To see the other types of publications on this topic, follow the link: SOFTWARE DEFINED NETWORK (SDN).
Dissertations / Theses on the topic 'SOFTWARE DEFINED NETWORK (SDN)'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 dissertations / theses for your research on the topic 'SOFTWARE DEFINED NETWORK (SDN).'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse dissertations / theses on a wide variety of disciplines and organise your bibliography correctly.
1
Wiklund, Petter. "SDN : Software defined networks." Thesis, Umeå universitet, Institutionen för tillämpad fysik och elektronik, 2014. http://urn.kb.se/resolve?urn=urn:nbn:se:umu:diva-91891.
Full textAbstract:
This report is a specialization in Software defined networking. SDN really comes to revolutionize the industry and it’s under constant development. But is the technology ready to be launched into operation yet? The report would initially involve a number of problems that today's network technology is facing. It then follows a deeper description of what this software-based networking technology really is and how it works. Further, the technique is being tested in a lab assignment, using a program that builds a test virtual network with support for SDN, called Mininet. The final part summarizes and analyzes this information to see what it really means for today's networking technology and those who work with it.
2
Pitzus, Antonio. "SDN : Software Defined Networking." Bachelor's thesis, Alma Mater Studiorum - Università di Bologna, 2017. http://amslaurea.unibo.it/14006/.
Full textAbstract:
In un periodo in cui tutto si evolve rapidamente, il settore delle telecomunicazioni sta assistendo alla crescita esponenziale del numero di dispositivi mobili costantemente connessi alla rete; ciò richiede la necessità di un nuovo modo di gestire le reti.
La nuova visione che sta maturando in questi ultimi tempi è quella di adottare un modello di rete dinamico, flessibile e soprattutto affidabile e che non richieda grossi sforzi di manutenzione o l’installazione di ulteriori hardware da parte degli operatori.
Una rete con queste caratteristiche può essere sviluppata grazie ad un modello architetturale innovativo come il Software Defined Networking (SDN) e ad un nuovo modo di sfruttare le funzionalità degli apparati di rete come la Network Function Virtualization (NFV), la quale è a sua volta un processo di virtualizzazione delle funzionalità di rete svolte da apparati di telecomunicazione fisici.
Questi due concetti sono strettamente legati tra loro e possono comportare particolari vantaggi se applicati contemporaneamente, ma sono di per sè indipendenti.
Software Defined Networking (SDN) è un’ architettura utilizzata per la realizzazione di reti di telecomunicazione nelle quali il piano di controllo della rete e quello del trasporto dei dati sono separati logicamente.
La Network Function Virtualization (NFV) è il processo di virtualizzazione delle funzionalità di rete svolte da apparati di telecomunicazione fisici.
Un ultimo aspetto da trattare riguarda la comunicazione del controller SDN di alto e basso livello.
La comunicazione di alto livello, ovvero quella con i software applicativi è consentita grazie alle NBI (North-Bound Interfaces), mentre quella di basso livello, ovvero con i dispositivi hardware è consentita grazie alle SBI (South-Bound Interfaces).
Queste due interfacce riescono a soddisfare le richieste del controller SDN grazie all' applicazione del paradigma Intent NBI, di tipo dichiarativo, non prescrittivo e indipendente dal fornitore.
3
Tseng, Yuchia. "Securing network applications in software defined networking." Electronic Thesis or Diss., Sorbonne Paris Cité, 2018. http://www.theses.fr/2018USPCB036.
Full textAbstract:
Suite à l'introduction de divers services Internet, les réseaux informatiques ont été reconnus comme ayant joué un rôle essentiel dans la vie moderne au cours du dernier demi-siècle. Le développement rapide et la convergence des technologies informatiques et de communication créent le besoin de connecter divers périphériques avec différents systèmes d'exploitation et protocoles. Il en résulte de nombreux défis pour fournir une intégration transparente d'une grande quantité de dispositifs physiques ou d'entités hétérogènes. Ainsi, les réseaux définis par logiciel (Software Defined Networks, SDN) en tant que paradigme émergent ont le potentiel de révolutionner la gestion des réseaux en centralisant le contrôle et la visibilité globale sur l'ensemble du réseau. Cependant, les problèmes de sécurité demeurent une préoccupation importante et empêchent l'adoption généralisée du SDN. Pour identifier les menaces, nous avons effectué une analyse en 3 dimensions pour évaluer la sécurité de SDN. Dans cette analyse, nous avons repris 9 principes de sécurité pour le contrôleur SDN et vérifié la sécurité des contrôleurs SDN actuels avec ces principes. Nous avons constaté que les contrôleurs SDN, ONOS et OpenContrail sont relativement plus sécurisés que les autres selon notre méthodologie d'analyse. Nous avons également trouvé le besoin urgent d'atténuer le problème d'injection d'applications malveillantes. Par conséquent, nous avons proposé une couche d'amélioration de la sécurité (Security-enhancing layer, couche SE) pour protéger l'interaction entre le plan de contrôle et le plan d’application. Cette couche SE est indépendante du contrôleur et peut fonctionner avec OpenDaylight, ONOS, Floodlight, Ryu et POX, avec une faible complexité de déploiement. Aucune modification de leurs codes sources n'est requise dans leur mise en œuvre alors que la sécurité globale du contrôleur SDN est améliorée. Le prototype I, Controller SEPA, protège le contrôleur SDN avec l'authentification de l'application réseau, l'autorisation, l'isolation des applications et le blindage de l'information avec un coût additionnel négligeable de moins de 0,1% à 0,3%. Nous avons développé le prototype II de la couche SE, appelé Controller DAC, qui rend dynamique le contrôle d'accès. Le controller DAC peut détecter l'utilisation abusive de l'API en comptabilisant les opérations de l'application réseau avec un coût additionnel inférieure à 0,5%. Grâce à cette couche SE, la sécurité globale du contrôleur SDN est améliorée mais avec un coût additionnel inférieure à 0,5%. De plus, nous avons tenté de fournir un framework de déploiement d'application réseau sécurisé pour le contrôleur SDN avec un orchestrateur. Tout d'abord, nous avons sécurisé le contrôleur SDN en utilisant la file d'attente de messages pour remplacer les interfaces populaires actuelles, y compris les RESTful APIs et les APIs internes, à l'aide d'une interface orientée événement décomposable. Avec cette nouvelle interface northbound, l'orchestrateur peut déployer les applications réseau dans le bac à sable(sanbox) avec contrôle des ressources et contrôle d'accès. Cette approche peut efficacement protéger contre les menaces, qui incluent les attaques d'épuisement des ressources (Resource exhaustion attacks) et le traitement des données sur le contrôleur SDN actuel. Nous avons également implémenté une application réseau déployée par l'orchestrateur pour détecter une attaque spécifique à OpenFlow, appelée attaque par contournement de priorité, pour évaluer l'utilité de l'interface norttbound. À long terme, le temps de traitement d'un message packet_in dans cette interface est inférieur à cinq millisecondes mais l'application réseau peut être complètement découplée et isolée du contrôleur SDN.The rapid development and convergence of computing technologies and communications create the need to connect diverse devices with different operating systems and protocols. This resulted in numerous challenges to provide seamless integration of a large amount of heterogeneous physical devices or entities. Hence, Software-defined Networks (SDN), as an emerging paradigm, has the potential to revolutionize the legacy network management and accelerate the network innovation by centralizing the control and visibility over the network. However, security issues remain a significant concern and impede SDN from being widely adopted.To identity the threats that inherent to SDN, we conducted a deep analysis in 3 dimensions to evaluate the security of the proposed architecture. In this analysis, we summarized 9security principles for the SDN controller and checked the security of the current well-known SDN controllers with those principles. We found that the SDN controllers, namely ONOS and OpenContrail, are relatively two more secure controllers according to our conducted methodology. We also found the urgent need to integrate the mechanisms such as connection verification, application-based access control, and data-to-control traffic control for securely implementing a SDN controller. In this thesis, we focus on the app-to-control threats, which could be partially mitigated by the application-based access control. As the malicious network application can be injected to the SDN controller through external APIs, i.e., RESTful APIs, or internal APIs, including OSGi bundles, Java APIs, Python APIs etc. In this thesis, we discuss how to protect the SDN controller against the malicious operations caused by the network application injection both through the external APIs and the internal APIs. We proposed a security-enhancing layer (SE-layer) to protect the interaction between the control plane and the application plane in an efficient way with the fine-grained access control, especially hardening the SDN controller against the attacks from the external APIs. This SE-layer is implemented in the RESTful-based northbound interfaces in the SDN controller and hence it is controller-independent for working with most popular controllers, such as OpenDaylight, ONOS, Floodlight, Ryu and POX, with low deployment complexity. No modifications of the source codes are required in their implementations while the overall security of the SDN controller is enhanced. Our developed prototype I, Controller SEPA, protects well the SDN controller with network application authentication, authorization, application isolation, and information shielding with negligible latency from less than 0.1% to 0.3% for protecting SDN controller against the attacks via external APIs, i.e, RESTful APIs. We developed also the SE-layer prototype II, called Controller DAC, which makes dynamic the access control. Controller DAC can detect the API abuse from the external APIs by accounting the network application operation with latency less than 0.5%. Thanks to this SE-layer, the overall security of the SDN controller is improved but with a latency of less than 0.5%. However, the SE-layer can isolate the network application to communicate the controller only through the RESTful APIs. However, the RESTful APIs is insufficient in the use cases which needs the real-time service to deliver the OpenFlow messages. Therefore, we proposed a security-enhancing architecture for securing the network application deployment through the internal APIs in SDN, with a new SDN architecture dubbed SENAD. In SENAD, we split the SDN controller in: (1) a data plane controller (DPC), and (2) an application plane controller (APC) and adopt the message bus system as the northbound interface instead of the RESTful APIs for providing the service to deliver the OpenFlow messages in real-time. (...)
4
Shahzad, Syed Amir. "Route aggregation in Software-defined Networks." Thesis, KTH, Radio Systems Laboratory (RS Lab), 2013. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-123977.
Full textAbstract:
Software-defined Networking (SDN) is an emerging trend in communication networks that facilitates decoupling the control and data plane of multilayer switches. A logically centralized controller hosted on a server configures the forwarding tables (flow tables) of switches in order to route the various data flows. To implement SDN, OpenFlow technology has been adopted by packet switching vendors as it provides increased flexibility for the control and management of a packet switched domain. OpenFlow technology provides flow based switching that is controlled by a network management control application running in an OpenFlow controller. In this thesis work we investigate how an OpenFlow Controller communicates with a legacy network via the OSPF routing protocol, how the size of the OpenFlow network effects the resources (memory and CPU) of a legacy router to whom the controller communicates. Also we examine bandwidth utilization of the link (between the OpenFlow network and legacy router). The main goal of this thesis is to find methods to reduce the consumption of resources of a legacy router. This study shows that the size of OpenFlow network directly affects the usage of the link’s bandwidth, and the memory and CPU usage of a legacy router. Aggregated information from the OpenFlow controller which is sent towards the legacy router can reduce the utilization of these resources. Finally we proposed several algorithms and design models that can be implemented for route aggregation in Software-defined Networks. Implementation of the solutions suggested in this thesis will allow automatic route aggregation in SDN. ISPs deploying SDN architecture could benefit from the proposed design models and route aggregation solution.Software-definierade nätverk (SDN) är en framväxande trend i kommunikationsnät som underlättar frikoppling kontroll och uppgifter plan flerskiktade switchar. Ett logiskt centraliserad styrenhet på en server konfigurerar vidarebefordran tabeller (flödestabeller) av växlar för att dirigera de olika dataflöden. För att genomföra SDN har OpenFlow teknik har antagits av paketförmedlande leverantörer eftersom det ger ökad flexibilitet för kontroll och förvaltning av en påslagen paket domän. OpenFlow teknik ger flöde baserad omkoppling som styrs av ett nätverk ledningens kontroll som körs i en OpenFlow controller. I detta examensarbete undersöker vi hur en OpenFlow Controller kommunicerar med ett äldre nätverk via OSPF routing protokoll, hur storleken på OpenFlow nätverkseffekter de resurser (minne och CPU) av en äldre router till vilken styrenheten kommunicerar. Också vi undersöker bandbreddsutnyttjandet av sambandet (mellan OpenFlow nätverket och äldre router). Det huvudsakliga målet med detta examensarbete är att hitta metoder för att minska konsumtionen av resurser från en äldre router. Denna studie visar att storleken på OpenFlow nätverk direkt påverkar användningen av länkens bandbredd och minne och CPU-användning av en äldre router. Samlad information från OpenFlow styrenhet som sändes mot äldre router kan minska utnyttjandet av dessa resurser. Slutligen föreslog vi flera algoritmer och modeller konstruktion som kan genomföras för route aggregation i Software Defined-nätverk. Genomförandet av de lösningar som föreslås i denna avhandling kommer att möjliggöra automatisk route aggregation i SDN. Internetleverantörer distribuerar SDN arkitektur kunde dra nytta av den föreslagna utformningen modeller och route aggregation lösning.
5
Andersson, Peter, and Robin Blomqvist. "Software Defined Network : Med openflow." Thesis, Mittuniversitetet, Avdelningen för informations- och kommunikationssystem, 2016. http://urn.kb.se/resolve?urn=urn:nbn:se:miun:diva-28597.
Full textAbstract:
Detta projekt har haft som mål att skapa ett redundant SDN-nätverk som ska ligga som grund för ett fiktivt företag. Företeaget ska kunna använda nätverket som vi bygger upp för att vidareutveckla detta och anpassa det efter verksamhetens behov. Nätverket byggs upp med mininet som används för att simulera en nätverksmiljö. Det fiktiva företaget ska sedan bara kunna lyfta ut nätverket från mininet ut till ett riktigt nätverk. Nätverkets funktioner, såsom protokollen STP och LACP implementeras med hjälp av programmeringsspråket python.The goal for this project is to setup a redundant Software Defined Network for a fictive company. The company should be able to use the network for future network extension. The network will be built in mininet. Mininet is a software that is used to simulate a real network environment. The company should also be able to take the simulated network in mininet and implement it in to a real network. The protocols STP and LACP are implemented in the network by means of the programming language python.
6
Kim, Hyojoon. "Facilitating dynamic network control with software-defined networking." Diss., Georgia Institute of Technology, 2015. http://hdl.handle.net/1853/53939.
Full textAbstract:
This dissertation starts by realizing that network management is a very complex and error-prone task. The major causes are identified through interviews and systematic analysis of network config- uration data on two large campus networks. This dissertation finds that network events and dynamic reactions to them should be programmatically encoded in the network control program by opera- tors, and some events should be automatically handled for them if the desired reaction is general. This dissertation presents two new solutions for managing and configuring networks using Software- Defined Networking (SDN) paradigm: Kinetic and Coronet. Kinetic is a programming language and central control platform that allows operators to implement traffic control application that reacts to various kinds of network events in a concise, intuitive way. The event-reaction logic is checked for correction before deployment to prevent misconfigurations. Coronet is a data-plane failure recovery service for arbitrary SDN control applications. Coronet pre-plans primary and backup routing paths for any given topology. Such pre-planning guarantees that Coronet can perform fast recovery when there is failure. Multiple techniques are used to ensure that the solution scales to large networks with more than 100 switches. Performance and usability evaluations show that both solutions are feasible and are great alternative solutions to current mechanisms to reduce misconfigurations.
7
Tammana, Praveen Aravind Babu. "Software-defined datacenter network debugging." Thesis, University of Edinburgh, 2018. http://hdl.handle.net/1842/31326.
Full textAbstract:
Software-defined Networking (SDN) enables flexible network management, but as networks evolve to a large number of end-points with diverse network policies, higher speed, and higher utilization, abstraction of networks by SDN makes monitoring and debugging network problems increasingly harder and challenging. While some problems impact packet processing in the data plane (e.g., congestion), some cause policy deployment failures (e.g., hardware bugs); both create inconsistency between operator intent and actual network behavior. Existing debugging tools are not sufficient to accurately detect, localize, and understand the root cause of problems observed in a large-scale networks; either they lack in-network resources (compute, memory, or/and network bandwidth) or take long time for debugging network problems. This thesis presents three debugging tools: PathDump, SwitchPointer, and Scout, and a technique for tracing packet trajectories called CherryPick. We call for a different approach to network monitoring and debugging: in contrast to implementing debugging functionality entirely in-network, we should carefully partition the debugging tasks between end-hosts and network elements. Towards this direction, we present CherryPick, PathDump, and SwitchPointer. The core of CherryPick is to cherry-pick the links that are key to representing an end-to-end path of a packet, and to embed picked linkIDs into its header on its way to destination. PathDump is an end-host based network debugger based on tracing packet trajectories, and exploits resources at the end-hosts to implement various monitoring and debugging functionalities. PathDump currently runs over a real network comprising only of commodity hardware, and yet, can support surprisingly a large class of network debugging problems with minimal in-network functionality. The key contributions of SwitchPointer is to efficiently provide network visibility to end-host based network debuggers like PathDump by using switch memory as a "directory service" - each switch, rather than storing telemetry data necessary for debugging functionalities, stores pointers to end hosts where relevant telemetry data is stored. The key design choice of thinking about memory as a directory service allows to solve performance problems that were hard or infeasible with existing designs. Finally, we present and solve a network policy fault localization problem that arises in operating policy management frameworks for a production network. We develop Scout, a fully-automated system that localizes faults in a large scale policy deployment and further pin-points the physical-level failures which are most likely cause for observed faults.
8
Liver, Toma, and Mohammed Darian. "Soft Migration from Traditional to Software Defined Networks." Thesis, Mälardalens högskola, Akademin för innovation, design och teknik, 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:mdh:diva-44265.
Full textAbstract:
The concept of Software Defined Networking (SDN) may be a way to face the fast growing computer network infrastructure with its demands and requirements. The concept is attracting the interest of enterprises to expand their respective network infrastructures, but one has to consider the impacts of migrating from an existing network infrastructure to an SDN network. One way that could minimize the impacts is to proceed a soft migration from a traditional IP network to SDN, creating what is so called a heterogeneous network. Instead of fully replacing the network infrastructure and face the impacts of it, the idea of the soft migration is to replace a part of it with an environment of SDN and examine the performance of it. This thesis work will analyze the performance of a network consisting of a traditional IP network combined with SDN. It is essential during this work to identify the differences in performance when having a heterogeneous network in comparison with having a dedicated traditional IP network. Therefore, the questions that will be addressed during this thesis work is to examine how such a heterogeneous network can be designed and measure the performance of it in terms of throughput, jitter and packet losses. By the method of experimentation and the studying of related works of the SDN fundamentals, we hope to achieve our goals with this thesis work, to give us and the reader a clearer insight.
9
Abou, El Houda Zakaria. "Security Enforcement through Software Defined Networks (SDN)." Thesis, Troyes, 2021. http://www.theses.fr/2021TROY0023.
Full textAbstract:
La conception originale d'Internet n'a pas pris en compte les aspects de sécurité du réseau, l’objectif prioritaire était de faciliter le processus de communication. Par conséquent, de nombreux protocoles de l'infrastructure Internet exposent un ensemble de vulnérabilités. Ces dernières peuvent être exploitées par les attaquants afin de mener un ensemble d’attaques. Les attaques par déni de service distribué (DDoS) représentent une grande menace; DDoS est l'une des attaques les plus dévastatrices causant des dommages collatéraux aux opérateurs de réseau ainsi qu'aux fournisseurs de services Internet. Les réseaux programmables (SDN) ont émergé comme un nouveau paradigme promettant de résoudre les limitations de l’architecture réseau actuelle en découplant le plan de contrôle du plan de données. D'une part, cette séparation permet un meilleur contrôle du réseau et apporte de nouvelles capacités pour mitiger les attaques par DDoS. D'autre part, cette séparation introduit de nouveaux défis en matière de sécurité du plan de contrôle. L’enjeu de cette thèse est double. D'une part, étudier et explorer l’apport du SDN à la sécurité afin de concevoir des solutions efficaces qui vont mitiger plusieurs vecteurs d’attaques. D'autre part, protéger le SDN contre ces attaques. À travers ce travail de recherche, nous contribuons à la mitigation des attaques par déni de service distribué sur deux niveaux (intra et inter-domaine), et nous contribuons au renforcement de la sécurité dans le SDNThe original design of Internet did not take into consideration security aspects of the network; the priority was to facilitate the process of communication. Therefore, many of the protocols that are part of the Internet infrastructure expose a set of vulnerabilities that can be exploited by attackers to carry out a set of attacks. Distributed Denial-of-Service (DDoS) represents a big threat and one of the most devastating and destructive attacks plaguing network operators and Internet service providers (ISPs) in stealthy way. Software defined networks (SDN) is an emerging technology that promises to solve the limitations of the conventional network architecture by decoupling the control plane from the data plane. On one hand, the separation of the control plane from the data plane allows for more control over the network and brings new capabilities to deal with DDoS attacks. On the other hand, this separation introduces new challenges regarding the security of the control plane. This thesis aims to deal with DDoS attacks while protecting the resources of the control plane. In this thesis, we contribute to the mitigation of both intra-domain and inter-domain DDoS attacks, and we contribute to the reinforcement of security aspects in SDN
10
Al-Ani, Layth. "Integrating IP Protocol Into Optical Networks by Using Software-defined Network (SDN)." Thesis, Université d'Ottawa / University of Ottawa, 2015. http://hdl.handle.net/10393/33010.
Full textAbstract:
The Internet, with cloud computing, offers amazing services that require a fast, intelligent, reliable network connection. Current networks, electrical or optical, need to work together to provide the user with a high-quality connection. The IP protocol as Layer 3 and an optical network as Layer 2 need to talk to each other and help each other instead of working separately. Therefore, this thesis proposes using software-defined network (SDN) technology for integrating the IP protocol into an optical network to fill the gap between the two layers and to give the network more intelligence and flexibility for new connection requests, choosing the best route, and monitoring the network. A two-layer SDN centralized controller design has been used. The Layer 1 SDN controller is the centralized controller that connects and updates all Layer 2 SDN controllers which control traffic in each domain. New connection requests are processed in the SDN controller and the traffic is forwarded by the optical network. SDN technology and the integration of IP into the optical network promise to enhance network connectivity.
11
Bispo, Pedro José Neves. "A software defined network controller quantitative and qualitative analysis." Master's thesis, Universidade de Aveiro, 2017. http://hdl.handle.net/10773/23475.
Full textAbstract:
Mestrado em Engenharia Eletrónica e TelecomunicaçõesNew challenges are being raised in the networking field with the increasing number of connected devices. The growth of mobile data usage has to be considered as a requirement for the deployment of future 5G networks, especially regarding mobility scenarios. Software-Defined Networking (SDN) enables a greater degree of dynamism and simplification for the deployment of those 5G networks. SDN provides the separation of the control plane from the forwarding plane, allowing more control, adaptability and cost reduction. The growth of SDN integration in new mechanisms and network architectures led to the development of different controller solutions, with a wide variety of characteristics. Several SDN controllers exist, which originated from the different needs of operators and research teams. That resulted in the development of their own controller versions, which made comparison efforts more difficult. As such, this work provides a wider study of several open-source controllers, (namely, OpenDaylight (ODL), Open Network Operative System (ONOS), Ryu and POX), by evaluating not only their performance, but also their characteristics in a qualitative way. Taking performance as a critical issue among SDN controllers, several criteria were evaluated by benchmarking the controllers under different operational conditions, using the Cbench tool. Results are presented regarding both qualitative and quantitative comparisons between those SDN controllers under test.
Com o aumento do número de dispositivos ligados em rede, surgem novos desafios no ramo das redes. A necessidade de acompanhar o crescimento da utilização de dados móveis é um dos requisitos a ter em conta nas futuras redes 5G (5a Geração), sobretudo em cenários de mobilidade. As redes controladas por software (do inglês, Software-Defined Networking (SDN)) permitem a simplificação e dinamismo necessários à criação das referidas redes 5G. As SDNs promovem ainda a separação do plano de controlo do plano de dados, permitindo um maior controlo, adaptabilidade e redução de custos. O crescimento da tecnologia SDN levou ao desenvolvimento de diferentes controladores, com diferentes características. Existem vários controladores SDN, com origem em diferentes necessidades dos operadores e equipas de investigação. Este desenvolvimento individualizado tornou as comparações entre os controladores mais difíceis. Deste modo, o trabalho desenvolvido fornece um estudo mais abrangente de vários controladores open-source (OpenDaylight (ODL), Open Network Operative System (ONOS), Ryu and POX), avaliando não só a sua performance como as suas características de uma forma qualitativa. Considerando a performance crucial nos controladores SDN, foram considerados vários critérios na avaliação dos controladores sob diferentes circunstâncias, utilizando a ferramenta Cbench. Os resultados apresentados são relativos à comparação qualitativa e quantitativa dos controladores em teste.
12
Nevala, Christian. "Mobility management for software defined wireless sensor networks." Thesis, Mälardalens högskola, Akademin för innovation, design och teknik, 2016. http://urn.kb.se/resolve?urn=urn:nbn:se:mdh:diva-31936.
Full textAbstract:
By advancing technologies in both hardware and software, it is possible to support more complex applications. Wireless Sensor Networks (WSNs) comprised of tiny sensing devices with wireless radios are the key enablers for future Internet of Things(IoT) applications, where collecting measurements and delivering them to their destination is the most important task. In traditional sensor networks, sensor nodes were typically stationary and each node periodically measured and sent data to the next predefined router. However, in current applications, some nodes are expected to move. For instance, in health monitoring applications, where patients with sensors attached to their body are free to move in the hospital or their houses. Software Defined Networking (SDN) is a technique that was conventionally used in wired networks, and recently was used in some wireless networks, such as cellular and wireless local area networks. The idea of SDN is to provide more flexibility in the network by getting the advantage of re-programmability of the network devices during run-time. In networks based on SDN, the control plane is shifted from the infrastructure to a higher level in order to provide re-configuration. The controller decides on updating forwarding rules by getting some feedback from nodes in the network. In wireless sensor networks, the feedback may contain information related to the link quality and available resources such as battery level and the location of the sensor node (number of hops away from the sink). In this thesis, a study ofseveral relevant SDN-based architectures for wireless sensor networks is given, outlining the main advantages and disadvantages for each. In addition, some mobility solutions in sensor networks such as localization, routing and hand-off algorithms are explored. One of the drawbacks with SDN is that it was originally built for wired networks there experience with mobility does not exist. Thus the thesis considers the possibility to use SDN solutions in WSN were certain applications are in need of mobility. Finally, the thesis propose mobility solution for sensor networks that takes advantage of SDN and uses a handoff algorithm. In fact, the hand-off mechanism is achieved by means of control message exchanges that is supervised by the controller.
13
Rotsos, Charalampos. "Improving network extensibility and scalability through SDN." Thesis, University of Cambridge, 2015. https://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.709033.
Full text
14
Maricato, José Miguel Duarte. "Software defined access networks." Master's thesis, Universidade de Aveiro, 2016. http://hdl.handle.net/10773/17212.
Full textAbstract:
Mestrado em Engenharia Electr onica e Telecomunica c~oesWith the increase of internet usage and the exponential growth of bandwidth consumption due to the increasing number of users of new generation equipments and the creation of new services that consume increasingly higher bandwidths, it's necessary to nd solutions to meet these new requirements. Passive optical networks (PONs) promise to solve these problems by providing a better service to users and providers. PON networks are very attractive since they don't depend on active elements between their end points, leading to lower maintenance costs and better operational e ciency. PON technologies addressed in this dissertation are the G-PON (Gigabit PON), currently standardized and implemented in access networks across the world, and the NG-PON2 (Next-Generation PON 2), which is the next step on access networks evolution and is currently on the process of study and standardization. The NG-PON2 must co-exist on the same optical distribution network of the G-PON, so it re-utilizes the already built infrastructures and consequently protect providers initial investment. Software De ned Networks (SDN) is an emerging architecture that decouples network control and forwarding functions from the hardware they belong, making possible for network control to be programmable, enabling the implementation of solutions capable of solving the increasing complexity of the networks problem and the creation of innovative services. The study main focus is the SDN as an enabling mechanism for network elements virtualization. In this dissertation is studied the G-PON and NG-PON2 architectures in the context of the ITU-T G.984.x and G.989.x recommendations respectively, and the study of the SDN technology through documentation available online. And based on the studies made it's going to be proposed a server architecture that enables the control of G-PON and NG-PON2 infrastructure elements, introducing virtualization SDN concepts on access networks.
Com o crescimento da utiliza c~ao da Internet e o consumo de largura de banda a crescer exponencialmente devido ao crescente n umero de utilizadores de equipamentos de nova gera c~ao e a cria c~ao de novos servi cos que consomem cada vez maiores larguras de banda, e necess ario encontrar solu c~oes para satisfazer estes novos requisitos. As redes opticas passivas (PON) prometem solucionar esses problemas, oferecendo um melhor servi co aos utilizadores e provedores. As redes PON s~ao muito atrativas pois n~ao dependem de elementos ativos entre os seus pontos terminais, resultando em baixos custos de manuten c~ao e uma maior e ci^encia de opera c~oes. As tecnologias PON abordadas nesta disserta c~ao s~ao o G-PON (Gigabit PON), actualmente padronizada e implementada nas redes de accesso pelo mundo, e o NG-PON2 (Next-Generation PON 2), que ser a o pr oximo passo na evolu c~ao das redes de acesso e que atualmente se encontra em processo de estudo e padroniza c~ao. O NG-PON2 deve co-existir na mesma rede de distribui c~ao otica do G-PON, de forma a re-utilizar as infrastruturas j a construidas e consequentemente proteger o investimento inicial dos provedores. As redes de nidas por software (SDN) e uma arquitetura emergente que desassocia o controlo da rede e fun c~oes de encaminhamento do hardware a que pertencem, possibilitando a que o controlo da rede seja program avel, permitindo a implementa c~ao de solu c~oes capazes de resolver o problema do aumento da complexidade das redes e cria c~ao de servi cos inovadores. O principal foco de estudo ser a nas SDN como mecanismo de virtualiza c~ao dos elementos da rede. Nesta disserta c~ao e estudado as arquiteturas do G-PON e NG-PON2 no contexto das recomenda c~oes do ITU-T G.984.x e G.989.x respetivamente, e o estudo da tecnologia SDN atrav es da documenta c~ao dispon vel online. Com base nos estudos efetuados ir a ser sugerido uma arquitetura de um servidor que permite o controlo de elementos da infrastrutura G-PON e NG-PON2, intoduzindo os conceitos das SDN e virtualiza c~ao na rede de acesso.
15
D'Ambrosio, Mattia. "Software Defined Networks: alcuni casi di studio." Bachelor's thesis, Alma Mater Studiorum - Università di Bologna, 2014. http://amslaurea.unibo.it/7256/.
Full textAbstract:
In questo elaborato si descrive l'emergente approccio alle reti, il Software Defined Network, ed i suoi benefici. Successivamente viene preso in considerazione un importante componente di questa nuova architettura: il protocollo OpenFlow; si spiega che cos'è e si elencano i benefici che può apportare ad un'architettura SDN a sostegno di questi vengono mostrati quattro differenti casi d'uso di OF, comparati poi ad altri scenari equivalenti che non usano questo protocollo. Infine si è pensato ad alcuni possibili studi e sviluppi circa quest'architettura.
16
Biyase, Lindokuhle Zakithi. "Scalable Bandwidth Management in Software-Defined Networks." Master's thesis, Faculty of Engineering and the Built Environment, 2021. http://hdl.handle.net/11427/33656.
Full textAbstract:
There has been a growing demand to manage bandwidth as the network traffic increases. Network applications such as real time video streaming, voice over IP and video conferencing in IP networks has risen rapidly over the recently and is projected to continue in the future. These applications consume a lot of bandwidth resulting in increasing pressure on the networks. In dealing with such challenges, modern networks must be designed to be application sensitive and be able to offer Quality of Service (QoS) based on application requirements. Network paradigms such as Software Defined Networking (SDN) allows for direct network programmability to change the network behavior to suit the application needs in order to provide solutions to the challenge. In this dissertation, the objective is to research if SDN can provide scalable QoS requirements to a set of dynamic traffic flows. Methods are implemented to attain scalable bandwidth management to provide high QoS with SDN. Differentiated Services Code Point (DSCP) values and DSCP remarking with Meters are used to implement high QoS requirements such that bandwidth guarantee is provided to a selected set of traffic flows. The theoretical methodology is implemented for achieving QoS, experiments are conducted to validate and illustrate that QoS can be implemented in SDN, but it is unable to implement High QoS due to the lack of implementation for Meters with DSCP remarking. The research work presented in this dissertation aims at the identification and addressing the critical aspects related to the SDN based QoS provisioning using flow aggregation techniques. Several tests and demonstrations will be conducted by utilizing virtualization methods. The tests are aimed at supporting the proposed ideas and aims at creating an improved understanding of the practical SDN use cases and the challenges that emerge in virtualized environments. DiffServ Assured Forwarding is chosen as a QoS architecture for implementation. The bandwidth management scalability in SDN is proved based on throughput analysis by considering two conditions i.e 1) Per-flow QoS operation and 2) QoS by using DiffServ operation in the SDN environment with Ryu controller. The result shows that better performance QoS and bandwidth management is achieved using the QoS by DiffServ operation in SDN rather than the per-flow QoS operation.
17
Pagola, Moledo Santiago. "Vendor-Independent Software-Defined Networking : Beyond The Hype." Thesis, Linköpings universitet, Databas och informationsteknik, 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-157456.
Full textAbstract:
Software-Defined Networking (SDN) is an emerging trend in networking that offers a number of advantages such as smoother network management over traditional networks. By decoupling the control and data planes from network elements, a huge amount of new opportunities arise, especially in network virtualization. In cloud datacenters, where virtualization plays a fundamental role, SDN presents itself as the perfect candidate to ease infrastructure management and to ensure correct operation. Even if the original SDN ideology advocates openness of source and interfaces, multiple networking vendors offer their own proprietary solutions. In this work, an open-source SDN solution, named Tungsten Fabric, will be deployed in a virtualized datacenter and a number of SDN-related use-cases will be examined. The main goal of this work is to determine whether Tungsten Fabric can deliver the same set of use-cases as a proprietary solution from Juniper, named Contrail Cloud. Finally, this work will give some guidelines on whether open-source SDN is the right candidate for Ericsson.
18
Kandoi, Rajat. "Deploying Software-Defined Networks: a Telco Perspective." Thesis, KTH, Skolan för informations- och kommunikationsteknik (ICT), 2015. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-172354.
Full textAbstract:
Software-De_ned Networking (SDN) proposes a new network architecture inwhich the control plane and forwarding plane are decoupled. SDN can improvenetwork e_ciency and ease of management through the centralization of the controland policy decisions. However, SDN deployments are currently limited todata-center and experimental environments. This thesis surveys the deploymentof SDN from the perspective of a telecommunication network operator. We discussthe strategies which enable the operator to migrate to a network in whichboth SDN and legacy devices interoperate. As a synthesis of existing technologiesand protocols, we formulate an automated process for the bootstrapping of newlydeployed forwarding devices. Furthermore, we review solutions for programmingthe forwarding devices and for performing topology discovery. The functionalcorrectness of the proposed bootstrapping process is evaluated in an emulatedenvironment.
19
Bassey, Ukemeobong Okon. "On iBGP Multicasting in Software Defined Networks." Thesis, Université d'Ottawa / University of Ottawa, 2017. http://hdl.handle.net/10393/36871.
Full textAbstract:
In the Internet today, learnt prefixes are forwarded within autonomous systems (ASs) over internal Border Gateway Protocol (iBGP) sessions. Existing schemes for iBGP routing include the full-mesh (FM) solution, route reflection (RR) solution and confederation. Optimal prefix routing and route diversity are the main strength of the FM solution. However, it is rarely employed in a large networks due to its deficiency in aspects including scalability and large Routing Information Base (RIB) size requirement of routers. This is due to the fact that routers in this topology are required to peer with every other router within the AS. To combat these challenges, the RR scheme provides solution for scalability by decreasing the iBGP sessions requirement. Notwithstanding, the RR solution has its own challenges which includes reduced route diversity, introduction of divergence and forwarding anomalies. Also, the FM optimality may be lost since the Route Reflectors are responsible for reflecting the learnt prefixes to their corresponding clients based on its partial view of the network. The concept of Software Defined Networking (SDN) entails decoupling of the control plane from the forwarding plane such that the control plane is logically centralized benefiting from an overall knowledge of the network for decision making.
In this work, we propose a solution based on multicasting which employs relay nodes in the iBGP message dissemination. Our solution brings session management scalability and minimization of duplicate prefix announcement through elimination of peer sessions deemed unnecessary. SDN controller is employed to configure and coordinate the multicast tree.
20
Berriri, Asma. "Model based testing techniques for software defined networks." Thesis, Université Paris-Saclay (ComUE), 2019. http://www.theses.fr/2019SACLL017/document.
Full textAbstract:
Les réseaux logiciels (connus sous l'éppellation: Software Defined Networking, SDN), qui s'appuient sur le paradigme de séparation du plan de contrôle et du plan d'acheminement, ont fortement progressé ces dernières années pour permettre la programmabilité des réseaux et faciliter leur gestion. Reconnu aujourd'hui comme des architectures logicielles pilotées par des applications, offrant plus de programmabilité, de flexibilité et de simplification des infrastructures, les réseaux logiciels sont de plus en plus largement adoptés et graduellement déployés par l'ensemble des fournisseurs. Néanmoins, l'émergence de ce type d'architectures pose un ensemble de questions fondamentales sur la manière de garantir leur correct fonctionnement. L'architecture logicielle SDN est elle-même un système complexe à plusieurs composants vulnérable aux erreurs. Il est essentiel d'en assurer le bon fonctionnement avant déploiement et intégration dans les infrastructures.Dans la littérature, la manière de réaliser cette tâche n'a été étudiée de manière approfondie qu'à l'aide de vérification formelle. Les méthodes de tests s'appuyant sur des modèles n'ont guère retenu l'attention de la communauté scientifique bien que leur pertinence et l'efficacité des tests associés ont été largement demontrés dans le domaine du développement logiciel. La création d'approches de test efficaces et réutilisables basées sur des modèles nous semble une approche appropriée avant tout déploiement de réseaux virtuels et de leurs composants. Le problème abordé dans cette thèse concerne l'utilisation de modèles formels pour garantir un comportement fonctionnel correct des architectures SDN ainsi que de leurs composants. Des approches formelles, structurées et efficaces de génération de tests sont les principale contributions de la thèse. En outre, l'automatisation du processus de test est mis en relief car elle peut en réduire considérablement les efforts et le coût.La première contribution consiste en une méthode reposant sur l'énumération de graphes et qui vise le test fonctionnel des architectures SDN. En second lieu, une méthode basée sur un circuit logique est développée pour tester la fonctionnalité de transmission d'un commutateur SDN. Plus loin, cette dernière méthode est étendue pour tester une application d'un contrôleur SDN. De plus, une technique basée sur une machine à états finis étendus est introduite pour tester la communication commutateur-contrôleur.Comme la qualité d'une suite de tests est généralement mesurée par sa couverture de fautes, les méthodes de test proposées introduisent différents modèles de fautes et génèrent des suites de tests avec une couverture de fautes guarantieHaving gained momentum from its concept of decoupling the traffic control from the underlying traffic transmission, Software Defined Networking (SDN) is a new networking paradigm that is progressing rapidly addressing some of the long-standing challenges in computer networks. Since they are valuable and crucial for networking, SDN architectures are subject to be widely deployed and are expected to have the greatest impact in the near future. The emergence of SDN architectures raises a set of fundamental questions about how to guarantee their correctness. Although their goal is to simplify the management of networks, the challenge is that the SDN software architecture itself is a complex and multi-component system which is failure-prone. Therefore, assuring the correct functional behaviour of such architectures and related SDN components is a task of paramount importance, yet, decidedly challenging.How to achieve this task, however, has only been intensively investigated using formal verification, with little attention paid to model based testing methods. Furthermore, the relevance of models and the efficiency of model based testing have been demonstrated for software engineering and particularly for network protocols. Thus, the creation of efficient and reusable model based testing approaches becomes an important stage before the deployment of virtual networks and related components. The problem addressed in this thesis relates to the use of formal models for guaranteeing the correct functional behaviour of SDN architectures and their corresponding components. Formal, and effective test generation approaches are in the primary focus of the thesis. In addition, automation of the test process is targeted as it can considerably cut the efforts and cost of testing.The main contributions of the thesis relate to model based techniques for deriving high quality test suites. Firstly, a method relying on graph enumeration is proposed for the functional testing of SDN architectures. Secondly, a method based on logic circuit is developed for testing the forwarding functionality of an SDN switch. Further on, the latter method is extended to test an application of an SDN controller. Additionally, a technique based on an extended finite state machine is introduced for testing the switch-to-controller communication. As the quality of a test suite is usually measured by its fault coverage, the proposed testing methods introduce different fault models and seek for test suites with guaranteed fault coverage that can be stated as sufficient conditions for a test suite completeness / exhaustiveness
21
Olivi, Matteo. "Design of a Kubernetes-based Software-Defined Network Control Plane." Master's thesis, Alma Mater Studiorum - Università di Bologna, 2020.
Find full textAbstract:
Negli ultimi anni, Kubernetes è emerso come l’orchestratore di applicazioni a containers dominante. Il suo design è basato su un’API che permette di descrivere in modo dichiarativo lo stato desiderato delle applicazioni e su un piano di controllo che lavora per far convergere lo stato effettivo delle applicazioni verso lo stato desiderato, ottenendo fault-tolerance, self-healing ed elevata scalabilità. Questo design pattern si è dimostrato estremamente efficace per la gestione dei container, ma è abbastanza generale da poter essere usato per orchestrare con successo qualsiasi tipo di risorsa virtuale che viene tradizionalmente offerta mediante il paradigma del cloud IaaS. Abbiamo testato questa idea estendendo Kubernetes per fargli gestire, oltre alle usuali applicazioni a containers, delle reti virtuali. Così facendo abbiamo di fatto realizzato il prototipo di un piano di controllo di una SoftwareDefined Network. Nel fare ciò sono emersi sia punti di forza che debolezze del design pattern di Kubernetes e delle librerie open source che lo supportano. Per verificare che il sistema ottenuto abbia una scalabilità adeguata a quella necessaria nei moderni cloud data centers, abbiamo condotto uno studio di performance.
22
Sund, Gabriel, and Haroon Ahmed. "Security challenges within Software Defined Networks." Thesis, KTH, Radio Systems Laboratory (RS Lab), 2014. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-156030.
Full textAbstract:
A large amount of today's communication occurs within data centers where a large number of virtual servers (running one or more virtual machines) provide service providers with the infrastructure needed for their applications and services. In this thesis, we will look at the next step in the virtualization revolution, the virtualized network. Software-defined networking (SDN) is a relatively new concept that is moving the field towards a more software-based solution to networking. Today when a packet is forwarded through a network of routers, decisions are made at each router as to which router is the next hop destination for the packet. With SDN these decisions are made by a centralized SDN controller that decides upon the best path and instructs the devices along this path as to what action each should perform. Taking SDN to its extreme minimizes the physical network components and increases the number of virtualized components. The reasons behind this trend are several, although the most prominent are simplified processing and network administration, a greater degree of automation, increased flexibility, and shorter provisioning times. This in turn leads to a reduction in operating expenditures and capital expenditures for data center owners, which both drive the further development of this technology. Virtualization has been gaining ground in the last decade. However, the initial introduction of virtualization began in the 1970s with server virtualization offering the ability to create several virtual server instances on one physical server. Today we already have taken small steps towards a virtualized network by virtualization of network equipment such as switches, routers, and firewalls. Common to virtualization is that it is in early stages all of the technologies have encountered trust issues and general concerns related to whether software-based solutions are as rugged and reliable as hardware-based solutions. SDN has also encountered these issues, and discussion of these issues continues among both believers and skeptics. Concerns about trust remain a problem for the growing number of cloud-based services where multitenant deployments may lead to loss of personal integrity and other security risks. As a relatively new technology, SDN is still immature and has a number of vulnerabilities. As with most software-based solutions, the potential for security risks increases. This thesis investigates how denial-of-service (DoS) attacks affect an SDN environment and a single-threaded controller, described by text and via simulations. The results of our investigations concerning trust in a multi-tenancy environment in SDN suggest that standardization and clear service level agreements are necessary to consolidate customers’ confidence. Attracting small groups of customers to participate in user cases in the initial stages of implementation can generate valuable support for a broader implementation of SDN in the underlying infrastructure. With regard to denial-of-service attacks, our conclusion is that hackers can by target the centralized SDN controller, thus negatively affect most of the network infrastructure (because the entire infrastructure directly depends upon a functioning SDN controller). SDN introduces new vulnerabilities, which is natural as SDN is a relatively new technology. Therefore, SDN needs to be thoroughly tested and examined before making a widespread deployment.Dagens kommunikation sker till stor del via serverhallar där till stor grad virtualiserade servermiljöer förser serviceleverantörer med infrastukturen som krävs för att driva dess applikationer och tjänster. I vårt arbete kommer vi titta på nästa steg i denna virtualiseringsrevolution, den om virtualiserade nätverk. mjukvarudefinierat nätverk (eng. Software-defined network, eller SDN) kallas detta förhållandevis nya begrepp som syftar till mjukvarubaserade nätverk. När ett paket idag transporteras genom ett nätverk tas beslut lokalt vid varje router vilken router som är nästa destination för paketet, skillnaden i ett SDN nätverk är att besluten istället tas utifrån ett fågelperspektiv där den bästa vägen beslutas i en centraliserad mjukvaruprocess med överblick över hela nätverket och inte bara tom nästa router, denna process är även kallad SDN kontroll. Drar man uttrycket SDN till sin spets handlar det om att ersätta befintlig nätverksutrustning med virtualiserade dito. Anledningen till stegen mot denna utveckling är flera, de mest framträdande torde vara; förenklade processer samt nätverksadministration, större grad av automation, ökad flexibilitet och kortare provisionstider. Detta i sin tur leder till en sänkning av löpande kostnader samt anläggningskostnader för serverhallsinnehavare, något som driver på utvecklingen. Virtualisering har sedan början på 2000-talet varit på stark frammarsch, det började med servervirtualisering och förmågan att skapa flertalet virtualiserade servrar på en fysisk server. Idag har vi virtualisering av nätverksutrustning, såsom switchar, routrar och brandväggar. Gemensamt för all denna utveckling är att den har i tidigt stadie stött på förtroendefrågor och överlag problem kopplade till huruvida mjukvarubaserade lösningar är likvärdigt robusta och pålitliga som traditionella hårdvarubaserade lösningar. Detta problem är även något som SDN stött på och det diskuteras idag flitigt bland förespråkare och skeptiker. Dessa förtroendefrågor går på tvären mot det ökande antalet molnbaserade tjänster, typiska tjänster där säkerheten och den personliga integriten är vital. Vidare räknar man med att SDN, liksom annan ny teknik medför vissa barnsjukdomar såsom kryphål i säkerheten. Vi kommer i detta arbete att undersöka hur överbelastningsattacker (eng. Denial-of-Service, eller DoS-attacker) påverkar en SDN miljö och en singel-trådig kontroller, i text och genom simulering. Resultatet av våra undersökningar i ämnet SDN i en multitenans miljö är att standardisering och tydliga servicenivåavtal behövs för att befästa förtroendet bland kunder. Att attrahera kunder för att delta i mindre användningsfall (eng. user cases) i ett inledningsskede är också värdefullt i argumenteringen för en bredare implementering av SDN i underliggande infrastruktur. Vad gäller DoS-attacker kom vi fram till att det som hackare går att manipulera en SDN infrastruktur på ett sätt som inte är möjligt med dagens lösningar. Till exempel riktade attacker mot den centraliserade SDN kontrollen, slår man denna kontroll ur funktion påverkas stora delar av infrastrukturen eftersom de är i ett direkt beroende av en fungerande SDN kontroll. I och med att SDN är en ny teknik så öppnas också upp nya möjligheter för angrepp, med det i åtanke är det viktigt att SDN genomgår rigorösa tester innan större implementation.
23
Nasim, Kamraan. "AETOS: An Architecture for Offloading Core LTE Traffic Using Software Defined Networking Concepts." Thesis, Université d'Ottawa / University of Ottawa, 2016. http://hdl.handle.net/10393/35085.
Full textAbstract:
It goes without saying that cellular users of today have an insatiable appetite for bandwidth and data. Data-intensive applications, such as video on demand, online gaming and video conferencing, have gained prominence. This, coupled with recent innovations in the mobile network such as LTE/4G, poses a unique challenge to network operators in how to extract the most value from their deployments all the while reducing their Total Cost of Operations(TCO). To this end, a number of enhancements have been proposed to the ”conventional” LTE mobile network. Most of these recognize the monolithic and non-elastic nature of the mobile backend and propose complimenting core functionality with concepts borrowed from Software Defined Networking (SDN). In this thesis we shall attempt to explore some existing options within the LTE standard to mitigate large traffic churns. We will then review some SDN-enabled alternatives, and attempt to derive a proof based critique on their merits and drawbacks.
24
Zhao, Yimeng. "Déploiement du switch logiciel dans SDN-enabled Réseau environnement de virtualisation." Electronic Thesis or Diss., Paris, ENST, 2016. http://www.theses.fr/2016ENST0029.
Full textAbstract:
Avec la prévalence de logicielisation, virtualisation est devenue une technologie dominante dans des data-centres et clouds. Deux aspects principaux de la logicielisation de réseaux sont Software Defined Network (SDN) et Network Function Virtualization (NFV), dont un des outils essentiel sont les switches logiciels, à l’opposition des switches matériaux. Les switches logiciels sont également indispensables pour le succès de NFV. Cette thèse vise à relever des défis principaux dans la logicielisation de réseaux. Spécifiquement, elle porte sur le déploiement des switches logiciels dans un réseau virtuel avec SDNDue to the growing trend of “Softwarization”, virtualization is becoming the dominating technology in data center and cloud environment. Software Defined Network (SDN) and Network Function Virtualization (NFV) are different expressions of “Network Softwarization”. Software switch is exactly the suitable and powerful tool to support network softwarization, which is also indispensable to the success of network virtualization. Regarding the challenges and opportunities in network softwarization, this thesis aims to investigate the deployment of software switch in a SDN-enabled network virtualization environment
25
Ongaro, Francesco. "Enhancing quality of service in software-defined networks." Master's thesis, Alma Mater Studiorum - Università di Bologna, 2014. http://amslaurea.unibo.it/7356/.
Full textAbstract:
Resource management is of paramount importance in network scenarios and it is a long-standing and still open issue. Unfortunately, while technology and innovation continue to evolve, our network infrastructure system has been maintained almost in the same shape for decades and this phenomenon is known as “Internet ossification”.
Software-Defined Networking (SDN) is an emerging paradigm in computer networking that allows a logically centralized software program to control the behavior of an entire network. This is done by decoupling the network control logic from the underlying physical routers and switches that forward traffic to the selected destination. One mechanism that allows the control plane to communicate with the data plane is OpenFlow. The network operators could write high-level control programs that specify the behavior of an entire network.
Moreover, the centralized control makes it possible to define more specific and complex tasks that could involve many network functionalities, e.g., security, resource management and control, into a single framework.
Nowadays, the explosive growth of real time applications that require stringent Quality of Service (QoS) guarantees, brings the network programmers to design network protocols that deliver certain performance guarantees. This thesis exploits the use of SDN in conjunction with OpenFlow to manage differentiating network services with an high QoS. Initially, we define a QoS Management and Orchestration architecture that allows us to manage the network in a modular way. Then, we provide a seamless integration between the architecture and the standard SDN paradigm following the separation between the control and data planes.
This work is a first step towards the deployment of our proposal in the University of California, Los Angeles (UCLA) campus network with differentiating services and stringent QoS requirements. We also plan to exploit our solution to manage the handoff between different network technologies, e.g., Wi-Fi and WiMAX. Indeed, the model can be run with different parameters, depending on the communication protocol and can provide optimal results to be implemented on the campus network.
26
Crestani, Giulio. "Problematiche di sicurezza nelle software defined networks." Bachelor's thesis, Alma Mater Studiorum - Università di Bologna, 2014. http://amslaurea.unibo.it/7555/.
Full textAbstract:
Questa tesi ha l’obiettivo di comprendere e valutare se l’approccio al paradigma SDN, che verrà spiegato nel capitolo 1, può essere utilizzato efficacemente per implementare dei sistemi atti alla protezione e alla sicurezza di una rete più o meno estesa. Oltre ad introdurre il paradigma SDN con i relativi componenti basilari, si introduce il protocollo fondamentale OpenFlow, per la gestione dei vari componenti.
Per ottenere l’obiettivo prestabilito, si sono seguiti alcuni passaggi preliminari. Primo tra tutti si è studiato cos’è l’SDN. Esso introduce una potenziale innovazione nell’utilizzo della rete. La combinazione tra la visione globale di tutta la rete e la programmabilità di essa, rende la gestione del traffico di rete un processo abbastanza complicato in termini di livello applicativo, ma con un risultato alquanto performante in termini di flessibilità. Le alterazioni all’architettura di rete introdotte da SDN devono essere valutate per garantire che la sicurezza di rete sia mantenuta. Le Software Defined Network (come vedremo nei primi capitoli) sono in grado di interagire attraverso tutti i livelli del modello ISO/OSI e questa loro caratteristica può creare problemi. Nelle reti odierne, quando si agisce in un ambiente “confinato”, è facile sia prevedere cosa potrebbe accadere, che riuscire a tracciare gli eventi meno facilmente rilevabili. Invece, quando si gestiscono più livelli, la situazione diventa molto più complessa perché si hanno più fattori da gestire, la variabilità dei casi possibili aumenta fortemente e diventa più complicato anche distinguere i casi leciti da quelli illeciti. Sulla base di queste complicazioni, ci si è chiesto se SDN abbia delle problematiche di sicurezza e come potrebbe essere usato per la sicurezza. Per rispondere a questo interrogativo si è fatta una revisione della letteratura a riguardo, indicando, nel capitolo 3, alcune delle soluzioni che sono state studiate. Successivamente si sono chiariti gli strumenti che vengono utilizzati per la creazione e la gestione di queste reti (capitolo 4) ed infine (capitolo 5) si è provato ad implementare un caso di studio per capire quali
sono i problemi da affrontare a livello pratico.
Successivamente verranno descritti tutti i passaggi individuati in maniera dettagliata ed alla fine si terranno alcune conclusioni sulla base dell’esperienza svolta.
27
Toufga, Soufian. "Vers des réseaux véhiculaires (VANET) programmables grâce à la technologie SDN (software defined network)." Thesis, Toulouse 3, 2020. http://www.theses.fr/2020TOU30128.
Full textAbstract:
Le concept de réseau véhiculaire qui initialement prônait essentiellement des communications de véhicules à véhicules s'ouvre à d'autres types de communications impliquant véhicules et infrastructure (réseau), cloud ou piétons, etc. afin de pouvoir répondre aux besoins de la grande variété des nouvelles applications envisagées dans le cadre du Système de Transport Intelligent (ITS: Intelligent Transportation System). La multitude des technologies réseau d'accès, la très forte mobilité des véhicules et leur forte densité en milieu urbain ainsi que la prédominance des communications sans-fil en font un réseau hétérogène, avec des caractéristiques très dynamiques, dont certaines peu prévisibles, et sujet à des problèmes d'échelle. Face à ces difficultés, une piste envisagée par la communauté scientifique est d'appliquer le paradigme SDN (Software Defined Network) aux réseaux véhiculaires comme moyen pour, d'une part permettre l'hybridation et l'unification du contrôle des différentes technologies réseaux d'accès et, d'autre part, tirer partie de la vue centralisée du réseau et des données contextuelles venues du cloud pour développer des nouveaux algorithmes de contrôle pouvant potentiellement reposer sur la prédiction/estimation de l'état du réseau et donc anticiper certaines décisions de contrôle. C'est donc dans ce cadre que s'inscrit ce travail de thèse dont les contributions visent à développer le concept de réseaux véhiculaires définis par logiciel SDVN (Software Defined Vehicular Network). Quatre contributions y sont développées. La première précise l'architecture d'un réseau véhiculaire SDN hybride capable de répondre aux défis décrits ci-avant. Cette architecture est complémentée par une solution de placement des contrôleurs SDN. Nous proposons une approche dynamique capable d'ajuster le placement optimal des contrôleurs en fonction des changements de la topologie réseau dues aux fluctuations du trafic routier. Ce travail aborde également le problème de la vision globale du réseau qu'un contrôleur SDN peut se constituer, vision préalable et pierre angulaire à toute fonction de contrôle réseau. A ce problème, nous proposons des amendements et extensions au service de découverte de topologie "de fait" conçu pour les réseaux filaires pour l'adapter au contexte véhiculaire. En complément au service de découverte, nous proposons également un service d'estimation de topologie basé sur des techniques d'apprentissage automatique (Machine Learning) pour offrir aux fonctions de contrôle réseau une vision potentielle de l'état futur du réseau et donc les ouvrir à un contrôle proactif et intelligent du réseauThe vehicular network concept, which initially focused on vehicle-to-vehicle communication, is opening up to other types of communications involving vehicles and infrastructure (network), cloud or pedestrians, etc. to meet the needs of the wide variety of new applications envisaged in the framework of the Intelligent Transportation System (ITS). The multitude of network access technologies, the very high mobility of vehicles and their high density in urban areas, and the predominance of wireless communications make it a heterogeneous network, with very dynamic characteristics, some of which are difficult to predict, and subject to scalability problems. Given these issues, one direction, considered by the scientific community, is to apply the SDN (Software Defined Network) paradigm to vehicular networks as a means of, on the one hand, enabling the hybridization and unification of control of different network access technologies and, on the other hand, taking advantage of the centralized view of the network and contextual data from the cloud to develop new control algorithms that can potentially rely on the prediction/estimation of the network state and thus anticipate certain control decisions. Therefore, this thesis is part of this framework. Its contributions aim at developing the concept of SDVN (Software Defined Vehicular Network). Four contributions are developed. The first one specifies the architecture of a hybrid SDN vehicular network capable of meeting the challenges described above. This architecture is complemented by an SDN controller placement solution. We propose a dynamic approach capable of adjusting the optimal placement of controllers according to network topology changes due to road traffic fluctuations. This work also covers the problem of global network vision that an SDN controller can build up, which is a prerequisite and the cornerstone of any network control function. To this problem, we propose amendments and extensions to the "de facto" topology discovery service designed for wired networks to adapt it to the vehicular context. As a complement to the discovery service, we also propose a topology estimation service based on Machine Learning techniques to provide network control functions with a potential vision of the future state of the network and thus open them to proactive and intelligent network control
28
Ahmed, Haroon, and Gabriel Sund. "Security challenges within Software Defined Networks." Thesis, KTH, Skolan för informations- och kommunikationsteknik (ICT), 2014. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-177394.
Full textAbstract:
A large amount of today's communication occurs within data centers where a large number of virtual servers (running one or more virtual machines) provide service providers with the infrastructure needed for their applications and services. In this thesis, we will look at the next step in the virtualization revolution, the virtualized network. Software-defined networking (SDN) is a relatively new concept that is moving the field towards a more software-based solution to networking. Today when a packet is forwarded through a network of routers, decisions are made at each router as to which router is the next hop destination for the packet. With SDN these decisions are made by a centralized SDN controller that decides upon the best path and instructs the devices along this path as to what action each should perform. Taking SDN to its extreme minimizes the physical network components and increases the number of virtualized components. The reasons behind this trend are several, although the most prominent are simplified processing and network administration, a greater degree of automation, increased flexibility, and shorter provisioning times. This in turn leads to a reduction in operating expenditures and capital expenditures for data center owners, which both drive the further development of this technology. Virtualization has been gaining ground in the last decade. However, the initial introduction of virtualization began in the 1970s with server virtualization offering the ability to create several virtual server instances on one physical server. Today we already have taken small steps towards a virtualized network by virtualization of network equipment such as switches, routers, and firewalls. Common to virtualization is that it is in early stages all of the technologies have encountered trust issues and general concerns related to whether software-based solutions are as rugged and reliable as hardwarebased solutions. SDN has also encountered these issues, and discussion of these issues continues among both believers and skeptics. Concerns about trust remain a problem for the growing number of cloud-based services where multitenant deployments may lead to loss of personal integrity and other security risks. As a relatively new technology, SDN is still immature and has a number of vulnerabilities. As with most software-based solutions, the potential for security risks increases. This thesis investigates how denial-of-service (DoS) attacks affect an SDN environment and a singlethreaded controller, described by text and via simulations. The results of our investigations concerning trust in a multi-tenancy environment in SDN suggest that standardization and clear service level agreements are necessary to consolidate customers’ confidence. Attracting small groups of customers to participate in user cases in the initial stages of implementation can generate valuable support for a broader implementation of SDN in the underlying infrastructure. With regard to denial-of-service attacks, our conclusion is that hackers can by target the centralized SDN controller, thus negatively affect most of the network infrastructure (because the entire infrastructure directly depends upon a functioning SDN controller). SDN introduces new vulnerabilities, which is natural as SDN is a relatively new technology. Therefore, SDN needs to be thoroughly tested and examined before making a widespread deployment.Dagens kommunikation sker till stor del via serverhallar där till stor grad virtualiserade servermiljöer förser serviceleverantörer med infrastukturen som krävs för att driva dess applikationer och tjänster. I vårt arbete kommer vi titta på nästa steg i denna virtualiseringsrevolution, den om virtualiserade nätverk. mjukvarudefinierat nätverk (eng. Software-defined network, eller SDN) kallas detta förhållandevis nya begrepp som syftar till mjukvarubaserade nätverk. När ett paket idag transporteras genom ett nätverk tas beslut lokalt vid varje router vilken router som är nästa destination för paketet, skillnaden i ett SDN nätverk är att besluten istället tas utifrån ett fågelperspektiv där den bästa vägen beslutas i en centraliserad mjukvaruprocess med överblick över hela nätverket och inte bara tom nästa router, denna process är även kallad SDN kontroll. Drar man uttrycket SDN till sin spets handlar det om att ersätta befintlig nätverksutrustning med virtualiserade dito. Anledningen till stegen mot denna utveckling är flera, de mest framträdande torde vara; förenklade processer samt nätverksadministration, större grad av automation, ökad flexibilitet och kortare provisionstider. Detta i sin tur leder till en sänkning av löpande kostnader samt anläggningskostnader för serverhallsinnehavare, något som driver på utvecklingen. Virtualisering har sedan början på 2000-talet varit på stark frammarsch, det började med servervirtualisering och förmågan att skapa flertalet virtualiserade servrar på en fysisk server. Idag har vi virtualisering av nätverksutrustning, såsom switchar, routrar och brandväggar. Gemensamt för all denna utveckling är att den har i tidigt stadie stött på förtroendefrågor och överlag problem kopplade till huruvida mjukvarubaserade lösningar är likvärdigt robusta och pålitliga som traditionella hårdvarubaserade lösningar. Detta problem är även något som SDN stött på och det diskuteras idag flitigt bland förespråkare och skeptiker. Dessa förtroendefrågor går på tvären mot det ökande antalet molnbaserade tjänster, typiska tjänster där säkerheten och den personliga integriten är vital. Vidare räknar man med att SDN, liksom annan ny teknik medför vissa barnsjukdomar såsom kryphål i säkerheten. Vi kommer i detta arbete att undersöka hur överbelastningsattacker (eng. Denial-of-Service, eller DoS-attacker) påverkar en SDN miljö och en singel-trådig kontroller, i text och genom simulering. Resultatet av våra undersökningar i ämnet SDN i en multitenans miljö är att standardisering och tydliga servicenivåavtal behövs för att befästa förtroendet bland kunder. Att attrahera kunder för att delta i mindre användningsfall (eng. user cases) i ett inledningsskede är också värdefullt i argumenteringen för en bredare implementering av SDN i underliggande infrastruktur. Vad gäller DoS-attacker kom vi fram till att det som hackare går att manipulera en SDN infrastruktur på ett sätt som inte är möjligt med dagens lösningar. Till exempel riktade attacker mot den centraliserade SDN kontrollen, slår man denna kontroll ur funktion påverkas stora delar av infrastrukturen eftersom de är i ett direkt beroende av en fungerande SDN kontroll. I och med att SDN är en ny teknik så öppnas också upp nya möjligheter för angrepp, med det i åtanke är det viktigt att SDN genomgår rigorösa tester innan större implementation.
29
Alqallaf, Maha. "Software Defined Secure Ad Hoc Wireless Networks." Wright State University / OhioLINK, 2016. http://rave.ohiolink.edu/etdc/view?acc_num=wright1464020851.
Full text
30
Rivera, Polanco Sergio A. "AUTOMATED NETWORK SECURITY WITH EXCEPTIONS USING SDN." UKnowledge, 2019. https://uknowledge.uky.edu/cs_etds/87.
Full textAbstract:
Campus networks have recently experienced a proliferation of devices ranging from personal use devices (e.g. smartphones, laptops, tablets), to special-purpose network equipment (e.g. firewalls, network address translation boxes, network caches, load balancers, virtual private network servers, and authentication servers), as well as special-purpose systems (badge readers, IP phones, cameras, location trackers, etc.). To establish directives and regulations regarding the ways in which these heterogeneous systems are allowed to interact with each other and the network infrastructure, organizations typically appoint policy writing committees (PWCs) to create acceptable use policy (AUP) documents describing the rules and behavioral guidelines that all campus network interactions must abide by.
While users are the audience for AUP documents produced by an organization's PWC, network administrators are the responsible party enforcing the contents of such policies using low-level CLI instructions and configuration files that are typically difficult to understand and are almost impossible to show that they do, in fact, enforce the AUPs. In other words, mapping the contents of imprecise unstructured sentences into technical configurations is a challenging task that relies on the interpretation and expertise of the network operator carrying out the policy enforcement. Moreover, there are multiple places where policy enforcement can take place. For example, policies governing servers (e.g., web, mail, and file servers) are often encoded into the server's configuration files. However, from a security perspective, conflating policy enforcement with server configuration is a dangerous practice because minor server misconfigurations could open up avenues for security exploits. On the other hand, policies that are enforced in the network tend to rarely change over time and are often based on one-size-fits-all policies that can severely limit the fast-paced dynamics of emerging research workflows found in campus networks.
This dissertation addresses the above problems by leveraging recent advances in Software-Defined Networking (SDN) to support systems that enable novel in-network approaches developed to support an organization's network security policies. Namely, we introduce PoLanCO, a human-readable yet technically-precise policy language that serves as a middle-ground between the imprecise statements found in AUPs and the technical low-level mechanisms used to implement them. Real-world examples show that PoLanCO is capable of implementing a wide range of policies found in campus networks. In addition, we also present the concept of Network Security Caps, an enforcement layer that separates server/device functionality from policy enforcement. A Network Security Cap intercepts packets coming from, and going to, servers and ensures policy compliance before allowing network devices to process packets using the traditional forwarding mechanisms. Lastly, we propose the on-demand security exceptions model to cope with the dynamics of emerging research workflows that are not suited for a one-size-fits-all security approach. In the proposed model, network users and providers establish trust relationships that can be used to temporarily bypass the policy compliance checks applied to general-purpose traffic -- typically by network appliances that perform Deep Packet Inspection, thereby creating network bottlenecks. We describe the components of a prototype exception system as well as experiments showing that through short-lived exceptions researchers can realize significant improvements for their special-purpose traffic.
31
Santos, Ricardo. "5G Backhauling with Software-defined Wireless Mesh Networks." Licentiate thesis, Karlstads universitet, Institutionen för matematik och datavetenskap (from 2013), 2018. http://urn.kb.se/resolve?urn=urn:nbn:se:kau:diva-69437.
Full textAbstract:
Current technological advances have caused an exponential growth of the number of mobile Internet-connected devices, along with their respective traffic demands. To cope with this increase of traffic demands, fifth generation (5G) network architectures will need to provide multi-gigabit capacity at the access base stations (BSs), through the deployment of ultra-dense small cells (SCs) operating with millimeter-wave (mmWave) frequencies, e.g. 60 GHz. To connect the BSs to the core network, a robust and high capacity backhaul infrastructure is required. As it is unfeasible to connect all the SCs through optical fiber links, a solution for the future 5G backhaul relies on the usage of mmWave frequencies to interconnect the SCs, forming multi-hop wireless mesh topologies. In this thesis, we explore the application of the Software-defined Networking (SDN) paradigm for the management of a SC wireless backhaul. With SDN, the data and control planes are separated and the network management is done by a centralized controller entity that has a global network view. To that end, we provide multiple contributions. Firstly, we provide an SDN-based architecture to manage SC backhaul networks, which include an out-of-band Long Term Evolution (LTE) control channel and where we consider aspects such as energy efficiency, resiliency and flexible backhaul operation. Secondly, we demonstrate the benefit of the wireless backhaul configuration using the SDN controller, which can be used to improve the wireless resource allocation and provide resiliency mechanisms in the network. Finally, we investigate how a SC mesh backhaul can be optimally reconfigured between different topologies, focusing on minimizing the network disruption during the reconfiguration.The growth of mobile devices, along with their traffic demands, is expected to saturate the current mobile networks soon. To cope with such demand increase, fifth generation (5G) network architectures will need to provide multi-gigabit capacity at the access level, through the deployment of a massive amount of ultra-dense small cells (SCs). To connect the access and core networks, a robust and high capacity backhaul is required. To that end, mmWave links that operate at e.g. 60 GHz, can be used to interconnect the SCs, forming multi-hop wireless mesh topologies. In this thesis, we study the application of the Software-defined Networking (SDN) paradigm for the management of a SC wireless backhaul. Firstly, we provide an SDN-based architecture to manage SC backhaul networks, which includes an out-of-band control channel and where we consider aspects such as energy efficiency, resiliency and flexible backhaul operation. Secondly, we show the benefits of the wireless backhaul configuration using the SDN controller, which can be used to improve the wireless resource allocation and provide network resiliency. Finally, we investigate how a SC mesh backhaul can be optimally reconfigured between different topologies, while minimizing the network disruption during the reconfiguration.
32
Kamaruddin, Amalina Farhan. "Experimentation on dynamic congestion control in Software Defined Networking (SDN) and Network Function Virtualisation (NFV)." Thesis, Brunel University, 2017. http://bura.brunel.ac.uk/handle/2438/16917.
Full textAbstract:
In this thesis, a novel framework for dynamic congestion control has been proposed. The study is about the congestion control in broadband communication networks. Congestion results when demand temporarily exceeds capacity and leads to severe degradation of Quality of Service (QoS) and possibly loss of traffic. Since traffic is stochastic in nature, high demand may arise anywhere in a network and possibly causing congestion. There are different ways to mitigate the effects of congestion, by rerouting, by aggregation to take advantage of statistical multiplexing, and by discarding too demanding traffic, which is known as admission control. This thesis will try to accommodate as much traffic as possible, and study the effect of routing and aggregation on a rather general mix of traffic types. Software Defined Networking (SDN) and Network Function Virtualization (NFV) are concepts that allow for dynamic configuration of network resources by decoupling control from payload data and allocation of network functions to the most suitable physical node. This allows implementation of a centralised control that takes the state of the entire network into account and configures nodes dynamically to avoid congestion. Assumes that node controls can be expressed in commands supported by OpenFlow v1.3. Due to state dependencies in space and time, the network dynamics are very complex, and resort to a simulation approach. The load in the network depends on many factors, such as traffic characteristics and the traffic matrix, topology and node capacities. To be able to study the impact of control functions, some parts of the environment is fixed, such as the topology and the node capacities, and statistically average the traffic distribution in the network by randomly generated traffic matrices. The traffic consists of approximately equal intensity of smooth, bursty and long memory traffic. By designing an algorithm that route traffic and configure queue resources so that delay is minimised, this thesis chooses the delay to be the optimisation parameter because it is additive and real-time applications are delay sensitive. The optimisation being studied both with respect to total end-to-end delay and maximum end-to-end delay. The delay is used as link weights and paths are determined by Dijkstra's algorithm. Furthermore, nodes are configured to serve the traffic optimally which in turn depends on the routing. The proposed algorithm is a fixed-point system of equations that iteratively evaluates routing - aggregation - delay until an equilibrium point is found. Three strategies are compared: static node configuration where each queue is allocated 1/3 of the node resources and no aggregation, aggregation of real-time (taken as smooth and bursty) traffic onto the same queue, and dynamic aggregation based on the entropy of the traffic streams and their aggregates. The results of the simulation study show good results, with gains of 10-40% in the QoS parameters. By simulation, the positive effects of the proposed routing and aggregation strategy and the usefulness of the algorithm. The proposed algorithm constitutes the central control logic, and the resulting control actions are realisable through the SDN/NFV architecture.
33
Ahmad, I. (Ijaz). "Improving software defined cognitive and secure networking." Doctoral thesis, Oulun yliopisto, 2018. http://urn.fi/urn:isbn:9789526219516.
Full textAbstract:
Abstract Traditional communication networks consist of large sets of vendor-specific manually configurable devices. These devices are hardwired with specific control logic or algorithms used for different network functions. The resulting networks comprise distributed control plane architectures that are complex in nature, difficult to integrate and operate, and are least efficient in terms of resource usage. However, the rapid increase in data traffic requires the integrated use of diverse access technologies and autonomic network operations with increased resource efficiency. Therefore, the concepts of Software Defined Networking (SDN) are proposed that decouple the network control plane from the data-forwarding plane and logically centralize the control plane. The SDN control plane can integrate a diverse set of devices, and tune them at run-time through vendor-agnostic programmable Application Programming Interfaces (APIs). This thesis proposes software defined cognitive networking to enable intelligent use of network resources. Different radio access technologies, including cognitive radios, are integrated through a common control platform to increase the overall network performance. The architectural framework of software defined cognitive networking is presented alongside the experimental performance evaluation. Since SDN enables applications to change the network behavior and centralizes the network control plane to oversee the whole network, it is highly important to investigate SDN in terms of security. Therefore, this thesis finds the potential security vulnerabilities in SDN, studies the proposed security platforms and architectures for those vulnerabilities, and presents future directions for unresolved security vulnerabilities. Furthermore, this thesis also investigates the potential security challenges and their solutions for the enabling technologies of 5G, such as SDN, cloud technologies, and virtual network functions, and provides key insights into increasing the security of 5G networksTiivistelmä Perinteiset tietoliikenneverkot pohjautuvat usein laajoille manuaalisesti konfiguroitaville valmistajakohtaisille ratkaisuille. Niissä käytetään laitekohtaista kontrollilogiikkaa tai verkon eri toiminnallisuuksien algoritmeja. Tämän johdosta verkon hajautettu kontrollitaso muodostuu monimutkaiseksi, jota on vaikea integroida ja operoida, eikä se ole kovin joustava resurssien käytön suhteen. Tietoliikenteen määrän kasvaessa tulee entistä tärkeämmäksi integroida useita verkkoteknologioita ja autonomisia verkon toiminnallisuuksia tehokkaan resurssinhallinnan saavuttamiseksi. Ohjelmisto-ohjatut verkkoratkaisut (SDN, Software Defined Networking) tarjoavat keinon hallita erikseen verkon kontrolliliikennettä eroteltuna dataliikenteestä keskitetysti. Tämä kontrollitaso voi integroida erilaisia verkkolaitteita ja ohjata niitä ajonaikaisesti valmistajariippumattoman sovellusohjelmointirajapinnan kautta. Tässä työssä on tutkittu älykästä ohjelmisto-ohjattavaa verkkoratkaisua, jonka avulla eri radioverkkoteknologiat (mukaan lukien konginitiiviradio) voidaan integroida yhteisen kontrollialustan kautta lisäämään verkon kokonaissuorituskykyä. Työssä esitetään kognitiivinen ohjelmisto-ohjattu verkon arkkitehtuuriratkaisu sekä sen suorituskyvyn arviointi mittauksiin pohjautuen. Koska ohjelmisto-ohjattu verkko pohjautuu koko verkon keskitettyyn kontrollilogiikkaan, on tietoturvan merkitys korostunut entisestään. Tässä työssä on sen vuoksi tutkittu juuri tällaisen verkkoratkaisun mahdollisia tietoturvauhkia sekä niiden torjumiseen soveltuvia ratkaisuvaihtoehtoja sekä esitetään tulevaisuuden kehityssuuntia vielä ratkaisemattomille uhkille. Lisäksi työssä on tutkittu laajemmin tulevien 5G verkkojen tietoturvauhkia ja niiden ratkaisuja, liittyen ohjelmisto-ohjattuihin verkkoratkaisuin, pilviteknologioihin ja virtualisoiduille verkkotoiminnallisuuksille. Työ tarjoaa myös näkemyksen siitä, miten verkon tietoturvaa voidaan kokonaisuudessaan lisätä 5G verkoissa
34
Carpa, Radu. "Energy Efficient Traffic Engineering in Software Defined Networks." Thesis, Lyon, 2017. http://www.theses.fr/2017LYSEN065/document.
Full textAbstract:
Ce travail a pour but d'améliorer l'efficacité énergétique des réseaux de cœur en éteignant un sous-ensemble de liens par une approche SDN (Software Defined Network). Nous nous différencions des nombreux travaux de ce domaine par une réactivité accrue aux variations des conditions réseaux. Cela a été rendu possible grâce à une complexité calculatoire réduite et une attention particulière au surcoût induit par les échanges de données. Pour valider les solutions proposées, nous les avons testées sur une plateforme spécialement construite à cet effet.Dans la première partie de cette thèse, nous présentons l'architecture logicielle ``SegmenT Routing based Energy Efficient Traffic Engineering'' (STREETE). Le cœur de la solution repose sur un re-routage dynamique du trafic en fonction de la charge du réseau dans le but d'éteindre certains liens peu utilisés. Cette solution utilise des algorithmes de graphes dynamiques pour réduire la complexité calculatoire et atteindre des temps de calcul de l'ordre des millisecondes sur un réseau de 50 nœuds. Nos solutions ont aussi été validées sur une plateforme de test comprenant le contrôleur SDN ONOS et des commutateurs OpenFlow. Nous comparons nos algorithmes aux solutions optimales obtenues grâce à des techniques de programmation linéaires en nombres entiers et montrons que le nombre de liens allumés peut être efficacement réduit pour diminuer la consommation électrique tout en évitant de surcharger le réseau.Dans la deuxième partie de cette thèse, nous cherchons à améliorer la performance de STREETE dans le cas d’une forte charge, qui ne peut pas être écoulée par le réseau si des algorithmes de routages à plus courts chemins sont utilisés. Nous analysons des méthodes d'équilibrage de charge pour obtenir un placement presque optimal des flux dans le réseau.Dans la dernière partie, nous évaluons la combinaison des deux techniques proposées précédemment : STREETE avec équilibrage de charge. Ensuite, nous utilisons notre plateforme de test pour analyser l'impact de re-routages fréquents sur les flux TCP. Cela nous permet de donner des indications sur des améliorations à prendre en compte afin d'éviter des instabilités causées par des basculements incontrôlés des flux réseau entre des chemins alternatifs. Nous croyons à l'importance de fournir des résultats reproductibles à la communauté scientifique. Ainsi, une grande partie des résultats présentés dans cette thèse peuvent être facilement reproduits à l'aide des instructions et logiciels fournisThis work seeks to improve the energy efficiency of backbone networks by automatically managing the paths of network flows to reduce the over-provisioning. Compared to numerous works in this field, we stand out by focusing on low computational complexity and smooth deployment of the proposed solution in the context of Software Defined Networks (SDN). To ensure that we meet these requirements, we validate the proposed solutions on a network testbed built for this purpose. Moreover, we believe that it is indispensable for the research community in computer science to improve the reproducibility of experiments. Thus, one can reproduce most of the results presented in this thesis by following a couple of simple steps. In the first part of this thesis, we present a framework for putting links and line cards into sleep mode during off-peak periods and rapidly bringing them back on when more network capacity is needed. The solution, which we term ``SegmenT Routing based Energy Efficient Traffic Engineering'' (STREETE), was implemented using state-of-art dynamic graph algorithms. STREETE achieves execution times of tens of milliseconds on a 50-node network. The approach was also validated on a testbed using the ONOS SDN controller along with OpenFlow switches. We compared our algorithm against optimal solutions obtained via a Mixed Integer Linear Programming (MILP) model to demonstrate that it can effectively prevent network congestion, avoid turning-on unneeded links, and provide excellent energy-efficiency. The second part of this thesis studies solutions for maximizing the utilization of existing components to extend the STREETE framework to workloads that are not very well handled by its original form. This includes the high network loads that cannot be routed through the network without a fine-grained management of the flows. In this part, we diverge from the shortest path routing, which is traditionally used in computer networks, and perform a particular load balancing of the network flows. In the last part of this thesis, we combine STREETE with the proposed load balancing technique and evaluate the performance of this combination both regarding turned-off links and in its ability to keep the network out of congestion. After that, we use our network testbed to evaluate the impact of our solutions on the TCP flows and provide an intuition about the additional constraints that must be considered to avoid instabilities due to traffic oscillations between multiple paths
35
Alasadi, Emad Younis. "Enhancing network scalability by introducing mechanisms, architectures and protocols." Thesis, Brunel University, 2017. http://bura.brunel.ac.uk/handle/2438/15874.
Full textAbstract:
In this thesis, three key issues that restrict networks from scaling up so as to be able to cope with the rapid increase in traffic are investigated and series of approaches are proposed and tested for overcoming them. Firstly, scalability limitations owing to the use of a broadcast mechanism in one collision domain are discussed. To address this matter, servers under software-defined network architectures for eliminating discovery messages (SSED) are designed in this thesis and a backbone of floodless packets in an SDN LAN network is introduced. SSED has an innovative mechanism for defining the relationship between the servers and SDN architecture. Experimental results, after constructing and applying an authentic testbed, verify that SSED has the ability to improve upon the scalability of the traditional mechanism in terms of the number of switches and hosts. This is achieved by removing broadcast packets from the data and control planes as well as offering a better response time. Secondly, the scalability restrictions from using routers and the default gateway mechanism are explained. In this thesis, multiple distributed subnets using SDN architecture and servers to eliminate router devices and the default gateway mechanism (MSSERD) are introduced, designed and implemented as the general backbone for scalable multiple LAN-based networks. MSSERD's proposed components handle address resolution protocol (ARP) discovery packets and general IP packets across different subnets. Moreover, a general view of the network is provided through a multi-subnets discovery protocol (MDP). A 23 computers testbed is built and the results verify that MSSERD scales up the number of subnets more than traditional approaches, enhances the efficiency significantly, especially with high load, improves performance 2.3 times over legacy mechanisms and substantially reduces complexity. Finally, most of the available distributed-based architectures for different domains are reviewed and the aggregation discovery mechanism analysed to establish their impact on network scalability. Subsequently, a general distributed-centralised architecture with open-level control plane (OLC) architecture and a dynamic discovery hierarchical protocol (DHP) is introduced to provide better scalability in an SDN network. OLC can scale up the network with high performance even during high traffic.
36
Alharbi, Faisal. "SDN-BASED MECHANISMS FOR PROVISIONING QUALITY OF SERVICE TO SELECTED NETWORK FLOWS." UKnowledge, 2018. https://uknowledge.uky.edu/cs_etds/72.
Full textAbstract:
Despite the huge success and adoption of computer networks in the recent decades, traditional network architecture falls short of some requirements by many applications. One particular shortcoming is the lack of convenient methods for providing quality of service (QoS) guarantee to various network applications. In this dissertation, we explore new Software-Defined Networking (SDN) mechanisms to provision QoS to targeted network flows. Our study contributes to providing QoS support to applications in three aspects. First, we explore using alternative routing paths for selected flows that have QoS requirements. Instead of using the default shortest path used by the current network routing protocols, we investigate using the SDN controller to install forwarding rules in switches that can achieve higher bandwidth. Second, we develop new mechanisms for guaranteeing the latency requirement by those applications depending on timely delivery of sensor data and control signals. The new mechanism pre-allocates higher priority queues in routers/switches and reserves these queues for control/sensor traffic. Third, we explore how to make the applications take advantage of the opportunity provided by SDN. In particular, we study new transmission mechanisms for big data transfer in the cloud computing environment. Instead of using a single TCP path to transfer data, we investigate how to let the application set up multiple TCP paths for the same application to achieve higher throughput. We evaluate these new mechanisms with experiments and compare them with existing approaches.
37
Molari, Alessandro. "Model Checking of Software Defined Networks using Header Space Analysis." Bachelor's thesis, Alma Mater Studiorum - Università di Bologna, 2017. http://amslaurea.unibo.it/14772/.
Full textAbstract:
This thesis investigates the topic of verifying network status validity with a Cyber Security perspective.
The fields of interest are dynamic networks like OpenFlow and Software Defined Networks, where these problems may have larger attack surface and greater impact.
The framework under study is called Header Space Analysis, a formal model and protocol-agnostic framework that allows to perform static policy checking both in classical TCP/IP networks and modern dynamic SDN.
The goal is to analyse some classes of network failure, declaring valid network states and recognizing invalid ones.
HSA has evolved in NetPlumber, to face problems caused by high dynamics of SDN networks.
The main difference between HSA and NetPlumber is the incremental way that the latter performs checks and keeps state updated, verifying the actual state compliance with the expected state defined in its model, but the concept is the same: declare what's allowed and recognize states violating that model.
The second and main contribute of this thesis is to expand existing vision with the purpose of increasing the network security degree, introducing model-checking-based networks through the definition of an abstraction layer that provides a security-focused model-checking service to SDN.
The developed system is called MCS (Model Checking Service) and is implemented for an existing SDN solution called ONOS, using NetPlumber as underlying model-checking technology, but it's validity is general, uncoupled with any kind of SDN implementation.
Finally, the demo shows how some cases of well-known security attacks in modern networks can be prevented or mitigated using the reactive behavior of MCS.
38
Arbiza, Lucas Mendes Ribeiro. "SDN no contexto de IoT : refatoração de middleware para monitoramento de pacientes crônicos baseada em software-defined networking." reponame:Biblioteca Digital de Teses e Dissertações da UFRGS, 2016. http://hdl.handle.net/10183/134368.
Full textAbstract:
Algumas palavras e definições comumente utilizadas quando se está falando de Software-Defined Networking, como programabilidade, flexibilidade, ou gerenciamento centralizado, parecem muito apropriadas ao contexto de um outro paradigma de rede: Internet of Things. Em redes domésticas já não é incomum a existência de dispositivos projetados para segurança, climatização, iluminação, monitoramento de saúde e algumas formas de automação que diferem entre si em diversos aspectos, como no modo de operar e de se comunicar. Lidar com este tipo de cenário, que pode diferir bastante daquilo que estamos acostumados na gerência de redes e serviços, fazendo uso dos recursos tradicionais como ferramentas e protocolos bem estabelecidos, pode ser difícil e, em alguns casos, inviável. Com o objetivo de possibilitar o monitoramento remoto de pacientes com doenças crônicas através de dispositivos de healthcare disponíveis no mercado, uma proposta de middleware foi desenvolvida em um projeto de pesquisa para contornar as limitações relacionadas à interoperabilidade, coleta de dados, gerência, segurança e privacidade encontradas nos dispositivos utilizados. O middleware foi projetado com o intuito de executar em access points instalados na casa dos pacientes. Contudo, as limitações de hardware e software do access point utilizado refletem no desenvolvimento, pois restringem o uso de linguagens de programação e recursos que poderiam agilizar e facilitar a implementação dos módulos e dos mecanismos necessários. Os contratempos encontrados no desenvolvimento motivaram a busca por alternativas, o que resultou na refatoração do middleware através de Software-Defined Networking, baseando-se em trabalhos que exploram o uso desse paradigma em redes domésticas. O objetivo deste trabalho é verificar a viabilidade da utilização de Software-Defined Networking no contexto de Internet of Things, mais especificamente, aplicado ao serviço de monitoramento de pacientes da proposta anterior e explorar os possíveis benefícios resultantes. Com a refatoração, a maior parte da carga de serviços da rede e do monitoramento foi distribuída entre servidores remotos dedicados, com isso os desenvolvedores podem ir além das restrições do access point e fazer uso de recursos antes não disponíveis, o que potencializa um processo de desenvolvimento mais ágil e com funcionalidades mais complexas, ampliando as possibilidades do serviço. Adicionalmente, a utilização de Software-Defined Networking proporcionou a entrega de mais de um serviço através de um único access point, escalabilidade e autonomia no gerenciamento das redes e dos dispositivos e na implantação de serviços, fazendo uso de recursos do protocolo OpenFlow, e a cooperação entre dispositivos e serviços a fim de se criar uma representação digital mais ampla do ambiente monitorado.Some words and definitions usually employed when talking about Software-Defined Networking such as programmability, frexibility, or centralized management sound very appropriate to the context of another network paradigm: Internet of Things. The presence of devices designed for security, air conditioning, lighting, health monitoring and some other automation resources have become common in home networks; those devices may be different in many ways, such as the way they operate and communicate, between others. Dealing with this kind of scenario may differ in many ways from what we are familiar regarding networking and services management; the use of traditional management tools and protocols may be hard or even unfeasible. Aiming to enable the health monitoring of patients with chronical illnesses through using off-the-shelf healthcare devices a middleware proposal was developed in a research project to circumvent interoperability, data collecting, management, security and privacy issues found in employed devices. The middleware was designed to run on access points in the homes of the patients. Although hardware and software limitations of the used access points reflect on the development process, because they restrict the use of programming languages and resources that could be employed to expedite the implementation of necessary modules and features. Development related mishaps have motivated the search for alternatives resulting in the middleware refactoring through Software-Defined Networking, based on previous works where that paradigm is used in home networks. This work aims to verify the feasability of the employment of Software- Defined Networking in the Internet of Things context, and its resulting benefits; specifically in the health monitoring of chronic patients service from the previous proposal. After refactoring most of the network and services load was distributed among remote dedicated servers allowing developers to go beyond the limitations imposed by access points constraints, and to make use of resources not available before enabling agility to the development process; it also enables the development of more complex features expanding services possibilities. Additionally Software-Defined Networking employment provides benefits such as the delivering of more than only one service through the same access point; scalability and autonomy to the network and devices monitoring, as to the service deployment through the use of OpenFlow resources; and devices and services cooperation enabling the built of a wider digital representation of the monitored environment.
39
Brás, Rui Nuno Carrulo. "Integrated cloud management using software defined networks." Master's thesis, Universidade de Aveiro, 2015. http://hdl.handle.net/10773/18563.
Full textAbstract:
Mestrado em Engenharia de Computadores e TelemáticaNestes últimos anos tem-se vindo a registar um grande aumento no número de dispositivos ligados à Internet a partir de praticamente qualquer lugar. Assim, para manter-se par com a procura, os Internet Providers têm de melhorar sua rede através da aquisição de mais dispositivos de rede, o que por sua vez aumenta o custo da infra-estrutura. Além disso, isso dificulta ainda mais a gestão das redes devido à sua abordagem centrada no hardware que requer a configuração manual de cada um dos dispositivos de rede. Uma mudança no paradigma atual tem sido estudado e evoluindo ao longo de décadas, mostrando, nos últimos anos, que ele pode realmente ser a futura direção para a rede. SDN é um novo paradigma de rede que facilita a gestão da mesma ao permitir que esta se torne programável. Isso é feito principalmente através da separação dos planos de dados e controlo e também através da criação de abstrações que tornam a rede mais flexível e escalável. O que por sua vez, permite a inovação e gestão mais simples de redes de data center em ambientes de cloud. O objetivo principal desta dissertação é implementar e avaliar uma solução que facilita a gestão, em ambientes de data center, usando este novo paradigma, SDN. Ela fornece configuração transparente e automática da rede subjacente, a fim de permitir a comunicação entre os nós com requisitos de largura de banda especificados. Além disso, também realiza a monitorização de balanceamento de carga para optimizar o uso de tráfego na rede. Esta dissertação apresenta a solução desenvolvida que utiliza um controlador de SDN e OpenvSwitch. A solução faz uso de ambos os protocolos OpenFlow e OVSDB, bem como os módulos do controlador OpenDaylight. A interacção com o controlador é realizada através do uso do REST APIs fornecidas pelo controlador acima mencionado. Durante a fase de avaliação, vários cenários de teste foram executados a fim de avaliar a correção e o desempenho do sistema que interage com a rede. A aplicação comportou-se razoavelmente bem por ser capaz de aplicar a largura de banda especificada on-demand (QoS) de uma maneira simples e sem falhas. Do mesmo modo, o balanceamento de carga foi também aplicado com sucesso, sem perder a comunicação entre os nós. Tudo isto foi realizado com overhead moderado (em termos de tempo de instalação e da quantidade de dados enviados para gerir a rede). Em conclusão, a solução mostra-se promissora pela sua facilidade na gestão de redes em data centers.
These past few years we have been experiencing a large increase in the number of devices connected to the Internet from almost anywhere. Thus, to keep up with the demand, Service Providers have to upgrade their network by acquiring more network devices, which greatly increases the infrastructure’s cost. In addition, this hampers even more the management of the networks due to their hardware centric approach which requires manual configuration of each of the network devices. A change in the current paradigm has been studied and evolving for decades, showing, in the last years, that it can actually be the future direction for networking. SDN is a modern networking paradigm that eases network management by enable the network to be programmable. This is done mainly through the separation of data and control planes and also through the creation of abstractions that make the network more flexible and scalable. Which, in turn enables innovation and simpler management to data center networks in cloud environments. The main objective of this dissertation is to implement and evaluate a solution that eases the management in data center environments using this new paradigm, SDN. It provides seamless and automatic configuration of the underlying network in order to allow communication between nodes with on-demand bandwidth requirements. In addition, it also performs load balance monitoring to optimize the traffic usage on the network. This dissertation presents the developed solution which uses a SDN controller and OpenvSwitch. The solution makes use of both OpenFlow and OVSDB protocols as well as OpenDaylight controller’s modules. The interaction with the controller is performed through the use of the REST APIs provided by the above mentioned controller. During the evaluation stage, several test scenarios were executed in order to evaluate the correctness and performance of the system interacting with the network. The application behaved reasonably well by being able to apply the specified bandwidth on-demand (QoS) in a simple manner without flaws. Similarly, the load balance was also successfully applied without loosing communication between the hosts. All this was accomplished with moderate overhead (in terms of time of installation and quantity of data sent to manage the network). In conclusion, the solution shows to be promising for the ease of management in data center networks.
40
Aimi, Leonardo. "Orchestrazione di Risorse Distribuite in Scenari Network Function Virtualization e Software Defined Networking Integrati." Master's thesis, Alma Mater Studiorum - Università di Bologna, 2018.
Find full textAbstract:
Software-defined Networking (SDN) e Network Function Virtualization (NFV) sono due modelli che negli ultimi anni hanno contribuito a rivoluzionare il modo con cui gli operatori di rete organizzano le proprie architetture.
SDN propone una separazione del livello di controllo da quello architetturale avvalendosi di protocolli aperti e standard, come OpenFlow, per permettere la comunicazione tra i dispositivi di rete, privati di logica e intelligenza, con un controller di più alto livello, arricchito di funzionalità e con una visione globale della topologia di rete.
NFV si basa sul concetto di virtualizzazione permettendo un completo disaccoppiamento tra i servizi di rete offerti da un operatore ed i dispositivi hardware su cui questi vengono installati ed eseguiti.
L'obiettivo di questa tesi è quello di delineare un modello di integrazione tra SDN e NFV per l'orchestrazione di risorse di rete distribuite. Si vuole così creare un testbed architetturale mediante software open source come ONOS e Mininet tenendo in considerazione i limiti ed i requisiti di SDN e NFV all'interno di uno scenario di rete simulato.
41
Elamin, Mohamed. "PERFORMANCE ANALYSIS OF SOFTWARE DEFINED NETWORKCONCEPTS IN NETWORKED EMBEDDED SYSTEMS." University of Akron / OhioLINK, 2017. http://rave.ohiolink.edu/etdc/view?acc_num=akron1497708739639971.
Full text
42
Calabrigo, Adam Chase. "SD-MCAN: A Software-Defined Solution for IP Mobility in Campus Area Networks." DigitalCommons@CalPoly, 2017. https://digitalcommons.calpoly.edu/theses/1797.
Full textAbstract:
Campus Area Networks (CANs) are a subset of enterprise networks, comprised of a network core connecting multiple Local Area Networks (LANs) across a college campus. Traditionally, hosts connect to the CAN via a single point of attachment; however, the past decade has seen the employment of mobile computing rise dramatically. Mobile devices must obtain new Internet Protocol (IP) addresses at each LAN as they migrate, wasting address space and disrupting host services. To prevent these issues, modern CANs should support IP mobility: allowing devices to keep a single IP address as they migrate between LANs with low-latency handoffs. Traditional approaches to mobility may be difficult to deploy and often lead to inefficient routing, but Software-Defined Networking (SDN) provides an intriguing alternative. This thesis identifies necessary requirements for a software-defined IP mobility system and then proposes one such system, the Software-Defined Mobile Campus Area Network (SD-MCAN) architecture. SD-MCAN employs an OpenFlow-based hybrid, label-switched routing scheme to efficiently route traffic flows between mobile hosts on the CAN. The proposed architecture is then implemented as an application on the existing POX controller and evaluated on virtual and hardware testbeds. Experimental results show that SD-MCAN can process handoffs with less than 90 ms latency, suggesting that the system can support data-intensive services on mobile host devices. Finally, the POX prototype is open-sourced to aid in future research.
43
Schiavi, Daniele. "Software Defined Networks: analisi dell’interazione fra nodi di rete e Controller." Bachelor's thesis, Alma Mater Studiorum - Università di Bologna, 2017. http://amslaurea.unibo.it/14015/.
Full textAbstract:
L'obiettivo di questa tesi è verificare il comportamento e le interazioni tra uno switch e più controller, al variare del ruolo assunto da questi ultimi, in una rete virtuale SDN con protocollo OpenFlow. Nella tesi sono presenti tre capitoli, i primi due sono puramente teorici mentre il terzo descrive i test che sono stati effettuati. I primi due capitoli introducono e descrivono gli elementi principali di SDN ed OpenFlow, in particolare viene presentata l'architettura multi controller che è il tema fondamentale di questa tesi. Il terzo capitolo è il fulcro della tesi, descrive la topologia ed i test che sono stati effettuati per verificare il comportamento e le interazioni tra lo switch ed i controller.
44
Vrablic, Pavol. "Simulace SDN sítě." Master's thesis, Vysoké učení technické v Brně. Fakulta elektrotechniky a komunikačních technologií, 2017. http://www.nusl.cz/ntk/nusl-317006.
Full text
45
van, 't Hof David M. "Service Provisioning in SDN using a Legacy Network Management System." Thesis, KTH, Skolan för informations- och kommunikationsteknik (ICT), 2016. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-204957.
Full textAbstract:
Software Defined Networking (SDN) has become increasingly popular in combination with Network Function Virtualization (NFV). SDN is a way to make a network more programmable and dynamic. However, in order to create a homogeneous network using this concept, legacy equipment will have to be substituted by SDN equipment, which is costly. To close the gap between the legacy world and SDN, we introduce the concept of a legacy Network Management System (NMS) that is connected to an SDN controller to perform service provisioning. This way, the NMS is capable of configuring both legacy as well as SDN networks to provide customers with the services that they have ordered, while still allowing for new SDN features in the SDN domain of the network. The main service we wish to provide using SDN is Service Function Chaining (SFC). Service provisioning consists of dynamically constructing a path through the ordered network services, in this case Virtual Network Functions (VNFs). This thesis focuses on the SDN controller and its interaction with the NMS. This project aims at configuring OpenFlow rules in the network using an SDN controller to perform SFC. Moreover, the focus will be on how to represent an SDN element and a service function chain in the legacy network NMS. The thesis also contains a discussion on what information should be exchanged between the management software and the controller. The management software used is called BECS, a system developed by Packetfront Software. Integrating SDN in BECS is done by creating a proof of concept, containing a full environment from the low level network elements to the NMS. By using a bottom-up approach for creating this proof of concept, the information that BECS is required to send to the SDN controller can be identified before designing and implementing the connection between these two entities. When sending the information, the NMS should be able to receive acknowledgement of successful information exchange or an error. However, when the proof of concept was created a problem arose on how to test and troubleshoot it. For this reason, a web Graphical User Interface (GUI) was created. This GUI shows the number of packets that have gone through a VNF. Because it is possible to see how many packets go through a VNF, one can see where a network issue occurs. The subsequent analysis investigates the impact of making such a GUI available for a network administrator and finds that the part of the network where the configuration error occurs can be narrowed down significantly.Software Defined Networking (SDN) har blivit mer och mer populärt i kombination med Network Function Virtualization (NFV). SDN är en sätt för att göra ett nätverk mer programmerbart och dynamiskt. För att skapa ett homogent nätverk med detta koncept, behöver man dock ersätta traditionell utrustning med SDN utrustning som är dyr. För att stänga gapet mellan traditionella nätverk och SDN-världen, introducerar vi ett koncept med ett traditionell Network Management System (NMS) som är anslutet till en SDN-styrenhet för att utföra tjänsteprovisionering. På detta sätt kan NMS:et konfigurera både traditionella och SDN-nätverk, samt provisionera tjänster för kunderna medan nya SDN-funktioner möjliggörs i SDN-delen av nätverket. Den huvudsakliga tjänsten som vi vill lansera genom SDN är Service Function Chaining (SFC). Tjänsteprovisionering består av att konstruera en väg genom beställda tjänster, i detta fall Virtual Network Functions (VNFs). Detta examensarbete fokuserar huvusakligen på SDN-styrenheten och dess interaktion med NMS:et. Projektet syftar till att konfigurera OpenFlow regler i SDN-styrenheten för att utföra SFC. Dessutom fokuserar arbetet på hur man kan representera SDN-element och SFCs i ett traditionellt NMS. Vidare diskuteras vilken information som ska utbytas mellan NMS:et och SDNstyrenheten. NMS:et som ska vara användas är BECS, ett system utvecklat av Packetfront Software. Uppgiften löses genom att skapa ett proof of concept, som innehåller ett komplett system med alla komponenter från nätverkselement till NMS:et. Genom att använda en bottom-up-strategi för detta proof of concept kan informationen som BECS måste skicka till SDN styrenheten indentifieras, innan design och implementation av förbindelsen mellan enheterna kan utföras. När informationen är skickad ska NMS:et kunna hämta information om huruvida styrenheten fick informationen utan fel. Dock uppstår ett problem gällande hur man testar och felsöker detta proof of concept. Av denna anledning skapades ett web Graphical User Interface (GUI). Användargränssnittet visar antalet paket som går genom varje VNF, samt var i nätverket fel uppstår. Analysen undersöker hur stor effekten är för en nätverkadministrator och visar att området där fel kan uppstå begränsas avsevärt.
46
Gruesen, Michael G. "Towards an Ideal Execution Environment for Programmable Network Switches." University of Akron / OhioLINK, 2016. http://rave.ohiolink.edu/etdc/view?acc_num=akron1468834070.
Full text
47
Niyaz, Quamar. "Design and Implementation of a Deep Learning based Intrusion Detection System in Software-Defined Networking Environment." University of Toledo / OhioLINK, 2017. http://rave.ohiolink.edu/etdc/view?acc_num=toledo1501785493311223.
Full text
48
Piska, Vojtěch. "Vývoj aplikací pro softwarově definované sítě." Master's thesis, Vysoké učení technické v Brně. Fakulta elektrotechniky a komunikačních technologií, 2016. http://www.nusl.cz/ntk/nusl-241990.
Full textAbstract:
In this diploma thesis is described new network architecture also known as software defined networks. In first part of work are explained and described tasks of individual architecture layers. Work includes discussion about advantages and disadvantages of these networks. In next part is described OpenFlow protocol which allows to controller communicate with underlying hardware devices. Last part contains proposal of laboratory excercises which demonstrate SDN technology.
49
Pelay, Johan. "Garantir la cohérence applicative lors des changements de configuration réseau : étude de cas sur la connectivité dans les Software Defined Infrastructures." Thesis, Rennes 1, 2020. http://www.theses.fr/2020REN1S001.
Full textAbstract:
Des solutions de vérification efficaces nous semblent indispensables afin d’assurer la continuité des services en place et le déploiement de nouveaux services dans les réseaux 5G. Cette problématique ne se limite pas aux techniques de vérification, nos travaux portent aussi sur la formalisation des besoins d'un service réseau complet. Nous avons travaillé sur un langage de programmation facilitant la vérification dans les contrôleurs SDN. Puis nous avons défini des contrats de comportement réseau afin de clarifier les propriétés à vérifier pour assurer le bon fonctionnement d'un service. Enfin nous avons étudié MANO pour proposer une extension du standard permettant de vérifier les configurations réseau au niveau de l'orchestrateurWe believe that effective verification solutions are essential to ensure the continuity of existing services and the deployment of new services in 5G networks. This problem is not limited to verification techniques, our work also concerns the formalization of needs of a complete network service. We worked on a programming language to facilitate verification in SDN controllers. Then we defined network behavior contracts to clarify the properties to be verified to ensure the proper functioning of a service. Finally, we studied MANO to propose an extension of the standard to check the network configurations at the orchestrator level
50
Zaman, Faisal Ameen. "VN Embedding in SDN-based Metro Optical Network for Multimedia Services." Thesis, Université d'Ottawa / University of Ottawa, 2017. http://hdl.handle.net/10393/35933.
Full textAbstract:
Currently a growing number of users depend on the Edge Cloud Computing Paradigm in a Metro Optical Network (MON). This has led to increased competition among the Cloud Service Providers (CPs) to supply incentives for the user through guaranteed Quality of Service (QoS). If the CP fails to guarantee the QoS for the accepted request, then the user will move to another CP. Making an informed decision dynamically in such a sensitive situation demands that the CP knows the user's application requirements. The Software Defined Networking (SDN) paradigm enabled the CP to achieve such desired requirement. Therefore, a framework called Virtual Network Embedding on SDN-based Metro Optical Network (VNE-MON) is proposed in this Thesis. The use of SDN paradigm in the framework guarantees profit to the CP as well as QoS to the user.\par
The design concept of the SDN control plane, raises concerns regarding its scalability, reliability and performance compared to a traditionally distributed network. To justify concerns regarding the SDN, the performance of VNE-MON and its possible dependancy on the controller location is investigated. Several strategies are proposed and formulated using Integer Linear Programming to determine the controller location in a MON. Performance results from the assessment of the VNE-MON illustrates that it is more stable compare to GMPLS-based network. It is evident that the controller location's attributes have a significant effect on the efficacy of the accepted VN request.