Feasibility of wireless mesh for LTE-Advanced small cell access backhaul

Mobiilidatan määrä on muutaman viime vuoden aikana kasvanut voimakkaasti ja nykyiset ennustukset arvioivat eksponentiaalista kasvukäyrää tulevien vuosien aikana. Matkapuhelinjärjestelmät ovat kehittyneet nopeasti tämän trendin ohjaamana. Neljännen sukupolven matkapuhelinverkkostandardien myötä, uudet innovaatiot kuten heterogeeniset verkkoratkaisut tarjoavat ratkaisun nykyisiin skaalautuvuus- ja kapasiteettiongelmiin. Joitain ilmeisiä ongelmakohtiakin kuitenkin esiintyy kuten heterogeenisten verkkojen runkokytkennän toteuttaminen. Yksi lupaavimmista tavoista toteuttaa heterogeenisten verkkojen runkokytkentä on langaton ja itseorganisoituva mesh-verkko. Tämän opinnäytetyön tavoitteena on varmistaa ja testata Nokia Siemens Networksin kehittämän mesh-runkokytkentäverkkokonseptin toteutettavuutta ja toiminnallisuutta soveltuvan validointijärjestelmän avulla. Kaiken kaikkiaan validointijärjestelmä ja sen päälle toteutettu mesh-protokolla toimivat moitteettomasti koko kehitys- ja testausprosessin ajan. Konseptin eri ominaisuudet ja mekanismit todistettiin täysin toteutettaviksi ja toimiviksi. Muutamalla lisäominaisuudella ja konseptiparannuksella mesh-konsepti tarjoaa houkuttelevan ja innovatiivisen ratkaisun heterogeenisten verkkojen runkokytkentään tulevaisuudessa.Mobile traffic demands and volumes are increasing and will dramatically keep increasing in the future. Along with this, mobile networks have evolved to better match this growth. Fourth generation cellular network standard introduced a set of new innovations for mobile communications, including support for heterogeneous network deployments. Heterogeneous networking is the likely answer for future mobile data capacity shortage but also poses some challenges, the most evident being how to implement the backhauling. One of the most promising heterogeneous network backhaul solutions is a meshed radio system with self-organizing features. The main scope of this master's thesis is the verification of functionality and feasibility of a wireless mesh backhaul concept developed by Nokia Siemens Networks through a proof-of-concept system. All in all, the wireless mesh proof-of-concept system performed strongly throughout the development and testing process. The different functionalities were proven to work successfully together. With further development and enhancement, the system concept displays extreme potential for a state-of-the-art heterogeneous network backhaul technology

Branch Prediction For Network Processors

Originally designed to favour flexibility over packet processing performance, the future of the programmable network processor is challenged by the need to meet both increasing line rate as well as providing additional processing capabilities. To meet these requirements, trends within networking research has tended to focus on techniques such as offloading computation intensive tasks to dedicated hardware logic or through increased parallelism. While parallelism retains flexibility, challenges such as load-balancing limit its scope. On the other hand, hardware offloading allows complex algorithms to be implemented at high speed but sacrifice flexibility. To this end, the work in this thesis is focused on a more fundamental aspect of a network processor, the data-plane processing engine. Performing both system modelling and analysis of packet processing functions; the goal of this thesis is to identify and extract salient information regarding the performance of multi-processor workloads. Following on from a traditional software based analysis of programme workloads, we develop a method of modelling and analysing hardware accelerators when applied to network processors. Using this quantitative information, this thesis proposes an architecture which allows deeply pipelined micro-architectures to be implemented on the data-plane while reducing the branch penalty associated with these architectures

Optimizing energy-efficiency for multi-core packet processing systems in a compiler framework

Network applications become increasingly computation-intensive and the amount of traffic soars unprecedentedly nowadays. Multi-core and multi-threaded techniques are thus widely employed in packet processing system to meet the changing requirement. However, the processing power cannot be fully utilized without a suitable programming environment. The compilation procedure is decisive for the quality of the code. It can largely determine the overall system performance in terms of packet throughput, individual packet latency, core utilization and energy efficiency. The thesis investigated compilation issues in networking domain first, particularly on energy consumption. And as a cornerstone for any compiler optimizations, a code analysis module for collecting program dependency is presented and incorporated into a compiler framework. With that dependency information, a strategy based on graph bi-partitioning and mapping is proposed to search for an optimal configuration in a parallel-pipeline fashion. The energy-aware extension is specifically effective in enhancing the energy-efficiency of the whole system. Finally, a generic evaluation framework for simulating the performance and energy consumption of a packet processing system is given. It accepts flexible architectural configuration and is capable of performingarbitrary code mapping. The simulation time is extremely short compared to full-fledged simulators. A set of our optimization results is gathered using the framework

On the Edge of Secure Connectivity via Software-Defined Networking

Securing communication in computer networks has been an essential feature ever since the Internet, as we know it today, was started. One of the best known and most common methods for secure communication is to use a Virtual Private Network (VPN) solution, mainly operating with an IP security (IPsec) protocol suite originally published in 1995 (RFC1825). It is clear that the Internet, and networks in general, have changed dramatically since then. In particular, the onset of the Cloud and the Internet-of-Things (IoT) have placed new demands on secure networking. Even though the IPsec suite has been updated over the years, it is starting to reach the limits of its capabilities in its present form. Recent advances in networking have thrown up Software-Defined Networking (SDN), which decouples the control and data planes, and thus centralizes the network control. SDN provides arbitrary network topologies and elastic packet forwarding that have enabled useful innovations at the network level. This thesis studies SDN-powered VPN networking and explains the benefits of this combination. Even though the main context is the Cloud, the approaches described here are also valid for non-Cloud operation and are thus suitable for a variety of other use cases for both SMEs and large corporations. In addition to IPsec, open source TLS-based VPN (e.g. OpenVPN) solutions are often used to establish secure tunnels. Research shows that a full-mesh VPN network between multiple sites can be provided using OpenVPN and it can be utilized by SDN to create a seamless, resilient layer-2 overlay for multiple purposes, including the Cloud. However, such a VPN tunnel suffers from resiliency problems and cannot meet the increasing availability requirements. The network setup proposed here is similar to Software-Defined WAN (SD-WAN) solutions and is extremely useful for applications with strict requirements for resiliency and security, even if best-effort ISP is used. IPsec is still preferred over OpenVPN for some use cases, especially by smaller enterprises. Therefore, this research also examines the possibilities for high availability, load balancing, and faster operational speeds for IPsec. We present a novel approach involving the separation of the Internet Key Exchange (IKE) and the Encapsulation Security Payload (ESP) in SDN fashion to operate from separate devices. This allows central management for the IKE while several separate ESP devices can concentrate on the heavy processing. Initially, our research relied on software solutions for ESP processing. Despite the ingenuity of the architectural concept, and although it provided high availability and good load balancing, there was no anti-replay protection. Since anti-replay protection is vital for secure communication, another approach was required. It thus became clear that the ideal solution for such large IPsec tunneling would be to have a pool of fast ESP devices, but to confine the IKE operation to a single centralized device. This would obviate the need for load balancing but still allow high availability via the device pool. The focus of this research thus turned to the study of pure hardware solutions on an FPGA, and their feasibility and production readiness for application in the Cloud context. Our research shows that FPGA works fluently in an SDN network as a standalone IPsec accelerator for ESP packets. The proposed architecture has 10 Gbps throughput, yet the latency is less than 10 µs, meaning that this architecture is especially efficient for data center use and offers increased performance and latency requirements. The high demands of the network packet processing can be met using several different approaches, so this approach is not just limited to the topics presented in this thesis. Global network traffic is growing all the time, so the development of more efficient methods and devices is inevitable. The increasing number of IoT devices will result in a lot of network traffic utilising the Cloud infrastructures in the near future. Based on the latest research, once SDN and hardware acceleration have become fully integrated into the Cloud, the future for secure networking looks promising. SDN technology will open up a wide range of new possibilities for data forwarding, while hardware acceleration will satisfy the increased performance requirements. Although it still remains to be seen whether SDN can answer all the requirements for performance, high availability and resiliency, this thesis shows that it is a very competent technology, even though we have explored only a minor fraction of its capabilities