The idea of programmable networks has recently re-gained considerable momentum due to the emergence of the Software-Defined Networking (SDN) paradigm. SDN, often referred to as a ''radical new idea in networking'', promises to dramatically simplify network management and enable innovation through network programmability. This paper surveys the state-of-the-art in programmable networks with an emphasis on SDN. We provide a historic perspective of programmable networks from early ideas to recent developments. Then we present the SDN architecture and the OpenFlow standard in particular, discuss current alternatives for implementation and testing of SDN-based protocols and services, examine current and future SDN applications, and explore promising research directions based on the SDN paradigm.

/pdf/a-survey-of-software-defined-networking-past-present-and-6tt309ed7r.pdf

A Survey of Software-Defined Networking: Past, Present, and Future of Programmable Networks

Network function virtualization (NFV) has drawn significant attention from both industry and academia as an important shift in telecommunication service provisioning. By decoupling network functions (NFs) from the physical devices on which they run, NFV has the potential to lead to significant reductions in operating expenses (OPEX) and capital expenses (CAPEX) and facilitate the deployment of new services with increased agility and faster time-to-value. The NFV paradigm is still in its infancy and there is a large spectrum of opportunities for the research community to develop new architectures, systems and applications, and to evaluate alternatives and trade-offs in developing technologies for its successful deployment. In this paper, after discussing NFV and its relationship with complementary fields of software defined networking (SDN) and cloud computing, we survey the state-of-the-art in NFV, and identify promising research directions in this area. We also overview key NFV projects, standardization efforts, early implementations, use cases, and commercial products.

/pdf/network-function-virtualization-state-of-the-art-and-29gg3feprt.pdf

Network Function Virtualization: State-of-the-Art and Research Challenges

In this chapter, you will see how the simplex method simplifies when it is applied to a class of optimization problems that are known as “network flow models.” You will also see that if a network flow model has “integer-valued data,” the simplex method finds an optimal solution that is integer-valued.

Flows in Networks

Software-defined network (SDN) has become one of the most important architectures for the management of largescale complex networks, which may require repolicing or reconfigurations from time to time. SDN achieves easy repolicing by decoupling the control plane from data plane. Thus, the network routers/switches just simply forward packets by following the flow table rules set by the control plane. Currently, OpenFlow is the most popular SDN protocol/standard and has a set of design specifications. Although SDN/OpenFlow is a relatively new area, it has attracted much attention from both academia and industry. In this paper, we will conduct a comprehensive survey of the important topics in SDN/OpenFlow implementation, including the basic concept, applications, language abstraction, controller, virtualization, quality of service, security, and its integration with wireless and optical networks. We will compare the pros and cons of different schemes and discuss the future research trends in this exciting area. This survey can help both industry and academia R&D people to understand the latest progress of SDN/OpenFlow designs.

/pdf/a-survey-on-software-defined-network-and-openflow-from-2w15cg0qir.pdf

A Survey on Software-Defined Network and OpenFlow: From Concept to Implementation

algorithmics and modular computations, Theory of Codes and Cryptography (3).From an analytical 1. RE Blahut. Theory and practice of error control codes. eecs.uottawa.ca/∼yongacog/courses/coding/ (3) R.E. Blahut,Theory and Practice of Error Control Codes, Addison Wesley, 1983. QA 268. Cached. Download as a PDF 457, Theory and Practice of Error Control CodesBlahut 1984 (Show Context). Citation Context..ontinued fractions.

Theory and practice of error control codes

In software-defined networks (SDNs), the network controller first formulates abstract network-wide policies, and then implements them in the forwarding tables of network switches. However, fast SDN tables often cannot scale beyond a few hundred entries. This is because they typically include wildcards, and therefore are implemented using either expensive and power-hungry TCAMs, or complex and slow data structures. This paper presents the Palette distribution framework for decomposing large SDN tables into small ones and then distributing them across the network, while preserving the overall SDN policy semantics. Palette helps balance the sizes of the tables across the network, as well as reduce the total number of entries by sharing resources among different connections. It copes with two NP-hard optimization problems: Decomposing a large SDN table into equivalent subtables, and distributing the subtables such that each connection traverses each type of subtable at least once. To implement the Palette distribution framework, we introduce graph-theoretical formulations and algorithms, and show that they achieve close-to-optimal results in practice.

Palette: Distributing tables in software-defined networks

We consider line outages in the transmission net- work of the power grid, and specifically those caused by natural disasters or large-scale physical attacks. In such networks, an outage of a line may lead to overload on other lines, thereby leading to their outage. Such a cascade may have devastating effects not only on the power grid but also on the interconnected communication networks. We study a model of such failures and show that it differs from other models used to analyze cascades (e.g., epidemic/percolation-based models). Inspired by methods developed for network-survivability analysis, we show how to identify the most vulnerable locations in the network. We also perform extensive numerical experiments with real grid data to estimate the effects of geographically correlated outages and briefly discuss mitigation methods. The developed techniques can indicate potential locations for grid monitoring, and hence, will have impact on the deployment of the smart-grid networking infrastructure.

/pdf/power-grid-vulnerability-to-geographically-correlated-3rgad2zhrm.pdf

Power Grid Vulnerability to Geographically Correlated Failures - Analysis and Control Implications

We present OpenBox — a software-defined framework for network-wide development, deployment, and management of network functions (NFs). OpenBox effectively decouples the control plane of NFs from their data plane, similarly to SDN solutions that only address the network’s forwarding plane. OpenBox consists of three logic components. First, user-defined OpenBox applications provide NF specifications through the OpenBox north-bound API. Second, a logically-centralized OpenBox controller is able to merge logic of multiple NFs, possibly from multiple tenants, and to use a network-wide view to efficiently deploy and scale NFs across the network data plane. Finally, OpenBox instances constitute OpenBox’s data plane and are implemented either purely in software or contain specific hardware accelerators (e.g., a TCAM). In practice, different NFs carry out similar processing steps on the same packet, and our experiments indeed show a significant improvement of the network performance when using OpenBox. Moreover, OpenBox readily supports smart NF placement, NF scaling, and multi-tenancy through its controller.

https://dl.acm.org/doi/pdf/10.1145/2934872.2934875

OpenBox: A Software-Defined Framework for Developing, Deploying, and Managing Network Functions

Telecommunications networks, and in particular optical WDM networks, are vulnerable to large-scale failures in their physical infrastructure, resulting from physical attacks (such as an electromagnetic pulse attack) or natural disasters (such as solar flares, earthquakes, and floods). Such events happen at specific geographical locations and disrupt specific parts of the network, but their effects cannot be determined exactly in advance. Therefore, we provide a unified framework to model network vulnerability when the event has a probabilistic nature, defined by an arbitrary probability density function. Our framework captures scenarios with a number of simultaneous attacks, when network components consist of several dependent subcomponents, and in which either a 1 + 1 or a 1:1 protection plan is in place. We use computational geometric tools to provide efficient algorithms to identify vulnerable points within the network under various metrics. Then, we obtain numerical results for specific backbone networks, demonstrating the applicability of our algorithms to real-world scenarios. Our novel approach allows to identify locations that require additional protection efforts (e.g., equipment shielding). Overall, the paper demonstrates that using computational geometric techniques can significantly contribute to our understanding of network resilience.

/pdf/the-resilience-of-wdm-networks-to-probabilistic-geographical-f37aywuhkp.pdf

The resilience of WDM networks to probabilistic geographical failures

Middleboxes play a major role in contemporary networks, as forwarding packets is often not enough to meet operator demands, and other functionalities (such as security, QoS/QoE provisioning, and load balancing) are required. Traffic is usually routed through a sequence of such middleboxes, which either reside across the network or in a single, consolidated location. Although middleboxes provide a vast range of different capabilities, there are components that are shared among many of them. A task common to almost all middleboxes that deal with L7 protocols is Deep Packet Inspection (DPI). Today, traffic is inspected from scratch by all the middleboxes on its route. In this paper, we propose to treat DPI as a service to the middleboxes, implying that traffic should be scanned only once, but against the data of all middleboxes that use the service. The DPI service then passes the scan results to the appropriate middleboxes. Having DPI as a service has significant advantages in performance, scalability, robustness, and as a catalyst for innovation in the middlebox domain. Moreover, technologies and solutions for current Software Defined Networks (SDN) (e.g., SIMPLE [41]) make it feasible to implement such a service and route traffic to and from its instances.

/pdf/deep-packet-inspection-as-a-service-21hnf2haz2.pdf

David Hay

Papers

Palette: Distributing tables in software-defined networks

Power Grid Vulnerability to Geographically Correlated Failures - Analysis and Control Implications

OpenBox: A Software-Defined Framework for Developing, Deploying, and Managing Network Functions

The resilience of WDM networks to probabilistic geographical failures

Deep Packet Inspection as a Service