软件定义数据中心网络混合路由机制

针对数据中心网络流量大小分布不均匀、传输性能需求不相同的特征,提出了面向传统树型数据中心网络结构的软件定义混合路由机制SHR（software-defined hybrid routing）。SHR通过统计计算将数据流分为大流和小流,为满足其不同的传输性能需求,对大流采用自适应路由算法,对小流采用流量无视路由算法。SHR在OpenFlow机制的基础上,将部分控制权从控制器下放至交换机,以减轻网络的额外负载。在Fat-Tree网络拓扑结构上建立流量模型进行性能分析与仿真实验,结果表明,与传统的等价多路径转发ECMP算法相比,SHR能够提高网络吞吐量,降低数据流丢弃率和分组端到端时延,同时减轻网络的额外负载。     

Routing algorithm design of satellite network architecture based on SDN and ICN

In view of the problems of low routing efficiency, complex control process, and difficult network management in big data environment in the traditional integrated space‐terrestrial network, in the paper, we propose a satellite network architecture called software‐defined information centric satellite networking (SDICSN) based on software‐defined networking (SDN) and information‐centric networking (ICN), and we design a virtual node matrix routing algorithm (VNMR) under the SDICSN architecture. The SDICSN architecture realizes the flexibility of network management and business deployment through the features of the separation of forwarding and controlling by the SDN architecture and improves the response speed of requests in the network by the centric of “content” as the ICN idea. According to the periodicity and predictability of the satellite network, the VNMR algorithm obtains the routing matrix through the relative orientation of the source and destination nodes, thus reducing the spatial complexity of the input matrix of the Dijkstra algorithm and then reducing the time complexity of the routing algorithm. For forwarding information base (FIB), the mechanism of combination of event driven and polling can be quickly updated in real time. Finally, the advantages of the SDICSN architecture in routing efficiency, request delay, and request aggregation are verified by simulation.     

SDN‐based wireless body area network routing algorithm for healthcare architecture

The use of wireless body area networks (WBANs) in healthcare applications has made it convenient to monitor both health personnel and patient status continuously in real time through wearable wireless sensor nodes. However, the heterogeneous and complex network structure of WBANs has some disadvantages in terms of control and management. The software‐defined network (SDN) approach is a promising technology that defines a new design and management approach for network communications. In order to create more flexible and dynamic network structures in WBANs, this study uses the SDN approach. For this, a WBAN architecture based on the SDN approach with a new energy‐aware routing algorithm for healthcare architecture is proposed. To develop a more flexible architecture, a controller that manages all HUBs is designed. The proposed architecture is modeled using the Riverbed Modeler software for performance analysis. The simulation results show that the SDN‐based structure meets the service quality requirements and shows superior performance in terms of energy consumption, throughput, successful transmission rate, and delay parameters according to the traditional routing approach.     

Survey on SDN-based network testbeds

The network testbed based on software defined networking (referred as SDN testbed) has attracted extensive attention in the academic and industrial circles in recent years,and there have been many valuable cases of system/platform construction.Therefore,an overview of the SDN testbed was intended to conduct in the global scope.Firstly,the advantages of the SDN testbed and the basic design principles of the large-scale SDN testbed was explored comparing with the traditional network testbed.Secondly,in-depth analysis of existing SDN testbed projects was provided from the aspects of the project objectives and progress,the key technologies,network deployment,and featured applications.Finally,the challenges faced in this field were described in terms of network slicing,light and wireless convergence,security,and reliability.Future research directions are also suggested.     

Scalability of software defined network

With the development of software-defined networking (SDN),its scalability has become one of the most important issues of SDN.The features of SDN was studied which lead to its scalability problem when SDN was applied to large-scale network.The three main causes leading to scalability problem were discussed:control plane and data plane separation,logical centralized control and fine-grained flow control.Meanwhile,the studies which focus on the scalability of SDN from three aspects:scalability of performance,scalability of geographic and scalability of control was presented.Further,the studies on the performance evaluation of the scalability of SDN were introduced.Finally,the future work was discussed.     

Power‐efficient routing for SDN with discrete link rates and size‐limited flow tables: A tree‐based particle swarm optimization approach

Software‐defined networking is a promising networking paradigm for achieving programmability and centralized control in communication networks. These features simplify network management and enable innovation in network applications and services such as routing, virtual machine migration, load balancing, security, access control, and traffic engineering. The routing application can be optimized for power efficiency by routing flows and coalescing them such that the least number of links is activated with the lowest link rates. However, in practice, flow coalescing can generally overflow the flow tables, which are implemented in a size‐limited and power‐hungry ternary content addressable memory (TCAM). In this paper, a set of practical constraints is imposed to the software‐defined networking routing problem, namely, size‐limited flow table and discrete link rate constraints, to ensure applicability in real networks. Because the problem is NP‐hard and difficult to approximate, a low‐complexity particle swarm optimization–based and power‐efficient routing (PSOPR) heuristic is proposed. Performance evaluation results revealed that PSOPR achieves more than 90% of the optimal network power consumption while requiring only 0.0045% to 0.9% of the optimal computation time in real‐network topologies. In addition, PSOPR generates shorter routes than the optimal routes generated by CPLEX.     

一种软件定义网络中基于蚁群算法的一致性路由策略

软件定义网络通过对交换机下发流表项实现数据平面的更新,但流表项的安装具有时延,可能导致部分数据分组被错误地处理或丢弃。对此,提出一种基于蚁群算法的一致性路由策略,在路由参数中加入不一致时延,并通过控制器对流表的下发顺序做出调整,避免了在数据分组传输过程中,交换机控制逻辑的不一致。实验结果表明,与最短路径算法相比,出现不一致问题时,该策略所选路径的实际时延小于最短路径算法的时延,数据分组丢失率、错误转发的概率明显降低。     

融合DDoS威胁过滤与路由优化的SDN通信质量保障策略

提出了将DDoS威胁识别与路由优化有机结合的软件定义网络(SDN)通信质量保障策略,即在DDoS攻击造成部分网络链路拥塞的情况下,对异常数据分组进行识别过滤,同时生成最优路径,以保障网络通信质量.首先,设计了一种SDN架构下的分布式入侵检测系统,实现了对欺骗报文、异常报文以及破坏报文3类DDoS威胁的检测识别和过滤处理.其次,实现了一种最优路径的生成算法.实验测试结果表明,部署了通信质量保障策略的SDN可有效识别并滤除DDoS攻击数据分组,且处理过程中网络平均传输时延无激增.     

SEAL2: An SDN‐enabled all‐Layer2 packet forwarding network architecture for multitenant datacenter networks

This paper presents the design and development of a new network virtualization scheme to support multitenant datacenter networking (MT‐DCN) based on software‐defined networking (SDN) technologies. Effective multitenancy supports are essential and challenging for datacenter networking designs. In this study, we propose a new network virtualization architecture framework for efficient packet forwarding in MT‐DCN. Traditionally, an internet host uses IP addresses for both host identification and location information, which causes mobile IP problems whenever the host is moved from one IP subnet to another. Unfortunately, virtual machine (VM) mobility is inevitable for cloud computing in datacenters for reasons such as server consolidation and network traffic flow optimization. To solve the problems, we decouple VM identification and location information with two independent values neither by IP addresses. We redefine the semantics of Ethernet MAC address to embed tenant ID information to the MAC address field without violating its original functionality. We also replace traditional Layer2/Layer3 two‐stage routing schemes (MAC/IP) with an all‐Layer2 packet forwarding mechanism that combines MAC addresses (for VM identification and forwarding in local server groups under an edge switch gateway) and multiprotocol label switching (MPLS) labels (for packet transportation between edge switch gateways across the core label switching network connecting all the edge gateways). To accommodate conventional IP packet architecture in a multitenant environment, SDN (OpenFlow) technology is used to handle all this complex network traffics. We verified the design concepts by a simple system prototype in which all the major system components were implemented. Based on the prototype system, we evaluated packet forwarding efficiency under the proposed network architecture and compared it with conventional IP subnet routing approaches. We also evaluated the incurred packet processing overhead caused by each of the packet routing components.     

Joint server and network optimization toward load‐balanced service chaining

Prior service chaining systems address server and network load balancing issues individually, which may not ensure efficient system performance. To this end, in this paper, we study the design, implementation, complexity analysis, and evaluation of Nearest First and Local‐Global Transformation algorithm, which jointly supports server and network load balancing for chaining virtualized network functions (VNFs) in data center environment. The algorithm firstly constructs service chains by a greedy strategy, which both considers server and network latency. Then a searching technique, which replaces a selected VNF with another candidate and swaps the order of VNFs in service chains, is applied to improve the solutions. We have implemented the algorithm using Software‐defined networking and OpenFlow concepts. The numerical results indicate that, compared with a sequential approach, Nearest First and Local‐Global Transformation increases the system bandwidth utilization up to 45%. The results also show that it is worth applying the second phase of our algorithm since it considerably enhances the system performance by 20%.     

SDN试验床网络虚拟化切片机制综述

未来网络体系架构和关键技术的研究需要灵活开放的测试验证环境,基于传统分布式的网络架构难以达到动态虚拟化、有效管控和新协议灵活部署的需求。随着软件定义网络（SDN）技术的出现和发展,上述问题找到了有效的解决途径,因此,基于SDN构建网络试验床成为了近年来该领域的主流研究方向之一。其中,基于SDN的网络虚拟化切片技术更是试验床中的核心支撑技术,可以根据不同试验的需求切分物理网络资源,从而提供并行、独立的网络环境。将重点研究基于SDN的试验床中使用的网络虚拟化切片机制,从“流量识别和切片网络标识”、“虚拟节点抽象”和“虚拟链路抽象”这3个关键技术出发,对当前基于SDN试验床中的典型网络虚拟化切片机制进行介绍与分析,并总结了该领域未来可行的研究方向。     

An SDN‐based scalable routing and resource management model for service provider networks

Volume of the Internet traffic has increased significantly in recent years. Service providers (SPs) are now striving to make resource management and considering dynamically changing large volume of network traffic. In this context, software defined networking (SDN) has been alluring the attention of SPs, as it provides virtualization, programmability, ease of management, and so on. Yet severe scalability issues are one of the key challenges of the SDN due to its centralized architecture. First of all, SDN controller may become the bottleneck as the number of flows and switches increase. It is because routing and admission control decisions are made per flow basis by the controller. Second, there is a signaling overhead between the controller and switches since the controller makes decisions on behalf of them. In line with the aforementioned explanations, this paper proposes an SDN‐based scalable routing and resource management model (SRRM) for SPs. The proposed model is twofold. SRRM performs routing, admission control, and signaling operations (RASOs) in a scalable manner. Additionally, resource management has also been accomplished to increase link use. To achieve high degree of scalability and resource use, pre‐established paths (PEPs) between each edge node in the domain are provided. The proposed controller performs RASOs based on PEPs. The controller also balances the load of PEPs and adjusts their path capacities dynamically to increase resource use. Experimental results show that SRRM can successfully perform RASOs in a scalable way and also increase link use even under heavy traffic loads.     

基于SDN架构的数据中心网络路由算法需求分析

随着SDN技术的发展,采用基于SDN架构的数据中心网络将越来越广泛.围绕SDN技术在数据中心网络中的应用问题,分析了现代数据中心网络及SDN的技术特征,设计了SDN在现代数据中心网络中的应用架构,并以路由为视角分析总结了基于SDN的数据中心网络路由性能需求,提出了相应的解决方案,以期对我国未来数据中心网络建设路由设计提供必要的参考.     

QL-STCT：一种SDN链路故障智能路由收敛方法

针对软件定义网络（SDN）链路故障发生时的路由收敛问题,提出了Q-Learning子拓扑收敛技术（QL-STCT）实现软件定义网络链路故障时的路由智能收敛。首先,选取网络中的部分节点作为枢纽节点,依据枢纽节点进行枢纽域的划分。然后,以枢纽域为单位构建区域特征,利用特征提出强化学习智能体探索策略来加快强化学习收敛。最后,通过强化学习构建子拓扑网络用于规划备用路径,并保证在周期窗口内备用路径的性能。实验仿真结果表明,所提方法能够有效提高链路故障网络的收敛速度与性能。     

Genetic algorithm‐based routing method for enhanced video delivery over software defined networks

Video streaming has emerged as a killer application in today's Internet, delivering a tremendous amount of media contents to millions of users at any given time. Such a heavy traffic load demands an effective routing method. In this paper, an effective routing method, named GA‐SDN, is developed based on software defined network (SDN) technique. To facilitate the researchers in this field to evaluate the video delivery quality over SDN, an evaluation framework and its associated source codes are provided. The framework integrates the H.264 Scalable Video coding streaming Evaluation Framework (SVEF) with the Mininet emulator. Through this framework, video processing researchers can evaluate their proposed coding algorithms in an SDN‐enabled network emulator, while network operators or executives can evaluate the impact of real video streams on the developing network architectures or protocols. Experiment results demonstrate the usefulness of myEvalSVC_SDN and prove that GA‐SDN outperforms traditional Bellman‐Ford routing algorithm in terms of packet drop rate, throughput, and average peak signal‐to‐noise ratio.     

Secure access of resources in software‐defined networks using dynamic access control list

Software‐defined networking (SDN) creates a platform to dynamically configure the networks for on‐demand services. SDN can easily control the data plane and the control plane by implementing the decoupling concept. SDN controller will regulate the traffic flow and creates the new flow label based on the packet dump received from the OpenFlow virtual switches. SDN governs both data information and control information toward the destination based on flow label, but it does not contain security measure to restrict the malicious traffic. The malicious denial‐of‐service (DoS) attack traffic is generated inside the SDN environment; it leads to the service unavailability. This paper is mainly focused on the detection of DoS attacks and also mitigates the malicious traffic by dynamically configuring the firewall. The SDN with dynamic access control list properties is emulated by mininet, and the experimental results exemplify the service unavailable gap between acceptance and rejection ratio of the packets.     

未来网络体系架构研究综述

现有互联网正面临着前所未有的挑战,包括可扩展性、安全性、管控性、移动性、内容分发能力、绿色节能等一系列问题,难以通过增量式的研究模式彻底解决。在这样的背景下,创新型的未来网络体系架构研究成为当前全球关注的热点领域。通过介绍全球在该领域的研究进展情况,阐述当前该领域主要的研究成果,总结分析该领域的研究发展趋势与核心问题,期望对国内该领域的研究起到参考和帮助。     

SDN的特征、发展现状及趋势

SDN是近年来继云计算后,学术界和产业界最为关注的网络技术.首先介绍了SDN的起源、概念及其对网络的影响;然后论述了SDN的网络架构、关键技术以及相关产业链的发展情况;最后分析了SDN面临的挑战及可能的未来.     

Stateful firewall‐enabled software‐defined network with distributed controllers: A network performance study

SummarySoftware‐defined network (SDN) is constructed by decoupling the control and data plane from the forwarding devices. The control plane operations are managed by centralized or distributed controllers, and the data plane operation is managed by respective forwarding devices. SDN provides an easy and efficient management solutions for software‐programmed consolidated middlebox in virtual machines. Additionally, SDN with centralized controller faces complications like scalability, network bottle neck, and single point failure. In this study, a stateful inspection firewall acts as a middlebox in distributed SDN‐controlled network. The controller is programmed with a failure detection and recovery mechanism to provide reliability and redundancy and enhance the overall performance of the network. The objective of stateful firewall on SDN architecture is to secure the network by monitoring the current connections and maintain its state information until the connection is active. In this paper, the performance of firewall‐enabled SDN with centralized and distributed controllers are measured, compared, and analyzed. The experiments are done using POX controller, and the results are verified by Mininet network emulation tool. The results show that the stateful firewall‐enabled SDN with distributed controller network improves the security, reliability, availability, and overall performance of the network. In the proposed SDN, average network throughput is improved by 43%, average network delay is reduced by 4%, average channel utilization is increased by 40%, average network overhead is reduced by 26%, and average network response time is reduced by 23%.     

Adaptive routing and wavelength assignment method based on SDN

Routing and wavelength assignment is an important resource allocation method of all-optical network.Aiming at the problem of traditional method combined with the new architecture,an adaptive multi-objective routing and wavelength assignment method based on SDN was proposed,which could realize the allocation of link resources of all-optical network through self-regulation.Based on the SDN service function chain model,service scheduling time and link service quality were taken as the scheduling objective,routing and wavelength assignment problem was constructed as the 0-1 integer programming problem,meanwhile,binary hybrid topology particle swarm optimization algorithm was used to optimize the network resources for optimal scheduling.The simulation results show that the proposed method is superior to the traditional classical algorithms in the test of recovery time,blocking rate and resource utilization.