9 research outputs found

    Micro and macro network slicing: an experimental assessment of the impact of increasing numbers of slices

    Get PDF
    The fifth generation (5G) telecommunications network aims not only to enhance traffic performance and allow efficient management, but also to enable it to dynamically and flexibly adapt to the traffic demands of different vertical scenarios. In order to support that enablement, the underlying network procedures (i.e., network functions) are being virtualized and deployed in cloud-based environments, allowing for a more optimized usage of the infra-structure resources. In addition, such resources can be sliced, allowing isolated provisioning to specific network functions allocated to disparate vertical deployments. As network slices are envisaged by network operators to fulfill a small number of slices, able to cater towards essential 5G scenario demands (i.e., enhanced mobile broadband, massive machine-type communications and ultra reliable low-latency communications), the total amount of slices existing in a system is currently dictated by the underlying operational overhead placed over the cloud infra-structure. This paper explores the challenges associated to a vision where the network slicing concept is applied with a much greater level of granularity, ultimately allowing it to become a core mechanism of the network’s operation, with large numbers of co-existing slices. In that respect, this paper proposes an architecture framework for instantiation of network slices among network providers, which in turn are able to instantiate sub-slices tailored to use cases and vertical tenants. The evaluation of this concept is done following a two-pronged approach: firstly, different slice dimensions (i.e., from micro to macro) are proposed and discussed, pointing out the benefits and challenges of each proposed slice; secondly, we deployed a mobile network provider (MNO), using OpenAirInterface and FlexRAN frameworks, and experimentally evaluated the its slicing mechanisms. The objective is to provide insight on the challenges and impact associated with the deployment of an increasing amount of slices, using the same available infra-structural resources.publishe

    Infrastructure sharing of 5G mobile core networks on an SDN/NFV platform

    Get PDF
    When looking towards the deployment of 5G network architectures, mobile network operators will continue to face many challenges. The number of customers is approaching maximum market penetration, the number of devices per customer is increasing, and the number of non-human operated devices estimated to approach towards the tens of billions, network operators have a formidable task ahead of them. The proliferation of cloud computing techniques has created a multitude of applications for network services deployments, and at the forefront is the adoption of Software-Defined Networking (SDN) and Network Functions Virtualisation (NFV). Mobile network operators (MNO) have the opportunity to leverage these technologies so that they can enable the delivery of traditional networking functionality in cloud environments. The benefit of this is reductions seen in the capital and operational expenditures of network infrastructure. When going for NFV, how a Virtualised Network Function (VNF) is designed, implemented, and placed over physical infrastructure can play a vital role on the performance metrics achieved by the network function. Not paying careful attention to this aspect could lead to the drastically reduced performance of network functions thus defeating the purpose of going for virtualisation solutions. The success of mobile network operators in the 5G arena will depend heavily on their ability to shift from their old operational models and embrace new technologies, design principles and innovation in both the business and technical aspects of the environment. The primary goal of this thesis is to design, implement and evaluate the viability of data centre and cloud network infrastructure sharing use case. More specifically, the core question addressed by this thesis is how virtualisation of network functions in a shared infrastructure environment can be achieved without adverse performance degradation. 5G should be operational with high penetration beyond the year 2020 with data traffic rates increasing exponentially and the number of connected devices expected to surpass tens of billions. Requirements for 5G mobile networks include higher flexibility, scalability, cost effectiveness and energy efficiency. Towards these goals, Software Defined Networking (SDN) and Network Functions Virtualisation have been adopted in recent proposals for future mobile networks architectures because they are considered critical technologies for 5G. A Shared Infrastructure Management Framework was designed and implemented for this purpose. This framework was further enhanced for performance optimisation of network functions and underlying physical infrastructure. The objective achieved was the identification of requirements for the design and development of an experimental testbed for future 5G mobile networks. This testbed deploys high performance virtualised network functions (VNFs) while catering for the infrastructure sharing use case of multiple network operators. The management and orchestration of the VNFs allow for automation, scalability, fault recovery, and security to be evaluated. The testbed developed is readily re-creatable and based on open-source software

    A proposal for secured, efficient and scalable layer 2 network virtualisation mechanism

    Get PDF
    El contenidos de los capítulos 3 y 4 está sujeto a confidencialidad. 291 p.La Internet del Futuro ha emergido como un esfuerzo investigador para superar estas limitaciones identificadas en la actual Internet. Para ello es necesario investigar en arquitecturas y soluciones novedosas (evolutivas o rompedoras), y las plataformas de experimentación surgen para proporcionar un entorno realista para validar estas nuevas propuestas a gran escala.Debido a la necesidad de compartir la misma infraestructura y recursos para testear simultáneamente diversas propuestas de red, la virtualización de red es la clave del éxito. Se propone una nueva taxonomía para poder analizar y comparar las diferentes propuestas. Se identifican tres tipos: el Nodo Virtual (vNode), la Virtualización posibilitada por SDN (SDNeV) y el overlay.Además, se presentan las plataformas experimentales más relevantes, con un foco especial en la forma en la que cada una de ellas permite la investigación en propuestas de red, las cuales no cumplen todos estos requisitos impuestos: aislamiento, seguridad, flexibilidad, escalabilidad, estabilidad, transparencia, soporte para la investigación en propuestas de red. Por lo tanto, una nueva plataforma de experimentación ortogonal a la experimentación es necesaria.Las principales contribuciones de esta tesis, sustentadas sobre tecnología SDN y NFV, son también los elementos clave para construir la plataforma de experimentación: la Virtualización de Red basada en Prefijos de Nivel 2 (Layer 2 Prefix-based Network Virtualisation, L2PNV), un Protocolo para la Configuración de Direcciones MAC (MAC Address Configuration Protocol, MACP), y un sistema de Control de Acceso a Red basado en Flujos (Flow-based Network Access Control, FlowNAC).Como resultado, se ha desplegado en la Universidad del Pais Vasco (UPV/EHU) una nueva plataforma experimental, la Plataforma Activada por OpenFlow de EHU (EHU OpenFlow Enabled Facility, EHU-OEF), para experimentar y validar estas propuestas realizadas

    The Cloud-to-Thing Continuum

    Get PDF
    The Internet of Things offers massive societal and economic opportunities while at the same time significant challenges, not least the delivery and management of the technical infrastructure underpinning it, the deluge of data generated from it, ensuring privacy and security, and capturing value from it. This Open Access Pivot explores these challenges, presenting the state of the art and future directions for research but also frameworks for making sense of this complex area. This book provides a variety of perspectives on how technology innovations such as fog, edge and dew computing, 5G networks, and distributed intelligence are making us rethink conventional cloud computing to support the Internet of Things. Much of this book focuses on technical aspects of the Internet of Things, however, clear methodologies for mapping the business value of the Internet of Things are still missing. We provide a value mapping framework for the Internet of Things to address this gap. While there is much hype about the Internet of Things, we have yet to reach the tipping point. As such, this book provides a timely entrée for higher education educators, researchers and students, industry and policy makers on the technologies that promise to reshape how society interacts and operates

    Context-based security function orchestration for the network edge

    Get PDF
    Over the last few years the number of interconnected devices has increased dramatically, generating zettabytes of traffic each year. In order to cater to the requirements of end-users, operators have deployed network services to enhance their infrastructure. Nowadays, telecommunications service providers are making use of virtualised, flexible, and cost-effective network-wide services, under what is known as Network Function Virtualisation (NFV). Future network and application requirements necessitate services to be delivered at the edge of the network, in close proximity to end-users, which has the potential to reduce end-to-end latency and minimise the utilisation of the core infrastructure while providing flexible allocation of resources. One class of functionality that NFV facilitates is the rapid deployment of network security services. However, the urgency for assuring connectivity to an ever increasing number of devices as well as their resource-constrained nature, has led to neglecting security principles and best practices. These low-cost devices are often exploited for malicious purposes in targeting the network infrastructure, with recent volumetric Distributed Denial of Service (DDoS) attacks often surpassing 1 terabyte per second of network traffic. The work presented in this thesis aims to identify the unique requirements of security modules implemented as Virtual Network Functions (VNFs), and the associated challenges in providing management and orchestration of complex chains consisting of multiple VNFs The work presented here focuses on deployment, placement, and lifecycle management of microservice-based security VNFs in resource-constrained environments using contextual information on device behaviour. Furthermore, the thesis presents a formulation of the latency-optimal placement of service chains at the network edge, provides an optimal solution using Integer Linear Programming, and an associated near-optimal heuristic solution that is able to solve larger-size problems in reduced time, which can be used in conjunction with context-based security paradigms. The results of this work demonstrate that lightweight security VNFs can be tailored for, and hosted on, a variety of devices, including commodity resource-constrained systems found in edge networks. Furthermore, using a context-based implementation of the management and orchestration of lightweight services enables the deployment of real-world complex security service chains tailored towards the user’s performance demands from the network. Finally, the results of this work show that on-path placement of service chains reduces the end-to-end latency and minimise the number of service-level agreement violations, therefore enabling secure use of latency-critical networks

    A proposal for secured, efficient and scalable layer 2 network virtualisation mechanism

    Get PDF
    El contenidos de los capítulos 3 y 4 está sujeto a confidencialidad. 291 p.La Internet del Futuro ha emergido como un esfuerzo investigador para superar estas limitaciones identificadas en la actual Internet. Para ello es necesario investigar en arquitecturas y soluciones novedosas (evolutivas o rompedoras), y las plataformas de experimentación surgen para proporcionar un entorno realista para validar estas nuevas propuestas a gran escala.Debido a la necesidad de compartir la misma infraestructura y recursos para testear simultáneamente diversas propuestas de red, la virtualización de red es la clave del éxito. Se propone una nueva taxonomía para poder analizar y comparar las diferentes propuestas. Se identifican tres tipos: el Nodo Virtual (vNode), la Virtualización posibilitada por SDN (SDNeV) y el overlay.Además, se presentan las plataformas experimentales más relevantes, con un foco especial en la forma en la que cada una de ellas permite la investigación en propuestas de red, las cuales no cumplen todos estos requisitos impuestos: aislamiento, seguridad, flexibilidad, escalabilidad, estabilidad, transparencia, soporte para la investigación en propuestas de red. Por lo tanto, una nueva plataforma de experimentación ortogonal a la experimentación es necesaria.Las principales contribuciones de esta tesis, sustentadas sobre tecnología SDN y NFV, son también los elementos clave para construir la plataforma de experimentación: la Virtualización de Red basada en Prefijos de Nivel 2 (Layer 2 Prefix-based Network Virtualisation, L2PNV), un Protocolo para la Configuración de Direcciones MAC (MAC Address Configuration Protocol, MACP), y un sistema de Control de Acceso a Red basado en Flujos (Flow-based Network Access Control, FlowNAC).Como resultado, se ha desplegado en la Universidad del Pais Vasco (UPV/EHU) una nueva plataforma experimental, la Plataforma Activada por OpenFlow de EHU (EHU OpenFlow Enabled Facility, EHU-OEF), para experimentar y validar estas propuestas realizadas

    Packet switch architecture for efficient unicast and multicast traffic switching

    Get PDF
    У дисертацији је предложена једноставна архитектура свича као и алгоритми за ефикасно распоређивање и комутацију уникаст и мултикаст саобраћаја, што је од великог значаја за савремене телекомуникационе мреже у којима количина саобраћаја константно расте. Први дио доприноса ове дисертације чини приједлог рјешења свича за ефикасно управљање уникаст саобраћајем. Ово рјешење је развијено комбинујући најбоље особине постојећих рјешења, при том избјегавајући одређене њихове недостатке. Циљ је да се омогући што брже прослијеђивање пакета уз прихватљив ниво хардверске комплексности. Свич који је развијен у овој дисертацији представља комбинацију свичева са баферима на улазу и свичева који користе Биркхоф-фон Нојман принцип детерминистичког конфигурисања комутационог модула па се не захтијева прорачун конфигурација комутатора. При томе, за разлику од већине рјешења која користе Биркхоф-фон Нојман принцип конфигурисања, у предложеном рјешењу могуће је користити само један физички комутациони модул који би обављао функције оба логичка комутациона модула. Да би се гарантовало да није дошло до поремећаја редослиједа пакета, предложен је и једноставан алгоритам за одабир пакета за слање. Такође, дат је и приједлог унапријеђења подршке за фер сервис првобитно предложеног рјешења за комутацију уникаст саобраћаја. У другом дијелу дисертације, пажња је посвећена унапријеђењу предложеног рјешења за ефикасно управљање и мултикаст саобраћајем. Потреба за овим се јавила као посљедица развоја нових сервиса (нпр. IPTV, онлајн игре итд.) који генеришу такав тип саобраћаја. Како је удио мултикаст саобраћаја у мрежи постао незанемарљив, перформансе свичева који су развијени примарно за уникаст саобраћај значајно опадају. Рјешење које је предложено у првом дијелу дисертације је унапријеђено додавањем модула који служи за управљање мултикаст саобраћајем. Овдје је идеја да се оптерећење са улазног порта који прима мултикаст пакете распореди на више портова који треба да приме те пакете. Овако је на релативно једноставан начин омогућено ефикасно управљање мултикаст саобраћајем. У оквиру дисертације су урађене софтверске симулације које су показале да ова рјешења постижу врло добре перформансе у односу на постојећа. Такође, урађена је и хардверска имплементација предложеног основног уникаст рјешења која је показала релативно скромне захтјеве у погледу хардверских ресурса.The dissertation proposes a simple switch architecture as well as algorithms for efficient scheduling and switching of unicast and multicast traffic, which is of great importance for modern telecommunication networks because their traffic load is constantly and rapidly increasing. The first part of the dissertation’s contributions comprises a proposed switch which efficiently manages unicast traffic. The proposed switch is developed by using the best characteristics of the existing solutions while avoiding some of their drawbacks. The aim is to enable fast packet forwarding while achieving an acceptable level of hardware complexity. The proposed solution combines architecture with buffers at input ports and Birkhoff-von Neumann architecture based on deterministic switch module configurations. Hence, calculation of switch module configurations is not needed. Also, folded architecture is possible, which means that only one physical switching module is used for both switching stages of Birkhoff-von Neumann architecture. A simple algorithm for packet scheduling has been developed in order to avoid packet out-of-sequence problems. Finally, fair service support improvement is introduced for the originally proposed switch solution. The second part of the dissertation is devoted to the enhancement of the proposed unicast switch for efficient management of multicast traffic. The need for multicast support has emerged as a consequence of the development and introduction of new services (such as IPTV, online gaming, etc.) that generate multicast traffic. As the amount of multicast traffic is not negligible anymore, the performance of packet switches that were primarily developed for the unicast traffic is significantly degraded. The solution proposed in the first part of the diseration is enhanced with the module used for multicast traffic management. Here, the idea is that the multicast load at some input port is distributed over ports that are also destination for the multicast packets. This approach enables relatively simple but efficient management of multicast traffic. In this dissertation, software simulations were conducted, which confirmed that proposed solutions achieve very good performances compared to existing solutons. Furthermore, hardware implementation of the proposed basic unicast switch solution shows modest requirements in terms of needed hardware resources
    corecore