Cloud-Native Realization of Network Configuration Protocol

Many of the telecommunication companies aim to support Network Configuration Protocol (NETCONF) to manage their large network in cloud-native environment. The NETCONF protocol provides automation and security using permanent SSH and TLS connections as well as cloudnative brings scalability advantages. However, supporting the NETCONF protocol in cloud-native environment represents challenges since the NETCONF protocol is not stateless. The thesis implements a proof of concept for cloud-native Network Configuration Protocol and investigates issues of such an implementation. The approach in this thesis is to have two implementations of standard Network Configuration Protocol and Network Configuration Protocol Call Home in cloud-native environment. A solution is applied together with these implementations by terminating the permanent established sessions in the end of messaging. The evaluations are made by analysing changing number of connections and events per connection in the both implementations. Based on the evaluation of the proof of concept, the results indicate that terminating the established NETCONF sessions in the end of messaging is an operable solution. However, it is also observed that throughput and CPU could be limitations for such an implementation in cloud-native environment. In addition, it must be considered that authentication time is affected based on chosen security provider

Netopeer: Configuration Platform for Network Devices

Práca sa zaoberá analýzou možností konfigurácie sietových zariadení. Podrobne popisuje konfiguracný protokol NETCONF a jeho rozšírenie o asynchrónne dorucovanie upozornení. Práca detailne popisuje otvorenú konfiguracnú platformu Netopeer a špecifiká jej pilotného nasadenia v podobe konfiguracného systému sondy FlowMon. Súcastou predkladanej práce je návrh a implementácia novej architektúry platformy Netopeer 2.0, ktorá doplnuje funkcionalitu platformy o podporu asynchrónneho dorucovania správ. Vytvorené riešenie analyzuje z pohladu bezpecnosti a navrhuje doporucené nastavenia systému. Práca naväzuje na predchádzajúcu bakalársku prácu autora a na existujúce programové vybavenie vyvinuté vrámci projektu Liberouter.Master's thesis analyzes available network device configuration options and describes NETCONF configuration protocol and NETCONF event notifications extension in details. It describes Netopeer, open configuration platform developed on Liberouter project, and its pitote deployment as FlowMon probe remote configuration system. Newly designed Netopeer architecture, which adds support for NETCONF event notifications, was verified by reference implementation. Security of the new design and implementation was analyzed, and recommended system settings were provided. This Master's thesis is based on results of previous bachelor's thesis of author and on existing software tools developed by the Liberouter project.

A Survey on the Contributions of Software-Defined Networking to Traffic Engineering

Since the appearance of OpenFlow back in 2008, software-defined networking (SDN) has gained momentum. Although there are some discrepancies between the standards developing organizations working with SDN about what SDN is and how it is defined, they all outline traffic engineering (TE) as a key application. One of the most common objectives of TE is the congestion minimization, where techniques such as traffic splitting among multiple paths or advanced reservation systems are used. In such a scenario, this manuscript surveys the role of a comprehensive list of SDN protocols in TE solutions, in order to assess how these protocols can benefit TE. The SDN protocols have been categorized using the SDN architecture proposed by the open networking foundation, which differentiates among data-controller plane interfaces, application-controller plane interfaces, and management interfaces, in order to state how the interface type in which they operate influences TE. In addition, the impact of the SDN protocols on TE has been evaluated by comparing them with the path computation element (PCE)-based architecture. The PCE-based architecture has been selected to measure the impact of SDN on TE because it is the most novel TE architecture until the date, and because it already defines a set of metrics to measure the performance of TE solutions. We conclude that using the three types of interfaces simultaneously will result in more powerful and enhanced TE solutions, since they benefit TE in complementary ways.European Commission through the Horizon 2020 Research and Innovation Programme (GN4) under Grant 691567 Spanish Ministry of Economy and Competitiveness under the Secure Deployment of Services Over SDN and NFV-based Networks Project S&NSEC under Grant TEC2013-47960-C4-3-

Tietoverkkojen valvonnan yhdenmukaistaminen

As the modern society is increasingly dependant on computer networks especially as the Internet of Things gaining popularity, a need to monitor computer networks along with associated devices increases. Additionally, the amount of cyber attacks is increasing and certain malware such as Mirai target especially network devices. In order to effectively monitor computer networks and devices, effective solutions are required for collecting and storing the information. This thesis designs and implements a novel network monitoring system. The presented system is capable of utilizing state-of-the-art network monitoring protocols and harmonizing the collected information using a common data model. This design allows effective queries and further processing on the collected information. The presented system is evaluated by comparing the system against the requirements imposed on the system, by assessing the amount of harmonized information using several protocols and by assessing the suitability of the chosen data model. Additionally, the protocol overheads of the used network monitoring protocols are evaluated. The presented system was found to fulfil the imposed requirements. Approximately 21% of the information provided by the chosen network monitoring protocols could be harmonized into the chosen data model format. The result is sufficient for effective querying and combining the information, as well as for processing the information further. The result can be improved by extending the data model and improving the information processing. Additionally, the chosen data model was shown to be suitable for the use case presented in this thesis.Yhteiskunnan ollessa jatkuvasti verkottuneempi erityisesti Esineiden Internetin kasvattaessa suosiotaan, tarve seurata sekä verkon että siihen liitettyjen laitteiden tilaa ja mahdollisia poikkeustilanteita kasvaa. Lisäksi tietoverkkohyökkäysten määrä on kasvamassa ja erinäiset haittaohjelmat kuten Mirai, ovat suunnattu erityisesti verkkolaitteita kohtaan. Jotta verkkoa ja sen laitteiden tilaa voidaan seurata, tarvitaan tehokkaita ratkaisuja tiedon keräämiseen sekä säilöntään. Tässä diplomityössä suunnitellaan ja toteutetaan verkonvalvontajärjestelmä, joka mahdollistaa moninaisten verkonvalvontaprotokollien hyödyntämisen tiedonkeräykseen. Lisäksi järjestelmä säilöö kerätyn tiedon käyttäen yhtenäistä tietomallia. Yhtenäisen tietomallin käyttö mahdollistaa tiedon tehokkaan jatkojalostamisen sekä haut tietosisältöihin. Diplomityössä esiteltävän järjestelmän ominaisuuksia arvioidaan tarkastelemalla, minkälaisia osuuksia eri verkonvalvontaprotokollien tarjoamasta informaatiosta voidaan yhdenmukaistaa tietomalliin, onko valittu tietomalli soveltuva verkonvalvontaan sekä varmistetaan esiteltävän järjestelmän täyttävän sille asetetut vaatimukset. Lisäksi työssä arvioidaan käytettävien verkonvalvontaprotokollien siirtämisen kiinteitä kustannuksia kuten otsakkeita. Työssä esitellyn järjestelmän todettiin täyttävän sille asetetut vaatimukset. Eri verkonvalvontaprotokollien tarjoamasta informaatiosta keskimäärin 21% voitiin harmonisoida tietomalliin. Saavutettu osuus on riittävä, jotta eri laitteista saatavaa informaatiota voidaan yhdistellä ja hakea tehokkaasti. Lukemaa voidaan jatkossa parantaa laajentamalla tietomallia sekä kehittämällä kerätyn informaation prosessointia. Lisäksi valittu tietomalli todettiin soveltuvaksi tämän diplomityön käyttötarkoitukseen

An IDE for NETCONF management applications

The development of network and system management software typically requires data models definition, the creation of specific applications respecting the data model, and yet the implementation of communication interfaces. Skilled professionals usually perform such tasks in a predefined sequence and using different development solutions, but any error or lacks in the data model frequently force to repeat several time-consuming tasks. In this paper we present an integrated development framework that simplifies the construction of NETCONF management applications, from data model specification to deployment and evaluation. The framework is available at http://atnog.av.it.pt/∼ptavares/ yangplugin

Enabling data analytics and machine learning for 5G services within disaggregated multi-layer transport networks

Recent advances, related to the concepts of Artificial Intelligence (AI) and Machine Learning (ML) and with applications across multiple technology domains, have gathered significant attention due, in particular, to the overall performance improvement of such automated systems when compared to methods relying on human operation. Consequently, using AI/ML for managing, operating and optimizing transport networks is increasingly seen as a potential opportunity targeting, notably, large and complex environments.Such AI-assisted automated network operation is expected to facilitate innovation in multiple aspects related to the control and management of future optical networks and is a promising milestone in the evolution towards autonomous networks, where networks self-adjust parameters such as transceiver configuration.To accomplish this goal, current network control, management and orchestration systems need to enable the application of AI/ML techniques. It is arguable that Software-Defined Networking (SDN) principles, favouring centralized control deployments, featured application programming interfaces and the development of a related application ecosystem are well positioned to facilitate the progressive introduction of such techniques, starting, notably, in allowing efficient and massive monitoring and data collection.In this paper, we present the control, orchestration and management architecture designed to allow the automatic deployment of 5G services (such as ETSI NFV network services) across metropolitan networks, conceived to interface 5G access networks with elastic core optical networks at multi Tb/s. This network segment, referred to as Metro-haul, is composed of infrastructure nodes that encompass networking, storage and processing resources, which are in turn interconnected by open and disaggregated optical networks. In particular, we detail subsystems like the Monitoring and Data Analytics or the in-operation planning backend that extend current SDN based network control to account for new use cases.Peer ReviewedPostprint (author's final draft

An ICT-oriented Management Solution for NGNs

NGN architecture reused several standards from the IP world, as exemplified by the Session Initiation Protocol SIP, which is ubiquitous in the majority of these network components. However, the NGN management architecture simply presented a very generic management model that follows TMN. Several management technologies are proposed, such as Web services, CORBA and SNMP, to implement management solutions. Network and systems management standardizing bodies currently promote newer technologies that aim to solve known shortcomings to these. This paper proposes a management solution for NGNs based on recent IP world technologies. The presented solution was implemented in the form of a middleware to manage NGN elements. This middleware was used in the management of an element belonging to the IP Multimedia Subsystem platform, namely the Policy and Charging Rules Function