Spelling suggestions: "subject:"softwaredefined betworks"" "subject:"softwaredefined conetworks""
1 |
Enhancing capabilities of the network data plane using network virtualization and software defined networkingAnwer, Muhammad Bilal 07 January 2016 (has links)
Enhancement of network data-plane functionality is an open problem that has recently
gained momentum. Addition and programmability of new functions inside the network
data-plane to enable high speed, complex network functions with minimum resource
utilization, is main focus of this thesis. In this work, we look at
different levels of the network data-plane design and using network
virtualization and software defined networking we propose data-plane
enhancements to achieve these goals. This thesis is divided into two parts, in first part we take a ground up approach where
we focus our attention at the fast path packet processing. Using hardware and software based network virtualization
we show how hardware and software based network switches can be designed to achieve
above mentioned goals. We then present a switch design to quickly add these
custom fast path packet processors to the network data-plane using software defined networking.
In second part of this thesis we take a top to bottom approach where
we present a programming abstraction for network operators and a network function deployment system for this programming abstraction.
We use network virtualization and software defined networking to introduce new functions inside the network data-plane
while alleviating the network operators of the
deployment details and minimizing the network resource utilization.
|
2 |
libfluid: a lightweight OpenFlow framework / libfluid: a lightweight OpenFlow frameworkVidal, Allan 08 April 2015 (has links)
Made available in DSpace on 2016-06-02T19:07:11Z (GMT). No. of bitstreams: 1
VIDAL_Allan_2015.pdf: 1070441 bytes, checksum: fc9fafb0854ce0973a039837066393af (MD5)
Previous issue date: 2015-04-08 / Redes-definidas por software (SDN) introduzem um paradigma de controle de redes que é centralizado em um software controlador, que se comunica com dispositivos de rede através de protocolos padronizados para configurar suas políticas de encaminhamento. Implementações existentes de protocolos SDN (como OpenFlow) são geralmente construídas para uma plataforma de controlador ou dispositivo de rede e restringem escolhas como linguagem de programação, versões do protocolo a serem usadas e características suportadas. Uma arquitetura de software que permita controladores e dispositivos de rede usarem o protocolo OpenFlow (em versões existentes e futuras) pode beneficiar desenvolvedores de aplicações de redes e fabricantes, reduzindo o esforço de de desenvolvimento. Para este fim, apresentamos libfluid: um arcabouço leve (simples e minimalista) para adicionar suporte a OpenFlow onde ele for necessário. Construímos uma única base de código para implementar suporte ao protocolo de maneira portável, rápida e fácil de usar, um desafio que envolve escolhas de tecnologia, decisões arquiteturais e a definição de uma API mínimalística. A implementação foi testada com sucesso em todos os cenários propostos e contribui com o estado da arte através de alguns novos paradigmas para arcabouços OpenFlow. / Software-defined networking (SDN) introduces a network control paradigm that is centered in controller software that communicates with networking devices via standardized protocols in order to configure their forwarding behavior. Current SDN control protocol implementations (such as OpenFlow) are usually built for one controller or networking device platform, and restrict choices regarding programming languages, protocol versions and feature. A single software architecture that enables controllers and networking devices to use the OpenFlow protocol (for existing and future protocol versions) can benefit network application developers and manufacturers, reducing development effort. Towards this goal, we present libfluid: a lightweight (simple and minimalistic) framework for adding OpenFlow support wherever it is needed. We built a single code base for implementing protocol support in a portable, fast and easy to use manner, a challenge that involved technology choices, architectural decisions and the definition of a minimal API. The implementation was shown to work in all proposed scenarios and contributes to the state-of-the-art with a few novel paradigms for OpenFlow frameworks.
|
3 |
Leveraging Software-Defined Networking and Virtualization for a One-to-One Client-Server ModelTaylor, Curtis R 30 April 2014 (has links)
Modern computer networks allow server resources to be shared. While this multiplexing is the unsung hero of scalability and performance, the fact that clients are sharing resources and each client’s network traffic is transmitted in a larger pool of the total network traffic, poses distinct challenges for security. By adopting multiplexing so broadly, the networking and systems communities have implicitly favored performance over security. When servers multiplexing clients are compromised, the attack is able to spread by exploiting unsuspecting clients sharing the resource. Drive-by-downloads are an example of an attack where a Web server is compromised and begins distributing malware to connecting clients. As a result of using today’s many-to-one client-server network model, current approaches are inadequate at protecting the network and its resources. We propose a redesign of the modern network infrastructure. Our approach involves moving from the current many-to-one client-server model to a one-to-one client-server model. In redesigning the network, we provide a means of better accountability for traffic between clients and servers. With accountability, we enable the ability to quickly determine which client is responsible for an attack. This allows us to quickly repair the affected entities. To accomplish this accountability, we separate each client’s communication into separate flows. A flow is identified by various network features, such as IP addresses and ports. Further, instead of allowing multiple clients to be multiplexed at the same server, we use a technique that allows each client to communicate with a server that is logically separate from all other clients. Accordingly, a server compromise only effects a single client. We create a one-to-one client-server model using virtualization techniques and OpenFlow, a software-defined network (SDN) protocol. We complete our model in three phases. In the first, we deploy a physical SDN using physical machines and a commodity network switch that supports OpenFlow to gain an initial understanding of SDNs. The next phase involves implementation of Choreographer, a DNS access control mechanism, in a virtualized SDN environment for better scalability over our physical configuration. Finally, we leverage Choreographer to dynamically instantiate a server for each client and create network flows that allow a client to reach the requested server.
|
4 |
Modelo de avaliação de redes de acesso banda larga baseadas no paradigma SDN / An evaluation model for SDN based broadband internet access networksSouza, Alexsander Silva de January 2017 (has links)
Redes definidas por software (SDN) são uma abordagem recente para o projeto e operação de redes de computadores. Este paradigma é empregado com sucesso em cenários de datacenter, no entanto redes de acesso definidas por software (SDAN) ainda são raras em operadoras de telefonia e provedores de Internet. Isso deve-se em grande parte à inexistência de uma arquitetura de referência, algo que diversos projetos tentaram suprir nos últimos anos. Independente da vertente escolhida, a opção por uma mudança tão disruptiva como o SDN precisa ser justificada. Modelos tecno-econômicos são comumente utilizados para estimar o impacto da mudança na rentabilidade da operação. O custo total de propriedade (TCO) é uma métrica utilizada para esse fim. O presente trabalho desenvolveu um modelo simplificado de comparação de arquiteturas de rede, que diferentemente dos demais, tem foco nos serviços oferecidos ao assinante e no custo de gerenciamento dos mesmos. A análise é realizada em duas dimensões. Na primeira o esforço de operar a rede é estimado através de uma análise qualitativa, de forma similar ao realizado por outros modelos. O segundo eixo é a quantidade de recursos exigida para provisionar e monitorar cada serviço. Essa estimativa é gerada através do uso de simulação de tempo discreto dos elementos e protocolos relevantes. A combinação das duas análises permite identificar as tendências de comportamento dos serviços geradas pela adoção de uma nova arquitetura de rede, e avaliar a conveniência dessa migração. O uso de simulação neste trabalho demandou a construção de modelos dos equipamentos e protocolos envolvidos. Elegeu-se o pacote NS-3 como ferramenta de simulação. Definir e implementar modelos para todos os serviços analisados poderia tornar-se tão oneroso quanto as técnicas que desejávamos suplantar, e por isso utilizou-se uma abordagem indireta. São simulados apenas os componentes essenciais, e os custos de cada serviço são inferidos a partir deles. O modelo de rede SDAN utilizado, denominado SDCN, é inspirado no SplitArchitecture, proposto pelo projeto SPARC. / Software defined networks are a novel approach to design and operation of computer networks. Although this paradigm is employed successfully in many data-centers and campus, software defined access networks (SDAN) are still in their infancy. Carriers and ISPs have not converged on a standard architecture to build their infrastructure upon, a problem many initiatives are trying to solve. Regardless of the chosen model, the option for such a disruptive change as SDN needs to be justified. Techno-economic models are commonly used to estimate the impact of a change in the operation. The Total Cost of Ownership (TCO) is a metric commonly used for this purpose. The present work developed a simplified evaluation model for network architectures, which focuses on the services offered to the subscriber and on the cost of managing them. The analysis is performed in two dimensions. In the first, the effort to operate the network is estimated through a qualitative analysis, similar to the one performed by other existing models. The second axis is the amount of resources required to provision and monitor each service. This estimation is produced through the use of discrete time simulation of selected elements and protocols. The combination of the analyzes allows us to identify the behavioral trends provoked by the adoption of a new network architecture, and to evaluate the convenience of such migration. The simulation in this work demanded models for the equipment and protocols involved. The package NS-3 was the chosen simulation tool. Defining and implementing models for all services analyzed could become as costly as the techniques we wish to overcome, so an indirect approach has been used. Only the essential components are simulated, and the costs of each service are inferred from them. The SDAN model evaluated in this work, called SDCN, is a simplification of the SplitArchitecture proposed by the SPARC project.
|
5 |
Evaluation of power consumption and trade-offs in 5G mobile communications networksAlhumaima, Raad January 2017 (has links)
In this thesis, components and parameters based power models (PMs) are produced to measure the power consumption (PC) of cloud radio access network (CRAN) architecture. In components PM, the power figure of each component within C-RAN is evaluated. After, this model is parametrised such that the computation complexity of each component is converted to a straightforward, but accurate method, called parameterised PM. This model compares cooling and total PC of traditional LTE architecture with C-RAN. This comparison considered different parameters such as, utilised bandwidth, number of antenna, base band units (BBUs) and remote radio heads (RRHs). This model draws about 33% reduction in power. Next, this PC model is updated to serve and exhibit the cost of integrating software defined networks (SDNs) with C-RAN. Alongside, modelling the power cost of the control plane units in the core network (CN), such as serving gateway (SGW), packet gateway (PGW) and mobility management entity (MME). Although there is power cost, the proposed model shows the directions to mitigate it. Consequently, a simplified PM is proposed for virtualisation based C-RAN. In this model, the power cost of server virtualisation by hosting several virtual machines (VMs) is shown, in a time and cost effective way. The total reduction in the PC was about 75%, due to short-cutting the number of active servers in the network. Alongside, the latency cost due to such technique is modelled. Finally, to enable efficient virtualisation technology, live migrating the VMs amongst the servers is vital. However, this advantageous situation is concurrent with VM's migration time and power cost. Therefore, a model is proposed to calculate the power cost of VM's live migration, and shows the effect of such decision upon the total PC of the network/C-RAN. The proposed work converts the complexity of other proposed PMs, to a simplified and costless method. Concurrently, the time cost is added to the imposed virtualisation's time cost to formulate the total delay expected prior to these techniques' execution.
|
6 |
Migração de redes tradicionais para SDN / Migration of traditional networks to SDNBarbosa, Renan Rodrigo 12 December 2018 (has links)
Redes Definidas por Software são baseadas em características como separação entre plano de dados e plano de controle, programabilidade e monitoramento dos dispositivos, além de capacidade para teste e experimentação de novos protocolos. Embora boa parte dos conceitos dessas redes tenham sido propostos há mais de vinte e cinco anos, apenas recentemente houve um aumento no interesse pelo tópico. Esse aumento se deve principalmente ao maior poder computacional dos dispositivos e pelo surgimento do protocolo OpenFlow, proposto por um time de pesquisadores de Stanford em 2008 e considerado hoje em dia um padrão para a tecnologia. Embora o tema tenha nascido na academia, a indústria tem abraçado os conceitos e diversos fabricantes têm desenvolvido seus equipamentos com suporte ao OpenFlow. As vantagens trazidas com o OpenFlow como a pa- dronização do protocolo de comunicação entre os planos, capacidade de programação e coleta de métricas e suporte a criação de regras pró-ativas e reativas, por exemplo, fazem com que a migração de uma rede tradicional para esse novo paradigma se torne atraente. Entretanto, tal migração não é trivial. É necessário um planejamento prévio com análise dos riscos e benefícios, precisa haver acompanhamento de cada etapa da execução e validação posterior dos resultados apresentados pela rede migrada. Esta dissertação de mestrado apresenta um estudo sobre migração de tecnologias e protocolos de redes com foco na migração específica de redes tradicionais para SDN, utilizando o OpenFlow como protocolo. É apresentado um mecanismo que é capaz de analisar as configurações dos dispositivos da rede legada e convertê-las para regras de um controlador OpenFlow, possibi- litando a simulação de serviços e funcionalidades e facilitando as primeiras etapas da migração. Experimentos em ambiente de simulação mostram que uma SDN gerenciada pelo controlador confi- gurado com as regras dadas pelo mecanismo tem funcionamento equivalente àquele da rede original, não-SDN, de onde essa configuração foi extraída. / Software Defined Networks are based in characteristics such as detachment between the network data and control planes, network programmability and monitoring of the devices, as well as the ability to test and experiment new protocols. Although much of the concepts of these networks have been proposed more than twenty-five years ago, only recently has there been an interest increase for the topic. This increase is mainly due to the greater computing power of the devices and the emergence of the OpenFlow protocol, proposed by a team of Stanford researchers in 2008 and considered a standard for technology today. Although the theme was born in academia, the industry has embraced the concepts and several manufacturers have developed their equipment with OpenFlow support. The advantages of OpenFlow, such as the standardization of the communication protocol between planes, the ability to program and collect metrics, and the support for the creation of proactive and reactive rules, for example, mean that migration from a traditional network to new paradigm becomes attractive. However, such migration is not trivial. Prior planning is required with risk and benefit analysis, there must be monitoring of each stage of the execution and subsequent validation of the results presented by the migrated network. This dissertation presents a study on the migration of network technologies and protocols with focus on the specific migration of traditional networks to SDN, using OpenFlow as protocol. A mechanism is presented that is able to analyze the legacy network device settings and convert them to OpenFlow controller rules, enabling the simulation of services and features and facilitating the first steps of the migration. Experiments in the simulation environment show that a controller-managed SDN configured with the rules given by the mechanism has equivalent functionality to that of the original, non-SDN network from which this configuration was extracted from.
|
7 |
Utilizing a Game Theoretical Approach to Prevent Collusion and Incentivize Cooperation in Cybersecurity ContextsUnknown Date (has links)
In this research, a new reputation-based model is utilized to disincentivize collusion
of defenders and attackers in Software Defined Networks (SDN), and also, to disincentivize
dishonest mining strategies in Blockchain. In the context of SDN, the model uses the
reputation values assigned to each entity to disincentivize collusion with an attacker. Our
analysis shows that not-colluding actions become Nash Equilibrium using the reputationbased
model within a repeated game setting. In the context of Blockchain and mining,
we illustrate that by using the same socio-rational model, miners not only are incentivized
to conduct honest mining but also disincentivized to commit to any malicious activities
against other mining pools. We therefore show that honest mining strategies become Nash
Equilibrium in our setting.
This thesis is laid out in the following manner. In chapter 2 an introduction to
game theory is provided followed by a survey of previous works in game theoretic network
security, in chapter 3 a new reputation-based model is introduced to be used within the
context of a Software Defined Network (SDN), in chapter 4 a reputation-based solution
concept is introduced to force cooperation by each mining entity in Blockchain, and finally,
in chapter 5, the concluding remarks and future works are presented. / Includes bibliography. / Thesis (M.S.)--Florida Atlantic University, 2017. / FAU Electronic Theses and Dissertations Collection
|
8 |
Avoiding control plane partition in software defined networks through cellular networks : assessin opportunities and linitattions / Evitando a partição do plano de controle de redes definidas por software através de redes celulares : avaliando a oportunidade e limitaçõesPetry, Tobias Brignol January 2015 (has links)
Redes Definidas por Software ajudam a simplificar a programabilidade da rede ao desacoplar o plano de controle dos dispositivos de encaminhamento, e implementá-lo em um controlador logicamente centralizado. Apesar de permitir uma separação de conceitos mais clara, essa característica cria também uma relação de dependência entre controlador e dispositivos. Falhas no plano de controle prejudicam a visibilidade do estado da rede no controlador e podem tornar a rede inutilizável caso os dispositivos de encaminhamento sejam isolados. A relevância deste problema motivou uma série de propostas, incluindo a distribuição física de instâncias de controle e a delegação de tarefas aos dispositivos de encaminhamento. Esta dissertação contém a proposta e a avaliação de uma arquitetura que usa redes celulares de dados (4G) como enlaces reservas para o plano de controle. Nenhum trabalho anterior explorou esta ideia, apesar da pesquisa recente envolvendo Redes Definidas por Software e redes sem fio. A avaliação experimental permite uma melhor compreensão ao responder três perguntas: (i) Como o comportamento do tráfego do plano de controle é afetado pelas características de enlaces celulares, (ii) quão rapidamente o plano de controle é migrado para o enlace reserva quando uma falha ocorre e (iii) como funções de rede que dependem do estado da rede em um instante se comportam em tal arquitetura. Apesar da já esperada maior latência dos enlaces celulares, esta arquitetura mantém o funcionamento parcial de tarefas que dependem de visão global da rede quando falhas ocorrem nos enlaces primários, de maneira simples e com custo acessível. O grau de manutenção de tais tarefas é diretamente relacionado com sua dependência da rapidez de reação do plano de controle a eventos de rede. O principal benefício de prevenir a partição do plano de controle é a manutenção de uma visão global consistente da rede. / Software Defined Networks simplify network programmability by detaching the control plane from forwarding devices and deploying it into a logically centralized controller. While this allows a clearer separation of concerns, it also creates a dependency between them. Failures in the control plane break the controller view of the network state and could render the network unusable if forwarding devices cannot be reached. The relevance of this problem has led to a range of proposals, including physical distribution of controller instances and delegation of concerns to forwarding devices. This dissertation features the proposal and evaluation of an architecture that leverages cellular data networks (4G) as control plane backup links. No previous work has explored this idea, despite the recent research intersecting SDN and wireless networks. The experimental evaluation provides insights towards answering three research questions: (i) How is the behavior of control plane traffic affected by the characteristics of cellular links, (ii) how quickly is the control plane handed over to the backup link when a failure occurs and (iii) how well do network functions that rely on a snapshot of the network state behave on such an architecture. Despite the expected higher latency of cellular links, this architecture maintains partial functionality of tasks that depend on global network awareness when failures occur in primary control links in a simple, affordable fashion. The degree to which the functionality of these tasks is maintained is directly related to its dependency on the timeliness of control plane reaction to network events. The main benefit of preventing control plane partition is to maintain a consistent global view of the network.
|
9 |
Modelo de avaliação de redes de acesso banda larga baseadas no paradigma SDN / An evaluation model for SDN based broadband internet access networksSouza, Alexsander Silva de January 2017 (has links)
Redes definidas por software (SDN) são uma abordagem recente para o projeto e operação de redes de computadores. Este paradigma é empregado com sucesso em cenários de datacenter, no entanto redes de acesso definidas por software (SDAN) ainda são raras em operadoras de telefonia e provedores de Internet. Isso deve-se em grande parte à inexistência de uma arquitetura de referência, algo que diversos projetos tentaram suprir nos últimos anos. Independente da vertente escolhida, a opção por uma mudança tão disruptiva como o SDN precisa ser justificada. Modelos tecno-econômicos são comumente utilizados para estimar o impacto da mudança na rentabilidade da operação. O custo total de propriedade (TCO) é uma métrica utilizada para esse fim. O presente trabalho desenvolveu um modelo simplificado de comparação de arquiteturas de rede, que diferentemente dos demais, tem foco nos serviços oferecidos ao assinante e no custo de gerenciamento dos mesmos. A análise é realizada em duas dimensões. Na primeira o esforço de operar a rede é estimado através de uma análise qualitativa, de forma similar ao realizado por outros modelos. O segundo eixo é a quantidade de recursos exigida para provisionar e monitorar cada serviço. Essa estimativa é gerada através do uso de simulação de tempo discreto dos elementos e protocolos relevantes. A combinação das duas análises permite identificar as tendências de comportamento dos serviços geradas pela adoção de uma nova arquitetura de rede, e avaliar a conveniência dessa migração. O uso de simulação neste trabalho demandou a construção de modelos dos equipamentos e protocolos envolvidos. Elegeu-se o pacote NS-3 como ferramenta de simulação. Definir e implementar modelos para todos os serviços analisados poderia tornar-se tão oneroso quanto as técnicas que desejávamos suplantar, e por isso utilizou-se uma abordagem indireta. São simulados apenas os componentes essenciais, e os custos de cada serviço são inferidos a partir deles. O modelo de rede SDAN utilizado, denominado SDCN, é inspirado no SplitArchitecture, proposto pelo projeto SPARC. / Software defined networks are a novel approach to design and operation of computer networks. Although this paradigm is employed successfully in many data-centers and campus, software defined access networks (SDAN) are still in their infancy. Carriers and ISPs have not converged on a standard architecture to build their infrastructure upon, a problem many initiatives are trying to solve. Regardless of the chosen model, the option for such a disruptive change as SDN needs to be justified. Techno-economic models are commonly used to estimate the impact of a change in the operation. The Total Cost of Ownership (TCO) is a metric commonly used for this purpose. The present work developed a simplified evaluation model for network architectures, which focuses on the services offered to the subscriber and on the cost of managing them. The analysis is performed in two dimensions. In the first, the effort to operate the network is estimated through a qualitative analysis, similar to the one performed by other existing models. The second axis is the amount of resources required to provision and monitor each service. This estimation is produced through the use of discrete time simulation of selected elements and protocols. The combination of the analyzes allows us to identify the behavioral trends provoked by the adoption of a new network architecture, and to evaluate the convenience of such migration. The simulation in this work demanded models for the equipment and protocols involved. The package NS-3 was the chosen simulation tool. Defining and implementing models for all services analyzed could become as costly as the techniques we wish to overcome, so an indirect approach has been used. Only the essential components are simulated, and the costs of each service are inferred from them. The SDAN model evaluated in this work, called SDCN, is a simplification of the SplitArchitecture proposed by the SPARC project.
|
10 |
Comparing a Commercial and an SDN-Based Load Balancer in a Campus NetworkJanuary 2015 (has links)
abstract: Commercial load balancers are often in use, and the production network at Arizona State University (ASU) is no exception. However, because the load balancer uses IP addresses, the solution does not apply to all applications. One such application is Rsyslog. This software processes syslog packets and stores them in files. The loss rate of incoming log packets is high due to the incoming rate of the data. The Rsyslog servers are overwhelmed by the continuous data stream. To solve this problem a software defined networking (SDN) based load balancer is designed to perform a transport-level load balancing over the incoming load to Rsyslog servers. In this solution the load is forwarded to one Rsyslog server at a time, according to one of a Round-Robin, Random, or Load-Based policy. This gives time to other servers to process the data they have received and prevent them from being overwhelmed. The evaluation of the proposed solution is conducted a physical testbed with the same data feed as the commercial solution. The results suggest that the SDN-based load balancer is competitive with the commercial load balancer. Replacing the software OpenFlow switch with a hardware switch is likely to further improve the results. / Dissertation/Thesis / Masters Thesis Computer Science 2015
|
Page generated in 0.0454 seconds