604 research outputs found
DIP: Disruption-Tolerance for IP
Disruption Tolerant Networks (DTN) have been a popular subject of recent
research and development. These networks are characterized by frequent, lengthy
outages and a lack of contemporaneous end-to-end paths. In this work we discuss
techniques for extending IP to operate more effectively in DTN scenarios. Our
scheme, Disruption Tolerant IP (DIP) uses existing IP packet headers, uses the
existing socket API for applications, is compatible with IPsec, and uses
familiar Policy-Based Routing techniques for network management
Raising the Datagram API to Support Transport Protocol Evolution
Some application developers can wield huge resources to build
new transport protocols, for these developers the present UDP
Socket API is perfectly fine. They have access to large test
beds and sophisticated tools. Many developers do not have these
resources. This paper presents a new high-level Datagram API
that is for everyone else, this has an advantage of offering a
clear evolutionary path to support new requirements. This new
API is needed to move forward the base of the system, allowing
developers with limited resources to evolve their applications
while accessing new network services
Internet QoS for DiffServ-Enabled Routers
Differentiated Service Model (DiffServ) is currently a popular research topic as a
low-cost method to bring QoS to today's Internet backbone network. In this paper,
the author introduces the techniques and methodologies that used to design and
implement DiffServ-enabled (DS-enabled) routers. The adaptations of DS-enabled
routers are designed to cater to the low Internet connectivity within Universiti
Teknologi PETRONAS LAN. The author has implemented basic DiffServ setting
using three CISC03725 routers. Based on these DiffServ-enabled routers, the author
set up a small scale lab network to study DiffServ QoS features: priority dropping
(discrimination among different service classes), QoS guarantees and measuring QoS
using various formal metrics (delay and throughput). Furthermore, the author present
problems encountered during study, and the proposed solutions
Policy Conflict Management in Distributed SDN Environments
abstract: The ease of programmability in Software-Defined Networking (SDN) makes it a great platform for implementation of various initiatives that involve application deployment, dynamic topology changes, and decentralized network management in a multi-tenant data center environment. However, implementing security solutions in such an environment is fraught with policy conflicts and consistency issues with the hardness of this problem being affected by the distribution scheme for the SDN controllers.
In this dissertation, a formalism for flow rule conflicts in SDN environments is introduced. This formalism is realized in Brew, a security policy analysis framework implemented on an OpenDaylight SDN controller. Brew has comprehensive conflict detection and resolution modules to ensure that no two flow rules in a distributed SDN-based cloud environment have conflicts at any layer; thereby assuring consistent conflict-free security policy implementation and preventing information leakage. Techniques for global prioritization of flow rules in a decentralized environment are presented, using which all SDN flow rule conflicts are recognized and classified. Strategies for unassisted resolution of these conflicts are also detailed. Alternately, if administrator input is desired to resolve conflicts, a novel visualization scheme is implemented to help the administrators view the conflicts in an aesthetic manner. The correctness, feasibility and scalability of the Brew proof-of-concept prototype is demonstrated. Flow rule conflict avoidance using a buddy address space management technique is studied as an alternate to conflict detection and resolution in highly dynamic cloud systems attempting to implement an SDN-based Moving Target Defense (MTD) countermeasures.Dissertation/ThesisDoctoral Dissertation Computer Science 201
An investigation into buffer management mechanisms for the Diffserv assured forwarding traffic class
Includes bibliographical references.One of the service classes offered by Diffserv is the Assured Forwarding (AF) class. Because of scalability concerns, IETF specifications recommend that microflow and aggregate-unaware active buffer management mechanisms such as RIO (Random early detecLion with ln/Out-ofprofile) be used in the core of Diffserv networks implementing AF. Such mechanisms have, however, been shown to provide poor performance with regard to fairness, stability and network controL Furthermore, recent advances in router technology now allow routers to implement more advanced scheduling and buffer management mechanisms on high-speed ports. This thesis evaluates the performance improvements that may be realized when implementing the Diffserv AF core using a hierarchical microflow and aggregate aware buffer management mechanism instead of RIO. The author motivates, proposes and specifies such a mechanism. The mechanism. referred to as H-MAQ or Hierarchical multi drop-precedence queue state Microflow-Aware Quelling, is evaluated on a testbed that compares the performance of a RIO network core with an H-MAQ network core
Investigating Basic Quality of Service Design Possibilities for Regis University Academic Research Network Edge Routers
The Regis University Academic Research Network (ARNe) had network resources, such as VoIP, that required preservation their ability to receive near real-time forwarding treatment across the network. Quality of Service (QoS) design ideas were examined from four actual implementations described in research cases. Additionally, research involving surveys from Cisco certified professionals was examined, and Cisco technical literature was examined. Case study methodology, involving the study of multiple cases, was the primary tactic utilized in this research. Examination and triangulation of data from the research indicated that ARNe would benefit from moving forward with a basic QoS design and implementation, integrating concepts identified in the data. Additionally, data supported that a basic QoS design and implementation on ARNe would provide Computer Science and Information Science students an opportunity to more fully appreciate QoS through further research and hands-on experience
Going beyond diffServ in IP traffic classification
Quality of Service (QoS) management in IP networks today relies on static configuration of classes of service definitions and related forwarding priorities. Packets are actually classified according to the DiffServ architecture based on the RFC 4594, typically thanks to static configuration or filters matching packet features, at network access equipment. In this paper, we propose a dynamic classification procedure, referred to as Learning-powered DiffServ (L-DiffServ), able to detect the distinctive characteristics of traffic and to dynamically assign service classes to IP packets. The idea is to apply semi-unsupervised Machine Learning techniques, such as Linear Discriminant Analysis (LDA) and K-Means, with a proper customization to take into account the issues related to packet-level analysis, i.e. unbalanced distribution of traffic among classes and selection of proper IP header related features. The performance evaluation highlights that L-DiffServ is able to change dynamically the classification outcome, providing an higher number of classes than DiffServ. This last result represents the first step toward a more granular differentiation of IP traffic
Automated Generating of Processing Elements for FPGA
NÄ›kterĂ© aplikace zpracovávajĂcĂ informace, jako je napĹ™Ăklad monitorovánĂ poÄŤĂtaÄŤovĂ˝ch sĂtĂ, vyĹľadujĂ nepĹ™etrĹľitĂ© zpracovávánĂ dat pĹ™icházejĂcĂch vysokou rychlostĂ. S tĂm, jak tato rychlost vĂ˝vojem stále stoupá, je žádoucĂ, aby bylo zpracovávánĂ dat provádÄ›no pomocĂ hardwarovĂ© implementace. Tato práce navrhuje konfiguraÄŤnĂ systĂ©m transformujĂcĂ uĹľivatelem poskytnutou definici procesnĂch funkcĂ na VHDL definici hardwarovĂ© implementace tÄ›chto funkcĂ. SystĂ©m je zaměřen na monitorovánĂ sĂĹĄovĂ©ho provozu ve vysokorychlostnĂch sĂtĂch.Some information processing applications, such as computer networks monitoring, need to continuously perform processing of rapidly incoming data. As the speed of the incoming data increases, it is desirable to perform the processing in the hardware. This work proposes a configuration system that generates a VHDL specification of a hardware data processing circuit based on a user-provided definition of data and computation operations. The system focuses on network traffic monitoring in multi-gigabit computer networks.
- …