Spelling suggestions: "subject:"softwaredefined betworks"" "subject:"softwaredefined conetworks""
11 |
Analysis and Visualization of OpenFlow Rule ConflictsJanuary 2016 (has links)
abstract: In traditional networks the control and data plane are highly coupled, hindering development. With Software Defined Networking (SDN), the two planes are separated, allowing innovations on either one independently of the other. Here, the control plane is formed by the applications that specify an organization's policy and the data plane contains the forwarding logic. The application sends all commands to an SDN controller which then performs the requested action on behalf of the application. Generally, the requested action is a modification to the flow tables, present in the switches, to reflect a change in the organization's policy. There are a number of ways to control the network using the SDN principles, but the most widely used approach is OpenFlow.
With the applications now having direct access to the flow table entries, it is easy to have inconsistencies arise in the flow table rules. Since the flow rules are structured similar to firewall rules, the research done in analyzing and identifying firewall rule conflicts can be adapted to work with OpenFlow rules.
The main work of this thesis is to implement flow conflict detection logic in OpenDaylight and inspect the applicability of techniques in visualizing the conflicts. A hierarchical edge-bundling technique coupled with a Reingold-Tilford tree is employed to present the relationship between the conflicting rules. Additionally, a table-driven approach is also implemented to display the details of each flow.
Both types of visualization are then tested for correctness by providing them with flows which are known to have conflicts. The conflicts were identified properly and displayed by the views. / Dissertation/Thesis / Masters Thesis Computer Science 2016
|
12 |
Improving software defined cognitive and secure networkingAhmad, I. (Ijaz) 08 June 2018 (has links)
Abstract
Traditional communication networks consist of large sets of vendor-specific manually configurable devices. These devices are hardwired with specific control logic or algorithms used for different network functions. The resulting networks comprise distributed control plane architectures that are complex in nature, difficult to integrate and operate, and are least efficient in terms of resource usage. However, the rapid increase in data traffic requires the integrated use of diverse access technologies and autonomic network operations with increased resource efficiency. Therefore, the concepts of Software Defined Networking (SDN) are proposed that decouple the network control plane from the data-forwarding plane and logically centralize the control plane. The SDN control plane can integrate a diverse set of devices, and tune them at run-time through vendor-agnostic programmable Application Programming Interfaces (APIs).
This thesis proposes software defined cognitive networking to enable intelligent use of network resources. Different radio access technologies, including cognitive radios, are integrated through a common control platform to increase the overall network performance. The architectural framework of software defined cognitive networking is presented alongside the experimental performance evaluation. Since SDN enables applications to change the network behavior and centralizes the network control plane to oversee the whole network, it is highly important to investigate SDN in terms of security. Therefore, this thesis finds the potential security vulnerabilities in SDN, studies the proposed security platforms and architectures for those vulnerabilities, and presents future directions for unresolved security vulnerabilities. Furthermore, this thesis also investigates the potential security challenges and their solutions for the enabling technologies of 5G, such as SDN, cloud technologies, and virtual network functions, and provides key insights into increasing the security of 5G networks. / Tiivistelmä
Perinteiset tietoliikenneverkot pohjautuvat usein laajoille manuaalisesti konfiguroitaville valmistajakohtaisille ratkaisuille. Niissä käytetään laitekohtaista kontrollilogiikkaa tai verkon eri toiminnallisuuksien algoritmeja. Tämän johdosta verkon hajautettu kontrollitaso muodostuu monimutkaiseksi, jota on vaikea integroida ja operoida, eikä se ole kovin joustava resurssien käytön suhteen. Tietoliikenteen määrän kasvaessa tulee entistä tärkeämmäksi integroida useita verkkoteknologioita ja autonomisia verkon toiminnallisuuksia tehokkaan resurssinhallinnan saavuttamiseksi. Ohjelmisto-ohjatut verkkoratkaisut (SDN, Software Defined Networking) tarjoavat keinon hallita erikseen verkon kontrolliliikennettä eroteltuna dataliikenteestä keskitetysti. Tämä kontrollitaso voi integroida erilaisia verkkolaitteita ja ohjata niitä ajonaikaisesti valmistajariippumattoman sovellusohjelmointirajapinnan kautta.
Tässä työssä on tutkittu älykästä ohjelmisto-ohjattavaa verkkoratkaisua, jonka avulla eri radioverkkoteknologiat (mukaan lukien konginitiiviradio) voidaan integroida yhteisen kontrollialustan kautta lisäämään verkon kokonaissuorituskykyä. Työssä esitetään kognitiivinen ohjelmisto-ohjattu verkon arkkitehtuuriratkaisu sekä sen suorituskyvyn arviointi mittauksiin pohjautuen. Koska ohjelmisto-ohjattu verkko pohjautuu koko verkon keskitettyyn kontrollilogiikkaan, on tietoturvan merkitys korostunut entisestään. Tässä työssä on sen vuoksi tutkittu juuri tällaisen verkkoratkaisun mahdollisia tietoturvauhkia sekä niiden torjumiseen soveltuvia ratkaisuvaihtoehtoja sekä esitetään tulevaisuuden kehityssuuntia vielä ratkaisemattomille uhkille. Lisäksi työssä on tutkittu laajemmin tulevien 5G verkkojen tietoturvauhkia ja niiden ratkaisuja, liittyen ohjelmisto-ohjattuihin verkkoratkaisuin, pilviteknologioihin ja virtualisoiduille verkkotoiminnallisuuksille. Työ tarjoaa myös näkemyksen siitä, miten verkon tietoturvaa voidaan kokonaisuudessaan lisätä 5G verkoissa.
|
13 |
Modelo de avaliação de redes de acesso banda larga baseadas no paradigma SDN / An evaluation model for SDN based broadband internet access networksSouza, Alexsander Silva de January 2017 (has links)
Redes definidas por software (SDN) são uma abordagem recente para o projeto e operação de redes de computadores. Este paradigma é empregado com sucesso em cenários de datacenter, no entanto redes de acesso definidas por software (SDAN) ainda são raras em operadoras de telefonia e provedores de Internet. Isso deve-se em grande parte à inexistência de uma arquitetura de referência, algo que diversos projetos tentaram suprir nos últimos anos. Independente da vertente escolhida, a opção por uma mudança tão disruptiva como o SDN precisa ser justificada. Modelos tecno-econômicos são comumente utilizados para estimar o impacto da mudança na rentabilidade da operação. O custo total de propriedade (TCO) é uma métrica utilizada para esse fim. O presente trabalho desenvolveu um modelo simplificado de comparação de arquiteturas de rede, que diferentemente dos demais, tem foco nos serviços oferecidos ao assinante e no custo de gerenciamento dos mesmos. A análise é realizada em duas dimensões. Na primeira o esforço de operar a rede é estimado através de uma análise qualitativa, de forma similar ao realizado por outros modelos. O segundo eixo é a quantidade de recursos exigida para provisionar e monitorar cada serviço. Essa estimativa é gerada através do uso de simulação de tempo discreto dos elementos e protocolos relevantes. A combinação das duas análises permite identificar as tendências de comportamento dos serviços geradas pela adoção de uma nova arquitetura de rede, e avaliar a conveniência dessa migração. O uso de simulação neste trabalho demandou a construção de modelos dos equipamentos e protocolos envolvidos. Elegeu-se o pacote NS-3 como ferramenta de simulação. Definir e implementar modelos para todos os serviços analisados poderia tornar-se tão oneroso quanto as técnicas que desejávamos suplantar, e por isso utilizou-se uma abordagem indireta. São simulados apenas os componentes essenciais, e os custos de cada serviço são inferidos a partir deles. O modelo de rede SDAN utilizado, denominado SDCN, é inspirado no SplitArchitecture, proposto pelo projeto SPARC. / Software defined networks are a novel approach to design and operation of computer networks. Although this paradigm is employed successfully in many data-centers and campus, software defined access networks (SDAN) are still in their infancy. Carriers and ISPs have not converged on a standard architecture to build their infrastructure upon, a problem many initiatives are trying to solve. Regardless of the chosen model, the option for such a disruptive change as SDN needs to be justified. Techno-economic models are commonly used to estimate the impact of a change in the operation. The Total Cost of Ownership (TCO) is a metric commonly used for this purpose. The present work developed a simplified evaluation model for network architectures, which focuses on the services offered to the subscriber and on the cost of managing them. The analysis is performed in two dimensions. In the first, the effort to operate the network is estimated through a qualitative analysis, similar to the one performed by other existing models. The second axis is the amount of resources required to provision and monitor each service. This estimation is produced through the use of discrete time simulation of selected elements and protocols. The combination of the analyzes allows us to identify the behavioral trends provoked by the adoption of a new network architecture, and to evaluate the convenience of such migration. The simulation in this work demanded models for the equipment and protocols involved. The package NS-3 was the chosen simulation tool. Defining and implementing models for all services analyzed could become as costly as the techniques we wish to overcome, so an indirect approach has been used. Only the essential components are simulated, and the costs of each service are inferred from them. The SDAN model evaluated in this work, called SDCN, is a simplification of the SplitArchitecture proposed by the SPARC project.
|
14 |
Avoiding control plane partition in software defined networks through cellular networks : assessin opportunities and linitattions / Evitando a partição do plano de controle de redes definidas por software através de redes celulares : avaliando a oportunidade e limitaçõesPetry, Tobias Brignol January 2015 (has links)
Redes Definidas por Software ajudam a simplificar a programabilidade da rede ao desacoplar o plano de controle dos dispositivos de encaminhamento, e implementá-lo em um controlador logicamente centralizado. Apesar de permitir uma separação de conceitos mais clara, essa característica cria também uma relação de dependência entre controlador e dispositivos. Falhas no plano de controle prejudicam a visibilidade do estado da rede no controlador e podem tornar a rede inutilizável caso os dispositivos de encaminhamento sejam isolados. A relevância deste problema motivou uma série de propostas, incluindo a distribuição física de instâncias de controle e a delegação de tarefas aos dispositivos de encaminhamento. Esta dissertação contém a proposta e a avaliação de uma arquitetura que usa redes celulares de dados (4G) como enlaces reservas para o plano de controle. Nenhum trabalho anterior explorou esta ideia, apesar da pesquisa recente envolvendo Redes Definidas por Software e redes sem fio. A avaliação experimental permite uma melhor compreensão ao responder três perguntas: (i) Como o comportamento do tráfego do plano de controle é afetado pelas características de enlaces celulares, (ii) quão rapidamente o plano de controle é migrado para o enlace reserva quando uma falha ocorre e (iii) como funções de rede que dependem do estado da rede em um instante se comportam em tal arquitetura. Apesar da já esperada maior latência dos enlaces celulares, esta arquitetura mantém o funcionamento parcial de tarefas que dependem de visão global da rede quando falhas ocorrem nos enlaces primários, de maneira simples e com custo acessível. O grau de manutenção de tais tarefas é diretamente relacionado com sua dependência da rapidez de reação do plano de controle a eventos de rede. O principal benefício de prevenir a partição do plano de controle é a manutenção de uma visão global consistente da rede. / Software Defined Networks simplify network programmability by detaching the control plane from forwarding devices and deploying it into a logically centralized controller. While this allows a clearer separation of concerns, it also creates a dependency between them. Failures in the control plane break the controller view of the network state and could render the network unusable if forwarding devices cannot be reached. The relevance of this problem has led to a range of proposals, including physical distribution of controller instances and delegation of concerns to forwarding devices. This dissertation features the proposal and evaluation of an architecture that leverages cellular data networks (4G) as control plane backup links. No previous work has explored this idea, despite the recent research intersecting SDN and wireless networks. The experimental evaluation provides insights towards answering three research questions: (i) How is the behavior of control plane traffic affected by the characteristics of cellular links, (ii) how quickly is the control plane handed over to the backup link when a failure occurs and (iii) how well do network functions that rely on a snapshot of the network state behave on such an architecture. Despite the expected higher latency of cellular links, this architecture maintains partial functionality of tasks that depend on global network awareness when failures occur in primary control links in a simple, affordable fashion. The degree to which the functionality of these tasks is maintained is directly related to its dependency on the timeliness of control plane reaction to network events. The main benefit of preventing control plane partition is to maintain a consistent global view of the network.
|
15 |
Avoiding control plane partition in software defined networks through cellular networks : assessin opportunities and linitattions / Evitando a partição do plano de controle de redes definidas por software através de redes celulares : avaliando a oportunidade e limitaçõesPetry, Tobias Brignol January 2015 (has links)
Redes Definidas por Software ajudam a simplificar a programabilidade da rede ao desacoplar o plano de controle dos dispositivos de encaminhamento, e implementá-lo em um controlador logicamente centralizado. Apesar de permitir uma separação de conceitos mais clara, essa característica cria também uma relação de dependência entre controlador e dispositivos. Falhas no plano de controle prejudicam a visibilidade do estado da rede no controlador e podem tornar a rede inutilizável caso os dispositivos de encaminhamento sejam isolados. A relevância deste problema motivou uma série de propostas, incluindo a distribuição física de instâncias de controle e a delegação de tarefas aos dispositivos de encaminhamento. Esta dissertação contém a proposta e a avaliação de uma arquitetura que usa redes celulares de dados (4G) como enlaces reservas para o plano de controle. Nenhum trabalho anterior explorou esta ideia, apesar da pesquisa recente envolvendo Redes Definidas por Software e redes sem fio. A avaliação experimental permite uma melhor compreensão ao responder três perguntas: (i) Como o comportamento do tráfego do plano de controle é afetado pelas características de enlaces celulares, (ii) quão rapidamente o plano de controle é migrado para o enlace reserva quando uma falha ocorre e (iii) como funções de rede que dependem do estado da rede em um instante se comportam em tal arquitetura. Apesar da já esperada maior latência dos enlaces celulares, esta arquitetura mantém o funcionamento parcial de tarefas que dependem de visão global da rede quando falhas ocorrem nos enlaces primários, de maneira simples e com custo acessível. O grau de manutenção de tais tarefas é diretamente relacionado com sua dependência da rapidez de reação do plano de controle a eventos de rede. O principal benefício de prevenir a partição do plano de controle é a manutenção de uma visão global consistente da rede. / Software Defined Networks simplify network programmability by detaching the control plane from forwarding devices and deploying it into a logically centralized controller. While this allows a clearer separation of concerns, it also creates a dependency between them. Failures in the control plane break the controller view of the network state and could render the network unusable if forwarding devices cannot be reached. The relevance of this problem has led to a range of proposals, including physical distribution of controller instances and delegation of concerns to forwarding devices. This dissertation features the proposal and evaluation of an architecture that leverages cellular data networks (4G) as control plane backup links. No previous work has explored this idea, despite the recent research intersecting SDN and wireless networks. The experimental evaluation provides insights towards answering three research questions: (i) How is the behavior of control plane traffic affected by the characteristics of cellular links, (ii) how quickly is the control plane handed over to the backup link when a failure occurs and (iii) how well do network functions that rely on a snapshot of the network state behave on such an architecture. Despite the expected higher latency of cellular links, this architecture maintains partial functionality of tasks that depend on global network awareness when failures occur in primary control links in a simple, affordable fashion. The degree to which the functionality of these tasks is maintained is directly related to its dependency on the timeliness of control plane reaction to network events. The main benefit of preventing control plane partition is to maintain a consistent global view of the network.
|
16 |
An SDN Assisted Framework for Mobile Ad-hoc CloudsBalasubramanian, Venkatraman January 2017 (has links)
Over a period of time, it has been studied that a mobile “edge-cloud” formed by hand-held devices could be a productive resource entity for providing a service in the mobile cloud landscape. The ease of access to a pool of devices is much more arbitrary and based purely on the needs of the user. This pool can act as a provider of an infrastructure for various services that can be processed with volunteer node participation, where the node in the vicinity is itself a service provider. This representation of cloud formation to engender a constellation of devices in turn providing a service is the basis for the concept of Mobile Ad-hoc Cloud Computing. In this thesis, an architecture is designed for providing an Infrastructure as a service in Mobile Ad-hoc Cloud Computing. The performance evaluation reveals the gain in execution time while offloading to the mobile ad-hoc cloud.
Further, this novel architecture enables discovering a dedicated pool of volunteer devices for computation. An optimized task scheduling algorithm is proposed that provides a coordinated resource allocation. However, failure to maintain the service between heterogeneous networks shows the inability of the present day networks to adapt to frequent changes in a network. Thus, owing to the heavy dependence on the centralized mobile network, the service related issues in a mobile ad-hoc cloud needs to be addressed. As a result, using the principles of Software Defined Networking (SDN), a disruption tolerant Mobile Ad-hoc Cloud framework is proposed. To evaluate this framework a comprehensive case study is provided in this work that shows a round trip time improvement using an SDN controller.
|
17 |
One Pass Packet Steering (OPPS) for Multi-Subscriber Software Defined Networking EnvironmentsChukwu, Julian January 2017 (has links)
In this thesis, we address the problem of service function chaining in a network. Currently, problems of chaining services in a network (i.e. service function chaining) can be broadly categorised into middlebox placement in a network and packet steering through middleboxes.
In this work, we present a packet steering approach - One Pass Packet Steering (OPPS) - for use in multi-subscriber environments, with the aim that subscribers having similar policy chain composition should experience the same network performance. We develop and show algorithms with a proof of concept implementation using emulations performed with Mininet. We identify challenges and examine how OPPS could benefit from the Software Defined Data Center architecture to overcome these challenges.
Our results show that, given a fixed topology and different sets of policy chains containing the same middleboxes, the end-to-end delay and throughput performance of subscribers using similar policy chains remains approximately the same. Also, we show how OPPS can use a smaller number of middleboxes and yet, achieve the same hop count as that of a reference model described in a previous work as ideal, without violating the subscribers' policy chains.
|
18 |
Toward Improving the Internet of Things: Quality of Service and Fault Tolerance PerspectivesAlaslani, Maha S. 13 April 2021 (has links)
The Internet of Things (IoT) is a technology aimed at developing a global network of machines and devices that can interact and communicate with each other. Supporting IoT, therefore, requires revisiting the Internet’s best effort service model and reviewing its complex communication patterns.
In this dissertation, we explore the unique characteristics of IoT traffic and examine IoT systems. Our work is motivated by the new capabilities offered by modern Software Defined Networks (SDN) and blockchain technology. We evaluate IoT Quality of Service (QoS) in traditional networking. We obtain mathematical expressions to calculate end-to-end delay, and dropping. Our results provide insight into the advantages of an intelligent edge serving as a detection mechanism.
Subsequently, we propose SADIQ, SDN-based Application-aware Dynamic Internet of things QoS. SADIQ provides context-driven QoS for IoT applications by allowing applications to express their requirements using a high-level SQL-like policy language. Our results show that SADIQ improves the percentage of regions with an error in their reported temperature for the Weather Signal application up to 45 times; and it improves the percentage of incorrect parking statuses for regions with high occupancy for the Smart Parking application up to 30 times under the same network conditions and drop rates.
Despite centralization and the control of data, IoT systems are not safe from cyber-crime, privacy issues, and security breaches. Therefore, we explore blockchain technology. In the context of IoT, Byzantine fault tolerance-based consensus protocols are used. However, the blockchain consensus layer contributes to the most remarkable performance overhead especially for IoT applications subject to maximum delay constraints. In order to capture the unique requirements of the IoT, consensus mechanisms and block formation need to be redesigned. To this end, we propose Synopsis, a novel hierarchical blockchain system. Synopsis introduces a wireless-optimized Byzantine chain replication protocol and a new probabilistic data structure. The results show that Synopsis successfully reduces the memory footprint from Megabytes to a few Kilobytes with an improvement of 1000 times. Synopsis also enables reductions in message complexity and commitment delay of 85% and 99.4%, respectively
|
19 |
Prostředí pro monitorování a správu VoIP s využitím technologie OnePK / VoIP Traffic Monitoring and Management in OnePK Enabled NetworksAntolík, Dávid January 2015 (has links)
The main goal of this master's thesis is to apprise of principles of Cisco One Platform Kit based on software defined networks and with monitoring techniques in that type of networks. The focus is concentrated on monitoring the quality of Voice over IP communication. Next part of this thesis is a proposal and implementation of the extensible monitoring environment OneMon on the Cisco One Platform Kit. It is possible to extend OneMon environment using specific analyzers to monitor various types of network traffic. The part of this master's thesis is also implementation of VoIP traffic analyzer for SIP and RTP protocols. This analyzer provides information about phone calls and their quality in a monitored segment of a computer network.
|
20 |
Réseaux pilotés par logiciels efficaces en énergie / Energy efficient software defined networksHuin, Nicolas 28 September 2017 (has links)
Au cours des dernières années, la croissance des architectures de réseaux de télécommunication a rapidement augmenté pour suivre un trafic en plein essor. En outre, leur consommation d'énergie est devenue un enjeu Important, tant pour son impact économique qu'écologique. De multiples approches ont été proposées pour la réduire. Dans cette thèse, nous nous concentrons sur l'approche Energy Aware Routing (EAR) qui consiste à fournir un routage valide tout en diminuant le nombre d'équipements réseau actifs. Cependant, les réseaux actuels ne sont pas adaptés au déploiement de politiques vertes globales en raison de leur gestion distribuée et de la nature fermée des périphériques réseau actuels. Les paradigmes de Software Defined Network (SDN) et de Network Function Virtualization (NFV) promettent de faciliter le déploiement de politiques vertes. En effet, le premier sépare le plan de contrôle et de données et offre donc une gestion centralisée du réseau. Le second propose de découpler le logiciel et le matériel des fonctions réseau et permet une plus grande flexibilité dans la création et la gestion des services réseau. Dans cette thèse, nous nous concentrons sur les défis posés par ces paradigmes pour le déploiement de politiques EAR. Nous consacrons les deux premières parties aux SDNs. Nous étudions d'abord les contraintes de taille de table de routage causées par la complexité accrue des règles, puis le déploiement progressif de périphériques SDN dans un réseau actuel. Nous concentrons notre attention sur NFV dans la dernière partie, et plus particulièrement nous étudions les chaines de fonctions de services. / In the recent years, the growth of the architecture of telecommunication networks has been quickly increasing to keep up with a booming traffic. Moreover, the energy consumption of these infrastructures is becoming a growing issue, both for its economic and ecological impact. Multiple approaches were proposed to reduce the networks' power consumption such as decreasing the number of active elements. Indeed, networks are designed to handle high traffic, e.g., during the day, but are over-provisioned during the night. In this thesis, we focus on disabling links and routers inside the network while keeping a valid routing. This approach is known as Energy Aware Routing (EAR). However current networks are not adapted to support the deployment of network-wide green policies due to their distributed management and the black-box nature of current network devices. The SDN and NFV paradigms bear the promise of bringing green policies to reality. The first one decouples the control and data plane and thus enable a centralized control of the network. The second one proposes to decouple the software and hardware of network functions and allows more flexibility in the creation and management of network services. In this thesis, we focus on the challenges brought by these two paradigms for the deployment of EAR policies. We dedicated the first two parts to the SDN paradigm. We first study the forwarding table size constraints due to an Increased complexity of rules. We then study the progressive deployment of SDN devices alongside legacy ones. We focus our attention on the NFV paradigm in the last part, and more particularly, we study the Service Function Chaining problem.
|
Page generated in 0.1448 seconds