Performance Comparison Of the state of the art OpenFlow Controllers

Sonba, Ahmed, Abdalkreim, Hassan

January 2014

OpenFlow is a widely used protocol for software defined networks (SDNs) that presents a new paradigm in which the control plane is abstracted from the forwarding plane for the network devices. This approach differs from the conventional networking architecture, where both planes reside on the same networking device. In SDN approach centralized entities called “controllers” act like network operating systems run different applications that manage and control the network via well-defined APIs. OpenFlow switch is the forwarding plane in SDN architecture that has tables of packet-handling rules. Traffics passing the switch are compared against these rules and a match – action method is applied to the traffics. Depending on the rules installed by a controller application, an OpenFlow switch can act like a router, a switch, or a middle box without much caring about what kind of vendor to use in the network. Data centers’ networking is one of the applications that showed successful integration with OpenFlow protocol by making the network more consistent to the rapidly expanding number of virtual machines. But with the growing traffic in the data centers, the need for high controllers’ performance increases. Therefore, in this thesis we presented a performance evaluation in both throughput and latency perspectives for the current well-known OpenFlow controllers: NOX, Beacon, Floodlight, Maestro, OpenMul, and OpenIRIS. Controller benchmarking tool was implemented for incremental number of switches connected to the controller under test, and the results show that the OpenMul controller has the highest throughput, while OpenIRIS controller shows the lowest latency.

SDN

OpenFlow

Mecanismo para integração de comutadores openflow na infraestrutura do testbed emulab. / Mechanism for integration of openflow switches in emulab testbed infrastructure.

Schwarz, Marcos Felipe

10 June 2014

O Emulab é um ambiente de experimentação que permite a emulação de redes com topologia arbitrária definida pelo usuário, em um ambiente controlável, previsível e reproduzível. Tal topologia definida pelo usuário é provisionada no ambiente físico de forma automatizada, por meio de nós físicos instanciados com o sistema operacional e os endereços IP solicitados e um conjunto de comutadores configurados dinamicamente para emular a topologia de rede desejada. A abordagem utilizada para a configuração dos comutadores, baseada em SNMP, impõe requisitos que limitam os modelos de comutadores que podem ser usados para a construção de um ambiente Emulab e, ao mesmo tempo, exige a criação de módulos específicos para cada novo modelo de comutador a ser suportado. Este trabalho propõe a utilização do protocolo OpenFlow no ambiente Emulab, como alternativa ao modelo atual baseado em SNMP, criando, para esse fim um modulo OpenFlow para ambiente Emulab. Esse módulo utiliza OpenFlow como interface padronizada para configurar comutadores de diferentes modelos e fabricantes que suportem o protocolo OpenFlow, removendo, dessa forma as restrições citadas anteriormente e adicionando suporte a novos modelos de comutadores. Foi efetuado um conjunto de testes para analisar o funcionamento e desempenho do uso de comutadores OpenFlow no Emulab, que comprovaram que a solução proposta adiciona suporte a diferentes modelos de comutadores OpenFlow de forma unificada e com desempenho comparável a comutadores convencionais. / Emulab is a emulated network testbed that provides user-defined network topologies in a controllable, predictable, and repeatable environment. The topology defined by the user is provisioned in the physical environment in an automated manner by means of physical nodes instantiated with the desired operating system and IP addresses and a set of switches dynamically configured to emulate the desired network topology. The approach used for switch configuration is based on SNMP and currently imposes requirements that limit the switch models that can be used to build an Emulab facility and at the same time requires the creation of specific modules for each new type of switch to be supported. This work proposes the use of the OpenFlow protocol for configuring switches in Emulab as an alternative to the current model based on SNMP. As result, it was created an OpenFlow module for Emulab environment, which uses OpenFlow as a standardized interface for configuring these devices. This new OpenFlow-based approach makes it possible to configure switches of different models and manufacturers that support the OpenFlow protocol through a single mechanism, removing thus the restrictions mentioned above, and adding support for new types of switches. A set of tests were performed to analyze the operation and performance of OpenFlow switches in Emulab, which showed that the proposed solution adds support for different models of OpenFlow switches in a unified manner with comparable performance to conventional switches

Ambiente de experimentação

Emulated networks

Experimentation environment

Openflow

Openflow

Redes emuladas

Mecanismo para integração de comutadores openflow na infraestrutura do testbed emulab. / Mechanism for integration of openflow switches in emulab testbed infrastructure.

Marcos Felipe Schwarz

10 June 2014

O Emulab é um ambiente de experimentação que permite a emulação de redes com topologia arbitrária definida pelo usuário, em um ambiente controlável, previsível e reproduzível. Tal topologia definida pelo usuário é provisionada no ambiente físico de forma automatizada, por meio de nós físicos instanciados com o sistema operacional e os endereços IP solicitados e um conjunto de comutadores configurados dinamicamente para emular a topologia de rede desejada. A abordagem utilizada para a configuração dos comutadores, baseada em SNMP, impõe requisitos que limitam os modelos de comutadores que podem ser usados para a construção de um ambiente Emulab e, ao mesmo tempo, exige a criação de módulos específicos para cada novo modelo de comutador a ser suportado. Este trabalho propõe a utilização do protocolo OpenFlow no ambiente Emulab, como alternativa ao modelo atual baseado em SNMP, criando, para esse fim um modulo OpenFlow para ambiente Emulab. Esse módulo utiliza OpenFlow como interface padronizada para configurar comutadores de diferentes modelos e fabricantes que suportem o protocolo OpenFlow, removendo, dessa forma as restrições citadas anteriormente e adicionando suporte a novos modelos de comutadores. Foi efetuado um conjunto de testes para analisar o funcionamento e desempenho do uso de comutadores OpenFlow no Emulab, que comprovaram que a solução proposta adiciona suporte a diferentes modelos de comutadores OpenFlow de forma unificada e com desempenho comparável a comutadores convencionais. / Emulab is a emulated network testbed that provides user-defined network topologies in a controllable, predictable, and repeatable environment. The topology defined by the user is provisioned in the physical environment in an automated manner by means of physical nodes instantiated with the desired operating system and IP addresses and a set of switches dynamically configured to emulate the desired network topology. The approach used for switch configuration is based on SNMP and currently imposes requirements that limit the switch models that can be used to build an Emulab facility and at the same time requires the creation of specific modules for each new type of switch to be supported. This work proposes the use of the OpenFlow protocol for configuring switches in Emulab as an alternative to the current model based on SNMP. As result, it was created an OpenFlow module for Emulab environment, which uses OpenFlow as a standardized interface for configuring these devices. This new OpenFlow-based approach makes it possible to configure switches of different models and manufacturers that support the OpenFlow protocol through a single mechanism, removing thus the restrictions mentioned above, and adding support for new types of switches. A set of tests were performed to analyze the operation and performance of OpenFlow switches in Emulab, which showed that the proposed solution adds support for different models of OpenFlow switches in a unified manner with comparable performance to conventional switches

Ambiente de experimentação

Openflow

Redes emuladas

Emulated networks

Experimentation environment

Openflow

Estratégias para Resiliência em SDN : Uma Abordagem Centrada em Multi-Controladores Ativamente Replicados

SPALLA, E. S.

10 July 2015

Made available in DSpace on 2016-08-29T15:33:22Z (GMT). No. of bitstreams: 1 tese_8943_Dissertação de mestrado - Versão final.pdf: 2374812 bytes, checksum: 451a93c76906d24965d0ea838edf582f (MD5) Previous issue date: 2015-07-10 / As Redes Definidas por Software (SDN) separam os planos de dados e de controle. Embora o controlador seja logicamente centralizado, ele deve ser efetivamente distribuído para garantir alta disponibilidade. Desde a especificação OpenFlow 1.2, há novas funcionalidades que permitem aos elementos da rede se comunicarem com múltiplos controladores que podem assumir diferentes papéis -- master, slave, e equal. Entretanto, esses papéis não são suficientes para garantir resiliência no plano de controle, pois delega-se aos projetistas de redes SDN a responsabilidade por essa implementação. Neste artigo, exploramos os papéis definidos no protocolo OpenFlow no projeto de arquiteturas resilientes SDN com base em multi-controladores. Como prova de conceito uma estratégia de replicação ativa foi implementada no controlador Ryu usando o serviço OpenReplica para garantir a consistência dos estados. O protótipo foi testado com switches RouterBoards/MikroTik comerciais e no ambiente Mininet avaliando-se as latências na recuperação de falha, na migração de switches entre controladores, e de processamento de packet-in. Observamos diferentes compromissos de projeto em experimentos em ambiente real e emulado sujeitos a várias cargas nos planos de dados e de controle.

SDN

OpenFlow

Resiliência

Alta-Disponibilidade

Título da dissertação: Uma Abordagem OpenFlow para Tratamento de Falhas na Topologia Hipercubo com Compactação de Tabelas de Encaminhamento.

LIMA, D. S. A.

16 May 2016

Made available in DSpace on 2016-08-29T15:33:25Z (GMT). No. of bitstreams: 1 tese_9891_Ata de Defesa.pdf: 681165 bytes, checksum: e90a96fd774c8d4b5e7a4315a623688c (MD5) Previous issue date: 2016-05-16 / Em data centers centrados em servidores estes não somente participam no processamento dos dados, mas também no encaminhamento do tráfego de rede. Uma possível topologia de interligação dos servidores em um data center é o hipercubo. Nele, o encaminhamento de pacotes é normalmente baseado em operações de XOR, que calcula qual o vizinho mais próximo do destino de forma bastante eficiente . Porém se por um lado essa simplicidade contribui para o aumento da vazão e diminuição da latência, por outro o encaminhamento só funciona caso o hipercubo esteja completo, ou seja, na inexistência de falhas de nó ou enlace. O uso de SDN e do protocolo OpenFlow pode ser uma alternativa para garantir o encaminhamento de tráfego nessas situações. Entretanto, a adoção de tabelas de encaminhamento em topologia hipercubo possui um alto custo relacionado ao grande número de entradas nessas tabelas, que crescem em escala exponencial. Nesse contexto este trabalho apresenta uma proposta, baseada na tecnologia OpenFlow, para o tratamento de falhas em hipercubos incluindo a redução do número de entradas nas tabelas de encaminhamento, com taxa de compactação logarítmica, proporcional ao número de dimensões do hipercubo.

SDN

OpenFlow

XOR

Data Center

On Performance Assessment of Control Mechanisms and Virtual Components in SDN-based Networks / Zur Leistungsbewertung von Regelungsmechanismen und virtuellen Komponenten in SDN-basierten Netzwerken

Nguyen-Ngoc, Anh

January 2018

This dissertation focuses on the performance evaluation of all components of Software Defined Networking (SDN) networks and covers whole their architecture. First, the isolation between virtual networks sharing the same physical resources is investigated with SDN switches of several vendors. Then, influence factors on the isolation are identified and evaluated. Second, the impact of control mechanisms on the performance of the data plane is examined through the flow rule installation time of SDN switches with different controllers. It is shown that both hardware-specific and controller instance have a specific influence on the installation time. Finally, several traffic flow monitoring methods of an SDN controller are investigated and a new monitoring approach is developed and evaluated. It is confirmed that the proposed method allows monitoring of particular flows as well as consumes fewer resources than the standard approach. Based on findings in this thesis, on the one hand, controller developers can refer to the work related to the control plane, such as flow monitoring or flow rule installation, to improve the performance of their applications. On the other hand, network administrators can apply the presented methods to select a suitable combination of controller and switches in their SDN networks, based on their performance requirements / Diese Dissertation konzentriert sich auf die Leistungsbewertung aller Komponenten von SDN-Netzwerken (Software Defined Networking) und deckt deren gesamte Architektur ab. Zuerst wird die Isolation zwischen virtuellen Netzwerken, die dieselben physischen Ressourcen teilen, mit SDN-Switches verschiedener Hersteller untersucht. Dann werden Einflussfaktoren auf die Isolation identifiziert und ausgewertet. Anschließen wird die Auswirkung von Kontrollmechanismen auf die Leistung der Datenebene durch die Flussregel-Installationszeit von SDN-Switches mit unterschiedlichen Controllern untersucht. Es wird gezeigt, dass sowohl Hardware-spezifische als auch Controller-Instanz einen spezifischen Einfluss auf die Installationszeit haben. Abschließend werden verschiedene Methoden der Verkehrsflussüberwachung eines SDN-Controllers untersucht und ein neuer Monitoringansatz entwickelt und evaluiert. Es wird bestätigt, dass die vorgeschlagene Methode die Überwachung bestimmter Flüsse ermöglicht und weniger Ressourcen verbraucht als der Standardansatz. Basierend auf den Ergebnissen dieser Arbeit können Controller-Entwickler einerseits die Arbeiten zur Steuerungsebene, wie zum Beispiel die Flussüberwachung oder die Flussregelinstallation, zur Verbesserung der Leistung ihrer Anwendungen verwenden. Auf der anderen Seite können Netzwerkadministratoren die vorgestellte Methode anwenden, um basierend auf ihren Leistungsanforderungen eine geeignete Kombination aus Controller und Switches in ihren SDN-Netzwerken auszuwählen.

Leistungsbewertung

Netzwerk

OpenFlow

ddc:005

Scalable Bandwidth Management in Software-Defined Networks

Biyase, Lindokuhle Zakithi

29 July 2021

There has been a growing demand to manage bandwidth as the network traffic increases. Network applications such as real time video streaming, voice over IP and video conferencing in IP networks has risen rapidly over the recently and is projected to continue in the future. These applications consume a lot of bandwidth resulting in increasing pressure on the networks. In dealing with such challenges, modern networks must be designed to be application sensitive and be able to offer Quality of Service (QoS) based on application requirements. Network paradigms such as Software Defined Networking (SDN) allows for direct network programmability to change the network behavior to suit the application needs in order to provide solutions to the challenge. In this dissertation, the objective is to research if SDN can provide scalable QoS requirements to a set of dynamic traffic flows. Methods are implemented to attain scalable bandwidth management to provide high QoS with SDN. Differentiated Services Code Point (DSCP) values and DSCP remarking with Meters are used to implement high QoS requirements such that bandwidth guarantee is provided to a selected set of traffic flows. The theoretical methodology is implemented for achieving QoS, experiments are conducted to validate and illustrate that QoS can be implemented in SDN, but it is unable to implement High QoS due to the lack of implementation for Meters with DSCP remarking. The research work presented in this dissertation aims at the identification and addressing the critical aspects related to the SDN based QoS provisioning using flow aggregation techniques. Several tests and demonstrations will be conducted by utilizing virtualization methods. The tests are aimed at supporting the proposed ideas and aims at creating an improved understanding of the practical SDN use cases and the challenges that emerge in virtualized environments. DiffServ Assured Forwarding is chosen as a QoS architecture for implementation. The bandwidth management scalability in SDN is proved based on throughput analysis by considering two conditions i.e 1) Per-flow QoS operation and 2) QoS by using DiffServ operation in the SDN environment with Ryu controller. The result shows that better performance QoS and bandwidth management is achieved using the QoS by DiffServ operation in SDN rather than the per-flow QoS operation.

SDN Controller

OpenFlow

Scalability

Mininet

Performance evaluation using multiple controllers with different flow setup modes in the software defined network architecture

El-Geder, Suad

January 2017

In this thesis, a scheme of using multiple controllers which handle multiple network devices has been proposed, while using OpenFlow controllers in the proactive operations paradigm, and this in order to face the problem of using a single controller in the SDN model, including the lack of reliability and scalability on such a model. The main characteristic of this new approach are focused on the ability to design a dynamic and highly programmable network, moving the intelligence from the underlying systems to the network itself through a controller. To evaluate the proper effects of this new approach, different dynamic and programmable networks that could simulate real scenarios and measure their performance contrasting the obtained results with the pragmatic theory has been implemented. The SDN (Software-Defined Network) controller (Open Daylight), has been utilized, and thoroughly examined. Different sort of nets has been worked out through diverse Open Daylight functionalities, either implementing the intelligence of the controller (bundle), or going through it by an outside intelligent application (External Orchestrator), and eventually sending it through Open Daylight (by making Open Daylight work as an interpreter/translator from its language to OpenFlow or another protocol language). Summing up, the scheme that has been proposed in this research which is the multiple-proactive mode approach and the single proactive controller has scored no packet loss at all, in which implies the strength of reliability of this scheme, while the multiple reactive mode approach has a range of 1-8% packet loss ratio and the single reactive mode approach has a range of 1-25% packet loss ratio. Also, in case of delay the improvement which was obtained from our approach scored an average reduction of 13% comparing with other tested schemes. Thus, these new and interesting technologies show an astonishing capability to add more efficiency in different types of Networks.

Performance Analysis on Dynamic VLAN an OpenFlow

Gurramkonda, Reddy Kamal Teja

January 2015

In the current innovative network, to cope with the increased require- ments of customers, there is a rapid increase in the development of dierent protocols and applications. With such increase in networking technology, the security constraints are becoming more and more severe, reducing the accessibility to the actual network for implementing new protocols. This scenario forced for an urgent need of a technology, which can help the re- searchers to implement their developed protocols in the network without inuencing the production trac. This need resulted in a concept called network isolation. This is achieved by VLAN or SDN technologies. In this study, we investigate the performance of VLAN and an API of SDN in the context of establishing dynamic link, in switching setup. For such a link creation, dynamic VLAN (dVLAN) is used in the former case and OpenFLow protocol is used in the later scenario. The main focus in this study is to compare the dynamic behavior of both the protocols in layer-2 context by measuring network level performance metrics of each protocol. Some of the features like, vendor independency and software independency is taken into account while measuring the performance metrics. In order to evaluate the performance, an experimental testbed is implemented. The network level performance metric called protocol setup time is measured. It is the time taken by each protocol to setup an active link between two end-hosts. A two-tire network architecture is implemented with the mentioned features. From the analytical and statistical results obtained, OpenFlow re- sulted in performing relatively better when compared to dynamic VLANs. By carefully examining the protocol setup time of OpenFlow against dVLAN, OpenFlow took less time when compared to dVLAN resulting in faster exe- cution in enabling connectivity. On the other hand, the analytical study on the two protocols reects the simplicity exhibited by dVLAN over Open- Flow.

Dynamic VLAN

Network Isolation

OpenFlow

SDN

An SDN-based IPS Development Framework in Cloud Networking Environment

January 2014

abstract: Security has been one of the top concerns in cloud community while cloud resource abuse and malicious insiders are considered as top threats. Traditionally, Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) have been widely deployed to manipulate cloud security, with the latter one providing additional prevention capability. However, as one of the most creative networking technologies, Software-Defined Networking (SDN) is rarely used to implement IDPS in the cloud computing environment because the lack of comprehensive development framework and processing flow. Simply migration from traditional IDS/IPS systems to SDN environment are not effective enough for detecting and defending malicious attacks. Hence, in this thesis, we present an IPS development framework to help user easily design and implement their defensive systems in cloud system by SDN technology. This framework enables SDN approaches to enhance the system security and performance. A Traffic Information Platform (TIP) is proposed as the cornerstone with several upper layer security modules such as Detection, Analysis and Prevention components. Benefiting from the flexible, compatible and programmable features of SDN, Customized Detection Engine, Network Topology Finder, Source Tracer and further user-developed security appliances are plugged in our framework to construct a SDN-based defensive system. Two main categories Python-based APIs are designed to support developers for further development. This system is designed and implemented based on the POX controller and Open vSwitch in the cloud computing environment. The efficiency of this framework is demonstrated by a sample IPS implementation and the performance of our framework is also evaluated. / Dissertation/Thesis / Masters Thesis Computer Science 2014

Computer science

Cloud Computing

IPS

Openflow

SDN