Pub Date : 2017-11-01DOI: 10.23919/CNSM.2017.8256005
S. R. Chowdhury, Sara Ayoubi, Reaz Ahmed, Nashid Shahriar, R. Boutaba, J. Mitra, L. Liu
Network Virtualization (NV), considered as a key enabler for overcoming the ossification of the Internet allows multiple heterogeneous virtual networks to co-exist over the same substrate network. Resource allocation problems in NV have been extensively studied for single layer substrates such as IP or Optical networks. However, little effort has been put to address the same problem for multi-layer IP-over-Optical networks. The increasing popularity of multi-layer networks for deploying backbones combined with their unique characteristics (e.g., topological flexibility of the IP layer) calls for the need to carefully investigate the resource provisioning problems arising from their virtualization. In this paper, we address the problem of MUlti-Layer virtual network Embedding (MULE) on IP-overOptical networks. We propose two solutions to MULE: an Integer Linear Program (ILP) formulation for the optimal solution and a heuristic to address the computational complexity of the optimal solution. We demonstrate through extensive simulations that on average our heuristic performs within ≈1.47 × of optimal solution and incurs ≈66% less cost than the state-of-the-art heuristic.
{"title":"MULE: Multi-layer virtual network embedding","authors":"S. R. Chowdhury, Sara Ayoubi, Reaz Ahmed, Nashid Shahriar, R. Boutaba, J. Mitra, L. Liu","doi":"10.23919/CNSM.2017.8256005","DOIUrl":"https://doi.org/10.23919/CNSM.2017.8256005","url":null,"abstract":"Network Virtualization (NV), considered as a key enabler for overcoming the ossification of the Internet allows multiple heterogeneous virtual networks to co-exist over the same substrate network. Resource allocation problems in NV have been extensively studied for single layer substrates such as IP or Optical networks. However, little effort has been put to address the same problem for multi-layer IP-over-Optical networks. The increasing popularity of multi-layer networks for deploying backbones combined with their unique characteristics (e.g., topological flexibility of the IP layer) calls for the need to carefully investigate the resource provisioning problems arising from their virtualization. In this paper, we address the problem of MUlti-Layer virtual network Embedding (MULE) on IP-overOptical networks. We propose two solutions to MULE: an Integer Linear Program (ILP) formulation for the optimal solution and a heuristic to address the computational complexity of the optimal solution. We demonstrate through extensive simulations that on average our heuristic performs within ≈1.47 × of optimal solution and incurs ≈66% less cost than the state-of-the-art heuristic.","PeriodicalId":211611,"journal":{"name":"2017 13th International Conference on Network and Service Management (CNSM)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115059070","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-11-01DOI: 10.23919/CNSM.2017.8256012
Xing Tan, Rui Zhao, Yuanjian Li
In Rayleigh fading channels, a novel full-duplex destination jamming with optimal antenna selection (FDJ-OAS) scheme is proposed to improve the secrecy performance of the untrusted relay system with multiple-antenna destination. The traditional half-duplex destination jamming scheme and the nonjamming scheme both combined with OAS are presented to compare with FDJ-OAS. The approximate closed-form expressions of ergodic achievable secrecy rate and optimal power allocation factor for FDJ-OAS are significantly derived in the large-scale antennas analysis. Furthermore, simulation results show that, the analytical curves match well with the simulation curves, and the FDJ-OAS is superior to the other two schemes.
{"title":"Large-scale antennas analysis of untrusted relay system with cooperative jamming","authors":"Xing Tan, Rui Zhao, Yuanjian Li","doi":"10.23919/CNSM.2017.8256012","DOIUrl":"https://doi.org/10.23919/CNSM.2017.8256012","url":null,"abstract":"In Rayleigh fading channels, a novel full-duplex destination jamming with optimal antenna selection (FDJ-OAS) scheme is proposed to improve the secrecy performance of the untrusted relay system with multiple-antenna destination. The traditional half-duplex destination jamming scheme and the nonjamming scheme both combined with OAS are presented to compare with FDJ-OAS. The approximate closed-form expressions of ergodic achievable secrecy rate and optimal power allocation factor for FDJ-OAS are significantly derived in the large-scale antennas analysis. Furthermore, simulation results show that, the analytical curves match well with the simulation curves, and the FDJ-OAS is superior to the other two schemes.","PeriodicalId":211611,"journal":{"name":"2017 13th International Conference on Network and Service Management (CNSM)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116791072","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-11-01DOI: 10.23919/CNSM.2017.8256027
Tulja Vamshi Kiran Buyakar, A. K. Rangisetti, A. Franklin, T. B. Reddy
In order to meet the traffic demand from diverse next generation wireless network applications and exponentially increasing mobile subscriptions, various 5G network architectures are proposed by leveraging Software Defined Networking (SDN) and Network Function Virtualization (NFV) technologies. Network slicing will be one of the 5G technologies that would support next-generation wireless applications over a shared network infrastructure. However, improper network slicing may lead to either over-provisioning or under-utilization of the underlying network infrastructure resources, especially the 5G core network. Over-provisioning of data plane components such as Serving Gateway (SGW) and Packet Data Network Gateway (PGW) can lead to higher CAPEX and OPEX to mobile operators. In this paper, we propose a novel auto-scaling approach called Bit rate Aware Auto Scaling (BAAS) that maintains a precise UE bit rate requirement in the network slices without over-provisioning of data plane resources.
{"title":"Auto scaling of data plane VNFs in 5G networks","authors":"Tulja Vamshi Kiran Buyakar, A. K. Rangisetti, A. Franklin, T. B. Reddy","doi":"10.23919/CNSM.2017.8256027","DOIUrl":"https://doi.org/10.23919/CNSM.2017.8256027","url":null,"abstract":"In order to meet the traffic demand from diverse next generation wireless network applications and exponentially increasing mobile subscriptions, various 5G network architectures are proposed by leveraging Software Defined Networking (SDN) and Network Function Virtualization (NFV) technologies. Network slicing will be one of the 5G technologies that would support next-generation wireless applications over a shared network infrastructure. However, improper network slicing may lead to either over-provisioning or under-utilization of the underlying network infrastructure resources, especially the 5G core network. Over-provisioning of data plane components such as Serving Gateway (SGW) and Packet Data Network Gateway (PGW) can lead to higher CAPEX and OPEX to mobile operators. In this paper, we propose a novel auto-scaling approach called Bit rate Aware Auto Scaling (BAAS) that maintains a precise UE bit rate requirement in the network slices without over-provisioning of data plane resources.","PeriodicalId":211611,"journal":{"name":"2017 13th International Conference on Network and Service Management (CNSM)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115269375","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-11-01DOI: 10.23919/CNSM.2017.8256023
Seong-Mun Kim, Gyeongsik Yang, C. Yoo, Sung-Gi Min
5G networks offer various network services based on software defined networking and network function virtualization. However, certain services are sensitive to link latency which is why it is consistently observed to provide high quality services. Previous studies have proposed two approaches to this task: measuring the latency by probe packets and link-layer discovery protocol (LLDP) packets. However, they have several limitations like flow rule preconfiguration, influence of the control plane traffic, and necessity of calibration. In this paper, Bidirectional forwarding detection (BFD) based approach is proposed. The approach measures latency at the data plane with simply implemented echo mode in Open vSwitch. We evaluates and compare the proposed approach to LLDP-based one in terms of single link latency and path latency, and error rate. In addition, we verify that the control plane throughput affects link latency according to the increased number of switches. As a result, the proposed approach can resolve the limitations and provides accuracy link latency.
{"title":"BFD-based link latency measurement in software defined networking","authors":"Seong-Mun Kim, Gyeongsik Yang, C. Yoo, Sung-Gi Min","doi":"10.23919/CNSM.2017.8256023","DOIUrl":"https://doi.org/10.23919/CNSM.2017.8256023","url":null,"abstract":"5G networks offer various network services based on software defined networking and network function virtualization. However, certain services are sensitive to link latency which is why it is consistently observed to provide high quality services. Previous studies have proposed two approaches to this task: measuring the latency by probe packets and link-layer discovery protocol (LLDP) packets. However, they have several limitations like flow rule preconfiguration, influence of the control plane traffic, and necessity of calibration. In this paper, Bidirectional forwarding detection (BFD) based approach is proposed. The approach measures latency at the data plane with simply implemented echo mode in Open vSwitch. We evaluates and compare the proposed approach to LLDP-based one in terms of single link latency and path latency, and error rate. In addition, we verify that the control plane throughput affects link latency according to the increased number of switches. As a result, the proposed approach can resolve the limitations and provides accuracy link latency.","PeriodicalId":211611,"journal":{"name":"2017 13th International Conference on Network and Service Management (CNSM)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121230683","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-11-01DOI: 10.23919/CNSM.2017.8256022
Yansen Xu, Ved P. Kafle
A Service Function Chain (SFC) is an ordered Network Function (NF) chain to process flows or packets for the end-to-end delivery of network services. In the context of Network Function Virtualization (NFV) and Software-Defined Networking, which are promising technologies for next generation networks, the Virtualized Network Function (VNF) can be deployed on either generic physical machines or virtual machines. A challenging problem is to determine where and how to place these VNFs of an SFC request in the network. In this paper, we first formulate this VNFs placement problem as an Integer Linear Programing (ILP) model and then propose an enhanced VNF placing scheme based on layered graphs to achieve better reliability. To improve the reliability, our scheme avoids placing more than one VNF of an SFC on the same node to protect the SFC from a single point of failure. We have conducted a numerical analysis and computer simulation for the feasibility validation of our scheme. The performance results, in terms of end to end delay of SFC and computation time cost on different topologies, show that our scheme performs well in different scenarios.
SFC (Service Function Chain)是一个有序的NF (Network Function Chain)链,用于处理网络业务端到端交付的流或报文。在网络功能虚拟化(NFV)和软件定义网络(Software-Defined Networking)这两种下一代网络技术的背景下,虚拟化网络功能(VNF)既可以部署在普通物理机上,也可以部署在虚拟机上。一个具有挑战性的问题是确定在网络中放置SFC请求的这些vnf的位置和方式。本文首先将VNF放置问题表述为整数线性规划(ILP)模型,然后提出一种基于分层图的增强VNF放置方案,以获得更好的可靠性。为了提高可靠性,我们的方案避免在同一节点上放置多个SFC的VNF,以保护SFC免受单点故障的影响。通过数值分析和计算机仿真验证了方案的可行性。从SFC的端到端延迟和不同拓扑下的计算时间成本两方面的性能结果表明,我们的方案在不同的场景下都有良好的性能。
{"title":"Reliable service function chain provisioning in software-defined networking","authors":"Yansen Xu, Ved P. Kafle","doi":"10.23919/CNSM.2017.8256022","DOIUrl":"https://doi.org/10.23919/CNSM.2017.8256022","url":null,"abstract":"A Service Function Chain (SFC) is an ordered Network Function (NF) chain to process flows or packets for the end-to-end delivery of network services. In the context of Network Function Virtualization (NFV) and Software-Defined Networking, which are promising technologies for next generation networks, the Virtualized Network Function (VNF) can be deployed on either generic physical machines or virtual machines. A challenging problem is to determine where and how to place these VNFs of an SFC request in the network. In this paper, we first formulate this VNFs placement problem as an Integer Linear Programing (ILP) model and then propose an enhanced VNF placing scheme based on layered graphs to achieve better reliability. To improve the reliability, our scheme avoids placing more than one VNF of an SFC on the same node to protect the SFC from a single point of failure. We have conducted a numerical analysis and computer simulation for the feasibility validation of our scheme. The performance results, in terms of end to end delay of SFC and computation time cost on different topologies, show that our scheme performs well in different scenarios.","PeriodicalId":211611,"journal":{"name":"2017 13th International Conference on Network and Service Management (CNSM)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129517729","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-11-01DOI: 10.23919/CNSM.2017.8256030
P. Varga, G. Kathareios, A. Mate, R. Clauberg, Andreea Anghel, P. Orosz, Balázs Nagy, Tamás Tóthfalusi, László Kovács, M. Gusat
While the scale, frequency and impact of the recent cyber- and DoS-attacks have all increased, the traditional security management systems are still supervised by human operators in the decisional loop. To cope with the new breed of machine-driven attacks — particularly those designed to overload the humans in the loop — the next-generation anomaly detection and attack mitigation schema, i.e. the network security management, must improve greatly in speed and accuracy: become machine-driven, too. As infrastructure we propose an FPGA-accelerated Network Function Virtualization that potentially enhances the current multi-Tbps switching fabrics with SDN-based security capabilities of vastly higher performance and scalability. As key novelties, we contribute (i) sub-ms detection lag (ii) of the top 9 Akamai attacks [1] with (iii) a real-time SDN feedback loop between a distributed programmable data plane and a centralized SDN controller, (iv) coupled via a global N:1 mirror. We validate the concept in an actual datacenter network with a new security application that can detect and mitigate real-world dDoS attacks, with lags from 430 us up to 3 ms — several orders of magnitude faster than before.
{"title":"Real-time security services for SDN-based datacenters","authors":"P. Varga, G. Kathareios, A. Mate, R. Clauberg, Andreea Anghel, P. Orosz, Balázs Nagy, Tamás Tóthfalusi, László Kovács, M. Gusat","doi":"10.23919/CNSM.2017.8256030","DOIUrl":"https://doi.org/10.23919/CNSM.2017.8256030","url":null,"abstract":"While the scale, frequency and impact of the recent cyber- and DoS-attacks have all increased, the traditional security management systems are still supervised by human operators in the decisional loop. To cope with the new breed of machine-driven attacks — particularly those designed to overload the humans in the loop — the next-generation anomaly detection and attack mitigation schema, i.e. the network security management, must improve greatly in speed and accuracy: become machine-driven, too. As infrastructure we propose an FPGA-accelerated Network Function Virtualization that potentially enhances the current multi-Tbps switching fabrics with SDN-based security capabilities of vastly higher performance and scalability. As key novelties, we contribute (i) sub-ms detection lag (ii) of the top 9 Akamai attacks [1] with (iii) a real-time SDN feedback loop between a distributed programmable data plane and a centralized SDN controller, (iv) coupled via a global N:1 mirror. We validate the concept in an actual datacenter network with a new security application that can detect and mitigate real-world dDoS attacks, with lags from 430 us up to 3 ms — several orders of magnitude faster than before.","PeriodicalId":211611,"journal":{"name":"2017 13th International Conference on Network and Service Management (CNSM)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130895256","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-11-01DOI: 10.23919/CNSM.2017.8256015
M. T. Raza, Songwu Lu
Network Functions Virtualization (NFV) allows service providers to deliver new services to their customers more quickly by adopting software centric network functions implementation over commercial, off-the-shelf hardwares. IP Multimedia Subsystem (IMS) which is one of the most complex NFV instances requires extremely low end-to-end latency (up to 40 msec), and demands system availability as high as five nines. We discover that highly modular 3GPP standardized IMS network functions implementation over virtualized platform (1) incurs latencies, and (2) does not tolerate faults. NFV-based IMS modules incur high latencies by creating a feedback loop among each other while executing delay sensitive data-plane traffic. These IMS modules are also susceptible to failures, causing the control-plane to terminate the application session while keeping the data-plane to forward data packets. To address these issues, we propose to refactor network function modules. We reduce latencies by pipelining the communication between IMS modules, and achieve fault tolerance by reconfiguring their neighboring modules. We build our system prototype of open source 3GPP compliant IMS over OpenStack platform. Our results show that our scheme reduces latencies and failure recovery time upto 12X and 10X, respectively, when compared to the stat-of-the-art 3GPP compliant virtualized IMS implementation.
{"title":"Enabling low latency and high reliability for IMS-NFV","authors":"M. T. Raza, Songwu Lu","doi":"10.23919/CNSM.2017.8256015","DOIUrl":"https://doi.org/10.23919/CNSM.2017.8256015","url":null,"abstract":"Network Functions Virtualization (NFV) allows service providers to deliver new services to their customers more quickly by adopting software centric network functions implementation over commercial, off-the-shelf hardwares. IP Multimedia Subsystem (IMS) which is one of the most complex NFV instances requires extremely low end-to-end latency (up to 40 msec), and demands system availability as high as five nines. We discover that highly modular 3GPP standardized IMS network functions implementation over virtualized platform (1) incurs latencies, and (2) does not tolerate faults. NFV-based IMS modules incur high latencies by creating a feedback loop among each other while executing delay sensitive data-plane traffic. These IMS modules are also susceptible to failures, causing the control-plane to terminate the application session while keeping the data-plane to forward data packets. To address these issues, we propose to refactor network function modules. We reduce latencies by pipelining the communication between IMS modules, and achieve fault tolerance by reconfiguring their neighboring modules. We build our system prototype of open source 3GPP compliant IMS over OpenStack platform. Our results show that our scheme reduces latencies and failure recovery time upto 12X and 10X, respectively, when compared to the stat-of-the-art 3GPP compliant virtualized IMS implementation.","PeriodicalId":211611,"journal":{"name":"2017 13th International Conference on Network and Service Management (CNSM)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116465530","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-11-01DOI: 10.23919/CNSM.2017.8256019
Bart Spinnewyn, J. F. Botero, Steven Latré
Cloud providers rely on fault-tolerance mechanisms to realize high-availability services on best-effort infrastructure. Service replication limits the data-loss caused by failure, at the expense of additional operational costs. Recently, with the advent of Mobile Edge Computing, cloud environments are becoming increasingly heterogeneous and dynamic, by the incorporation of (very) unreliable and resource-constrained devices. In this paper, we investigate how to devise an economically viable replication strategy, for a given service on a particular cloud environment. Previous work either focused on finding replication strategies for stateless services, ignoring recovery processes and correlated failures, or considered system dynamics, while lacking Service Level Agreement (SLA)-awareness. We approach the replica management problem as a run-time revenue maximization problem. Our proposed Dynamic Programming (DP) algorithm can generate the optimal replication strategy over the application lifetime. Through extensive simulations, we show that our algorithm significantly improves provider revenue over a wide range of cloud- and SLA-conditions, and adapt its strategy to evolving operating conditions. The results show that coupling dynamic failure models with SLA-awareness can lead to profitable replication strategies, even in cases where providers currently turn a loss.
{"title":"Cost-effective replica management in fault-tolerant cloud environments","authors":"Bart Spinnewyn, J. F. Botero, Steven Latré","doi":"10.23919/CNSM.2017.8256019","DOIUrl":"https://doi.org/10.23919/CNSM.2017.8256019","url":null,"abstract":"Cloud providers rely on fault-tolerance mechanisms to realize high-availability services on best-effort infrastructure. Service replication limits the data-loss caused by failure, at the expense of additional operational costs. Recently, with the advent of Mobile Edge Computing, cloud environments are becoming increasingly heterogeneous and dynamic, by the incorporation of (very) unreliable and resource-constrained devices. In this paper, we investigate how to devise an economically viable replication strategy, for a given service on a particular cloud environment. Previous work either focused on finding replication strategies for stateless services, ignoring recovery processes and correlated failures, or considered system dynamics, while lacking Service Level Agreement (SLA)-awareness. We approach the replica management problem as a run-time revenue maximization problem. Our proposed Dynamic Programming (DP) algorithm can generate the optimal replication strategy over the application lifetime. Through extensive simulations, we show that our algorithm significantly improves provider revenue over a wide range of cloud- and SLA-conditions, and adapt its strategy to evolving operating conditions. The results show that coupling dynamic failure models with SLA-awareness can lead to profitable replication strategies, even in cases where providers currently turn a loss.","PeriodicalId":211611,"journal":{"name":"2017 13th International Conference on Network and Service Management (CNSM)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131530115","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-11-01DOI: 10.23919/CNSM.2017.8256020
Wontae Jeong, Gyeongsik Yang, Seong-Mun Kim, C. Yoo
We propose an efficient resource allocation scheme for big links in virtualized software-defined networking. Network virtualization based on software-defined networking provides big link concept to facilitate simple network management — big link maps a set of switches and links into a single virtual link. However, this paper reports an issue of the big link in that there is a severe performance degradation in virtualized SDN environments. We find the cause: the existing network hypervisors do not consider the network traffic when allocating physical resources to a big link. To address this issue, we present big link allocation scheme (BAS) that considers network traffic when allocating and reallocating resources to a big link. A prototype implementation is done with OpenVirteX, and experiments demonstrate that the big link with BAS achieves four times greater throughput than that of the big link without BAS. Moreover, by including a timer in OpenVirteX, the BAS decreases unnecessary resource reallocations, which reduces overhead.
{"title":"Efficient big link allocation scheme in virtualized software-defined networking","authors":"Wontae Jeong, Gyeongsik Yang, Seong-Mun Kim, C. Yoo","doi":"10.23919/CNSM.2017.8256020","DOIUrl":"https://doi.org/10.23919/CNSM.2017.8256020","url":null,"abstract":"We propose an efficient resource allocation scheme for big links in virtualized software-defined networking. Network virtualization based on software-defined networking provides big link concept to facilitate simple network management — big link maps a set of switches and links into a single virtual link. However, this paper reports an issue of the big link in that there is a severe performance degradation in virtualized SDN environments. We find the cause: the existing network hypervisors do not consider the network traffic when allocating physical resources to a big link. To address this issue, we present big link allocation scheme (BAS) that considers network traffic when allocating and reallocating resources to a big link. A prototype implementation is done with OpenVirteX, and experiments demonstrate that the big link with BAS achieves four times greater throughput than that of the big link without BAS. Moreover, by including a timer in OpenVirteX, the BAS decreases unnecessary resource reallocations, which reduces overhead.","PeriodicalId":211611,"journal":{"name":"2017 13th International Conference on Network and Service Management (CNSM)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132359932","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-11-01DOI: 10.23919/CNSM.2017.8256051
N. V. Tu, Kyungchan Ko, J. W. Hong
Network Function Virtualization (NFV) is one of the important aspects of modern network architecture. NFV decouples Network Functions (NFs) from hardware, therefore produces Virtual Network Functions (VNFs) that can run on standard, commodity servers, which in turn mostly run Linux kernel. In this paper, we propose a general architecture for building hybrid kernel-user space VNFs which leverages extended Berkeley Packet Filter (eBPF). eBPF is a framework in Linux kernel that enables network programmability inside kernel for optimal performance. However, the programmability of eBPF is limited due to safety and security of the kernel. Our proposed architecture applies hybrid approach: leave the simple work inside the kernel with eBPF and let complex work be processed in the user space. This architecture allows building complex VNFs to have both speed and flexibility. To demonstrate, we use the proposed architecture to build two VNFs: Dynamic Load Balancer and Deep Packet Inspection with Dynamic Sniffing. The evaluation results show that both VNFs significantly outperform the widely used solutions.
{"title":"Architecture for building hybrid kernel-user space virtual network functions","authors":"N. V. Tu, Kyungchan Ko, J. W. Hong","doi":"10.23919/CNSM.2017.8256051","DOIUrl":"https://doi.org/10.23919/CNSM.2017.8256051","url":null,"abstract":"Network Function Virtualization (NFV) is one of the important aspects of modern network architecture. NFV decouples Network Functions (NFs) from hardware, therefore produces Virtual Network Functions (VNFs) that can run on standard, commodity servers, which in turn mostly run Linux kernel. In this paper, we propose a general architecture for building hybrid kernel-user space VNFs which leverages extended Berkeley Packet Filter (eBPF). eBPF is a framework in Linux kernel that enables network programmability inside kernel for optimal performance. However, the programmability of eBPF is limited due to safety and security of the kernel. Our proposed architecture applies hybrid approach: leave the simple work inside the kernel with eBPF and let complex work be processed in the user space. This architecture allows building complex VNFs to have both speed and flexibility. To demonstrate, we use the proposed architecture to build two VNFs: Dynamic Load Balancer and Deep Packet Inspection with Dynamic Sniffing. The evaluation results show that both VNFs significantly outperform the widely used solutions.","PeriodicalId":211611,"journal":{"name":"2017 13th International Conference on Network and Service Management (CNSM)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122986848","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: