Rules Placement Problem in OpenFlow Networks: a Survey

International audienceSoftware-Defined Networking (SDN) abstracts low- level network functionalities to simplify network management and reduce costs. The OpenFlow protocol implements the SDN concept by abstracting network communications as flows to be processed by network elements. In OpenFlow, the high-level policies are translated into network primitives called rules that are distributed over the network. While the abstraction offered by OpenFlow allows to potentially implement any policy, it raises the new question of how to define the rules and where to place them in the network while respecting all technical and administrative requirements. In this paper, we propose a comprehensive study of the so-called OpenFlow rules placement problem with a survey of the various proposals intending to solve it. Our study is multi-fold. First, we define the problem and its challenges. Second, we overview the large number of solutions proposed, with a clear distinction between solutions focusing on memory management and those proposing to reduce signaling traffic to ensure scalability. Finally, we discuss potential research directions around the OpenFlow rules placement problem

Addressing the challenges of modern DNS:a comprehensive tutorial

The Domain Name System (DNS) plays a crucial role in connecting services and users on the Internet. Since its first specification, DNS has been extended in numerous documents to keep it fit for today’s challenges and demands. And these challenges are many. Revelations of snooping on DNS traffic led to changes to guarantee confidentiality of DNS queries. Attacks to forge DNS traffic led to changes to shore up the integrity of the DNS. Finally, denial-of-service attack on DNS operations have led to new DNS operations architectures. All of these developments make DNS a highly interesting, but also highly challenging research topic. This tutorial – aimed at graduate students and early-career researchers – provides a overview of the modern DNS, its ongoing development and its open challenges. This tutorial has four major contributions. We first provide a comprehensive overview of the DNS protocol. Then, we explain how DNS is deployed in practice. This lays the foundation for the third contribution: a review of the biggest challenges the modern DNS faces today and how they can be addressed. These challenges are (i) protecting the confidentiality and (ii) guaranteeing the integrity of the information provided in the DNS, (iii) ensuring the availability of the DNS infrastructure, and (iv) detecting and preventing attacks that make use of the DNS. Last, we discuss which challenges remain open, pointing the reader towards new research areas

Flow Delegation: Flow Table Capacity Bottleneck Mitigation for Software-defined Networks

This dissertation introduces flow delegation, a novel concept to deal with flow table capacity bottlenecks in Software-defined Networks (SDNs). Such bottlenecks occur when SDN switches provide insufficient flow table capacity which can lead to performance degradation and/or network failures. Flow delegation addresses this well-known problem by automatically relocating flow rules from a bottlenecked switch to neighboring switches with spare capacity. Different from existing work, this new approach can be used on-demand in a transparent fashion, i.e., without changes to the network applications or other parts of the infrastructure. The thesis presents a system design and architecture capable of dealing with the numerous practical challenges associated with flow delegation, introduces suitable algorithms to efficiently mitigate bottlenecks taking future knowledge and multiple objectives into account and studies feasibility, performance, overhead, and scalability of the new approach covering different scenarios