224 research outputs found

    Designing and optimization of VOIP PBX infrastructure

    Get PDF
    In the recent decade, communication has stirred from the old wired medium such as public switched telephone network (PSTN) to the Internet. Present, Voice over Internet Protocol (VoIP) Technology used for communication on internet by means of packet switching technique. Several years ago, an internet protocol (IP) based organism was launched, which is known as Private Branch Exchange "PBX", as a substitute of common PSTN systems. For free communication, probably you must have to be pleased with starting of domestic calls. Although, fairly in few cases, VoIP services can considerably condense our periodical phone bills. For instance, if someone makes frequent global phone calls, VoIP talk service is the actual savings treat which cannot achieve by using regular switched phone. VoIP talk services strength help to trim down your phone bills if you deal with a lot of long-distance (international) and as well as domestic phone calls. However, with the VoIP success, threats and challenges also stay behind. In this dissertation, by penetration testing one will know that how to find network vulnerabilities how to attack them to exploit the network for unhealthy activities and also will know about some security techniques to secure a network. And the results will be achieved by penetration testing will indicate of proven of artefact and would be helpful to enhance the level of network security to build a more secure network in future

    Distributed services across the network from edge to core

    Get PDF
    The current internet architecture is evolving from a simple carrier of bits to a platform able to provide multiple complex services running across the entire Network Service Provider (NSP) infrastructure. This calls for increased flexibility in resource management and allocation to provide dedicated, on-demand network services, leveraging a distributed infrastructure consisting of heterogeneous devices. More specifically, NSPs rely on a plethora of low-cost Customer Premise Equipment (CPE), as well as more powerful appliances at the edge of the network and in dedicated data-centers. Currently a great research effort is spent to provide this flexibility through Fog computing, Network Functions Virtualization (NFV), and data plane programmability. Fog computing or Edge computing extends the compute and storage capabilities to the edge of the network, closer to the rapidly growing number of connected devices and applications that consume cloud services and generate massive amounts of data. A complementary technology is NFV, a network architecture concept targeting the execution of software Network Functions (NFs) in isolated Virtual Machines (VMs), potentially sharing a pool of general-purpose hosts, rather than running on dedicated hardware (i.e., appliances). Such a solution enables virtual network appliances (i.e., VMs executing network functions) to be provisioned, allocated a different amount of resources, and possibly moved across data centers in little time, which is key in ensuring that the network can keep up with the flexibility in the provisioning and deployment of virtual hosts in today’s virtualized data centers. Moreover, recent advances in networking hardware have introduced new programmable network devices that can efficiently execute complex operations at line rate. As a result, NFs can be (partially or entirely) folded into the network, speeding up the execution of distributed services. The work described in this Ph.D. thesis aims at showing how various network services can be deployed throughout the NSP infrastructure, accommodating to the different hardware capabilities of various appliances, by applying and extending the above-mentioned solutions. First, we consider a data center environment and the deployment of (virtualized) NFs. In this scenario, we introduce a novel methodology for the modelization of different NFs aimed at estimating their performance on different execution platforms. Moreover, we propose to extend the traditional NFV deployment outside of the data center to leverage the entire NSP infrastructure. This can be achieved by integrating native NFs, commonly available in low-cost CPEs, with an existing NFV framework. This facilitates the provision of services that require NFs close to the end user (e.g., IPsec terminator). On the other hand, resource-hungry virtualized NFs are run in the NSP data center, where they can take advantage of the superior computing and storage capabilities. As an application, we also present a novel technique to deploy a distributed service, specifically a web filter, to leverage both the low latency of a CPE and the computational power of a data center. We then show that also the core network, today dedicated solely to packet routing, can be exploited to provide useful services. In particular, we propose a novel method to provide distributed network services in core network devices by means of task distribution and a seamless coordination among the peers involved. The aim is to transform existing network nodes (e.g., routers, switches, access points) into a highly distributed data acquisition and processing platform, which will significantly reduce the storage requirements at the Network Operations Center and the packet duplication overhead. Finally, we propose to use new programmable network devices in data center networks to provide much needed services to distributed applications. By offloading part of the computation directly to the networking hardware, we show that it is possible to reduce both the network traffic and the overall job completion time

    Design of switch architecture for the geographical cell transport protocol

    Get PDF
    The Internet is divided into multiple layers to reduce and manage complexity. The International Organization for Standardization (ISO) developed a 7 layer network model and had been revised to a 5 layer TCP/IP based Internet Model. The layers of the Internet can also be divided into top layer TCP/IP protocol suite layers and the underlying transport network layers. SONET/SDH, a dominant transport network, was designed initially for circuit based telephony services. Advancement in the internet world with voice and video services had pushed SONET/SDH to operate with reduced efficiencies and increased costs. Hence, redesign and redeployment of the transport network has been and continues to be a subject of research and development. Several projects are underway to explore new transport network ideas such as G.709 and GMPLS. This dissertation presents the Geographical Cell Transport (GCT) protocol as a candidate for a next generation transport network. The GCT transport protocol and its cell format are described. The benefits provided by the proposed GCT transport protocol as compared to the existing transport networks are investigated. Existing switch architectures are explored and a best architecture to be implemented in VLSI for the proposed transport network input queued virtual output queuing is obtained. The objectives of this switch are high performance, guaranteed fairness among all inputs and outputs, robust behavior under different traffic patterns, and support for Quality of Service (QoS) provisioning. An implementation of this switch architecture is carried out using HDL. A novel pseudo random number generation unit is designed to nullify the bias present in an arbitration unit. The validity of the designed is checked by developing a traffic load model. The speedup factor required in the switch to maintain desired throughput is explored and is presented in detail. Various simulation results are shown to study the behavior of the designed switch under uniform and hotspot traffic. The simulation results show that QoS behavior and the crossing traffic through the switch has not been affected by hotspots

    Strategies for internet route control: past, present and future

    Get PDF
    Uno de los problemas más complejos en redes de computadores es el de proporcionar garantías de calidad y confiabilidad a las comunicaciones de datos entre entidades que se encuentran en dominios distintos. Esto se debe a un amplio conjunto de razones -- las cuales serán analizadas en detalle en esta tesis -- pero de manera muy breve podemos destacar: i) la limitada flexibilidad que presenta el modelo actual de encaminamiento inter-dominio en materia de ingeniería de tráfico; ii) la naturaleza distribuida y potencialmente antagónica de las políticas de encaminamiento, las cuales son administradas individualmente y sin coordinación por cada dominio en Internet; y iii) las carencias del protocolo de encaminamiento inter-dominio utilizado en Internet, denominado BGP (Border Gateway Protocol).El objetivo de esta tesis, es precisamente el estudio y propuesta de soluciones que permitan mejorar drásticamente la calidad y confiabilidad de las comunicaciones de datos en redes conformadas por múltiples dominios.Una de las principales herramientas para lograr este fin, es tomar el control de las decisiones de encaminamiento y las posibles acciones de ingeniería de tráfico llevadas a cabo en cada dominio. Por este motivo, esta tesis explora distintas estrategias de como controlar en forma precisa y eficiente, tanto el encaminamiento como las decisiones de ingeniería de tráfico en Internet. En la actualidad este control reside principalmente en BGP, el cual como indicamos anteriormente, es uno de los principales responsables de las limitantes existentes. El paso natural sería reemplazar a BGP, pero su despliegue actual y su reconocida operatividad en muchos otros aspectos, resultan claros indicadores de que su sustitución (ó su posible evolución) será probablemente gradual. En este escenario, esta tesis propone analizar y contribuir con nuevas estrategias en materia de control de encaminamiento e ingeniería de tráfico inter-dominio en tres marcos temporales distintos: i) en la actualidad en redes IP; ii) en un futuro cercano en redes IP/MPLS (MultiProtocol Label Switching); y iii) a largo plazo en redes ópticas, modelando así una evolución progresiva y realista, facilitando el reemplazo gradual de BGP.Más concretamente, este trabajo analiza y contribuye mediante: - La propuesta de estrategias incrementales basadas en el Control Inteligente de Rutas (Intelligent Route Control, IRC) para redes IP en la actualidad. Las estrategias propuestas en este caso son de carácter incremental en el sentido de que interaccionan con BGP, solucionando varias de las carencias que éste presenta sin llegar a proponer aún su reemplazo. - La propuesta de estrategias concurrentes basadas en extender el concepto del PCE (Path Computation Element) proveniente del IETF (Internet Engineering Task Force) para redes IP/MPLS en un futuro cercano. Las estrategias propuestas en este caso son de carácter concurrente en el sentido de que no interaccionan con BGP y pueden ser desplegadas en forma paralela. En este caso, BGP continúa controlando el encaminamiento y las acciones de ingeniería de tráfico inter-dominio del tráfico IP, pero el control del tráfico IP/MPLS se efectúa en forma independiente de BGP mediante los PCEs.- La propuesta de estrategias que reemplazan completamente a BGP basadas en la incorporación de un nuevo agente de control, al cual denominamos IDRA (Inter-Domain Routing Agent). Estos agentes proporcionan un plano de control dedicado, físicamente independiente del plano de datos, y con gran capacidad computacional para las futuras redes ópticas multi-dominio.Los resultados expuestos aquí validan la efectividad de las estrategias propuestas, las cuales mejoran significativamente tanto la concepción como la performance de las actuales soluciones en el área de Control Inteligente de Rutas, del esperado PCE en un futuro cercano, y de las propuestas existentes para extender BGP al área de redes ópticas.One of the most complex problems in computer networks is how to provide guaranteed performance and reliability to the communications carried out between nodes located in different domains. This is due to several reasons -- which will be analyzed in detail in this thesis -- but in brief, this is mostly due to: i) the limited capabilities of the current inter-domain routing model in terms of Traffic Engineering (TE); ii) the distributed and potentially conflicting nature of policy-based routing, where routing policies are managed independently and without coordination among domains; and iii) the clear limitations of the inter-domain routing protocol, namely, the Border Gateway Protocol (BGP). The goal of this thesis is precisely to study and propose solutions allowing to drastically improve the performance and reliability of inter-domain communications. One of the most important tools to achieve this goal, is to control the routing and TE decisions performed by routing domains. Therefore, this thesis explores different strategies on how to control such decisions in a highly efficient and accurate way. At present, this control mostly resides in BGP, but as mentioned above, BGP is in fact one of the main causes of the existing limitations. The natural next-step would be to replace BGP, but the large installed base at present together with its recognized effectiveness in other aspects, are clear indicators that its replacement (or its possible evolution) will probably be gradually put into practice.In this framework, this thesis proposes to to study and contribute with novel strategies to control the routing and TE decisions of domains in three different time frames: i) at present in IP multi-domain networks; ii) in the near-future in IP/MPLS (MultiProtocol Label Switching) multi- domain networks; and iii) in the future optical Internet, modeling in this way a realistic and progressive evolution, facilitating the gradual replacement of BGP.More specifically, the contributions in this thesis can be summarized as follows. - We start by proposing incremental strategies based on Intelligent Route Control (IRC) solutions for IP networks. The strategies proposed in this case are incremental in the sense that they interact with BGP, and tackle several of its well-known limitations. - Then, we propose a set of concurrent route control strategies for MPLS networks, based on broadening the concept of the Path Computation Element (PCE) coming from the IETF (Internet Engineering Task Force). Our strategies are concurrent in the sense that they do not interact directly with BGP, and they can be deployed in parallel. In this case, BGP still controlls the routing and TE actions concerning regular IP-based traffic, but not how IP/MPLS paths are routed and controlled. These are handled independently by the PCEs.- We end with the proposal of a set of route control strategies for multi-domain optical networks, where BGP has been completely replaced. These strategies are supported by the introduction of a new route control element, which we named Inter-Domain Routing Agent (IDRA). These IDRAs provide a dedicated control plane, i.e., physically independent from the data plane, and with high computational capacity for future optical networks.The results obtained validate the effectiveness of the strategies proposed here, and confirm that our proposals significantly improve both the conception and performance of the current IRC solutions, the expected PCE in the near-future, as well as the existing proposals about the optical extension of BGP.Postprint (published version

    A Cognitive Routing framework for Self-Organised Knowledge Defined Networks

    Get PDF
    This study investigates the applicability of machine learning methods to the routing protocols for achieving rapid convergence in self-organized knowledge-defined networks. The research explores the constituents of the Self-Organized Networking (SON) paradigm for 5G and beyond, aiming to design a routing protocol that complies with the SON requirements. Further, it also exploits a contemporary discipline called Knowledge-Defined Networking (KDN) to extend the routing capability by calculating the “Most Reliable” path than the shortest one. The research identifies the potential key areas and possible techniques to meet the objectives by surveying the state-of-the-art of the relevant fields, such as QoS aware routing, Hybrid SDN architectures, intelligent routing models, and service migration techniques. The design phase focuses primarily on the mathematical modelling of the routing problem and approaches the solution by optimizing at the structural level. The work contributes Stochastic Temporal Edge Normalization (STEN) technique which fuses link and node utilization for cost calculation; MRoute, a hybrid routing algorithm for SDN that leverages STEN to provide constant-time convergence; Most Reliable Route First (MRRF) that uses a Recurrent Neural Network (RNN) to approximate route-reliability as the metric of MRRF. Additionally, the research outcomes include a cross-platform SDN Integration framework (SDN-SIM) and a secure migration technique for containerized services in a Multi-access Edge Computing environment using Distributed Ledger Technology. The research work now eyes the development of 6G standards and its compliance with Industry-5.0 for enhancing the abilities of the present outcomes in the light of Deep Reinforcement Learning and Quantum Computing

    Evaluation of wide-area distributed services by SDN-FIT system

    Get PDF
    A wide area distributed application is affected by network failure due to natural disasters because the servers on which the application operates are distributed geographically in a wide area. Failure Injection Testing (FIT) is a method for verifying fault tolerance of widely distributed applications. In this paper, by limiting network failures to the connection line, whole FIT scenarios are generated and exhaustive evaluation of fault tolerance is performed. Authors evaluate the visualization method of performance data obtained from this evaluation and the reduction of the fault tolerance evaluation cost by the proposed method

    Traffic Management in Networks with Programmable Data Planes

    Get PDF
    AbstractThis brief includes a summary of the Ph.D. thesis entitled "Traffic management in networks with programmable data planes" and supervised by Prof. Antonio Capone. Software-Defined Networking (SDN) enables the configuration and operation of communications networks through open software programming interfaces providing an unprecedented flexibility in their dynamic reconfiguration and management. The thesis analyses the opportunities for traffic management provided by the SDN paradigm at different levels. Starting from the programmability at the control plane, we have designed a Traffic Engineering framework operating on the global view offered on top of the controller to proactively configure the network according to traffic measurements while limiting the number of reconfigurations. In order to deal with unexpected conditions such as network failures and congestion, the above centralized, global and proactive approach has been complemented by reactive and distributed approaches based on advanced stateful programmable data planes which enable a self-adaptation according to partial local information yielding to a more prompt and scalable reaction. All the solutions presented in the thesis have been evaluated with software prototypes based on research-oriented or production-ready open-source tools. Some of the extensions developed for these tools have been integrated as official open-source contributions

    UCLP in flow state router platforms

    Get PDF
    Actualment, els serveis òptics són essencialment estàtics, en els que els usuaris sol•liciten als proveïdors o ISPs l’ample de banda que necessiten durant un cert període de temps. Aquest serveis s’aprovisionen de forma manual, la qual cosa pot suposar un treball llarg i costós. Els usuaris o les mateixes aplicacions necessiten flexibilitat per controlar els seus serveis al llarg de diferents dominis independents, ja que estan en millor posició que els proveïdors per escollir i gestionar camins òptics adaptats a les seves necessitats. Aquesta idea ha donat lloc a un nou paradigma en el mon de les xarxes anomenat “xarxes controlades per usuaris”. Amb el patrocini de Canarie, s’està duent a terme una investigació per tal d’aconseguir les xarxes controlades pels usuaris. D’aquesta investigació ha sorgit un sistema anomenat "User-Controlled Lightpath Provisioning" (UCLP) (Provisió de camins òptics controlats per usuaris) que permet als usuaris establir canals òptics d’extrem a extrem a través de diferents Sistemes Autònoms. Aquest software s’està desenvolupant al CRC (Communications Research Centre, Canada) amb la col•laboració de la Fundació i2Cat. UCLP es un sistema de gestió distribuït que utilitza la idea de OON (Objecte Orientat a Xarxa) i que es pot explicar com una eina de partició i configuració que representa cada recurs d’una xarxa física (fibres, targetes) com un servei o objecte. Aquest servei/objecte es pot posar sota el control de diversos usuaris de la xarxa per tal que puguin crear les seves pròpies topologies de xarxa IP. Fins ara, UCLP treballava amb equips de capa 1 i 2. El principal objectiu d’aquest projecte és trobar una solució per integrar equips de capa 3 al sistema. Concretament, es vol introduir un router basat en una nova tecnologia anomenada “estat de flux” (flow-state). Aquesta tecnologia, que permet reconèixer fluxos basats en determinades funcions de hash, realitza un extens procés al primer paquet d’un flux, associa aquest flux amb un estat i aplica el resultat d’aquest procés als següents paquets del flux, amb els quals, enlloc de realitzar enrutament, simplement els reenviarà sense mirar les taules d’enrutament

    Safe Update of Hybrid SDN Networks

    Get PDF
    The support for safe network updates, i.e., live modification of device behavior without service disruption, is a critical primitive for current and future networks. Several techniques have been proposed by previous works to implement such a primitive. Unfortunately, existing techniques are not generally applicable to any network architecture, and typically require high overhead (e.g., additional memory) to guarantee strong consistency (i.e., traversal of either initial or final paths, but never a mix of them) during the update. In this paper, we deeply study the problem of computing operational sequences to safely and quickly update arbitrary networks. We characterize cases, for which this computation is easy, and revisit previous algorithmic contributions in the new light of our theoretical findings. We also propose and thoroughly evaluate a generic sequence-computation approach, based on two new algorithms that we combine to overcome limitations of prior proposals. Our approach always finds an operational sequence that provably guarantees strong consistency throughout the update, with very limited overhead. Moreover, it can be applied to update networks running any combination of centralized and distributed control-planes, including different families of IGPs, OpenFlow or other SDN protocols, and hybrid SDN networks. Our approach therefore supports a large set of use cases, ranging from traffic engineering in IGP-only or SDN-only networks to incremental SDN roll-out and advanced requirements (e.g., per-flow path selection or dynamic network function virtualization) in partial SDN deployments
    corecore