智慧家庭中以SDN結合具服務品質感知排程演算法之效能研究 / Performance study on QoS aware scheduling with SDN for smart homes

王芝吟, Wang, Chin Yin Unknown Date (has links)
隨著物聯網這個萬物連網的概念順勢推動智慧家庭在市場裡蓬勃發展,可預期未來ISP(Internet Service Provider)業者勢必面臨大量智慧家庭中各種不同應用服務互相競爭頻寬資源的情況,甚至遇到網路滿載壅塞時造成應用服務不堪使用的情形。 為改善上述問題,本文以ISP業者管理智慧家庭中眾多的物聯網設備為情境,透過軟體定義網路 (Software Defined Network,SDN)進行頻寬排程配置,排程演算法以可兼顧公平性(fairness)、時間延遲(delay)及應用服務優先權(service priority)的A-MLWDF (Adaptive Modified Largest Weighted Delay First) [7]演算法,確保優先配置頻寬給智慧家庭中優先權較高、時效較為急迫的流量,以降低應用服務的延遲來提升智慧家庭網路之服務品質(Quality of Service,QoS)。 本研究透過OMNet++模擬器建構SDN環境與傳統環境中有眾多物聯網設備之智慧家庭。家中物聯網設備包含M2M (Machine to Machine)和非M2M(non Machine to Machine)裝置,以提供各種智慧家庭應用服務。我們透過SDN架構進行頻寬配置,達到集中式管控家中的頻寬資源,其中排程演算法包括PF、MLWDF、A-MLWDF。實驗結果顯示,以上排程演算法雖然於SDN環境下在公平性與抖動率表現並不顯著,公平性約改善1.6%及抖動率約降低1%左右,但在產能與延遲方面表現較為顯著,能有效提高產能約52%,及降低延遲約 52%。 / With the concept of IoT (Internet of Things) spread rapidly, it is the opportunity to promote smart homes in the expanding market. We can see that the future ISP (Internet Service Provider) has to face a large number of smart homes having bandwidth competition in a variety of different applications and causing application services unavailable due to network congestion.     In order to resolve the above problems, we propose that each ISP (Internet Service Provider) has to manage a large number of IoT devices in a smart home to performs bandwidth scheduling through Software Defined Network (SDN). We choose to use A-MLWDF scheduling algorithm (Adaptive Modified Largest Weighted Delay First) [7] which considers fairness, delay and service priority. A-MLWDF is able to ensure services of higher priority and emergent traffic be allocated bandwidth earlier and greatly reduce delay and thus effectively enhance Quality of Service (QoS) of smart homes.     In this research, we implement a SDN environment by using OMNet++ to simulate the bandwidth competition among smart homes with IoT devices. The IoT devices consists of M2M (Machine to Machine) and non-M2M (non Machine to Machine) devices which offer a variety of intelligent home application services. We configure the bandwidth allocation under SDN control. The scheduling algorithms include PF, MLWDF and A-MLWDF. When the network traffic is congested, SDN can significantly increase throughput and reduce latency compared to traditional network management. The experimental results show that above scheduling algorithms using SDN environment having no significant performance improvements in fairness and jitter. The fairness increases around 1.6% and the jitter reduces around 1%. However, it shows significant improvement on throughout and delay. The throughput increases around 52% and the delay reduces around 52%.

Simmulating and prototyping software definednetworking (SDN) using Mininet approach to optimise host communication in realistic programmable networking environment

Zulu, Lindinkosi Lethukuthula 11 1900 (has links)
In this project, two tests were performed. On the first test, Mininet-WiFi was used to simulate a Software Defined Network to demonstrate Mininet-WiFi’ s ability to be used as the Software Defined Network emulator which can also be integrated to the existing network using a Network Virtualized Function (NVF). A typical organization’s computer network was simulated which consisted of a website hosted on the LAMP (Linux, Apache, MySQL, PHP) virtual machine, and an F5 application delivery controller (ADC) which provided load balancing of requests sent to the web applications. A website page request was sent from the virtual stations inside Mininet-WiFi. The request was received by the application delivery controller, which then used round robin technique to send the request to one of the web servers on the LAMP virtual machine. The web server then returned the requested website to the requesting virtual stations using the simulated virtual network. The significance of these results is that it presents Mininet-WiFi as an emulator, which can be integrated into a real programmable networking environment offering a portable, cost effective and easily deployable testing network, which can be run on a single computer. These results are also beneficial to modern network deployments as the live network devices can also communicate with the testing environment for the data center, cloud and mobile provides. On the second test, a Software Defined Network was created in Mininet using python script. An external interface was added to enable communication with the network outside of Mininet. The amazon web services elastic computing cloud was used to host an OpenDaylight controller. This controller is used as a control plane device for the virtual switch within Mininet. In order to test the network, a webserver hosted on the Emulated Virtual Environment – Next Generation (EVENG) software is connected to Mininet. EVE-NG is the Emulated Virtual Environment for networking. It provides tools to be able to model virtual devices and interconnect them with other virtual or physical devices. The OpenDaylight controller was able to create the flows to facilitate communication between the hosts in Mininet and the webserver in the real-life network. / Electrical and Mining Engineering

Link failure detection in OSPF network using OpenFlow protocol

Pamulapati, Santhan 21 May 2014 (has links)
Indiana University-Purdue University Indianapolis (IUPUI) / The study of this thesis is focused on reducing the link failure detection time in OSPF network. When a link failure occurs, OSPF protocol detects it using RouterDeadInterval time. This timer is fired only after a predefined time interval, thus increasing the time of convergence after the link failure. There are previous studies to reduce the RouterDeadInterval time, but they introduce other effects which are discussed later in the thesis. So, a novel approach is proposed in this thesis to reduce the link failure detection time with the help of emerging network architecture Software Defined Networking (SDN) and OpenFlow Protocol.

Implementation and Evaluation of In- Band Network Telemetry in P4

Joshi, Mandar January 2021 (has links)
As computer networks grow more complex as the number of connected devices increases, the monitoring and management of such networks also increases in complexity. Current network monitoring tools such as NetFlow, sFlow, ping, traceroute, and tcpdump prove to be both tedious and offer low accuracy when reporting the network state. With the recent emergence in programmable data plane switches, a new framework was created by the P4 Applications Working Group named In- Band Network Telemetry (INT). INT enables network programmers to obtain fine- grained telemetry information directly from the data plane without involvement from the control plane. This project implements INT in hardware Intel Tofino switches and provides a comparison between the three different INT modes of operations (INTXD, INTMX and INTMD) as defined in the framework specifications. The results show the effects of INT when implemented in the data plane, providing the ability to monitor the path a packet took through the network (switch ingress and egress ports), the hop latency, queue occupancy and queuing latency. However, INT can increase the overhead in both the packet and the bandwidth of the network, reducing application throughput. Measures to counteract this are discussed. An earlier implementation of a standalone telemetry report monitoring system was used and analysed, and it allowed for telemetry reports to be reported and visualised at a rate of up to 50 Kpps without any event detection. The results are applied to a Saab 9LV CMS network, and it is concluded that INT allows network operators to obtain a precise overview of the network state, allowing for easier network troubleshooting. / När datornätverk växer sig i komplexitet när antalet anslutna enheter ökar, metoder för övervakningen och hanteringen av sådana nätverk ökar också i komplexitet. Nuvarande nätverksövervakningsverktyg som NetFlow, sFlow, ping, traceroute och tcpdump visar sig vara både besvärliga och ger låg noggrannhet när man rapporterar nätverkstillståndet. Med den framväxten av programmerbara dataplan och programmerbara switchar skapades ett nytt ramverk av P4 Applications Working Group som heter INT. INT gör det möjligt för nätverksprogrammerare att erhålla finkornig telemetriinformation direkt från dataplanet utan inblandning från kontrollplanet. Detta projekt implementerar INT i Intel Tofino- switchar och ger en jämförelse mellan de tre olika INT- driftsätten (INTXD, INTMX och INTMD) enligt definitionen i specifikationerna. Resultaten visar effekterna av INT när det implementeras i dataplanet, inklusive möjligheten att övervaka vägen som ett paket tog genom nätverket (både ingångs- och utgångsportar på switcharna), hop- latens, köbeläggning och kö- latens. Dock kan INT öka overhead i både paketet och bandbredden i nätverket, vilket minskar applikationsgenomströmningen. Åtgärder för att motverka detta diskuteras. En tidigare implementering av ett fristående övervakningssystem för telemetrirapporter användes och analyserades, och det var möjligt att rapportera och visualisera telemetirapporter med en hastighet på upp till 50 Kpps utan någon händelsedetektering. Resultaten tillämpas på ett Saab 9LV CMS- nätverk och man drar slutsatsen att INT tillåter nätoperatörer att få en noggrann översikt över nätverkstillståndet, vilket möjliggör enklare nätverksfelsökning.

Especificación e implementación de un sistema de red definida por software con funciones virtuales adaptadas a despliegues de Internet de las cosas

Suárez de Puga García, Jara 21 March 2022 (has links)
[ES] La complejidad en la gestión de las redes de comunicación tradicionales, así como su poca escalabilidad y flexibilidad, supone un obstáculo para el desarrollo y consolidación de nuevas tecnologías emergentes como es el caso del Internet de las Cosas (Internet of Things), dónde la facilidad para el intercambio y manejo de grandes volúmenes de datos heterogéneos procedentes de sensores es un requisito clave para el correcto funcionamiento del sistema. El Internet de las Cosas se define cómo la interconexión digital de objetos cotidianos dotados de inteligencia (Smart devices) a través de redes de comunicación de datos ya sean públicas (Internet) o privadas. Sin embargo, el Internet de las Cosas no sólo está compuesto por estos dispositivos, toda la infraestructura, plataformas, aplicaciones y servicios que ayudan a los datos a viajar desde los dispositivos origen y hacia sus diferentes destinos, y la gestión de estos también forman parte del denominado Internet de las Cosas. El almacenamiento, análisis, procesado y gestión masiva de dichos datos es lo que se denomina Big Data, y está compuesto de grandes cantidades de datos (massive data) estructurados en diferentes formatos, modelos de datos y protocolos, lo que dificulta su tratamiento y su intercambio a través de las redes de datos convencionales. Ante esta problemática la implementación de redes virtuales definidas por software se presenta como una posible solución para dotar de flexibilidad, escalabilidad y sencillez de gestión a las redes que interconectan estos dispositivos, plataformas y otros elementos IoT, permitiendo una visión global, una gestión centralizada y un desarrollo de servicios a nivel de red específicos para los entornos de Internet de las Cosas. Este proyecto se presenta como una aproximación de estas dos tecnologías y tendrá como objetivo el diseño de una solución donde probar las herramientas de control de redes definidas por software o programables (SDN) y las funciones virtuales de redes (NFV) aplicadas a despliegues de Internet de las Cosas (IoT) de forma que se puedan demostrar sus ventajas e implicaciones y se puedan descubrir nuevas líneas de desarrollo sobre esta base. / [CA] La complexitat en la gestió de les xarxes de comunicació tradicionals, així com la seua poca escalabilitat i flexibilitat, suposa un obstacle per al desenvolupament i consolidació de noves tecnologies emergents com és el cas de la Internet de les Coses (Internet of Things), on la facilitat per a l'intercanvi i maneig de grans volums de dades heterogènies procedents de sensors és un requisit clau per al correcte funcionament del sistema. La Internet de les Coses es defineix com la interconnexió digital d'objectes quotidians dotats d'intel·ligència (Smart devices) a través de xarxes de comunicació de dades ja siguen públiques (Internet) o privades. No obstant això, la Internet de les Coses no sols està compost per aquests dispositius, tota la infraestructura, plataformes, aplicacions i serveis que ajuden les dades a viatjar des dels dispositius d'origen i cap a les seues diferents destinacions, i la gestió d'aquests també formen part de la denominada Internet de les Coses. L'emmagatzematge, anàlisi, processament i gestió massiva d'aquestes dades és el que es denomina Big Data, i està compost de grans quantitats de dades (massive data) estructurats en diferents formats, models de dades i protocols, la qual cosa dificulta el seu tractament i el seu intercanvi a través de les xarxes de dades convencionals. Davant aquesta problemàtica la implementació de xarxes virtuals definides per software es presenta com una possible solució per a dotar de flexibilitat, escalabilitat i senzillesa de gestió a les xarxes que interconnecten aquests dispositius, plataformes i altres elements IoT, permetent una visió global, una gestió centralitzada i un desenvolupament de serveis a nivell de xarxa específics per als entorns d'Internet de les Coses. Aquest projecte es presenta com una aproximació d'aquestes dues tecnologies i tindrà com a objectiu el disseny d'una solució on provar les eines de control de xarxes definides per software o programables (SDN) i les funcions virtuals de xarxes (NFV) aplicades a desplegaments d'Internet de les Coses (IoT) de manera que es puguen demostrar els seus avantatges i implicacions, i es puguen descobrir noves línies de desenvolupament sobre aquesta base. / [EN] Nowadays, the complexity of traditional network administration, together with the lack of scalability and flexibility, has been a challenge for the proper development and integration of new emerging technologies which make use of this network. As an example, we have the so-called Internet of Things (IoT). The principal IoT network requirement that enables the growth of this paradigm is the need to facilitate high data volume exchange and administration, from very heterogeneous sources. The IoT concept is defined as the digital interconnection of daily objects endowed with more "intelligence" (Smart devices) through a data communication network either public (Internet) or private. However, this technological trend does not only depend on the "smart devices", but on the whole infrastructure, platforms, frameworks, services, and applications that helps data to travel from the source devices to their different destinations. Also, the handling of the massive volumes of data extracted from those smart devices, their storage, processing, and analysis, known as Big Data, is a key part of this paradigm. This data is gathered from very different sources, and hence, it has diverse data structures and formats. Moreover, it is exchanged using various network protocols (LoRa, CoAp, etc.) which hinder its management and communication through conventional networks, that were not created for such data traffic. Given this problem, several technological approaches have emerged to solve it. Virtual software-defined networking is presented as a possible solution to provide flexibility, scalability, and simplicity of management to the networks that interconnect these devices, platforms, services, and other IoT elements. The virtualization of the network infrastructure, includes an extra layer of abstraction, thus providing a holistic vision of the network and centralizing the administration of its elements and the development of specific network services for IoT deployments. This project is presented as an approximation of these two technological paradigms and will have as the main objective the design of an architectural blueprint and testbed were testing the control tools of software-defined networks (SDN) and the virtualized network functions (NFV) applied to IoT deployments. Thereby, its advantages and implications can be evaluated, and new lines of development can be discovered on this base. / Suárez De Puga García, J. (2022). Especificación e implementación de un sistema de red definida por software con funciones virtuales adaptadas a despliegues de Internet de las cosas [Tesis doctoral]. Universitat Politècnica de València. https://doi.org/10.4995/Thesis/10251/181555

Renforcement de la sécurité à travers les réseaux programmables

Abou El Houda, Zakaria 09 1900 (has links)
La conception originale d’Internet n’a pas pris en compte les aspects de sécurité du réseau; l’objectif prioritaire était de faciliter le processus de communication. Par conséquent, de nombreux protocoles de l’infrastructure Internet exposent un ensemble de vulnérabilités. Ces dernières peuvent être exploitées par les attaquants afin de mener un ensemble d’attaques. Les attaques par déni de service distribué (Distributed Denial of Service ou DDoS) représentent une grande menace et l’une des attaques les plus dévastatrices causant des dommages collatéraux aux opérateurs de réseau ainsi qu’aux fournisseurs de services Internet. Les réseaux programmables, dits Software-Defined Networking (SDN), ont émergé comme un nouveau paradigme promettant de résoudre les limitations de l’architecture réseau actuelle en découplant le plan de contrôle du plan de données. D’une part, cette séparation permet un meilleur contrôle du réseau et apporte de nouvelles capacités pour mitiger les attaques par déni de service distribué. D’autre part, cette séparation introduit de nouveaux défis en matière de sécurité du plan de contrôle. L’enjeu de cette thèse est double. D’une part, étudier et explorer l’apport de SDN à la sécurité afin de concevoir des solutions efficaces qui vont mitiger plusieurs vecteurs d’attaques. D’autre part, protéger SDN contre ces attaques. À travers ce travail de recherche, nous contribuons à la mitigation des attaques par déni de service distribué sur deux niveaux (intra-domaine et inter-domaine), et nous contribuons au renforcement de l’aspect sécurité dans les réseaux programmables. / The original design of Internet did not take into consideration security aspects of the network; the priority was to facilitate the process of communication. Therefore, many of the protocols that are part of the Internet infrastructure expose a set of vulnerabilities that can be exploited by attackers to carry out a set of attacks. Distributed Denial-of-Service (DDoS) represents a big threat and one of the most devastating and destructive attacks plaguing network operators and Internet service providers (ISPs) in a stealthy way. Software defined networks (SDN), an emerging technology, promise to solve the limitations of the conventional network architecture by decoupling the control plane from the data plane. On one hand, the separation of the control plane from the data plane allows for more control over the network and brings new capabilities to deal with DDoS attacks. On the other hand, this separation introduces new challenges regarding the security of the control plane. This thesis aims to deal with various types of attacks including DDoS attacks while protecting the resources of the control plane. In this thesis, we contribute to the mitigation of both intra-domain and inter-domain DDoS attacks, and to the reinforcement of security aspects in SDN.

