The network services today require extremely agile and mobile, however, the traditional IP infrastructures are so rigid that cannot fit services well. A way should be put forward to automate the network to improve res...The network services today require extremely agile and mobile, however, the traditional IP infrastructures are so rigid that cannot fit services well. A way should be put forward to automate the network to improve responsiveness to change. SDN and network virtualization(NV) are two hottest approaches to make networking more automated and scalable to support virtualized and cloud environments. Network virtualization combines hardware and software network resources and network functionality into a single virtual network. SDN is created to simplify traffic management and achieve operational efficiencies by establish and exercising central control over packet forwarding. In this paper, we focus on the situation where SDN controller needs to connect two virtual networks temporarily. We put forward three algorithms to try to make this connection more effective and evaluate these three algorithms.展开更多
Virtualization of network/service functions means time sharing network/service(and affiliated)resources in a hyper speed manner.The concept of time sharing was popularized in the 1970s with mainframe computing.The s...Virtualization of network/service functions means time sharing network/service(and affiliated)resources in a hyper speed manner.The concept of time sharing was popularized in the 1970s with mainframe computing.The same concept has recently resurfaced under the guise of cloud computing and virtualized computing.Although cloud computing was originally used in IT for server virtualization,the ICT industry is taking a new look at virtualization.This paradigm shift is shaking up the computing,storage,networking,and ser vice industries.The hope is that virtualizing and automating configuration and service management/orchestration will save both capes and opex for network transformation.A complimentary trend is the separation(over an open interface)of control and transmission.This is commonly referred to as software defined networking(SDN).This paper reviews trends in network/service functions,efforts to standardize these functions,and required management and orchestration.展开更多
Software-Defined Networking(SDN) decouples the control plane and the data plane in network switches and routers, which enables the rapid innovation and optimization of routing and switching configurations. However,t...Software-Defined Networking(SDN) decouples the control plane and the data plane in network switches and routers, which enables the rapid innovation and optimization of routing and switching configurations. However,traditional routing mechanisms in SDN, based on the Dijkstra shortest path, do not take the capacity of nodes into account, which may lead to network congestion. Moreover, security resource utilization in SDN is inefficient and is not addressed by existing routing algorithms. In this paper, we propose Route Guardian, a reliable securityoriented SDN routing mechanism, which considers the capabilities of SDN switch nodes combined with a Network Security Virtualization framework. Our scheme employs the distributed network security devices effectively to ensure analysis of abnormal traffic and malicious node isolation. Furthermore, Route Guardian supports dynamic routing reconfiguration according to the latest network status. We prototyped Route Guardian and conducted theoretical analysis and performance evaluation. Our results demonstrate that this approach can effectively use the existing security devices and mechanisms in SDN.展开更多
基金supported under the National High Technology Research and Development Program(863)of China(No.2015AA016101)the National Natural Science Funds(No.61300184+1 种基金61302089)Beijing Nova Program(No.Z151100000315078)
文摘The network services today require extremely agile and mobile, however, the traditional IP infrastructures are so rigid that cannot fit services well. A way should be put forward to automate the network to improve responsiveness to change. SDN and network virtualization(NV) are two hottest approaches to make networking more automated and scalable to support virtualized and cloud environments. Network virtualization combines hardware and software network resources and network functionality into a single virtual network. SDN is created to simplify traffic management and achieve operational efficiencies by establish and exercising central control over packet forwarding. In this paper, we focus on the situation where SDN controller needs to connect two virtual networks temporarily. We put forward three algorithms to try to make this connection more effective and evaluate these three algorithms.
文摘Virtualization of network/service functions means time sharing network/service(and affiliated)resources in a hyper speed manner.The concept of time sharing was popularized in the 1970s with mainframe computing.The same concept has recently resurfaced under the guise of cloud computing and virtualized computing.Although cloud computing was originally used in IT for server virtualization,the ICT industry is taking a new look at virtualization.This paradigm shift is shaking up the computing,storage,networking,and ser vice industries.The hope is that virtualizing and automating configuration and service management/orchestration will save both capes and opex for network transformation.A complimentary trend is the separation(over an open interface)of control and transmission.This is commonly referred to as software defined networking(SDN).This paper reviews trends in network/service functions,efforts to standardize these functions,and required management and orchestration.
基金supported in part by the National Natural Science Foundation of China (Nos. 61402029, 61370190, and 61379002)the National Key Basic Research Program (973) of China (No. 2012CB315905)
文摘Software-Defined Networking(SDN) decouples the control plane and the data plane in network switches and routers, which enables the rapid innovation and optimization of routing and switching configurations. However,traditional routing mechanisms in SDN, based on the Dijkstra shortest path, do not take the capacity of nodes into account, which may lead to network congestion. Moreover, security resource utilization in SDN is inefficient and is not addressed by existing routing algorithms. In this paper, we propose Route Guardian, a reliable securityoriented SDN routing mechanism, which considers the capabilities of SDN switch nodes combined with a Network Security Virtualization framework. Our scheme employs the distributed network security devices effectively to ensure analysis of abnormal traffic and malicious node isolation. Furthermore, Route Guardian supports dynamic routing reconfiguration according to the latest network status. We prototyped Route Guardian and conducted theoretical analysis and performance evaluation. Our results demonstrate that this approach can effectively use the existing security devices and mechanisms in SDN.
