Pub Date : 2014-11-01DOI: 10.1109/CNSM.2014.7014147
Subhasish Banerjee, Kalapriya Kannan
Ternary Content Addressable Memory (TCAM) with O(1) look up performance has become the obvious and irreplaceable choice of high performance switching hardware. However, emerging network paradigm, especially Software Defined Networking (SDN), has changed the nature of operations and the rate of access in this memory subsystem. These conditions are expected to adversely impact TCAM power consumption, increase the silicon area and hence are likely to bring down the expected performance. In this paper we propose Tag-In-Tag an approach that exploits SDN features and replaces the flow entries with two layers of simpler and shorter tags. One level of tagging exploits the availability of unique path for individual flows from the ingress switch to egress switch that can be computed a-priori. Second level of tagging allows finer identification of the flows to enable flow specific actions. Double tagging helps in preserving the finer benefits of the SDNs while providing highest level of compaction to the flow entries in the flow tables. Through various experiments using real world and synthetic data we show that our approach can accommodate 15 times more flow entries in a fixed size TCAM whereas power consumption per-flow is reduced by 80% compared to an unoptimized SDN enabled switch.
{"title":"Tag-In-Tag: Efficient flow table management in SDN switches","authors":"Subhasish Banerjee, Kalapriya Kannan","doi":"10.1109/CNSM.2014.7014147","DOIUrl":"https://doi.org/10.1109/CNSM.2014.7014147","url":null,"abstract":"Ternary Content Addressable Memory (TCAM) with O(1) look up performance has become the obvious and irreplaceable choice of high performance switching hardware. However, emerging network paradigm, especially Software Defined Networking (SDN), has changed the nature of operations and the rate of access in this memory subsystem. These conditions are expected to adversely impact TCAM power consumption, increase the silicon area and hence are likely to bring down the expected performance. In this paper we propose Tag-In-Tag an approach that exploits SDN features and replaces the flow entries with two layers of simpler and shorter tags. One level of tagging exploits the availability of unique path for individual flows from the ingress switch to egress switch that can be computed a-priori. Second level of tagging allows finer identification of the flows to enable flow specific actions. Double tagging helps in preserving the finer benefits of the SDNs while providing highest level of compaction to the flow entries in the flow tables. Through various experiments using real world and synthetic data we show that our approach can accommodate 15 times more flow entries in a fixed size TCAM whereas power consumption per-flow is reduced by 80% compared to an unoptimized SDN enabled switch.","PeriodicalId":268334,"journal":{"name":"10th International Conference on Network and Service Management (CNSM) and Workshop","volume":"59 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127082821","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-11-01DOI: 10.1109/CNSM.2014.7014203
A. Amokrane, Jinho Hwang, Jin Xiao, Nikos Anerousis
In the last few years, changing infrastructure and business requirements are forcing enterprises to rethink their networks. Enterprises look to passive optical networks (PON) for increased network efficiency, flexibility, and cost reduction. At the same time, the emergence of Cloud and mobile in enterprise networks calls for dynamic network control and management following a centralized and software-defined paradigm. In this context, we propose a software-defined edge network (SDEN) design that operates on top of PON. SDEN leverages PON benefits while overcoming its lack of dynamic control. This paper is a work-in-progress focusing on enabling key flow control functions over PON: dynamic traffic steering, service dimensioning and realtime re-dimensioning. We also discuss how SDEN edge network can integrate with core SDN solutions to achieve end-to-end manageability. Through case experiment studies conducted on a live PON testbed deployment, we show the practical benefits and potentials that SDEN can offer to enterprise networks redesign.
{"title":"Software defined enterprise passive optical network","authors":"A. Amokrane, Jinho Hwang, Jin Xiao, Nikos Anerousis","doi":"10.1109/CNSM.2014.7014203","DOIUrl":"https://doi.org/10.1109/CNSM.2014.7014203","url":null,"abstract":"In the last few years, changing infrastructure and business requirements are forcing enterprises to rethink their networks. Enterprises look to passive optical networks (PON) for increased network efficiency, flexibility, and cost reduction. At the same time, the emergence of Cloud and mobile in enterprise networks calls for dynamic network control and management following a centralized and software-defined paradigm. In this context, we propose a software-defined edge network (SDEN) design that operates on top of PON. SDEN leverages PON benefits while overcoming its lack of dynamic control. This paper is a work-in-progress focusing on enabling key flow control functions over PON: dynamic traffic steering, service dimensioning and realtime re-dimensioning. We also discuss how SDEN edge network can integrate with core SDN solutions to achieve end-to-end manageability. Through case experiment studies conducted on a live PON testbed deployment, we show the practical benefits and potentials that SDEN can offer to enterprise networks redesign.","PeriodicalId":268334,"journal":{"name":"10th International Conference on Network and Service Management (CNSM) and Workshop","volume":"24 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116497191","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-11-01DOI: 10.1109/CNSM.2014.7014168
Reaz Ahmed, Md. Faizul Bari, Md. Rakibul Haque, R. Boutaba, B. Mathieu
Contemporary Web search is governed by centrally controlled search engines, which is not healthy for our online freedom and privacy. A better solution is to enable the Web to index itself in a decentralized manner. In this work we propose a decentralized Web search mechanism, named DEWS, which enables existing webservers to collaborate with each other to build a distributed index of the Web. DEWS can rank search results based on query keyword relevance and relative importance of webpages. DEWS also supports approximate matching of query keywords in web documents. Simulation results show that the ranking accuracy of DEWS is very close to the centralized case, while network overhead for collaborative search and indexing is logarithmic on network size.
{"title":"DEWS: A decentralized engine for Web search","authors":"Reaz Ahmed, Md. Faizul Bari, Md. Rakibul Haque, R. Boutaba, B. Mathieu","doi":"10.1109/CNSM.2014.7014168","DOIUrl":"https://doi.org/10.1109/CNSM.2014.7014168","url":null,"abstract":"Contemporary Web search is governed by centrally controlled search engines, which is not healthy for our online freedom and privacy. A better solution is to enable the Web to index itself in a decentralized manner. In this work we propose a decentralized Web search mechanism, named DEWS, which enables existing webservers to collaborate with each other to build a distributed index of the Web. DEWS can rank search results based on query keyword relevance and relative importance of webpages. DEWS also supports approximate matching of query keywords in web documents. Simulation results show that the ranking accuracy of DEWS is very close to the centralized case, while network overhead for collaborative search and indexing is logarithmic on network size.","PeriodicalId":268334,"journal":{"name":"10th International Conference on Network and Service Management (CNSM) and Workshop","volume":"130 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124492960","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-11-01DOI: 10.1109/CNSM.2014.7014142
A. Amokrane, M. Zhani, Qi Zhang, R. Langar, R. Boutaba, G. Pujolle
With the massive adoption of cloud-based services, high energy consumption and carbon footprint of cloud infrastructures have become a major concern in IT industry. Consequently, many governments and IT advisory organizations have urged IT stakeholders (i.e., cloud provider and cloud customers) to embrace green IT and regularly monitor and report their carbon emissions and put in place efficient strategies and techniques to control the environmental impact of their infrastructures and/or applications. Motivated by this growing trend, we investigate, in this paper, how cloud providers can meet Service Level Agreements (SLAs) with green requirements. In such SLAs, a cloud customer requires from cloud providers that carbon emissions generated by the leased resources should not exceed a fixed bound. We hence propose a resource management framework allowing cloud providers to provision resources in the form of Virtual Data Centers (VDCs) (i.e., a set of virtual machines and virtual links with guaranteed bandwidth) across a geo-distributed infrastructure with the aim of reducing operational costs and green SLA violation penalties. Extensive simulations show that the proposed solution maximizes the cloud provider's profit and minimizes the violation of green SLAs.
{"title":"On satisfying green SLAs in distributed clouds","authors":"A. Amokrane, M. Zhani, Qi Zhang, R. Langar, R. Boutaba, G. Pujolle","doi":"10.1109/CNSM.2014.7014142","DOIUrl":"https://doi.org/10.1109/CNSM.2014.7014142","url":null,"abstract":"With the massive adoption of cloud-based services, high energy consumption and carbon footprint of cloud infrastructures have become a major concern in IT industry. Consequently, many governments and IT advisory organizations have urged IT stakeholders (i.e., cloud provider and cloud customers) to embrace green IT and regularly monitor and report their carbon emissions and put in place efficient strategies and techniques to control the environmental impact of their infrastructures and/or applications. Motivated by this growing trend, we investigate, in this paper, how cloud providers can meet Service Level Agreements (SLAs) with green requirements. In such SLAs, a cloud customer requires from cloud providers that carbon emissions generated by the leased resources should not exceed a fixed bound. We hence propose a resource management framework allowing cloud providers to provision resources in the form of Virtual Data Centers (VDCs) (i.e., a set of virtual machines and virtual links with guaranteed bandwidth) across a geo-distributed infrastructure with the aim of reducing operational costs and green SLA violation penalties. Extensive simulations show that the proposed solution maximizes the cloud provider's profit and minimizes the violation of green SLAs.","PeriodicalId":268334,"journal":{"name":"10th International Conference on Network and Service Management (CNSM) and Workshop","volume":"46 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122591612","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-11-01DOI: 10.1109/CNSM.2014.7014201
A. Alberti, Victor H. de O. Fernandes, M. A. F. Casaroli, Lucio H. de Oliveira, Frederico M. Pedroso Junior, Dhananjay Singh
Software-defined networking (SDN) is a promising approach to deal with complexity in new generation networks. The idea is to “extract simplicity” from what we have learned in the last decades while “mastering complexity” at designing and deploying network infrastructures. The idea is to decouple control and data planes. In this sense, OpenFlow is a protocol for remote control of switches' forwarding tables, replacing the traditional distributed network control model by a centralized one. An open problem in OpenFlow, and more generally on SDN, is how to integrate network control with services orchestration, i.e. to enable service frameworks to negotiate with network representatives in order to create service-aware networks. In this paper, we employ the design principles of a new architecture called NovaGenesis to implement a proxy/gateway/controller for Open- Flow networks. This service represents, interoperates, and controls a Python OpenFlow controller (POX) in order to expose its resources directly to NovaGenesis services. The POX Agent (POXA), as it is called, innovates on exposing OpenFlow resources to NovaGenesis name-oriented service orchestration, enabling the direct establishment of service level agreements among POX and NovaGenesis services.
{"title":"A NovaGenesis proxy/gateway/controller for OpenFlow software defined networks","authors":"A. Alberti, Victor H. de O. Fernandes, M. A. F. Casaroli, Lucio H. de Oliveira, Frederico M. Pedroso Junior, Dhananjay Singh","doi":"10.1109/CNSM.2014.7014201","DOIUrl":"https://doi.org/10.1109/CNSM.2014.7014201","url":null,"abstract":"Software-defined networking (SDN) is a promising approach to deal with complexity in new generation networks. The idea is to “extract simplicity” from what we have learned in the last decades while “mastering complexity” at designing and deploying network infrastructures. The idea is to decouple control and data planes. In this sense, OpenFlow is a protocol for remote control of switches' forwarding tables, replacing the traditional distributed network control model by a centralized one. An open problem in OpenFlow, and more generally on SDN, is how to integrate network control with services orchestration, i.e. to enable service frameworks to negotiate with network representatives in order to create service-aware networks. In this paper, we employ the design principles of a new architecture called NovaGenesis to implement a proxy/gateway/controller for Open- Flow networks. This service represents, interoperates, and controls a Python OpenFlow controller (POX) in order to expose its resources directly to NovaGenesis services. The POX Agent (POXA), as it is called, innovates on exposing OpenFlow resources to NovaGenesis name-oriented service orchestration, enabling the direct establishment of service level agreements among POX and NovaGenesis services.","PeriodicalId":268334,"journal":{"name":"10th International Conference on Network and Service Management (CNSM) and Workshop","volume":"22 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125249459","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
R. Riggio, K. Gomez, T. Rasheed, Julius Schulz-Zander, S. Kukliński, M. Marina
Programming a mobile network requires to account for multiple complex operations, such as allocating radio resources and monitoring interference. Nevertheless, the current Software-Defined Networking ecosystem provides little support for mobile networks in term of radio data-plane abstractions, controllers, and programming primitives. Starting from the consideration that WiFi is becoming an integral part of the 5G architecture, we present a set of programming abstractions modeling three fundamental aspects of a WiFi network, namely state management of wireless clients, resource provisioning, and network state collection. The proposed abstractions hide away the implementation details of the underlying wireless technology providing programmers with expressive tools to control the state of the network. We also describe a proof-of-concept implementation of a Software-Defined Radio Access Network controller for WiFi networks and a Python-based Software Development Kit leveraging the proposed abstractions. The resulting platform can be effectively leveraged in order to implement typical control tasks such as mobility management and traffic engineering as well as applications and services such as multicast video delivery and/or dynamic content caching.
{"title":"Programming Software-Defined wireless networks","authors":"R. Riggio, K. Gomez, T. Rasheed, Julius Schulz-Zander, S. Kukliński, M. Marina","doi":"10.1145/2639108.2642897","DOIUrl":"https://doi.org/10.1145/2639108.2642897","url":null,"abstract":"Programming a mobile network requires to account for multiple complex operations, such as allocating radio resources and monitoring interference. Nevertheless, the current Software-Defined Networking ecosystem provides little support for mobile networks in term of radio data-plane abstractions, controllers, and programming primitives. Starting from the consideration that WiFi is becoming an integral part of the 5G architecture, we present a set of programming abstractions modeling three fundamental aspects of a WiFi network, namely state management of wireless clients, resource provisioning, and network state collection. The proposed abstractions hide away the implementation details of the underlying wireless technology providing programmers with expressive tools to control the state of the network. We also describe a proof-of-concept implementation of a Software-Defined Radio Access Network controller for WiFi networks and a Python-based Software Development Kit leveraging the proposed abstractions. The resulting platform can be effectively leveraged in order to implement typical control tasks such as mobility management and traffic engineering as well as applications and services such as multicast video delivery and/or dynamic content caching.","PeriodicalId":268334,"journal":{"name":"10th International Conference on Network and Service Management (CNSM) and Workshop","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125839767","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-01-16DOI: 10.1109/CNSM.2014.7014181
Tianyi Xing, Zhengyang Xiong, Dijiang Huang, D. Medhi
Security has been considered as one of the top concerns in clouds. Intrusion Detection and Prevention Systems (IDPS) have been widely deployed to enhance the cloud security. Using Software-Defined Networking (SDN) approaches to enhance the system security in clouds has been recently presented in [1], [2]. However, none of existing works established a comprehensive IPS solution to reconfigure the cloud networking environment on-the-fly to counter malicious attacks. In this paper, we present an SDN-based IPS solution called SDNIPS that is a full lifecycle solution including detection and prevention in the cloud. We propose a new IDPS architecture based on Snort-based IDS and Open vSwitch (OVS). We also compare the SDN-based IPS solution with the traditional IPS approach from both mechanism analysis and evaluation. Network Reconfiguration (NR) features are designed and implemented based on the POX controller to enhance the prevention flexibility. Finally, evaluations of SDNIPS demonstrate its feasibility and efficiency over traditional approaches.
{"title":"SDNIPS: Enabling Software-Defined Networking based intrusion prevention system in clouds","authors":"Tianyi Xing, Zhengyang Xiong, Dijiang Huang, D. Medhi","doi":"10.1109/CNSM.2014.7014181","DOIUrl":"https://doi.org/10.1109/CNSM.2014.7014181","url":null,"abstract":"Security has been considered as one of the top concerns in clouds. Intrusion Detection and Prevention Systems (IDPS) have been widely deployed to enhance the cloud security. Using Software-Defined Networking (SDN) approaches to enhance the system security in clouds has been recently presented in [1], [2]. However, none of existing works established a comprehensive IPS solution to reconfigure the cloud networking environment on-the-fly to counter malicious attacks. In this paper, we present an SDN-based IPS solution called SDNIPS that is a full lifecycle solution including detection and prevention in the cloud. We propose a new IDPS architecture based on Snort-based IDS and Open vSwitch (OVS). We also compare the SDN-based IPS solution with the traditional IPS approach from both mechanism analysis and evaluation. Network Reconfiguration (NR) features are designed and implemented based on the POX controller to enhance the prevention flexibility. Finally, evaluations of SDNIPS demonstrate its feasibility and efficiency over traditional approaches.","PeriodicalId":268334,"journal":{"name":"10th International Conference on Network and Service Management (CNSM) and Workshop","volume":"26 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-01-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115949015","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: