating and promoting multipath TCP

Multipath TCP is an experimental transport proto- col with remarkable recent past and non-negligible future poten- tial. It has been standardized recently, however the evaluation studies focus only on a limited set of isolated use-cases and a comprehensive analysis or a feasible path of Internet-wide adoption is still missing. This is mostly because in the current networking practice it is unusual to configure multiple paths between the endpoints of a connection. Therefore, conducting and precisely controlling multipath experiments over the real “inter- net” is a challenging task for some experimenters and impossible for others. In this paper, we invoke SDN technology to make this control possible and exploit large-scale internet testbeds to conduct end-to-end MPTCP experiments. More specifically, we establish a special purpose control and measurement framework on top of two distinct internet testbeds. First, using the OpenFlow support of GÉANT, we build a testbed enabling measurements with real traffic. Second, we design and establish a publicly available large-scale multipath capable measurement framework on top of PlanetLab Europe and show the challenges of such a system. Furthermore, we present measurements results with MPTCP in both testbeds to get insight into its behavior in such not well explored environment

Robust dynamic network traffic partitioning against malicious attacks

The continual growth of network traffic rates leads to heavy packet processing overheads, and a typical solution is to partition traffic into multiple network processors for parallel processing especially in emerging software-defined networks. This paper is thus motivated to propose a robust dynamic network traffic partitioning scheme to defend against malicious attacks. After introducing the conceptual framework of dynamic network traffic partitioning based on flow tables, we strengthen its TCP connection management by building a half-open connection separation mechanism to isolate false connections in the initial connection table (ICT). Then, the lookup performance of the ICT table is reinforced by applying counting bloom filters to cope with malicious behaviors such as SYN flooding attacks. Finally, we evaluate the performance of our proposed traffic partitioning scheme with real network traffic traces and simulated malicious traffic by experiments. Experimental results indicate that our proposed scheme outperforms the conventional ones in terms of packet distribution performance especially robustness against malicious attacks

Improving Pan-African research and education networks through traffic engineering: A LISP/SDN approach

The UbuntuNet Alliance, a consortium of National Research and Education Networks (NRENs) runs an exclusive data network for education and research in east and southern Africa. Despite a high degree of route redundancy in the Alliance's topology, a large portion of Internet traffic between the NRENs is circuitously routed through Europe. This thesis proposes a performance-based strategy for dynamic ranking of inter-NREN paths to reduce latencies. The thesis makes two contributions: firstly, mapping Africa's inter-NREN topology and quantifying the extent and impact of circuitous routing; and, secondly, a dynamic traffic engineering scheme based on Software Defined Networking (SDN), Locator/Identifier Separation Protocol (LISP) and Reinforcement Learning. To quantify the extent and impact of circuitous routing among Africa's NRENs, active topology discovery was conducted. Traceroute results showed that up to 75% of traffic from African sources to African NRENs went through inter-continental routes and experienced much higher latencies than that of traffic routed within Africa. An efficient mechanism for topology discovery was implemented by incorporating prior knowledge of overlapping paths to minimize redundancy during measurements. Evaluation of the network probing mechanism showed a 47% reduction in packets required to complete measurements. An interactive geospatial topology visualization tool was designed to evaluate how NREN stakeholders could identify routes between NRENs. Usability evaluation showed that users were able to identify routes with an accuracy level of 68%. NRENs are faced with at least three problems to optimize traffic engineering, namely: how to discover alternate end-to-end paths; how to measure and monitor performance of different paths; and how to reconfigure alternate end-to-end paths. This work designed and evaluated a traffic engineering mechanism for dynamic discovery and configuration of alternate inter-NREN paths using SDN, LISP and Reinforcement Learning. A LISP/SDN based traffic engineering mechanism was designed to enable NRENs to dynamically rank alternate gateways. Emulation-based evaluation of the mechanism showed that dynamic path ranking was able to achieve 20% lower latencies compared to the default static path selection. SDN and Reinforcement Learning were used to enable dynamic packet forwarding in a multipath environment, through hop-by-hop ranking of alternate links based on latency and available bandwidth. The solution achieved minimum latencies with significant increases in aggregate throughput compared to static single path packet forwarding. Overall, this thesis provides evidence that integration of LISP, SDN and Reinforcement Learning, as well as ranking and dynamic configuration of paths could help Africa's NRENs to minimise latencies and to achieve better throughputs

FatPaths: Routing in Supercomputers and Data Centers when Shortest Paths Fall Short

We introduce FatPaths: a simple, generic, and robust routing architecture that enables state-of-the-art low-diameter topologies such as Slim Fly to achieve unprecedented performance. FatPaths targets Ethernet stacks in both HPC supercomputers as well as cloud data centers and clusters. FatPaths exposes and exploits the rich ("fat") diversity of both minimal and non-minimal paths for high-performance multi-pathing. Moreover, FatPaths uses a redesigned "purified" transport layer that removes virtually all TCP performance issues (e.g., the slow start), and incorporates flowlet switching, a technique used to prevent packet reordering in TCP networks, to enable very simple and effective load balancing. Our design enables recent low-diameter topologies to outperform powerful Clos designs, achieving 15% higher net throughput at 2x lower latency for comparable cost. FatPaths will significantly accelerate Ethernet clusters that form more than 50% of the Top500 list and it may become a standard routing scheme for modern topologies

Architectures for virtualization and performance evaluation in software defined networks

[no abstract

Flow-based load balancing in multipathed layer-2 networks using OpenFlow and multipath-TCP

In this paper we address the challenge of traffic optimization for big data flows in layer-2 networks. We present an OpenFlow controller implementation that removes the necessity of a Spanning Tree Protocol, allows for the usage of multiple paths, and enables in-network per-flow load balancing. Moreover, we demonstrate how systems deploying Multipath-TCP can benefit from our solution