Pub Date : 2014-11-01DOI: 10.1109/CNSM.2014.7014160
David P. Wagner
Managing bandwidth sharing at bottlenecks is a challenge as old as packet switched networks. When equal senders compete for bandwidth of a bottleneck, it is desirable not only to enforce an instantaneous sharing of the scarce resource but also to prevent permanently active customers from suppressing less active customers. Moreover, it is desirable to incentivize shifting load to non-congested networks or times. Today there is no cheap, efficient and effective mechanism available to achieve these goals. It has been argued that policing based on congestion as perceived by the transport layer can achieve these goals. In this paper we present the concept of Congestion Policing Queues (CPQ), based on a very lightweight dequeuing and scheduling because all customers share one queue. CPQs can police congestion if deployed at bottlenecks relevant to the customers' traffic. We developed three base policers that differ in the level of integration with the Active Queue Management (AQM) of the shared queue. By simulations of three scenarios we evaluate the robustness of the achieved resource sharing and performance in partial deployments for multi-bottleneck situations.
{"title":"Congestion Policing Queues - A new approach to managing bandwidth sharing at bottlenecks","authors":"David P. Wagner","doi":"10.1109/CNSM.2014.7014160","DOIUrl":"https://doi.org/10.1109/CNSM.2014.7014160","url":null,"abstract":"Managing bandwidth sharing at bottlenecks is a challenge as old as packet switched networks. When equal senders compete for bandwidth of a bottleneck, it is desirable not only to enforce an instantaneous sharing of the scarce resource but also to prevent permanently active customers from suppressing less active customers. Moreover, it is desirable to incentivize shifting load to non-congested networks or times. Today there is no cheap, efficient and effective mechanism available to achieve these goals. It has been argued that policing based on congestion as perceived by the transport layer can achieve these goals. In this paper we present the concept of Congestion Policing Queues (CPQ), based on a very lightweight dequeuing and scheduling because all customers share one queue. CPQs can police congestion if deployed at bottlenecks relevant to the customers' traffic. We developed three base policers that differ in the level of integration with the Active Queue Management (AQM) of the shared queue. By simulations of three scenarios we evaluate the robustness of the achieved resource sharing and performance in partial deployments for multi-bottleneck situations.","PeriodicalId":268334,"journal":{"name":"10th International Conference on Network and Service Management (CNSM) and Workshop","volume":"86 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124408003","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-11-01DOI: 10.1109/CNSM.2014.7014199
Lisa Schehlmann, Sebastian Abt, Harald Baier
Software-Defined Networking (SDN) is an emerging technology, physically separating data and control planes of network devices. From a security point of view SDN has two sides. First, it enables network security functions by design, because traffic flows can be redirected or filtered based on packet content or application layer state - functionality, which to date requires additional network security devices like fire-walls, intrusion detection systems or spam filters in conventional networks. On the other hand, due to physical separation of planes, SDN possibly offers additional attack vectors compared to traditional network architectures, which may severely impact overall network availability as well as confidentiality, authenticity, integrity and consistency of network traffic and control data. In this paper, we discuss and balance security provided by SDN with security threats of SDN also in respect of traditional networks. We develop an evaluation methodology for both sides and show that from a security point of view SDN is a blessing for today's and future network design and operation.
{"title":"Blessing or curse? Revisiting security aspects of Software-Defined Networking","authors":"Lisa Schehlmann, Sebastian Abt, Harald Baier","doi":"10.1109/CNSM.2014.7014199","DOIUrl":"https://doi.org/10.1109/CNSM.2014.7014199","url":null,"abstract":"Software-Defined Networking (SDN) is an emerging technology, physically separating data and control planes of network devices. From a security point of view SDN has two sides. First, it enables network security functions by design, because traffic flows can be redirected or filtered based on packet content or application layer state - functionality, which to date requires additional network security devices like fire-walls, intrusion detection systems or spam filters in conventional networks. On the other hand, due to physical separation of planes, SDN possibly offers additional attack vectors compared to traditional network architectures, which may severely impact overall network availability as well as confidentiality, authenticity, integrity and consistency of network traffic and control data. In this paper, we discuss and balance security provided by SDN with security threats of SDN also in respect of traditional networks. We develop an evaluation methodology for both sides and show that from a security point of view SDN is a blessing for today's and future network design and operation.","PeriodicalId":268334,"journal":{"name":"10th International Conference on Network and Service Management (CNSM) and Workshop","volume":"29 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122783649","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-11-01DOI: 10.1109/CNSM.2014.7014195
A. B. Sassi, Manuel Santos Gavidia, E. L. Fernandes, M. Nascimento
This paper describes an integrated management architecture and solution for controlling network elements composed of controller, optional aggregation switch and a variable number of optical line terminals (OLTs), including multiple OLTs based on different technologies and presenting distinct features. The YANG language was used to model configuration and state data manipulated by the Network Configuration Protocol (NETCONF). The system allows the configuration of OpenFlow switches, providing greater protocol flexibility and forwarding algorithms to the aggregation network. The architecture has been implemented and tested using a real Gigabit-capable Passive Optical Network (GPON), a stacked GPON and switch equipment in a variety of scenarios.
{"title":"Integrated management of 10G-PON network element using NETCONF and OpenFlow","authors":"A. B. Sassi, Manuel Santos Gavidia, E. L. Fernandes, M. Nascimento","doi":"10.1109/CNSM.2014.7014195","DOIUrl":"https://doi.org/10.1109/CNSM.2014.7014195","url":null,"abstract":"This paper describes an integrated management architecture and solution for controlling network elements composed of controller, optional aggregation switch and a variable number of optical line terminals (OLTs), including multiple OLTs based on different technologies and presenting distinct features. The YANG language was used to model configuration and state data manipulated by the Network Configuration Protocol (NETCONF). The system allows the configuration of OpenFlow switches, providing greater protocol flexibility and forwarding algorithms to the aggregation network. The architecture has been implemented and tested using a real Gigabit-capable Passive Optical Network (GPON), a stacked GPON and switch equipment in a variety of scenarios.","PeriodicalId":268334,"journal":{"name":"10th International Conference on Network and Service Management (CNSM) and Workshop","volume":"110 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127317412","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-11-01DOI: 10.1109/CNSM.2014.7014136
P. Owezarski
Monitoring communication networks and their traffic is of essential importance for estimating the risk in the Internet, and therefore designing suited protection systems for computer networks. Network and traffic analysis can be done thanks to measurement devices or honeypots. However, analyzing the huge amount of gathered data, and characterizing the anomalies and attacks contained in these traces remain complex and time consuming tasks, done by network and security experts using poorly automatized tools, and are consequently slow and costly. In this paper, we present an unsupervised method for classification and characterization of security related anomalies and attacks occurring in honeypots. This as automatized as possible method does not need any attack signature database, learning phase, or labeled traffic. This corresponds to a major step towards autonomous security systems. This paper also shows how it is possible from anomalies characterization results to infer filtering rules that could serve for automatically configuring network routers, switches or firewalls.
{"title":"Unsupervised classification and characterization of honeypot attacks","authors":"P. Owezarski","doi":"10.1109/CNSM.2014.7014136","DOIUrl":"https://doi.org/10.1109/CNSM.2014.7014136","url":null,"abstract":"Monitoring communication networks and their traffic is of essential importance for estimating the risk in the Internet, and therefore designing suited protection systems for computer networks. Network and traffic analysis can be done thanks to measurement devices or honeypots. However, analyzing the huge amount of gathered data, and characterizing the anomalies and attacks contained in these traces remain complex and time consuming tasks, done by network and security experts using poorly automatized tools, and are consequently slow and costly. In this paper, we present an unsupervised method for classification and characterization of security related anomalies and attacks occurring in honeypots. This as automatized as possible method does not need any attack signature database, learning phase, or labeled traffic. This corresponds to a major step towards autonomous security systems. This paper also shows how it is possible from anomalies characterization results to infer filtering rules that could serve for automatically configuring network routers, switches or firewalls.","PeriodicalId":268334,"journal":{"name":"10th International Conference on Network and Service Management (CNSM) and Workshop","volume":"26 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125084124","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-11-01DOI: 10.1109/CNSM.2014.7014145
M. C. Luizelli, L. Bays, M. Barcellos, L. Gaspary
As research in the area of network virtualization continues to advance, there have been numerous efforts to solve the challenge of efficiently mapping virtual networks on top of physical structures. Despite these efforts, current state-of-the-art proposals still suffer from significant amount of rejection of virtual network requests in circumstances where overall resource availability would be sufficient to embed them. This is caused by the exhaustion of resources in certain key points of the infrastructure. In this paper, we propose HIPER - a strategy for expanding physical networks that suggests infrastructure upgrades with the objective of maximizing the acceptance of virtual network requests (and, as a consequence, physical resource utilization). This is achieved through the reconnection of strongly connected components (i.e., recurring partitions) of the infrastructure. Evaluated under realistic workloads, HIPER led to promising results. After the expansion of 10% to 20% of infrastructure resources, HIPER sustained an increase of up to 30% in virtual network acceptance, allowing an additional 52% in resource utilization.
{"title":"HIPER: Heuristic-based infrastructure expansion through partition reconnection for efficient Virtual Network Embedding","authors":"M. C. Luizelli, L. Bays, M. Barcellos, L. Gaspary","doi":"10.1109/CNSM.2014.7014145","DOIUrl":"https://doi.org/10.1109/CNSM.2014.7014145","url":null,"abstract":"As research in the area of network virtualization continues to advance, there have been numerous efforts to solve the challenge of efficiently mapping virtual networks on top of physical structures. Despite these efforts, current state-of-the-art proposals still suffer from significant amount of rejection of virtual network requests in circumstances where overall resource availability would be sufficient to embed them. This is caused by the exhaustion of resources in certain key points of the infrastructure. In this paper, we propose HIPER - a strategy for expanding physical networks that suggests infrastructure upgrades with the objective of maximizing the acceptance of virtual network requests (and, as a consequence, physical resource utilization). This is achieved through the reconnection of strongly connected components (i.e., recurring partitions) of the infrastructure. Evaluated under realistic workloads, HIPER led to promising results. After the expansion of 10% to 20% of infrastructure resources, HIPER sustained an increase of up to 30% in virtual network acceptance, allowing an additional 52% in resource utilization.","PeriodicalId":268334,"journal":{"name":"10th International Conference on Network and Service Management (CNSM) and Workshop","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125253589","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-11-01DOI: 10.1109/CNSM.2014.7014146
Runxin Wang, R. Esteves, Lei Shi, Juliano Araujo Wickboldt, B. Jennings, L. Granville
Modern datacenters rely heavily on virtualization technologies to offer customized computing and network resources on demand to a large number of tenant applications. However, efficiency in resource utilization delivered by virtualization technologies that exploit statistical multiplexing of resources across applications means that predictability in performance remains a challenge. Allocation of network bandwidth is particularly difficult, given the variability of traffic flows between the components of multi-tier applications. Static bandwidth allocation based on peak traffic rates ensures SLA compliance at the cost of significant overprovisioning, while allocation based on mean traffic rates ensures efficient usage of bandwidth at the cost of QoS violations. We describe MAPLE, a network-aware VM ensemble placement scheme that uses empirical estimations of the effective bandwidth required between servers to ensure that QoS violations are within targets specified in the SLA for the tenant application. Experimental results obtained using traffic traces collected from an emulated datacenter show that, in contrast to the Oktopus network-aware VM placement system, MAPLE is able to allocate computing and network resources in a manner that balances efficiency of resource utilization with performance predictability.
{"title":"Network-aware placement of virtual machine ensembles using effective bandwidth estimation","authors":"Runxin Wang, R. Esteves, Lei Shi, Juliano Araujo Wickboldt, B. Jennings, L. Granville","doi":"10.1109/CNSM.2014.7014146","DOIUrl":"https://doi.org/10.1109/CNSM.2014.7014146","url":null,"abstract":"Modern datacenters rely heavily on virtualization technologies to offer customized computing and network resources on demand to a large number of tenant applications. However, efficiency in resource utilization delivered by virtualization technologies that exploit statistical multiplexing of resources across applications means that predictability in performance remains a challenge. Allocation of network bandwidth is particularly difficult, given the variability of traffic flows between the components of multi-tier applications. Static bandwidth allocation based on peak traffic rates ensures SLA compliance at the cost of significant overprovisioning, while allocation based on mean traffic rates ensures efficient usage of bandwidth at the cost of QoS violations. We describe MAPLE, a network-aware VM ensemble placement scheme that uses empirical estimations of the effective bandwidth required between servers to ensure that QoS violations are within targets specified in the SLA for the tenant application. Experimental results obtained using traffic traces collected from an emulated datacenter show that, in contrast to the Oktopus network-aware VM placement system, MAPLE is able to allocate computing and network resources in a manner that balances efficiency of resource utilization with performance predictability.","PeriodicalId":268334,"journal":{"name":"10th International Conference on Network and Service Management (CNSM) and Workshop","volume":"66 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128647185","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-11-01DOI: 10.1109/CNSM.2014.7014170
Matías Richart, J. Visca, J. Baliosian
Nowadays, it is common to find IEEE 802.11 networks that are deployed in an unplanned and unmanaged manner. Moreover, because of the low hardware cost and, trying to obtain better coverage and performance, a large number of devices are usually installed in reduced spaces causing high-density deployments. This kind of networks experiment several problems related with the shared nature of the transmission medium. In recent years, different transmit power control mechanisms have been proposed to palliate those problems, however, in some situations, the existing solutions can lead to an starvation problem. In this paper, we present a novel mechanism that manages data rate, transmit power and carrier-sense threshold to reduce this problem.
{"title":"Self management of rate, power and carrier-sense threshold for interference mitigation in IEEE 802.11 networks","authors":"Matías Richart, J. Visca, J. Baliosian","doi":"10.1109/CNSM.2014.7014170","DOIUrl":"https://doi.org/10.1109/CNSM.2014.7014170","url":null,"abstract":"Nowadays, it is common to find IEEE 802.11 networks that are deployed in an unplanned and unmanaged manner. Moreover, because of the low hardware cost and, trying to obtain better coverage and performance, a large number of devices are usually installed in reduced spaces causing high-density deployments. This kind of networks experiment several problems related with the shared nature of the transmission medium. In recent years, different transmit power control mechanisms have been proposed to palliate those problems, however, in some situations, the existing solutions can lead to an starvation problem. In this paper, we present a novel mechanism that manages data rate, transmit power and carrier-sense threshold to reduce this problem.","PeriodicalId":268334,"journal":{"name":"10th International Conference on Network and Service Management (CNSM) and Workshop","volume":"69 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129129299","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-11-01DOI: 10.1109/CNSM.2014.7014182
G. C. Januario, A. C. Riekstin, T. Carvalho
Energy efficiency features are being integrated in network protocols and management systems in order to make the infrastructure more sustainable and, at the same time, address the growing users' demand. Many of such features affect the network in different ways, thus yielding trade-offs. They can affect the reliability and availability of the network when they put devices or links into sleep mode, and they can affect the lifetime of the devices as a result of the new pattern of operation. This work discusses what needs to be evaluated when considering equipment lifetime, with respect to processor of network devices. We show that the new network management profile does affect the equipment lifetime negatively, in contradiction to what recent works seem to predict. We also present our ongoing research on how to calculate the trade-offs considering performance, availability, energy efficiency, and lifetime. These aspects must be taken into account in cost functions used to define the best network configuration. The key of our analysis and method relies on the understanding of thermal cycling and the power of using it in a predictive fashion.
{"title":"Impacts of energy efficiency features on lifetime of network equipment","authors":"G. C. Januario, A. C. Riekstin, T. Carvalho","doi":"10.1109/CNSM.2014.7014182","DOIUrl":"https://doi.org/10.1109/CNSM.2014.7014182","url":null,"abstract":"Energy efficiency features are being integrated in network protocols and management systems in order to make the infrastructure more sustainable and, at the same time, address the growing users' demand. Many of such features affect the network in different ways, thus yielding trade-offs. They can affect the reliability and availability of the network when they put devices or links into sleep mode, and they can affect the lifetime of the devices as a result of the new pattern of operation. This work discusses what needs to be evaluated when considering equipment lifetime, with respect to processor of network devices. We show that the new network management profile does affect the equipment lifetime negatively, in contradiction to what recent works seem to predict. We also present our ongoing research on how to calculate the trade-offs considering performance, availability, energy efficiency, and lifetime. These aspects must be taken into account in cost functions used to define the best network configuration. The key of our analysis and method relies on the understanding of thermal cycling and the power of using it in a predictive fashion.","PeriodicalId":268334,"journal":{"name":"10th International Conference on Network and Service Management (CNSM) and Workshop","volume":"98 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128275450","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-11-01DOI: 10.1109/CNSM.2014.7014174
M. Monteiro, Rafael C. Favoreto, Freddy Brasileiro Silva, P. Negri, Pedro Paulo F. Barcelos
The SNMP protocol remains a broadly adopted technology in the Internet management framework and its MIB was proposed to guarantee interoperation. In order to enable the management of new equipment, the human manager must compile the correlated MIB file (MIB description) and choose the right objects to manage an implicit knowledge. This paper presents an ontology-based approach and a Semantic SNMP extension, to improve the framework's autonomic support.
{"title":"An ontology-based approach to improve SNMP support for autonomic management","authors":"M. Monteiro, Rafael C. Favoreto, Freddy Brasileiro Silva, P. Negri, Pedro Paulo F. Barcelos","doi":"10.1109/CNSM.2014.7014174","DOIUrl":"https://doi.org/10.1109/CNSM.2014.7014174","url":null,"abstract":"The SNMP protocol remains a broadly adopted technology in the Internet management framework and its MIB was proposed to guarantee interoperation. In order to enable the management of new equipment, the human manager must compile the correlated MIB file (MIB description) and choose the right objects to manage an implicit knowledge. This paper presents an ontology-based approach and a Semantic SNMP extension, to improve the framework's autonomic support.","PeriodicalId":268334,"journal":{"name":"10th International Conference on Network and Service Management (CNSM) and Workshop","volume":"429 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115920990","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-11-01DOI: 10.1109/CNSM.2014.7014208
T. N. Araujo, R. Salles
FlowVisor is a special purpose controller inside OpenFlow architecture witch allows capacities of network devices to be divided by creating silces. This enables multiple virtual networks to run on the same physical infrastructure, based on the deployment of rules for routing the packets together with the OpenFlow controllers and datapaths. However, FlowVisor has limitations in its architecture related to the absence of a specific model for managing the silces as well as a more friendly user interface. Thus, taking into account the limitations mentioned, this paper presents a tool to complement the FlowVisor called GiroFlow. This tool presents a model for management of the silces focusing on the properties of the application running on the controller. And it also uses automated interfaces with FlowVisor and network controllers to create and adjust the silces and policies inside a network managed by FlowVisor.
{"title":"GIROFLOW: Openflow virtualized infrastructure management tool","authors":"T. N. Araujo, R. Salles","doi":"10.1109/CNSM.2014.7014208","DOIUrl":"https://doi.org/10.1109/CNSM.2014.7014208","url":null,"abstract":"FlowVisor is a special purpose controller inside OpenFlow architecture witch allows capacities of network devices to be divided by creating silces. This enables multiple virtual networks to run on the same physical infrastructure, based on the deployment of rules for routing the packets together with the OpenFlow controllers and datapaths. However, FlowVisor has limitations in its architecture related to the absence of a specific model for managing the silces as well as a more friendly user interface. Thus, taking into account the limitations mentioned, this paper presents a tool to complement the FlowVisor called GiroFlow. This tool presents a model for management of the silces focusing on the properties of the application running on the controller. And it also uses automated interfaces with FlowVisor and network controllers to create and adjust the silces and policies inside a network managed by FlowVisor.","PeriodicalId":268334,"journal":{"name":"10th International Conference on Network and Service Management (CNSM) and Workshop","volume":"45 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121421859","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: