381 resultados para SDN, mininet, openflow, reti
Resumo:
Questo documento affronta le novità ed i vantaggi introdotti nel mondo delle reti di telecomunicazioni dai paradigmi di Software Defined Networking e Network Functions Virtualization, affrontandone prima gli aspetti teorici, per poi applicarne i concetti nella pratica, tramite casi di studio gradualmente più complessi. Tali innovazioni rappresentano un'evoluzione dell'architettura delle reti predisposte alla presenza di più utenti connessi alle risorse da esse offerte, trovando quindi applicazione soprattutto nell'emergente ambiente di Cloud Computing e realizzando in questo modo reti altamente dinamiche e programmabili, tramite la virtualizzazione dei servizi di rete richiesti per l'ottimizzazione dell'utilizzo di risorse. Motivo di tale lavoro è la ricerca di soluzioni ai problemi di staticità e dipendenza, dai fornitori dei nodi intermedi, della rete Internet, i maggiori ostacoli per lo sviluppo delle architetture Cloud. L'obiettivo principale dello studio presentato in questo documento è quello di valutare l'effettiva convenienza dell'applicazione di tali paradigmi nella creazione di reti, controllando in questo modo che le promesse di aumento di autonomia e dinamismo vengano rispettate. Tale scopo viene perseguito attraverso l'implementazione di entrambi i paradigmi SDN e NFV nelle sperimentazioni effettuate sulle reti di livello L2 ed L3 del modello OSI. Il risultato ottenuto da tali casi di studio è infine un'interessante conferma dei vantaggi presentati durante lo studio teorico delle innovazioni in analisi, rendendo esse una possibile soluzione futura alle problematiche attuali delle reti.
Resumo:
Le reti devono essere in grado di gestire i modelli di traffico generati dalle nuove applicazioni, per questo si sta concentrando un interesse senza precedenti nella storia di Internet parlando di Software Defined Networking (SDN), un nuovo modo di concepire le reti. SDN è un paradigma che permette di dividere il piano di controllo dal piano dati consentendo il controllo della rete da un dispositivo unico centralizzato,il controller. In questa tesi abbiamo voluto esaminare due specifici casi di studio, affinché si dimostri come SDN possa fornire il miglior supporto per risolvere il problema delle architetture tradizionali, e uno strumento utile per progettare SDN. Per primo viene analizzato Procera, utilizzato nelle reti domestiche e nelle reti campus per dimostrare che, grazie ad esso, è possibile ridurre la complessità di un’intera rete. Poi è stato visto AgNos, un’architettura basata su azioni svolte da agenti rappresentando così un ottimo strumento di lavoro sia perché gli agenti sono implementati nei controller di rete e sia perché AgNos ha la peculiarità di fornire all’utente (o al sistema) un livello stabile di concretezza. Inoltre sono stati analizzati due problemi comuni su Internet: 1.la mitigazione degli attacchi Ddos, dove i domini SDN collaborano per filtrare i pacchetti dalla fonte per evitare l’esaurimento delle risorse 2.l’attuazione di un meccanismo di prevenzione per risolvere il problema dell’attacco Dos nella fase iniziale rendendo l’aggressione più facile da gestire. L’ultimo argomento trattato è il sistema Mininet, ottimo strumento di lavoro in quanto permette di emulare topologie di rete in cui fanno parte host, switch e controller, creati utilizzando il software. Rappresenta un ottimo strumento per implementare reti SDN ed è molto utile per lo sviluppo, l'insegnamento e la ricerca grazie alla sua peculiarità di essere open source.
Resumo:
The substantial increase in the number of applications offered through the computer networks, as well as in the volume of traffic forwarded through the network, have hampered to assure adequate service level to users. The Quality of Service (QoS) offer, honoring specified parameters in Service Level Agreements (SLA), established between the service providers and their clients, composes a traditional and extensive computer networks’ research area. Several schemes proposals for the provision of QoS were presented in the last three decades, but the acting scope of these proposals is always limited due to some factors, including the limited development of the network hardware and software, generally belonging to a single manufacturer. The advent of Software Defined Networking (SDN), along with the maturation of its main materialization, the OpenFlow protocol, allowed the decoupling between network hardware and software, through an architecture which provides a control plane and a data plane. This eases the computer networks scenario, allowing that new abstractions are applied in the hardware composing the data plane, through the development of new software pieces which are executed in the control plane. This dissertation investigates the QoS offer through the use and extension of the SDN architecture. Based on the proposal of two new modules, one to perform the data plane monitoring, SDNMon, and the second, MP-ROUTING, developed to determine the use of multiple paths in the forwarding of data referring to a flow, we demonstrated in this work that some QoS metrics specified in the SLAs, such as bandwidth, can be honored. Both modules were implemented and evaluated through a prototype. The evaluation results referring to several aspects of both proposed modules are presented in this dissertation, showing the obtained accuracy of the monitoring module SDNMon and the QoS gains due to the utilization of multiple paths defined by the MP-Routing, when forwarding data flow through the SDN.
Resumo:
The identification of subject-specific traits extracted from patterns of brain activity still represents an important challenge. The need to detect distinctive brain features, which is relevant for biometric and brain computer interface systems, has been also emphasized in monitoring the effect of clinical treatments and in evaluating the progression of brain disorders. Graph theory and network science tools have revealed fundamental mechanisms of functional brain organization in resting-state M/EEG analysis. Nevertheless, it is still not clearly understood how several methodological aspects may bias the topology of the reconstructed functional networks. In this context, the literature shows inconsistency in the chosen length of the selected epochs, impeding a meaningful comparison between results from different studies. In this study we propose an approach which aims to investigate the existence of a distinctive functional core (sub-network) using an unbiased reconstruction of network topology. Brain signals from a public and freely available EEG dataset were analyzed using a phase synchronization based measure, minimum spanning tree and k-core decomposition. The analysis was performed for each classical brain rhythm separately. Furthermore, we aim to provide a network approach insensitive to the effects that epoch length has on functional connectivity (FC) and network reconstruction. Two different measures, the phase lag index (PLI) and the Amplitude Envelope Correlation (AEC), were applied to EEG resting-state recordings for a group of eighteen healthy volunteers. Weighted clustering coefficient (CCw), weighted characteristic path length (Lw) and minimum spanning tree (MST) parameters were computed to evaluate the network topology. The analysis was performed on both scalp and source-space data. Results about distinctive functional core, show highest classification rates from k-core decomposition in gamma (EER=0.130, AUC=0.943) and high beta (EER=0.172, AUC=0.905) frequency bands. Results from scalp analysis concerning the influence of epoch length, show a decrease in both mean PLI and AEC values with an increase in epoch length, with a tendency to stabilize at a length of 12 seconds for PLI and 6 seconds for AEC. Moreover, CCw and Lw show very similar behaviour, with metrics based on AEC more reliable in terms of stability. In general, MST parameters stabilize at short epoch lengths, particularly for MSTs based on PLI (1-6 seconds versus 4-8 seconds for AEC). At the source-level the results were even more reliable, with stability already at 1 second duration for PLI-based MSTs. Our results confirm that EEG analysis may represent an effective tool to identify subject-specific characteristics that may be of great impact for several bioengineering applications. Regarding epoch length, the present work suggests that both PLI and AEC depend on epoch length and that this has an impact on the reconstructed network topology, particularly at the scalp-level. Source-level MST topology is less sensitive to differences in epoch length, therefore enabling the comparison of brain network topology between different studies.
Resumo:
Cloud services are exploding, and organizations are converging their data centers in order to take advantage of the predictability, continuity, and quality of service delivered by virtualization technologies. In parallel, energy-efficient and high-security networking is of increasing importance. Network operators, and service and product providers require a new network solution to efficiently tackle the increasing demands of this changing network landscape. Software-defined networking has emerged as an efficient network technology capable of supporting the dynamic nature of future network functions and intelligent applications while lowering operating costs through simplified hardware, software, and management. In this article, the question of how to achieve a successful carrier grade network with software-defined networking is raised. Specific focus is placed on the challenges of network performance, scalability, security, and interoperability with the proposal of potential solution directions.
Resumo:
One of the core properties of Software Defined Networking (SDN) is the ability for third parties to develop network applications. This introduces increased potential for innovation in networking from performance-enhanced to energy-efficient designs. In SDN, the application connects with the network via the SDN controller. A specific concern relating to this communication channel is whether an application can be trusted or not. For example, what information about the network state is gathered by the application? Is this information necessary for the application to execute or is it gathered for malicious intent? In this paper we present an approach to secure the northbound interface by introducing a permissions system that ensures that controller operations are available to trusted applications only. Implementation of this permissions system with our Operation Checkpoint adds negligible overhead and illustrates successful defense against unauthorized control function access attempts.
Resumo:
The pull of Software-Defined Networking (SDN) is magnetic. There are few in the networking community who have escaped its impact. As the benefits of network visibility and network device programmability are discussed, the question could be asked as to who exactly will benefit? Will it be the network operator or will it, in fact, be the network intruder? As SDN devices and systems hit the market, security in SDN must be raised on the agenda. This paper presents a comprehensive survey of the research relating to security in software-defined networking that has been carried out to date. Both the security enhancements to be derived from using the SDN framework and the security challenges introduced by the framework are discussed. By categorizing the existing work, a set of conclusions and proposals for future research directions are presented.
Resumo:
The scale of the Software-Defined Network (SDN) Controller design problem has become apparent with the expansion of SDN deployments. Initial SDN deployments were small-scale, single controller environments for research and usecase testing. Today, enterprise deployments requiring multiple controllers are gathering momentum e.g. Google’s backbone network, Microsoft’s public cloud, and NTT’s edge gateway. Third-party applications are also becoming available e.g. HP SDN App Store. The increase in components and interfaces for the evolved SDN implementation increases the security challenges of the SDN controller design. In this work, the requirements of a secure, robust, and resilient SDN controller are identified, stateof-the-art open-source SDN controllers are analyzed with respect to the security of their design, and recommendations for security improvements are provided. This contribution highlights the gap between the potential security solutions for SDN controllers and the actual security level of current controller designs.
Resumo:
Network management tools must be able to monitor and analyze traffic flowing through network systems. According to the OpenFlow protocol applied in Software-Defined Networking (SDN), packets are classified into flows that are searched in flow tables. Further actions, such as packet forwarding, modification, and redirection to a group table, are made in the flow table with respect to the search results. A novel hardware solution for SDN-enabled packet classification is presented in this paper. The proposed scheme is focused on a label-based search method, achieving high flexibility in memory usage. The implemented hardware architecture provides optimal lookup performance by configuring the search algorithm and by performing fast incremental update as programmed the software controller.
Resumo:
A Internet atual vem sofrendo vários problemas em termos de escalabilidade, desempenho, mobilidade, etc., devido ao vertiginoso incremento no número de usuários e o surgimento de novos serviços com novas demandas, propiciando assim o nascimento da Internet do Futuro. Novas propostas sobre redes orientadas a conteúdo, como a arquitetura Entidade Titulo (ETArch), proveem novos serviços para este tipo de cenários, implementados sobre o paradigma de redes definidas por software. Contudo, o modelo de transporte do ETArch é equivalente ao modelo best-effort da Internet atual, e vem limitando a confiabilidade das suas comunicações. Neste trabalho, ETArch é redesenhado seguindo o paradigma do sobreaprovisionamento de recursos para conseguir uma alocação de recursos avançada integrada com OpenFlow. Como resultado, o framework SMART (Suporte de Sessões Móveis com Alta Demanda de Recursos de Transporte), permite que a rede defina semanticamente os requisitos qualitativos das sessões para assim gerenciar o controle de Qualidade de Serviço visando manter a melhor Qualidade de Experiência possível. A avaliação do planos de dados e de controle teve lugar na plataforma de testes na ilha do projeto OFELIA, mostrando o suporte de aplicações móveis multimídia com alta demanda de recursos de transporte com QoS e QoE garantidos através de um esquema de sinalização restrito em comparação com o ETArch legado
Resumo:
Incluye Bibliografía
Resumo:
Per rispondere ai quiz e utilizzare la posta elettronica
