scholarly journals SDN-OpenFlow Topology Discovery: An Overview of Performance Issues

2021 ◽  
Vol 11 (15) ◽  
pp. 6999
Author(s):  
Raniyah Wazirali ◽  
Rami Ahmad ◽  
Suheib Alhiyari
Keyword(s):  
Network Topology ◽  
Topology Discovery ◽  
Centralized Control ◽  
Control Plane ◽  
Control Logic ◽  
Management Level ◽  
Query Process ◽  
Data Plane ◽  
Performance Issues ◽  
Future Work

Software-defined networking (SDN) is an innovative architecture that separates the control plane from the data plane to simplify and speed up the management of large networks. This means the control logic has been moved from the network hardware level to the centralized control management level. Therefore, the use of the OpenFlow Discovery Protocol (OFDP) is one of the most common protocols used to discover the network topology in a data plane and then transmit it to the control plane for management. However, OFDP has various shortcomings in its performance such as exchanging too many messages between both levels (control and data), which in turn increases the load on the SDN-Controller. Additionally, since the application layer depends entirely on the network topologies plotted in the control plane, it is very important to obtain accurate network topology information from data plane. Therefore, after providing background on topology discovery protocols to the reader, we will concentrate on performance issues. The present study identifies and discuss the primary concerns involved in the complex query process, infrastructure, influencing factors, and challenges for the topology discovery process. Furthermore, this paper will present several recent studies that have overcome and enhanced these issues. In addition, open discussion and future work concerning these issues are also discussed.

An intelligent flow-based and signature-based IDS for SDNs using ensemble feature selection and a multi-layer machine learning-based classifier

2020 ◽  
pp. 1-20
Author(s):  
K. Muthamil Sudar ◽  
P. Deepalakshmi
Keyword(s):  
Machine Learning ◽  
Feature Selection ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Network Architecture ◽  
Detection System ◽  
Software Defined Networking ◽  
Control Plane ◽  
Control Logic ◽  
Data Plane

Software-defined networking is a new paradigm that overcomes problems associated with traditional network architecture by separating the control logic from data plane devices. It also enhances performance by providing a highly-programmable interface that adapts to dynamic changes in network policies. As software-defined networking controllers are prone to single-point failures, providing security is one of the biggest challenges in this framework. This paper intends to provide an intrusion detection mechanism in both the control plane and data plane to secure the controller and forwarding devices respectively. In the control plane, we imposed a flow-based intrusion detection system that inspects every new incoming flow towards the controller. In the data plane, we assigned a signature-based intrusion detection system to inspect traffic between Open Flow switches using port mirroring to analyse and detect malicious activity. Our flow-based system works with the help of trained, multi-layer machine learning-based classifier, while our signature-based system works with rule-based classifiers using the Snort intrusion detection system. The ensemble feature selection technique we adopted in the flow-based system helps to identify the prominent features and hasten the classification process. Our proposed work ensures a high level of security in the Software-defined networking environment by working simultaneously in both control plane and data plane.

scholarly journals Detection and Mitigation of Flood Attacks in IPv6 Enabled Software Defined Networks

2020 ◽  
pp. 1-9
Author(s):  
O. Ashimi Quadri ◽  
Adeniji Oluwashola David
Keyword(s):  
Network Architecture ◽  
Denial Of Service ◽  
Cost Effective ◽  
Centralized Control ◽  
Ddos Attacks ◽  
Control Plane ◽  
Network Resources ◽  
Effective Manner ◽  
Data Plane ◽  
Experimental Testbed

Software-defined networking (SDN) is an emerging technology, which provides network architecture that decouples the control plane from the data plane. Due to the centralized control, the network becomes more dynamic, and the network resources are managed in a more efficient and cost-effective manner. The centralization of the control plane requires robust and real-time security techniques. The security Techniques will protect it from any sign of vulnerabilities associated with the network such as a distributed denial of service (DDoS) attacks. The problem of the data-plane is that the attack is hard to be tracked by the SDN controlling plane. This makes the switches to be more susceptible against these types of attacks and hence it is very important to have quick provisional methods in place to prevent the switches from breaking down as soon as first signs of an attack are detected. To resolve this problem, the research developed a mechanism that detects and mitigates flood attacks in IPv6 enabled software to define networks. An experimental testbed was developed using sFlow technique, floodlight controller, and OpenFlow version 1.3. A mitigation algorithm was also developed and was tested with a simulation tool Mininet. The real network traffic was tested on the testbed to investigate the effective mitigation of a DDoS attack. The mitigation time performance for IPv6 was 46.6% while IPv4 was 66.6%. Also, The result gathered from the experiment showed that both the response and detection times were 4 secs while the mitigation time was 7secs respectively. The overall control time being 11 secs. The experimental Testbed result shows that the developed testbed outperformed the previous methods with the ability to detect threats on the network faster. The result from the IPv6 testbed is a probable solution to mitigate the threats posed by DDoS attacks on the IPv6 enabled SDN network resources.

Introduction to SDN and NFV

2018 ◽  
pp. 1-25
Author(s):  
Himanshu Sahu ◽  
Misha Hungyo
Keyword(s):  
Network Function Virtualization ◽  
Software Defined Network ◽  
Centralized Control ◽  
Control Plane ◽  
Network Function ◽  
Data Plane ◽  
Network Functions ◽  
The Way

Software defined network (SDN) and Network function virtualization (NFV) are the two new networking paradigms changing the way traditional networks work. SDN works on the concept of centralization so that all the decisions related to controlling the networks is done in a centralized place in a centralized manner. To provide a centralized control, SDN decouples the control plane and data from the traditional routing devices to take it in the centralized position. The data plane is still intact with the routing devices, but they now become mere forwarding devices and the decisions are made at the centralized place called the controller. The controller is basically the x86 server that is connected to the forwarding devices and communicates with them for all control decisions such as routing. NFV is based on virtualization of network functions in the form of software running over a high end server. This kind of virtualization helps in easy setup of networks as well as easy migration.

MiTE: Program Penyunting Topologi Jaringan untuk Pembelajaran SDN

2020 ◽  
Vol 4 (5) ◽  
pp. 970-977
Author(s):  
Muhammad Fajar Sidiq ◽  
Akbari Basuki ◽  
Didi Rosiyadi
Keyword(s):  
User Interface ◽  
Centralized Control ◽  
Control Plane ◽  
Network Configuration ◽  
Fine Grain ◽  
Data Plane ◽  
Different Types ◽  
Network Administrators ◽  
Interactive User ◽  
Visual Network

Software-defined networking (SDN) is a network programmability concept that separates the control plane from the data plane by proposing a centralized control plane called a controller. Thus, network administrators are able to program the entire networks and their components via the controller. However, learning SDN is challenging due to its complex network setup and the different types of SDN networks such as OpenFlow, and P4. To ease the learning curve, the use of network emulation and a graphical-based network editor is necessary. This paper discusses the implementation of such an application, called MiTE. It satisfies both requirements: a visual network editor enforced with a configuration generator for emulation purpose. We evaluate the program by implementing IP routing cases for both, OpenFlow-based and P4-based networks. The result shows that both cases can be created easily by using a mouse command. The program has more interactive user interface while the created topologies are more informative. Compared to similar applications, our proposed application has better support for a wider range of SDN networks (Openflow and P4), fine-grain network configuration, and a more informative user interface.  

Event Driven Network Topology Discovery and Inventory Listing Using REAMS

2015 ◽  
Vol 94 (3) ◽  
pp. 415-430 ◽  
Author(s):  
Amir Azodi ◽  
Feng Cheng ◽  
Christoph Meinel
Keyword(s):  
Network Topology ◽  
Topology Discovery ◽  
Event Driven

scholarly journals Load Balancing in Software-Defined Networking using Controller Placement

2020 ◽  
Author(s):  
Hamid Nejadnik ◽  
Rasool Sadeghi ◽  
Sayed Mahdi Faghih Imani
Keyword(s):  
Load Balancing ◽  
Software Defined Networking ◽  
Network Simulator ◽  
Control Plane ◽  
Placement Problem ◽  
Data Plane ◽  
Controller Placement ◽  
Controller Placement Problem ◽  
Load Balancer

Abstract Software Defined Networking (SDN) is a novel architecture that separates the data plane from the control plane using an external controller. Similar to traditional networks, load balancing has a great impact on the performance and availability of SDN. Therefore, the Controller Placement Problem (CPP) in SDN influences on the load balancing solutions. In this paper, various topologies of CPP including different load balancer controllers are simulated and evaluated in the SDN using the OFSwitch13 module of ns-3 network simulator. The results provide a solid comparison of the proposed topologies in different network situations.

IMPLEMENTASI DAN ANALISIS EFEKTIVITAS FIREWALL PADA SOFTWARE DEFINED NETWORK BERBASIS OPENFLOW

2018 ◽  
Vol 4 (2) ◽  
pp. 46-57
Author(s):  
Fathul Muiin ◽  
Henry Saptono
Keyword(s):  
Software Defined Network ◽  
Control Plane ◽  
Flow Table ◽  
Data Plane

Penggunaan akses internet di dunia semakin berkembang, dan selaras dengan perkembangan teknologi jaringan komputer yang semakin kompleks. Oleh karena itu, keamanan data pada sebuah komputer menjadi salah satu bagian yang sangat penting dalam sebuah jaringan. Dan SDN merupakan sebuah solusi untuk menyediakan kebutuhan jaringan komputer saat ini. Software Defined Network (SDN) merupakan pendekatan pada teknologi jaringan yang melakukan penyederhanaan terhadap kontrol dan manajemen jaringan. Pada jaringan ini nantinya akan menggunakan protokol openflow, yang prinsip utamanya memisahkan fungsi control plane dan data plane pada perangkat. Kontrol jaringan pada sebuah controller bersifat programmable, jadi dengan adanya SDN maka jaringan akan mudah diatur dan lebih fleksibel. Implementasi dan analisis firewall ini menggunakan emulator mininet untuk membuat topologi jaringan yang sederhana. Dalam pengujian firewall menggunakan bahasa XML untuk implementasi aliran data, lalu menggunakan aplikasi postman sebagai alat untuk menambahkan flow table baru pada switch, dan controller yang digunakan adalah opendaylight.

Sign in / Sign up

Export Citation Format

Share Document