High Quality of Service in SDN : Bandwidth gurantee with QoS

Andersson, Emma, Bröhne, Johan

January 2017

Video streaming through IP networks has risen rapidly over the recent years, and will continue to do so over the coming years. In addition to this, new technologies such as Virtual Reality and robotics will lead to many new applications that will put high pressure on the networks. To combat these challenges, networks need to be application sensitive, and be able to provide Quality of Service (QoS) based on requirement. Network paradigms like Software Defined Networking (SDN) enables the network to be directly programmable, and could thus solve the challenge. In this thesis, the objective is to research if SDN can provide High QoS. Methods are developed to achieve High QoS with SDN. A combination of Differentiated Services Code Point (DSCP) values and DSCP remarking with Meters are used enable High QoS and together they can give bandwidth guarantee. As a result of the thesis, a solid theoretical method is provided for achieving QoS, tests are performed and show that QoS can be implemented in SDN, but it is unable to implement High QoS due to the lack of implementation for Meters with DSCP remarking.

QoS

Quality of Service

SDN

Software Definied Networking

DSCP

DiffServ

OpenFlow

Communication Systems

Kommunikationssystem

AETOS: An Architecture for Offloading Core LTE Traffic Using Software Defined Networking Concepts

Nasim, Kamraan

January 2016

It goes without saying that cellular users of today have an insatiable appetite for bandwidth and data. Data-intensive applications, such as video on demand, online gaming and video conferencing, have gained prominence. This, coupled with recent innovations in the mobile network such as LTE/4G, poses a unique challenge to network operators in how to extract the most value from their deployments all the while reducing their Total Cost of Operations(TCO). To this end, a number of enhancements have been proposed to the ”conventional” LTE mobile network. Most of these recognize the monolithic and non-elastic nature of the mobile backend and propose complimenting core functionality with concepts borrowed from Software Defined Networking (SDN). In this thesis we shall attempt to explore some existing options within the LTE standard to mitigate large traffic churns. We will then review some SDN-enabled alternatives, and attempt to derive a proof based critique on their merits and drawbacks.

SDN

LTE

EPC

Openflow

mobile networks

deep packet inspection

network applications

The Latency Effects of Utilizing a Microservice Architecture in a Time-Critical System

Hölscher, Anton

January 2021

This study aims to examine the effects of transforming a monolithic server system into a microservice architecture, focusing on the increased latency introduced by using a microservice orchestrator. The microservice orchestrator was implemented using an OpenFlow switch controlled by the Beacon and Ryu OpenFlow controllers. These controllers, along with the round robin, random assign and a server-aware load balancing algorithm, were all compared in order to find the combination resulting in the lowest latency and highest achieved server balance in varying network environments. We show that the OpenFlow switch enforces a client-aware load balancing policy and that only the initial request is handled by the controller, effectively reducing the importance of choosing the optimal OpenFlow controller. In addition, the round robin load balancer was preferred when dealing with homogeneous requests, and a server-aware load balancer was required for heterogeneous requests. For most requests, the system would only slow down by a few microseconds using the proposed architecture. However, for 0.001\% of all requests, the slowdown was much more significant, with each of those requests being at least 100 times slower than when using a monolithic server architecture.

Microservices

Software Defined Networking

SDN

Latency

OpenFlow

Mininet

Ruy

Beacon

Computer Sciences

Datavetenskap (datalogi)

Zákonné odposlechy v SDN / Lawful Interception in Software Defined Networks

Franková, Barbora

January 2015

This thesis covers utilization of software defined networks for lawful interception purposes. Based on specific implementation of lawful interception system SLIS developed by Sec6Net group, suggests improvements aiming at more precise identification of intercepted users and better effectivity of system resources. First aim is achieved by implementation of a new module for dynamic identification component while the other one alters configuration mechanism for probes and OpenFlow switches.

SDN řízené pomocí identity uživatelů / SDN Controlled According to User Identity

Holkovič, Martin

January 2015

The aim of this work is to connect dynamic identity management system developed under the project Sec6Net with a control of SDN network. The controller Pyretic is used for network control, which allows application development by using the match-action rules. Interface between the identity management system and controller Pyretic is designed and implemented in both systems. To prove the concept, selected use cases related to security, routing and accounting are created. The use cases are implemented as applications for Pyretic controller. All programs were tested in networking laboratory according to the possibilities. The main contribution of this work is to simplify and improve the management of computer networks while providing new capabilities to administrators of these networks and ultimately their users.

Vývoj aplikací pro softwarově definované sítě / Applications Development for Software Defined Networks

Piska, Vojtěch

January 2016

In this diploma thesis is described new network architecture also known as software defined networks. In first part of work are explained and described tasks of individual architecture layers. Work includes discussion about advantages and disadvantages of these networks. In next part is described OpenFlow protocol which allows to controller communicate with underlying hardware devices. Last part contains proposal of laboratory excercises which demonstrate SDN technology.

Dynamic allocation of resources using machine learning and quantile regression by harnessing the power of software defined networks

Alutaibi, Ahmed

02 May 2022

In the last decade, data networks have shifted from the static deployment of resources to a dynamic approach. With the help of Software Defined Networks (SDN) and Network Function Visualization (NFV), information and data about the network can be collected. Also, deployment and allocation of resources can be delegated to a central controller. In this thesis we investigate the power of SDN and how central management of resources can help produce better and efficient data networks. It begins with an introduction to SDN and its capabilities. The added benefits of SDN over traditional network frameworks and topics that SDN contributed most to. We show the power of collecting data using SDN and how it enables different approaches to accomplish the needed task. This was facilitated by the programmability and the separation of the control and data planes. We tackle the simple task of measuring the delay between two communicating devices in the network. The results show that SDN is capable of providing a rich infrastructure to build future networks. Also, it illustrates that using SDN to measure the delay between devices in the network can give accurate results. The differences between the tested techniques is shown and evaluated. After collecting the data from the network, the next step is getting an insight on that data. Next we used collected network bandwidth data to predict future bandwidth usage. We used various prediction models to establish prediction intervals. We created a state of the art metric that evaluates and compares the performance of each model. We show that the network bandwidth is highly predictable and that dynamic allocation of network bandwidth is attainable. The next logical step is to act upon those insight which is investigated next. We establish the same prediction models investigated but instead of prediction intervals we establish upper quantiles. Prediction is done on data center resources data set. The results show that using quantile prediction can give guarantees on resources usage boundaries which implies a guarantee on service level agreements. Allocating just the needed resources, produce a more efficient data center and in turn cuts a lot of the needed energy. Our estimate show that upto 56% of power can be saved without violating the service level agreement. / Graduate

Software Defined Networks

Prediction

Machine Learning

Openflow

Resource Allocation

Quality of Service

Nouvelle génération de contrôleur d'accès réseau : une approche par réseaux logiciels / New generation of network access controller : an SDN approach

Villain, Benjamin

09 October 2015

Cette thèse démontre l'importance des informations réseau inter-couche pour les applications réseaux. Cette dissertation présente une nouvelle architecture de contrôle d'accès dans laquelle le contrôleur est mutualisé dans le Cloud. Cette architecture permet d'adresser un marché clé pour des clients ne pouvant acheter du matériel spécialisé. Plusieurs verrous techniques ont du être résolus pour pouvoir implémenter cette architecture, en effet les informations du réseau privé ne sont plus disponible au niveau du contrôleur ce qui l'empêche de correctement contrôler l'activité des utilisateurs. Une première implémentation est présentée dans le chapitre 2, elle utilise des équipements spécialisés capable d'interagir avec le contrôleur centralisé. Cette implémentation comportant des faiblesses, nous nous sommes intéressés à une approche par réseaux logiciels. Une solution innovante pour partager des informations inter-couche à l'extérieur d'un réseau SDN est présentée dans le chapitre 3. Elle permet d'intercepter et de modifier des flux de données utilisateurs à la volée afin de transmettre des informations à l'intérieur de la couche applicative. Cette solution a été implémentée dans le contrôleur OpenDaylight et montre des résultats très encourageants. Couplée au contrôleur centralisé, cette solution permet de fournir une solution complète de contrôle d'accès réseau qui est simple à déployer et configurer et extensible aisément. / This thesis presents the importance of cross-layer network information for network applications in the context of network access control. The dissertation exposes a novel architecture in which a network access controller is mutualized in the Cloud. This architecture allows to address a key market segment for clients unwilling to buy expensive hardware to control their network. Multiple challenges come into play when hosting the controller remotely. Indeed cross-layer information are no longer available which prevents the controller from correctly controlling users activity. A first implementation to share cross-layer information is presented in chapter 2. It leverages specialized session border controllers to send these data in the application protocol, here HTTP. Then chapter 3 presents an innovative solution for the cross-layering problem which allows to intrumentalize network flows with SDN protocols. The solution focuses on a web portal redirection but is extendable to any kind of protocols. The implementation permits to intercept and modify flows in order to input cross-layer data within another network protocol. This solution was implemented in the OpenDaylight OpenFlow controller and shows great results. The mutualized approach coupled with the SDN cross-layer framework allow to build flexible networks with almost no configuration of on-site equipments. The central network controller reduces the overal cost of the solution by being mutualized among multiple clients. Moreover, having the ability to intrumentalize network traffic in software allows to implement any kind of custom behavior on the runtime.

Contrôle d'accès réseau

SDN

Cloud

TCP

Interception protocolaire

OpenFlow

SDN

Cloud

Net acces control

004.6

Isolation réseau dans un environnement Cloud Public/Hybride / Network Isolation in a Public/Hybrid cloud environment

Del Piccolo, Valentin

23 May 2017

Le cloud computing est un modèle informatique donnant accès à un grand nombre de ressources de calcul et de stockage. Trois types de cloud existent, le cloud public, le cloud privé et le cloud hybride. Afin de proposer une solution cloud hybride, nous utilisons le protocole TRILL qui permet d'optimiser l'utilisation des ressources réseau d'une infrastructure. Cependant, TRILL ne permet pas d'interconnecter des data centers sans perdre l'indépendance de leur plan de contrôle. Pour modifier ce comportement, lequel implique la création d'un unique domaine de broadcast s'étendant sur tout le réseau, nous proposons, comme première contribution, une solution (MLTP) qui permet d'interconnecter des réseaux TRILL tout en les maintenant indépendants. Un autre élément manquant de TRILL est l'isolation des flux réseau. Notre seconde contribution consiste donc à trouver et implémenter une solution d'isolation des flux au sein de MLTP. Ce nouveau protocole (MLTP+VNT), permet d'avoir une solution de cloud hybride, mais elle possède deux désavantages. Le premier est la gestion des pannes. Certains éléments de MLTP+VNT, les Border RBridges (BRB), contiennent des informations nécessaires au routage inter-data center et lorsqu'ils tombent en panne, ces informations sont perdues. Pour éviter cela, nous avons, dans notre troisième contribution, modifié MLTP+VNT pour synchroniser les BRBs. Le second est l'obligation de n'utiliser que des réseaux MLTP+VNT pour réaliser un cloud hybride. Pour lever cette restriction, nous avons, dans notre quatrième contribution, conçu une passerelle entre un réseau TRILL, pour le cloud public, et un réseau OpenFlow, pour le cloud privé. / Cloud computing uses infrastructure with a lot of computing and storage resources. There are three types of cloud: Public cloud, Private cloud, and Hybrid cloud. In order to provide a hybrid cloud solution, we used as a base the TRILL protocol which optimizes the use of the data center infrastructure. However, TRILL cannot interconnect data centers as doing so will merge the data centers networks and each data center will lose its independence. Our first contribution is to change this behavior and we develop MLTP which allows to interconnect TRILL or MLTP network without merging them. Another functionality missing from TRILL is network isolation. To fill this lack, in our second proposal we add to MLTP a solution called VNT and we then have a new protocol called MLTP+VNT. In this protocol, each user traffic is isolated from one another. Therefore, MLTP+VNT allows to have a hybrid cloud environment. Nevertheless, it has two shortcomings. The first one is its “single” point of failure. As a matter of fact, MLTP+VNT uses a new type of nodes called Border RBridges which contains inter-data centers routing information. If a Border RBridge fails, then the information it contained is lost. In order to prevent this loss, we implement a method to synchronize the Border RBridges in our third contribution. The second shortcoming is the obligation to use MLTP+VNT in each network to form the hybrid cloud. To lift this limitation, we design and develop, in our fourth contribution, a bridge between a MLTP+VNT network and an OpenFlow network. This way, our solution allows to create a hybrid cloud environment with the MLTP+VNT solution in the public cloud and OpenFlow in the public cloud.

Architecture réseau

Isolation réseau

Cloud computing

Trill

Mltp

OpenFlow

Hybrid cloud

Network isolation

Cloud computing

004

Stability and Robustness of Control Planes in OpenFlow Networks / OpenFlowネットワークにおけるコントロールプレーンの安定性と頑健性

Kotani, Daisuke

23 March 2016

Chapter 4 of this thesis is a minor revision of the work published in "Daisuke Kotani and Yasuo Okabe, Fast Failure Detection of OpenFlow Channels, The 11th Asian Internet Engineering Conference (AINTEC 2015), pp.32-39, November 2015. http://dx.doi.org/10.1145/2837030.2837035" © ACM 2015. / 京都大学 / 0048 / 新制・課程博士 / 博士(情報学) / 甲第19847号 / 情博第598号 / 新制||情||104(附属図書館) / 32883 / 京都大学大学院情報学研究科知能情報学専攻 / (主査)教授 岡部 寿男, 教授 美濃 導彦, 教授 喜多 一 / 学位規則第4条第1項該当 / Doctor of Informatics / Kyoto University / DFAM

OpenFlow

Stability

Robustness

Control Plane

Multicast

Failure Detection

Packet Filter

007