Introduction to SDN and NFV

Centralized Control ◽

Control Plane ◽

Network Function ◽

Data Plane ◽

Network Functions ◽

The Way

Software defined network (SDN) and Network function virtualization (NFV) are the two new networking paradigms changing the way traditional networks work. SDN works on the concept of centralization so that all the decisions related to controlling the networks is done in a centralized place in a centralized manner. To provide a centralized control, SDN decouples the control plane and data from the traditional routing devices to take it in the centralized position. The data plane is still intact with the routing devices, but they now become mere forwarding devices and the decisions are made at the centralized place called the controller. The controller is basically the x86 server that is connected to the forwarding devices and communicates with them for all control decisions such as routing. NFV is based on virtualization of network functions in the form of software running over a high end server. This kind of virtualization helps in easy setup of networks as well as easy migration.

Reconfigurable Network Stream Processing on Virtualized FPGA Resources

International Journal of Reconfigurable Computing ◽

10.1155/2018/8785903 ◽

2018 ◽

Vol 2018 ◽

pp. 1-11 ◽

Cited By ~ 1

Author(s):

Qianqiao Chen ◽

Vaibhawa Mishra ◽

Jose Nunez-Yanez ◽

Georgios Zervas

Keyword(s):

General Purpose ◽

Network Services ◽

Network Function ◽

Software Applications ◽

Data Plane ◽

High Bandwidth ◽

Network Functions ◽

Reconfigurable Platform ◽

On Chip

The software defined network and network function virtualization are proposed to address the network ossification issue in current Internet infrastructure. Network functions and services are implemented as software applications to increase the programmability of network. However, involving general purpose processors in data plane restricts the bandwidth of network services. Therefore, to keep both the bandwidth and flexibility, a FPGA platform is suggested as a reconfigurable platform to deliver high bandwidth virtual network functions on data plane. In this paper, the FPGA resource has been virtualized by interconnecting partial reconfigurable regions to deliver high bandwidth reconfigurable processing on network streams. With the help of partial reconfiguration technology, network functions on our platform can be configured without affecting other functions on the same FPGA device. The on-chip interconnect system is further evaluated by comparing with existing network-on-chip system. A reconfiguration process is also proposed and demonstrated that it can be performed on our platform. The process can happen in the real time of network services and it is able to keep the original function working during the download of partial bitstream.

IMPLEMENTASI DAN ANALISIS EFEKTIVITAS FIREWALL PADA SOFTWARE DEFINED NETWORK BERBASIS OPENFLOW

Jurnal Informatika Terpadu ◽

10.54914/jit.v4i2.153 ◽

2018 ◽

Vol 4 (2) ◽

pp. 46-57

Author(s):

Fathul Muiin ◽

Henry Saptono

Keyword(s):

Control Plane ◽

Flow Table ◽

Data Plane

Penggunaan akses internet di dunia semakin berkembang, dan selaras dengan perkembangan teknologi jaringan komputer yang semakin kompleks. Oleh karena itu, keamanan data pada sebuah komputer menjadi salah satu bagian yang sangat penting dalam sebuah jaringan. Dan SDN merupakan sebuah solusi untuk menyediakan kebutuhan jaringan komputer saat ini. Software Defined Network (SDN) merupakan pendekatan pada teknologi jaringan yang melakukan penyederhanaan terhadap kontrol dan manajemen jaringan. Pada jaringan ini nantinya akan menggunakan protokol openflow, yang prinsip utamanya memisahkan fungsi control plane dan data plane pada perangkat. Kontrol jaringan pada sebuah controller bersifat programmable, jadi dengan adanya SDN maka jaringan akan mudah diatur dan lebih fleksibel. Implementasi dan analisis firewall ini menggunakan emulator mininet untuk membuat topologi jaringan yang sederhana. Dalam pengujian firewall menggunakan bahasa XML untuk implementasi aliran data, lalu menggunakan aplikasi postman sebagai alat untuk menambahkan flow table baru pada switch, dan controller yang digunakan adalah opendaylight.

Advances in Systems Analysis, Software Engineering, and High Performance Computing - Innovations in Software-Defined Networking and Network Functions Virtualization ◽

NFV Practical Implementation

10.4018/978-1-5225-3640-6.ch008 ◽

2018 ◽

pp. 175-194

Author(s):

Lalit Pandey

Keyword(s):

Network Architecture ◽

Software Implementation ◽

Virtual Network ◽

Practical Implementation ◽

Network Function ◽

Network Functions

This chapter is focused on the traditional network architecture limitations with NFV benefits. Discussion of NFV architecture and framework as well as management and orchestration has been discussed in this chapter. Cisco VNF portfolio and virtual network functions implementation is included with software implementation of the architecture of NFV (network function virtualization). Management and orchestration functional layers as per ETSI standard. The challenges in NFV implementation is also a concern today, which is a part of this chapter.

Design Innovation and Network Architecture for the Future Internet - Advances in Web Technologies and Engineering ◽

ONAP

10.4018/978-1-7998-7646-5.ch008 ◽

2021 ◽

pp. 212-249

Author(s):

Eric Debeau ◽

Veronica Quintuna-Rodriguez

Keyword(s):

Network Function ◽

On Demand ◽

Public Networks ◽

5G Network ◽

Network Flexibility ◽

Optimal Resource ◽

Network Functions ◽

Lifecycle Management ◽

Automation Techniques

The ever-increasing complexity of networks and services advocates for the introduction of automation techniques to facilitate the design, the delivery, and the operation of such networks and services. The emergence of both network function virtualization (NFV) and software-defined networks (SDN) enable network flexibility and adaptability which open the door to on-demand services requiring automation. In aim of holding the increasing number of customized services and the evolved capabilities of public networks, the open network automation platform (ONAP), which is in open source, particularly addresses automation techniques while enabling dynamic orchestration, optimal resource allocation capabilities, and end-to-end service lifecycle management. This chapter addresses the key ONAP features that can be used by industrials and operators to automatically manage and orchestrate a wide set of services ranging from elementary network functions (e.g., firewalls) to more complex services (e.g., 5G network slices).

VNF Placement Optimization at the Edge and Cloud †

Future Internet ◽

10.3390/fi11030069 ◽

2019 ◽

Vol 11 (3) ◽

pp. 69 ◽

Cited By ~ 18

Author(s):

Aris Leivadeas ◽

George Kesidis ◽

Mohamed Ibnkahla ◽

Ioannis Lambadaris

Keyword(s):

Cloud Computing ◽

Service Providers ◽

Research Area ◽

End Users ◽

Future Research ◽

Cloud Infrastructure ◽

Network Function ◽

Computing Paradigm ◽

Network Functions

Network Function Virtualization (NFV) has revolutionized the way network services are offered to end users. Individual network functions are decoupled from expensive and dedicated middleboxes and are now provided as software-based virtualized entities called Virtualized Network Functions (VNFs). NFV is often complemented with the Cloud Computing paradigm to provide networking functions to enterprise customers and end-users remote from their premises. NFV along with Cloud Computing has also started to be seen in Internet of Things (IoT) platforms as a means to provide networking functions to the IoT traffic. The intermix of IoT, NFV, and Cloud technologies, however, is still in its infancy creating a rich and open future research area. To this end, in this paper, we propose a novel approach to facilitate the placement and deployment of service chained VNFs in a network cloud infrastructure that can be extended using the Mobile Edge Computing (MEC) infrastructure for accommodating mission critical and delay sensitive traffic. Our aim is to minimize the end-to-end communication delay while keeping the overall deployment cost to minimum. Results reveal that the proposed approach can significantly reduce the delay experienced, while satisfying the Service Providers’ goal of low deployment costs.

Mitigation of DDoS attack instigated by compromised switches on SDN controller by analyzing the flow rule request traffic

International Journal of Engineering & Technology ◽

10.14419/ijet.v7i2.6.10065 ◽

2018 ◽

Vol 7 (2.6) ◽

pp. 46 ◽

Cited By ~ 2

Author(s):

Sanjeetha R ◽

Shikhar Srivastava ◽

Rishab Pokharna ◽

Syed Shafiq ◽

Dr Anita Kanavalli

Keyword(s):

Network Architecture ◽

Flow Rule ◽

Ddos Attacks ◽

Control Plane ◽

Ddos Attack ◽

Flow Table ◽

Data Plane ◽

Ddos Detection ◽

Sdn Controller

Software Defined Network (SDN) is a new network architecture which separates the data plane from the control plane. The SDN controller implements the control plane and switches implement the data plane. Many papers discuss about DDoS attacks on primary servers present in SDN and how they can be mitigated with the help of controller. In our paper we show how DDoS attack can be instigated on the SDN controller by manipulating the flow table entries of switches, such that they send continuous requests to the controller and exhaust its resources. This is a new, but one of the possible way in which a DDoS attack can be performed on controller. We show the vulnerability of SDN for this kind of attack. We further propose a solution for mitigating it, by running a DDoS Detection module which uses variation of flow entry request traffic from all switches in the network to identify compromised switches and blocks them completely.

Cloud Based Data Protection in Anonymously Controlled SDN

Security and Communication Networks ◽

10.1155/2018/9845426 ◽

2018 ◽

Vol 2018 ◽

pp. 1-8 ◽

Cited By ~ 1

Author(s):

Jian Shen ◽

Jun Shen ◽

Chin-Feng Lai ◽

Qi Liu ◽

Tianqi Zhou

Keyword(s):

Data Protection ◽

The Other ◽

Storage Space ◽

Control Plane ◽

Conventional Model ◽

Novel Structure ◽

Data Plane ◽

Single Controller ◽

The One

Nowadays, Software Defined Network (SDN) develops rapidly for its novel structure which separates the control plane and the data plane of network devices. Many researchers devoted themselves to the study of such a special network. However, some limitations restrict the development of SDN. On the one hand, the single controller in the conventional model bears all threats, and the corruption of it will result in network paralysis. On the other hand, the data will be increasing more in SDN switches in the data plane, while the storage space of these switches is limited. In order to solve the mentioned issues, we propose two corresponding protocols in this paper. Specifically, one is an anonymous protocol in the control plane, and the other is a verifiable outsourcing protocol in the data plane. The evaluation indicates that our protocol is correct, secure, and efficient.

Securing Virtual Network Function (VNF) in Telco Cloud

Journal of ICT Standardization ◽

10.13052/jicts2245-800x.834 ◽

2020 ◽

Author(s):

Bharathkumar Ravichandran

Keyword(s):

General Purpose ◽

Virtual Network ◽

Communication Architecture ◽

Network Function ◽

Fifth Generation ◽

Security Challenges ◽

5G Network ◽

Network Functions ◽

Computing Platforms

In the fifth generation mobile communication architecture (5G), network functions which traditionally existed as discrete hardware entities based on custom architectures, are replaced with dynamic, scalable Virtual Network Functions (VNF) that run on general purpose (x86) cloud computing platforms, under the paradigm Network Function Virtualization (NFV). The shift towards a virtualized infrastructure poses its own set of security challenges that need to be addressed. One such challenge that we seek to address in this paper is providing integrity, authenticity and confidentiality protection for VNFs.

Network Function Virtualization in Content-Centric Networks

10.5753/wpeif.2019.7696 ◽

2019 ◽

Author(s):

José Castillo-Lema ◽

Augusto José Venâncio Neto ◽

Flavio de Oliveira Silva ◽

Sergio Takeo Kofuji

Keyword(s):

Ip Networks ◽

General Purpose ◽

Virtual Network ◽

Network Function ◽

The Past ◽

Central Controller ◽

Network Functions ◽

Extensive Effort ◽

Hardware Platforms

Network Functions Virtualization (NFV) offers an alternative way to design, deploy, and manage networking functions and services by leveraging virtualization technologies to consolidate network functions into general-purpose hardware platforms. On the past years extensive effort has been made to evolve and mature NFV tecnologies over IP networks. However, little or no attempts at all have been made to incorporate NFV into Information-Centric Networks (ICN). This work explores the use and implementation of virtual Network Funtions (VNFS)in Content-Centric Networks (CCN), and proposes the use of the Named Function Networking (NFN) paradigm as means to implement network functions and services in this kind of networks, distributing the network functions and services through the networks nodes and providing flexibility to dynamically place functions in the network as required and without the need of a central controller.

Simulasi Virtual Local Area Network (VLAN) Berbasis Software Defined Network (SDN) Menggunakan POX Controller

JURNAL INFOTEL ◽

10.20895/infotel.v7i2.40 ◽

2015 ◽

Vol 7 (2) ◽

pp. 129

Author(s):

Rohmat Tulloh ◽

Ridha Muldina Negara ◽

Arif Nur Hidayat

Keyword(s):

Local Area Network ◽

Local Area ◽

Area Network ◽

Control Plane ◽

Trip Time ◽

Background Traffic ◽

Data Plane ◽

Pox Controller ◽

Set Up

VLAN (Virtual LAN) merupakan sebuah teknologi yang dapat mengkonfigurasi jaringan logis independen dari struktur jaringan fisik. Hasil dari penelitian sebelumnya sudah diprediksi bahwa dibutuhkan Virtual Network yang akhirnya terciptalah VLAN. Namun paradigma jaringan saat ini tidak flexible, ketergantungan terhadap vendor sangat besar karena fungsi data plane dan control plane berada dalam satu paket device. SDN (Software defined network) yang merupakan salahsatu evolusi teknologi jaringan sesuai dengan tuntutan yang berkembang dimana memisahkan fungsi data plane dan control plane pada suatu perangkat. POX Controller digunakan untuk men-simulasikan dan menguji Platform SDN (Software defined network). Pada penelitian ini menggunakan Openflow versi 1.0 untuk memasang header VLAN sehingga penelitian ini difokuskan untuk mengevaluasi performa forwarding VLAN yang memanfaatkan Openflow sebagai control plane dapat berfungsi dengan baik. Hasil penelitian ini mengusulkan penerapan karakteristik teknologi VLAN pada SDN karena telah berjalan dengan benar sesuai hasil pengujian konektifitas, verifikasi dan keamanan. Kemudian hasil pengujian lanjutan untuk melihat pengaruh SDN dengan skenario penambahan jumlah VLAN ID didapatkan bahwa set-up time akan bertambah seiring meningkatnya jumlah host dan dengan menggunakan protokol OpenFlow, latency yang terjadi di jaringan dapat dipantau dengan parameter round trip time (RTT) yang stabil direntang 0,2 sampai 6 second walaupun jumlah vlan_id dan background traffic bertambah.