Openflow e software-defined networking: l'evoluzione della rete programmabile

Il paradigma “Software-Defined Networking” (SDN) ha suscitato recentemente interesse grazie allo sviluppo e all'implementazione di uno standard tecnologico come OpenFlow. Con il modello SDN viene proposta una rete programmabile tramite la separazione dell’unità di controllo e l'unità di instradamento, rendendo quindi i nodi di rete (come ad es. router o switch) esclusivamente hardware che inoltra pacchetti di dati secondo le regole dettate dal controller. OpenFlow rappresenta lo standard dominante nella tecnologia SDN in grado di far comunicare l'unità controller e l'hardware di uno o più nodi di rete. L'utilizzo di OpenFlow consente maggiore dinamicità e agevolazione nella personalizzazione della rete attraverso un'interfaccia utente, includendo svariate funzioni quali la modifica e l’automatizzazione delle regole di instradamento, la creazione di una rete virtuale dotata di nodi logici o la possibilità di monitorare il traffico accrescendo la sicurezza della propria rete.

OpenFlow Multi-Table Lookup Architecture for Multi-Gigabit Software Defined Networking (SDN)

The proposed multi-table lookup architecture provides SDN-based, high-performance packet classification in an OpenFlow v1.1+ SDN switch. The objective of the demonstration is to show the functionality of the architecture deployed on the NetFPGA SUME Platform.

Rassegna su software-defined networking e openflow

Questa tesi è una rassegna sul tema del Software-Defined Networking (SDN):un paradigma emergente nel campo delle reti di calcolatori che consente di controllare, tramite un software centralizzato a livello logico, il comportamento dell’intera rete. In particolore è stato approfondito il protocollo OpenFlow ovvero l'interfaccia aperta e standardizzata per la comunicazione tra piano di controllo e piano di inoltro che è divenuto uno standard “de facto” nell'ambito della tecnologia SDN.

Software Defined Networking: tre casi d'uso

Le reti devono essere in grado di gestire i modelli di traffico generati dalle nuove applicazioni, per questo si sta concentrando un interesse senza precedenti nella storia di Internet parlando di Software Defined Networking (SDN), un nuovo modo di concepire le reti. SDN è un paradigma che permette di dividere il piano di controllo dal piano dati consentendo il controllo della rete da un dispositivo unico centralizzato,il controller. In questa tesi abbiamo voluto esaminare due specifici casi di studio, affinché si dimostri come SDN possa fornire il miglior supporto per risolvere il problema delle architetture tradizionali, e uno strumento utile per progettare SDN. Per primo viene analizzato Procera, utilizzato nelle reti domestiche e nelle reti campus per dimostrare che, grazie ad esso, è possibile ridurre la complessità di un’intera rete. Poi è stato visto AgNos, un’architettura basata su azioni svolte da agenti rappresentando così un ottimo strumento di lavoro sia perché gli agenti sono implementati nei controller di rete e sia perché AgNos ha la peculiarità di fornire all’utente (o al sistema) un livello stabile di concretezza. Inoltre sono stati analizzati due problemi comuni su Internet: 1.la mitigazione degli attacchi Ddos, dove i domini SDN collaborano per filtrare i pacchetti dalla fonte per evitare l’esaurimento delle risorse 2.l’attuazione di un meccanismo di prevenzione per risolvere il problema dell’attacco Dos nella fase iniziale rendendo l’aggressione più facile da gestire. L’ultimo argomento trattato è il sistema Mininet, ottimo strumento di lavoro in quanto permette di emulare topologie di rete in cui fanno parte host, switch e controller, creati utilizzando il software. Rappresenta un ottimo strumento per implementare reti SDN ed è molto utile per lo sviluppo, l'insegnamento e la ricerca grazie alla sua peculiarità di essere open source.

A Configurable Packet Classification Architecture for Software-Defined Networking

Network management tools must be able to monitor and analyze traffic flowing through network systems. According to the OpenFlow protocol applied in Software-Defined Networking (SDN), packets are classified into flows that are searched in flow tables. Further actions, such as packet forwarding, modification, and redirection to a group table, are made in the flow table with respect to the search results. A novel hardware solution for SDN-enabled packet classification is presented in this paper. The proposed scheme is focused on a label-based search method, achieving high flexibility in memory usage. The implemented hardware architecture provides optimal lookup performance by configuring the search algorithm and by performing fast incremental update as programmed the software controller.

Optimized Packet Classification for Software-Defined Networking

Recent trends, such as Software-Defined Networking (SDN), introduce programmability to the network with the opportunity to dynamically route traffic based on flow descriptions. Packet header lookup is the first phase in this process. In this paper, we illustrate improved header lookup and flow rule update speeds over conventional lookup algorithms. This is achieved by performing individual packet header field searches and combining the search results. We propose that individual algorithms should be selected for packet classification based on the application requirements. Improving the network processing performance with our configurable solution will directly support the proposed capability of programmability in SDN.

Software-Defined Networking: lo standard Openflow

Questo elaborato è una rassegna riguardante il Software-Defined Networking ed in particolare il protocollo OpenFlow.

Enhancing quality of service in software-defined networks

Resource management is of paramount importance in network scenarios and it is a long-standing and still open issue. Unfortunately, while technology and innovation continue to evolve, our network infrastructure system has been maintained almost in the same shape for decades and this phenomenon is known as “Internet ossification”. Software-Defined Networking (SDN) is an emerging paradigm in computer networking that allows a logically centralized software program to control the behavior of an entire network. This is done by decoupling the network control logic from the underlying physical routers and switches that forward traffic to the selected destination. One mechanism that allows the control plane to communicate with the data plane is OpenFlow. The network operators could write high-level control programs that specify the behavior of an entire network. Moreover, the centralized control makes it possible to define more specific and complex tasks that could involve many network functionalities, e.g., security, resource management and control, into a single framework. Nowadays, the explosive growth of real time applications that require stringent Quality of Service (QoS) guarantees, brings the network programmers to design network protocols that deliver certain performance guarantees. This thesis exploits the use of SDN in conjunction with OpenFlow to manage differentiating network services with an high QoS. Initially, we define a QoS Management and Orchestration architecture that allows us to manage the network in a modular way. Then, we provide a seamless integration between the architecture and the standard SDN paradigm following the separation between the control and data planes. This work is a first step towards the deployment of our proposal in the University of California, Los Angeles (UCLA) campus network with differentiating services and stringent QoS requirements. We also plan to exploit our solution to manage the handoff between different network technologies, e.g., Wi-Fi and WiMAX. Indeed, the model can be run with different parameters, depending on the communication protocol and can provide optimal results to be implemented on the campus network.

A Survey of Security in Software Defined Networks

The proposition of increased innovation in network applications and reduced cost for network operators has won over the networking world to the vision of Software-Defined Networking (SDN). With the excitement of holistic visibility across the network and the ability to program network devices, developers have rushed to present a range of new SDN-compliant hardware, software and services. However, amidst this frenzy of activity, one key element has only recently entered the debate: Network Security. In this article, security in SDN is surveyed presenting both the research community and industry advances in this area. The challenges to securing the network from the persistent attacker are discussed and the holistic approach to the security architecture that is required for SDN is described. Future research directions that will be key to providing network security in SDN are identified.

Software Defined Networks: alcuni casi di studio

In questo elaborato si descrive l'emergente approccio alle reti, il Software Defined Network, ed i suoi benefici. Successivamente viene preso in considerazione un importante componente di questa nuova architettura: il protocollo OpenFlow; si spiega che cos'è e si elencano i benefici che può apportare ad un'architettura SDN a sostegno di questi vengono mostrati quattro differenti casi d'uso di OF, comparati poi ad altri scenari equivalenti che non usano questo protocollo. Infine si è pensato ad alcuni possibili studi e sviluppi circa quest'architettura.

The Future of the Next-Generation Internet and Possible Applications into Education and Culture Heritage

There are several initiatives such as: US Ignite, Software Defined Networking (SDN), OpenFlow, Global Environment for Network Innovation (GENI), WiMAX and Internet 2 dealing with the future of the internet. The goal of the paper is to understand the goals, intricacies, and nuances of some of these techniques and show some of the possibilities of next-generation high-speed networking and their applications into education and culture heritage.

Are We Ready for SDN? Implementation Challenges for Software-Defined Networks

Cloud services are exploding, and organizations are converging their data centers in order to take advantage of the predictability, continuity, and quality of service delivered by virtualization technologies. In parallel, energy-efficient and high-security networking is of increasing importance. Network operators, and service and product providers require a new network solution to efficiently tackle the increasing demands of this changing network landscape. Software-defined networking has emerged as an efficient network technology capable of supporting the dynamic nature of future network functions and intelligent applications while lowering operating costs through simplified hardware, software, and management. In this article, the question of how to achieve a successful carrier grade network with software-defined networking is raised. Specific focus is placed on the challenges of network performance, scalability, security, and interoperability with the proposal of potential solution directions.

Diseño e implementación de una herramienta de visualización para análisis en tiempo real de redes SDN/OpenFlow

Las Redes Definidas por Software (Software Defined Networking) permiten la monitorización y el control centralizado de la red, de forma que los administradores pueden tener una visión real y completa de la misma. El análisis y visualización de los diferentes parámetros obtenidos representan la forma más viable y práctica de programar la red en función de las necesidades del usuario. Por este motivo, en este proyecto se desarrolla una arquitectura modular cuyo objetivo es presentar en tiempo real la información que se monitoriza en una red SDN. En primera instancia, las diferentes métricas monitorizadas (error, retardo y tasa de datos) son almacenadas en una base de datos, para que en una etapa posterior se realice el análisis de dichas métricas. Finalmente, los resultados obtenidos, tanto de métricas en tiempo real como de los datos estadísticos, son presentados en una aplicación web. La información es obtenida a través de la interfaz REST que expone el controlador Floodlight y para el análisis de la información se plantea una comparación entre los valores medios y máximos del conjunto de datos. Los resultados obtenidos muestran gráficamente de forma clara y precisa las diferentes métricas de monitorización. Además, debido al carácter modular de la arquitectura, se ofrece un valor añadido a los sistemas actuales de monitorización SDN.

Memory Cost Analysis for OpenFlow Multiple Table Lookup

Multiple Table Lookup architectures in Software Defined Networking (SDN) open the door for exciting new network applications. The development of the OpenFlow protocol supported the SDN paradigm. However, the first version of the OpenFlow protocol specified a single table lookup model with the associated constraints in flow entry numbers and search capabilities. With the introduction of multiple table lookup in OpenFlow v1.1, flexible and efficient search to support SDN application innovation became possible. However, implementation of multiple table lookup in hardware to meet high performance requirements is non-trivial. One possible approach involves the use of multi-dimensional lookup algorithms. A high lookup performance can be achieved by using embedded memory for flow entry storage. A detailed study of OpenFlow flow filters for multi-dimensional lookup is presented in this paper. Based on a proposed multiple table lookup architecture, the memory consumption and update performance using parallel single field searches are evaluated. The results demonstrate an efficient multi-table lookup implementation with minimum memory usage.

Controllo generalizzato via software di dispositivi per l'interconnessione flessibile di data center

La tesi riguarda le gestione via software di dispositivi che interconnettono componenti hardware di forwarding in una rete.