Safe, Efficient, and Robust SDN Updates by Combining Rule Replacements and Additions

IEEE Disruption-free updates are a key primitive to effectively operate SDN networks and maximize the benefits of their programmability. In this paper, we study how to implement this primitive safely (with respect to forwarding correctness and policies), efficiently (in terms of consumed network resources) and robustly to unpredictable factors, such as delayed message delivery and processing. First, we analyze the fundamental limitations of prior proposals, which either: 1) progressively replace initial flow rules with new ones or 2) instruct switches to maintain both initial and final rules. Second, we show that safe, efficient, and robust updates can be achieved by leveraging a more general approach. We indeed unveil a dualism between rule replacements and additions that opens new degrees of freedom for supporting SDN updates. Third, we demonstrate how to build upon this dualism. We propose FLIP, an algorithm that computes operational sequences combining the efficiency of rule replacements with the applicability of rule additions. FLIP identifies constraints on rule replacements and additions that independently prevent safety violations from occurring during the update. Then, it explores the solution space by swapping constraints that prevent the same safety violations, until it reaches a satisfiable set of constraints. Fourth, we perform extensive simulations, showing that FLIP can significantly outperform prior work. In the average case, it guarantees a much higher success rate than algorithms only based on rule replacements, and massively reduces the memory overhead needed by techniques solely using rule additions

Analysis of topology aggregation techniques for QoS routing

We study and compare topology aggregation techniques used in QoS routing. Topology Aggregation (TA) is defined as a set of techniques that abstract or summarize the state information about the network topology to be exchanged, processed, and maintained by network nodes for routing purposes. Due to scalability, aggregation techniques have been an integral part of some routing protocols. However, TA has not been studied extensively except in a rather limited context. With the continuing growth of the Internet, scalability issues of QoS routing have been gaining importance. Therefore, we survey the current TA techniques, provide methodology to classify, evaluate, and compare their complexities and efficiencies. ©2007 ACM.postprin

Comparison of routing software in Linux

Linux-käyttöjärjestelmä yleistyy nykyään yhä enemmän ja enemmän. Verkkoyhteydet tulevat nopeammiksi ja niiden määrä kasvaa koko ajan. Nykypäivän verkot tarvitsevat reititystä, jotta viestit voidaan välittää Internetissä eteenpäin kohti vastaanottajaa. Linux-järjestelmät voivat toimia reitittiminä. Tässä työssä käsittelemme sekä Linux-käyttöjärjestelmää että reititystoiminnallisuutta. Reititysohjelmistomme perustuu FreeBSD-käyttöjärjestelmään. Tässä työssä tutkimme, kuinka hyvin tämä ohjelmisto toimii Linuxissa. Ensimmäinen toimenpide on muokata reititysohjelmisto yhteensopivaksi Linuxin kanssa. Sen jälkeen tutkimme ohjelmiston toiminnallisuutta Linuxissa vertailemalla tätä reititysohjelmaa kahden kaupallisen ja yhden avoimeen lähdekoodiin perustuvan reititysratkaisun kanssa. Vertailu koostuu suorituskyky- ja ohjelmiston kompleksisuuden mittauksista. Näiden mittausten tulokset eivät pelkästään näytä, että ohjelmaa voidaan ajaa Linuxissa, vaan antavat myös lisätietoa siitä, miten reititysohjelmistot suorittavat reititystehtäviä. Ohjelmiston kompleksisuusmittausten tuloksena näemme lähdekoodin laadun vertailluissa reititysohjelmissa. Ohjelmiston kompleksisuus liittyy siihen, kuinka helppoa ohjelmistoa on ylläpitää.Linux operating system is becoming more and more popular today. Network connections are becoming faster and the amount is increasing all the time. Today's networks need routing so that the messages can go towards their destinations in the Internet. The routing can be performed in the Linux systems. In this thesis we handle both the Linux operating system and routing functionality. Our routing software is based on the FreeBSD operating system. This thesis studies how well that software works on Linux. The first step is to port this software on Linux. After that we examine the functionality of the software in Linux by comparing the routing daemon with two commercial routing solutions and an open source one. The comparison consists of performance and software complexity measurements. The results of these measurements not only show that the software is capable to be run on Linux, but also give even more information on how different routing software packages perform the routing tasks. The output of the software complexity measurements shows the type of source code in the compared routing solutions. The complexity of the software is related to the easiness to maintain it

Stateful Anycast for DDoS Mitigation

MEng thesisDistributed denial-of-service (DDoS) attacks can easily cripple victim hosts or networks, yet effective defenses remain elusive. Normal anycast can be used to force the diffusion of attack traffic over a group of several hosts to increase the difficulty of saturating resources at or near any one of the hosts. However, because a packet sent to the anycast group may be delivered to any member, anycast does not support protocols that require a group member to maintain state (such as TCP). This makes anycast impractical for most applications of interest.This document describes the design of Stateful Anycast, a conceptual anycast-like network service based on IP anycast. Stateful Anycast is designed to support stateful sessions without losing anycasts ability to defend against DDoS attacks. Stateful Anycast employs a set of anycasted proxies to direct packets to the proper stateholder. These proxies provide DDoS protection by dropping a sessions packets upon group member request. Stateful Anycast is incrementally deployable and can scale to support many groups

Connecting Vehicles to the Internet - Strategic Data Transmission for Mobile Nodes using Heterogeneous Wireless Networks

With the advent of autonomous driving, the driving experience for users of connected vehicles changes, as they may enjoy their travel time with entertainment, or work productively. In our modern society, both require a stable Internet access. However, future mobile networks are not expected to be able to satisfy application Quality of Service (QoS) requirements as needed, e.g. during rush hours. To address this problem, this dissertation investigates data transmission strategies that exploit the potential of using a heterogeneous wireless network environment. To this end, we combine two so far distinct concepts, firstly, network selection and, secondly, transmission time selection, creating a joint time-network selection strategy. It allows a vehicle to plan delay-tolerant data transmissions ahead, favoring transmission opportunities with the best prospective flow-network matches. In this context, our first contribution is a novel rating model for perceived transmission quality, which assesses transmission opportunities with respect to application QoS requirement violations, traded off by monetary cost. To enable unified assessment of all data transmissions, it generalizes existing specialized rating models from network selection and transmission time selection and extends them with a novel throughput requirement model. Based on that, we develop a novel joint time-network selection strategy, Joint Transmission Planning (JTP), as our second contribution, planning optimized data transmissions within a defined time horizon. We compare its transmission quality to that of three predominant state-of-the-art transmission strategies, revealing that JTP outperforms the others significantly by up to 26%. Due to extensive scenario variation, we discover broad stability of JTP reaching 87-91% of the optimum. As JTP is a planning approach relying on prediction data, the transmission quality is strongly impaired when executing its plans under environmental changes. To mitigate this impact, we develop a transmission plan adaptation as our third contribution, modifying the planned current transmission online in order to comply with the changes. Even under strong changes of the vehicle movement and the network environment, it sustains 57%, respectively 36%, of the performance gain from planning. Finally, we present our protocol Mobility management for Vehicular Networking (MoVeNet), pooling available network resources of the environment to enable flexible packet dispatching without breaking connections. Its distributed architecture provides broad scalability and robustness against node failures. It complements control mechanisms that allow a demand-based and connection-specific trade-off between overhead and latency. Less than 9 ms additional round trip time in our tests, instant handover and 0 to 4 bytes per-packet overhead prove its efficiency. Employing the presented strategies and mechanisms jointly, users of connected vehicles and other mobile devices can significantly profit from the demonstrated improvements in application QoS satisfaction and reduced monetary cost

Autonomes Netzwerkmanagement für ein dynamisches Routing unter Berücksichtigung von Qualitätsanforderungen

This PhD thesis is focused on the question: how can an autonomously working routing management be designed to allow the transmission of application data while considering quality requirements. To answer this the focus is on a dynamic routing, whose decisions depend on the current distribution of available link capacities in the network. The presented new solution contains three protocols which work in a completely autonomous way. They are used to cluster the network and place automatically management instances, to assign addresses in the network as well as to distribute continuously routing data among the network nodes. Based on this, all routing tables are kept up to date, so that they represent the current paths as well as they also describe the available QoS specific capacity for each known route. By the help of this data, the routing algorithm, which is applied in this PhD thesis, allows the transmission of data from different applications while considering their quality requirements. In this context, each needed routing decision is influenced by the currently existing load situation in the network.Despite the introduced complex signaling, the overall system remains compatible to IPv4/v6. Therefore, it can be used for the transmission of audiovisual data in today’s networks. In such a scenario the scalability of the resulting overall system is supported by the data aggregations which are used within the signaling of the routing management.The practical part of the work is divided into two areas. The first one describes the software “Homer Conferencing”. It is usable as standalone solution for video conferences and test environment for audiovisual streams. By its help, qualitative differences in transmissions can be presented. Additionally, the software provides graphical dialogs for quantitative measurements of the data streams and packet losses. The second practical part contains the implementation of the routing management and applies all protocols on packet level. This was used as base for the accomplished quantitative evaluations. They show the caused signaling overhead as well as the resulting benefit of the introduced routing management for selected base topologies of IP networks.Im Fokus dieser Dissertation steht die Frage, wie ein autonom ablaufendes Routingmanagement aussehen kann, um in Netzwerken die Übertragung von Anwendungsdaten unter Berücksichtigung von Qualitätsanforderungen zu ermöglichen. Dabei steht ein dynamisches Routing im Vordergrund, dessen Entscheidungen von der momentanen Verteilung von verfügbaren Linkkapazitäten im Netzwerk abhängen. Die vorgestellte neuwertige Lösung enthält drei vollständig autonom ablaufende Protokolle. Sie dienen zur Netzwerkunterteilung und automatischen Platzierung von Managementinstanzen, zur Adresszuweisung im Netzwerk sowie zur kontinuierlichen Verteilung von Routingdaten unter den Netzwerkknoten. Dadurch werden alle Routingtabellen aktuell gehalten, sodass sie die momentanen Pfade sowie auch die für jede bekannte Route verfügbaren QoS spezifischen Eigenschaften beschreiben. Mit Hilfe dieser Daten ist der in dieser Dissertation eingesetzte Routingalgorithmus in der Lage, die Übertragung von Daten von unterschiedlichen Anwendungen unter Beachtung ihrer Qualitätsanforderungen zu ermöglichen. Dabei beeinflusst die aktuell vorliegende Lastsituation im Netzwerk jede notwendige Routingentscheidung.Trotz der eingeführten komplexen Signalisierungen bleibt das Gesamtsystem kompatibel zu IPv4/v6 und kann somit für die Übertragung von audiovisuellen Daten in heutigen Netzwerken eingesetzt werden. Dabei profitiert die Skalierbarkeit des resultierenden Gesamtsystems von den innerhalb der Signalisierungen des Routingmanagements verwendeten Datenaggregationen.Der praktische Teil dieser Arbeit ist zweigeteilt. Der erste Teil beschreibt die Software „Homer Conferencing“. Sie ist als eigenständige Lösung für Videokonferenzen und Testumgebung für audiovisuelle Ströme einsetzbar. Mit ihrer Hilfe können qualitative Unterschiede in Übertragungen audiovisuell vorgeführt werden. Die Software bietet zusätzlich grafische Dialoge zur quantitativen Bemessung der Datenströme und Paketverluste. Der zweite praktische Teil beinhaltet die Implementierung des Routingmanagements und setzt die Protokolle auf Paketebene vollständig um. Dies diente als Basis für die durchgeführten quantitativen Evaluierungen. Sie stellen für ausgewählte Basistopologien von IP-Netzwerken den verursachten Signalisierungsaufwand sowie den resultierenden Nutzen beim Einsatz des vorgestellten Routingmanagements dar