Pub Date : 2019-11-01DOI: 10.1109/NFV-SDN47374.2019.9040097
João Aires, Paulo Duarte, Bruno Parreira, Sérgio Figueiredo
5G networks rely on effective end-to-end management and orchestration of services and resources for reaping the much-desired benefits. The Open Network Automation Platform (ONAP), proposed as a full-fledged, production-oriented framework for next-generation networks, supports the integration with business-oriented components typically found in the Telecom Operators architecture, making it a highly relevant one for R&D purposes. This paper proposes and implements a novel orchestration framework for deep vCDN services, Through phased vCDN deployment, i.e. with split Caching and Streaming components orchestration, the solution targets efficient and flexible resource usage in highly distributed 5G networks. The initial experiments and obtained results demonstrate the approach promises improved deployment and activation times of vCDN nodes, and control over resource usage in edge infrastructures, crucial for future 5G network deployments.
{"title":"Phased-vCDN Orchestration for flexible and efficient usage of 5G edge infrastructures","authors":"João Aires, Paulo Duarte, Bruno Parreira, Sérgio Figueiredo","doi":"10.1109/NFV-SDN47374.2019.9040097","DOIUrl":"https://doi.org/10.1109/NFV-SDN47374.2019.9040097","url":null,"abstract":"5G networks rely on effective end-to-end management and orchestration of services and resources for reaping the much-desired benefits. The Open Network Automation Platform (ONAP), proposed as a full-fledged, production-oriented framework for next-generation networks, supports the integration with business-oriented components typically found in the Telecom Operators architecture, making it a highly relevant one for R&D purposes. This paper proposes and implements a novel orchestration framework for deep vCDN services, Through phased vCDN deployment, i.e. with split Caching and Streaming components orchestration, the solution targets efficient and flexible resource usage in highly distributed 5G networks. The initial experiments and obtained results demonstrate the approach promises improved deployment and activation times of vCDN nodes, and control over resource usage in edge infrastructures, crucial for future 5G network deployments.","PeriodicalId":394933,"journal":{"name":"2019 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN)","volume":"74 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116703567","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-11-01DOI: 10.1109/NFV-SDN47374.2019.9040099
Shunmugapriya Ramanathan, K. Kondepu, Behzad Mirkhanzadeh, Tianliang Zhang, M. Razo, M. Tacca, L. Valcarenghi, A. Fumagalli
This demo focuses on live migration of the virtualized network functions (VNFs) in the Cloud-native radio access network (C-RAN) architecture. In C-RAN, the next-generation NodeB (gNB) is split into a radio unit (RU), a distributed unit (DU), and a central unit (CU). The CUs are connected to 5G core, and these functions are likely to be virtualized and distributed in different (micro and macro) data centers of mobile operators. Thus, a failure of VNF, supporting the connectivity among the aforementioned elements, shall be quickly identified and recovered.The demo shows the impact of virtualization technologies on live migration of RAN and Core VNFs among cloud data centers and can be used to measure the user service downtime.
{"title":"Experimental Demonstration of Live Migration Impact on Virtualized 5G Network using Federated Testbeds","authors":"Shunmugapriya Ramanathan, K. Kondepu, Behzad Mirkhanzadeh, Tianliang Zhang, M. Razo, M. Tacca, L. Valcarenghi, A. Fumagalli","doi":"10.1109/NFV-SDN47374.2019.9040099","DOIUrl":"https://doi.org/10.1109/NFV-SDN47374.2019.9040099","url":null,"abstract":"This demo focuses on live migration of the virtualized network functions (VNFs) in the Cloud-native radio access network (C-RAN) architecture. In C-RAN, the next-generation NodeB (gNB) is split into a radio unit (RU), a distributed unit (DU), and a central unit (CU). The CUs are connected to 5G core, and these functions are likely to be virtualized and distributed in different (micro and macro) data centers of mobile operators. Thus, a failure of VNF, supporting the connectivity among the aforementioned elements, shall be quickly identified and recovered.The demo shows the impact of virtualization technologies on live migration of RAN and Core VNFs among cloud data centers and can be used to measure the user service downtime.","PeriodicalId":394933,"journal":{"name":"2019 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN)","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124554715","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-11-01DOI: 10.1109/NFV-SDN47374.2019.9040044
B. Lewis, M. Broadbent, N. Race
The growth in scale and capacity of networks in recent years leads to challenges of positioning and scalability of Intrusion Detection Systems (IDS). With the flexibility afforded by programmable dataplanes, it is now possible to perform a new level of intrusion detection in switches themselves. We present P4ID, combining a rule parser, stateless and stateful packet processing using P4, and evaluate it using publicly available datasets. We show that using this technique, we can achieve a significant reduction in traffic being processed by an IDS.
{"title":"P4ID: P4 Enhanced Intrusion Detection","authors":"B. Lewis, M. Broadbent, N. Race","doi":"10.1109/NFV-SDN47374.2019.9040044","DOIUrl":"https://doi.org/10.1109/NFV-SDN47374.2019.9040044","url":null,"abstract":"The growth in scale and capacity of networks in recent years leads to challenges of positioning and scalability of Intrusion Detection Systems (IDS). With the flexibility afforded by programmable dataplanes, it is now possible to perform a new level of intrusion detection in switches themselves. We present P4ID, combining a rule parser, stateless and stateful packet processing using P4, and evaluate it using publicly available datasets. We show that using this technique, we can achieve a significant reduction in traffic being processed by an IDS.","PeriodicalId":394933,"journal":{"name":"2019 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN)","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130323870","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-11-01DOI: 10.1109/NFV-SDN47374.2019.9040030
Rhaban Hark, Divyashri Bhat, M. Zink, R. Steinmetz, Amr Rizk
Network management applications such as routing, load-balancing, or traffic forecasting, require up-to-date state information about the underlying data-plane. However, it is well known that data-plane measurements contain redundant information. In this work, we propose an approach that estimates how informative data-plane measurements are for control-plane applications that operate on such information. Using programmable data-planes, we present a novel approach on how the decision on forwarding data-plane measurements can be taken at network switches, and how this aids in filtering irrelevant monitoring information to save the controller’s computational and networking resources.
{"title":"Preprocessing Monitoring Information on the SDN Data-Plane using P4","authors":"Rhaban Hark, Divyashri Bhat, M. Zink, R. Steinmetz, Amr Rizk","doi":"10.1109/NFV-SDN47374.2019.9040030","DOIUrl":"https://doi.org/10.1109/NFV-SDN47374.2019.9040030","url":null,"abstract":"Network management applications such as routing, load-balancing, or traffic forecasting, require up-to-date state information about the underlying data-plane. However, it is well known that data-plane measurements contain redundant information. In this work, we propose an approach that estimates how informative data-plane measurements are for control-plane applications that operate on such information. Using programmable data-planes, we present a novel approach on how the decision on forwarding data-plane measurements can be taken at network switches, and how this aids in filtering irrelevant monitoring information to save the controller’s computational and networking resources.","PeriodicalId":394933,"journal":{"name":"2019 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN)","volume":"35 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126472030","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-11-01DOI: 10.1109/NFV-SDN47374.2019.9040052
Daniele Moro, Manuel Peuster, H. Karl, A. Capone
Offloading packet processing tasks to programmable switches and/or to programmable network interfaces, so called “SmartNICs”, is one of the key concepts to prepare softwarized networks for the high traffic demands of the future. However, implementing network functions that make use of those offloading technologies is still challenging and usually requires the availability of specialized hardware. It becomes even harder if heterogeneous services, making use of different offloading and network virtualization technologies, should be developed. In this paper, we introduce FOP4 (Function Offloading Prototyping with P4), a novel prototyping platform that allows to prototype heterogeneous software network scenarios, including container-based, P4-switch-based, and SmartNIC-based network functions. The presented work substantially extends our existing Containernet platform with the means to prototype offloading scenarios. Besides presenting the platform’s system design, we evaluate its scalability and show that it can run scenarios with more than 64 P4 switch or SmartNIC nodes on a single laptop. Finally, we presented a case study in which we use the presented platform to prototype an extended in-band network telemetry use case.
{"title":"FOP4: Function Offloading Prototyping in Heterogeneous and Programmable Network Scenarios","authors":"Daniele Moro, Manuel Peuster, H. Karl, A. Capone","doi":"10.1109/NFV-SDN47374.2019.9040052","DOIUrl":"https://doi.org/10.1109/NFV-SDN47374.2019.9040052","url":null,"abstract":"Offloading packet processing tasks to programmable switches and/or to programmable network interfaces, so called “SmartNICs”, is one of the key concepts to prepare softwarized networks for the high traffic demands of the future. However, implementing network functions that make use of those offloading technologies is still challenging and usually requires the availability of specialized hardware. It becomes even harder if heterogeneous services, making use of different offloading and network virtualization technologies, should be developed. In this paper, we introduce FOP4 (Function Offloading Prototyping with P4), a novel prototyping platform that allows to prototype heterogeneous software network scenarios, including container-based, P4-switch-based, and SmartNIC-based network functions. The presented work substantially extends our existing Containernet platform with the means to prototype offloading scenarios. Besides presenting the platform’s system design, we evaluate its scalability and show that it can run scenarios with more than 64 P4 switch or SmartNIC nodes on a single laptop. Finally, we presented a case study in which we use the presented platform to prototype an extended in-band network telemetry use case.","PeriodicalId":394933,"journal":{"name":"2019 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN)","volume":"24 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114513999","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-11-01DOI: 10.1109/NFV-SDN47374.2019.9040000
Ali Mohammadkhan, Sourav Panda, Sameer G. Kulkarni, K. Ramakrishnan, L. Bhuyan
Software Defined Networking (SDN) and Network Function Virtualization (NFV) are transforming Data Center (DC), Telecom, and enterprise networking. The programmability offered by P4 enables SDN to be more protocol-independent and flexible. Data Centers are increasingly adopting SmartNICs (sNICs) to accelerate packet processing that can be leveraged to support packet processing pipelines and custom Network Functions (NFs). However, there are several challenges in integrating and deploying P4 based SDN control as well as host and sNIC-based programmable NFs. These include configuration and management of the data plane components (Host and sNIC P4 switches) for the SDN control plane and effective utilization of data plane resources. P4NFV addresses these concerns and provides a unified P4 switch abstraction framework to simplify the SDN control plane, reducing management complexities, and leveraging a host-local SDN Agent to improve the overall resource utilization. The SDN agent considers the network-wide, host, and sNIC specific capabilities and constraints. Based on workload and traffic characteristics, P4NFV determines the partitioning of the P4 tables and optimal placement of NFs (P4 actions) to minimize the overall delay and maximize resource utilization. P4NFV uses Mixed Integer Linear Programming (MILP) based optimization formulation and achieves up to 2. 5X increase in system capacity while minimizing the delay experienced by flows. P4NFV considers the number of packet exchanges, flow size, and state dependency to minimize the delay imposed by data transmission over PCI Express interface.
{"title":"P4NFV: P4 Enabled NFV Systems with SmartNICs","authors":"Ali Mohammadkhan, Sourav Panda, Sameer G. Kulkarni, K. Ramakrishnan, L. Bhuyan","doi":"10.1109/NFV-SDN47374.2019.9040000","DOIUrl":"https://doi.org/10.1109/NFV-SDN47374.2019.9040000","url":null,"abstract":"Software Defined Networking (SDN) and Network Function Virtualization (NFV) are transforming Data Center (DC), Telecom, and enterprise networking. The programmability offered by P4 enables SDN to be more protocol-independent and flexible. Data Centers are increasingly adopting SmartNICs (sNICs) to accelerate packet processing that can be leveraged to support packet processing pipelines and custom Network Functions (NFs). However, there are several challenges in integrating and deploying P4 based SDN control as well as host and sNIC-based programmable NFs. These include configuration and management of the data plane components (Host and sNIC P4 switches) for the SDN control plane and effective utilization of data plane resources. P4NFV addresses these concerns and provides a unified P4 switch abstraction framework to simplify the SDN control plane, reducing management complexities, and leveraging a host-local SDN Agent to improve the overall resource utilization. The SDN agent considers the network-wide, host, and sNIC specific capabilities and constraints. Based on workload and traffic characteristics, P4NFV determines the partitioning of the P4 tables and optimal placement of NFs (P4 actions) to minimize the overall delay and maximize resource utilization. P4NFV uses Mixed Integer Linear Programming (MILP) based optimization formulation and achieves up to 2. 5X increase in system capacity while minimizing the delay experienced by flows. P4NFV considers the number of packet exchanges, flow size, and state dependency to minimize the delay imposed by data transmission over PCI Express interface.","PeriodicalId":394933,"journal":{"name":"2019 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN)","volume":"169 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122061462","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-11-01DOI: 10.1109/nfv-sdn47374.2019.9040123
{"title":"NFV-SDN 2019 Technical Program Committee","authors":"","doi":"10.1109/nfv-sdn47374.2019.9040123","DOIUrl":"https://doi.org/10.1109/nfv-sdn47374.2019.9040123","url":null,"abstract":"","PeriodicalId":394933,"journal":{"name":"2019 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN)","volume":"73 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124673428","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-11-01DOI: 10.1109/NFV-SDN47374.2019.9039980
Jorge Medina, Nicolae Paladi, P. Arlos
OpenFlow flow tables in Open vSwitch contain valuable information about installed flows, priorities, packet actions and routing policies. Their importance is emphasized when collocated tenants compete for the limited entries available to install flow rules. OpenFlow flow tables are a security asset that requires confidentiality and integrity guarantees. However, commodity software switch implementations - such as Open vSwitch - do not implement protection mechanisms capable to prevent attackers from obtaining information about the installed flows or modifying flow tables. We adopt a novel approach to enabling OpenFlow flow table protection through decomposition. We identify core assets requiring security guarantees, isolate OpenFlow flow tables through decomposition and implement a prototype using Open vSwitch and Software Guard Extensions enclaves. An evaluation of the prototype on a distributed testbed both demonstrates that the approach is practical and indicates directions for further improvements.
Open vSwitch中的OpenFlow流表包含有关已安装流、优先级、数据包动作和路由策略的宝贵信息。当分配的租户竞争可用于安装流规则的有限条目时,它们的重要性得到了强调。OpenFlow流表是一种安全资产,需要保密性和完整性保证。然而,商品软件交换机实现(例如Open vSwitch)没有实现能够阻止攻击者获取有关已安装流或修改流表的信息的保护机制。我们采用一种新颖的方法通过分解实现OpenFlow流表保护。我们确定需要安全保证的核心资产,通过分解隔离OpenFlow流表,并使用Open vSwitch和Software Guard Extensions enclaves实现原型。在分布式测试平台上对原型进行了评估,既证明了该方法的实用性,又指出了进一步改进的方向。
{"title":"Protecting OpenFlow using Intel SGX","authors":"Jorge Medina, Nicolae Paladi, P. Arlos","doi":"10.1109/NFV-SDN47374.2019.9039980","DOIUrl":"https://doi.org/10.1109/NFV-SDN47374.2019.9039980","url":null,"abstract":"OpenFlow flow tables in Open vSwitch contain valuable information about installed flows, priorities, packet actions and routing policies. Their importance is emphasized when collocated tenants compete for the limited entries available to install flow rules. OpenFlow flow tables are a security asset that requires confidentiality and integrity guarantees. However, commodity software switch implementations - such as Open vSwitch - do not implement protection mechanisms capable to prevent attackers from obtaining information about the installed flows or modifying flow tables. We adopt a novel approach to enabling OpenFlow flow table protection through decomposition. We identify core assets requiring security guarantees, isolate OpenFlow flow tables through decomposition and implement a prototype using Open vSwitch and Software Guard Extensions enclaves. An evaluation of the prototype on a distributed testbed both demonstrates that the approach is practical and indicates directions for further improvements.","PeriodicalId":394933,"journal":{"name":"2019 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN)","volume":"40 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129399267","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-11-01DOI: 10.1109/nfv-sdn47374.2019.9039954
{"title":"NFV-SDN 2019 Table of Contents","authors":"","doi":"10.1109/nfv-sdn47374.2019.9039954","DOIUrl":"https://doi.org/10.1109/nfv-sdn47374.2019.9039954","url":null,"abstract":"","PeriodicalId":394933,"journal":{"name":"2019 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN)","volume":"41 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131340610","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-11-01DOI: 10.1109/nfv-sdn47374.2019.9040156
{"title":"NFV-SDN 2019 Organizing Committee","authors":"","doi":"10.1109/nfv-sdn47374.2019.9040156","DOIUrl":"https://doi.org/10.1109/nfv-sdn47374.2019.9040156","url":null,"abstract":"","PeriodicalId":394933,"journal":{"name":"2019 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN)","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123015909","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: