Showing papers on "Network virtualization published in 2008"

Rethinking virtual network embedding: substrate support for path splitting and migration

Abstract: Network virtualization is a powerful way to run multiple architectures or experiments simultaneously on a shared infrastructure. However, making efficient use of the underlying resources requires effective techniques for virtual network embedding--mapping each virtual network to specific nodes and links in the substrate network. Since the general embedding problem is computationally intractable, past research restricted the problem space to allow efficient solutions, or focused on designing heuristic algorithms. In this paper, we advocate a different approach: rethinking the design of the substrate network to enable simpler embedding algorithms and more efficient use of resources, without restricting the problem space. In particular, we simplify virtual link embedding by: i) allowing the substrate network to split a virtual link over multiple substrate paths and ii) employing path migration to periodically re-optimize the utilization of the substrate network. We also explore node-mapping algorithms that are customized to common classes of virtual-network topologies. Our simulation experiments show that path splitting, path migration,and customized embedding algorithms enable a substrate network to satisfy a much larger mix of virtual networks

CloudBLAST: Combining MapReduce and Virtualization on Distributed Resources for Bioinformatics Applications

Abstract: This paper proposes and evaluates an approach to the parallelization, deployment and management of bioinformatics applications that integrates several emerging technologies for distributed computing. The proposed approach uses the MapReduce paradigm to parallelize tools and manage their execution, machine virtualization to encapsulate their execution environments and commonly used data sets into flexibly deployable virtual machines, and network virtualization to connect resources behind firewalls/NATs while preserving the necessary performance and the communication environment. An implementation of this approach is described and used to demonstrate and evaluate the proposed approach. The implementation integrates Hadoop, Virtual Workspaces, and ViNe as the MapReduce, virtual machine and virtual network technologies, respectively, to deploy the commonly used bioinformatics tool NCBI BLAST on a WAN-based test bed consisting of clusters at two distinct locations, the University of Florida and the University of Chicago. This WAN-based implementation, called CloudBLAST, was evaluated against both non-virtualized and LAN-based implementations in order to assess the overheads of machine and network virtualization, which were shown to be insignificant. To compare the proposed approach against an MPI-based solution, CloudBLAST performance was experimentally contrasted against the publicly available mpiBLAST on the same WAN-based test bed. Both versions demonstrated performance gains as the number of available processors increased, with CloudBLAST delivering speedups of 57 against 52.4 of MPI version, when 64 processors on 2 sites were used. The results encourage the use of the proposed approach for the execution of large-scale bioinformatics applications on emerging distributed environments that provide access to computing resources as a service.

A Distributed Virtual Network Mapping Algorithm

Abstract: Network visualization is a promising concept to diversify the future Internet architecture into separate virtual networks (VN) that can support simultaneously multiple network experiments, services and architectures over a shared substrate network. To take full advantage of this paradigm this paper addresses the challenge of assigning VNs to the underlying physical network in a distributed and efficient manner. A distributed algorithm responsible for load balancing and mapping virtual nodes and links to substrate nodes and links has been designed, implemented and evaluated. A VN mapping protocol is proposed to communicate and exchange messages between agent-based substrate nodes to achieve the mapping. Results of the implementation and a performance evaluation of the distributed VN mapping algorithm using a multi-agent approach are reported.

Method and apparatus for providing network virtualization

Abstract: A method and apparatus for providing network virtualization on a packet network are disclosed. For example, the method receives a request from a user, wherein the request comprises at least one of: a feature of a network component or a network component for a virtual network. The method determines if the request can be instantiated over one or more real network resources, and then instantiates the request via the one or more real network resources, if it is determined that the request can be instantiated.

Network Virtualization: Breaking the Performance Barrier: Shared I/O in virtualization platforms has come a long way, but performance concerns remain.

Abstract: The recent resurgence in popularity of virtualization has led to its use in a growing number of contexts, many of which require high-performance networking Consider server consolidation, for example The efficiency of network virtualization directly impacts the number of network servers that can effectively be consolidated onto a single physical machine Unfortunately, modern network virtualization techniques incur significant overhead, which limits the achievable network performance We need new network virtualization techniques to realize the full benefits of virtualization in network-intensive domains

Network Virtualization: A Viable Path Towards the Future Internet

Abstract: New technologies as well as new ways of using network services are rapidly changing the Internet's landscape. These developments will have far-reaching implications for the architecture of the networks of the future. However, the current Internet design is plagued with a number of fundamental limitations, which makes its use as the sole basis for the networking applications of the future questionable. We believe that the Future Internet must allow the co-existence of diverse network designs and paradigms, both new and old, to remain open to innovation and meet the challenges of the future. In this paper, we propose to use network virtualization, embedded in an architectural framework, to achieve this goal and to lay the foundation for the deployment of novel concepts such as content-centric networking.

UCLPv2: a network virtualization framework built on web services [web services in telecommunications, part II]

Abstract: User controlled LightPaths version 2 provides a network virtualization framework upon which communities of users can build their own services or applications without dealing with the complexities of the underlying network technologies and still can maintain the functionality that the network provides. The system has been designed as a service-oriented architecture where Web services and Web services workflows are the basic building blocks. Articulated private networks are presented as the first services built upon the UCLPv2 network virtualization middleware. APNs can be considered as a next generation VPN where a user can create a complex, multi-domain network topology by binding together network resources, computers, time slices, and virtual or real routing and/or switching nodes. A first implementation of the UCLPv2 software was deployed on CAnet 4, Canada's research and education network, and currently, it is being used by Environment Canada, a federal government department, to enable an APN that links its research facilities across the country.

VXDL: Virtual Resources and Interconnection Networks Description Language

Abstract: Data grid applications require often an access to infrastructures with high performance data movement facilities coordinated with computational resources. Other applications need interconnections of large scale instruments with HPC platforms. In these context, dynamic provisioning of customized computing and networking infrastructure as well as resource virtualization are appealing technologies. Therefore new models and tools must be studied and developed to allow users create and handle such on-demand virtual infrastructures within grid platforms or even within the Internet. This work presents VXDL, a language for virtual resources interconnection networks specification and modeling. Besides allowing end resources description, VXDL lets users describe the desirable virtual network topology, including virtual routers and timeline. In this paper we motivate and present the key features of our modeling language. We explore typical examples to demonstrates the expressiveness and the pertinence of it. Then we detail experimental results based on the execution of NAS benchmark on virtual infrastructures, conforming different VXDL specifications.

Virtual radio: a framework for configurable radio networks

Abstract: Network virtualization has recently been proposed for the development of large scale experimental networks, but also as design principle for a Future Internet. In this paper we describe the background to network virtualization and extend this concept into the wireless domain, which we denote as radio virtualization. With radio virtualization different virtual radio networks can operate on top of a common shared infrastructure and share the same radio resources. We present how this radio resource sharing can be performed efficiently without interference between the different virtual radio networks. Further we discuss how radio transmission functionality can be configured. Radio virtualization provides flexibility in the design and deployment of new wireless networking concepts. It allows customization of radio networks for dedicated networking services at reduced deployment costs.

UCLPv2: A Network Virtualization Framework Built on Web Services

Abstract: User Controlled LightPaths version 2 provides a network virtualization framework upon which communities of users can build their own services or applications without dealing with the complexities of the underlying network technologies and still can maintain the functionality that the network provides. The system has been designed as a service-oriented architecture where Web services and Web services workflows are the basic building blocks. Articulated private networks are presented as the first services built upon the UCLPv2 network virtualization middleware. APNs can be considered as a next generation VPN where a user can create a complex, multidomain network topology by binding together network resources, computers, time slices, and virtual or real routing and/or switching nodes. A first implementation of the UCLPv2 software was deployed on CAnet 4, Canada’s research and education network, and currently, it is being used by Environment Canada, a federal government department, to enable an APN that links its research facilities across the country.

V-NetLab: an approach for realizing logically isolated networks for security experiments

Abstract: Cyber security experiments with potentially malicious software can possibly damage the testbed environment and "escape" into the Internet. Due to this security concern, networks used in such experiments are often totally isolated from production networks and the Internet. This choice, however, precludes remote access to testbeds used for security experiments, thus requiring costly duplication of equipment, manpower and expertise at sites that experiment with malicious software. We propose an alternative approach that is aimed at providing a degree of safety comparable to that of physically isolated testbeds while still permitting remote connectivity. Our approach relies on logical isolation of networks used in different security experiments using network virtualization at the datalink layer. We have implemented this approach into a platform (V-NetLab), and the responses from testbed users have been very positive.

Network virtualization in a multi-node system with multiple networks

Abstract: Embodiments of the present invention generally provide for network virtualization in a multi-network system. The virtual network may abstract multiple, underlying physical networks connecting compute nodes on a multi-node system. A network driver and control system may route traffic on the underlying physical networks according to system and/or application requirements, and a virtual-to-physical network mapping may be controlled by the driver and control system.

The Optimization of Xen Network Virtualization

Abstract: Despite the benefits brought by virtualization technology, the network I/O performance degradation remains as a barrier for its wide usage. This paper presents the design and implementation of a new method to improve Xen network virtualization performance by optimizing the interrupt deliver route and shortening the network I/O path. With the above optimization techniques, network throughput of a HVM guest domain is improved by 50%, CPU utility of QEMU driver model is reduced by 70%, TLB miss and cache miss is improved by 40% to 80%. The rationale behind our optimization model can also be extended for other I/O device virtualization in HVM guest domain.

Network virtualization in high-speed huge-bandwidth optical circuit switching network

Abstract: We developed a network virtualization method to represent the resource in the optical backbone network. Multiple service networks are provided on top of a single common optical backbone network. Quick delivery of service networks is thereby achieved. Virtual network topology (VNT) is computed using the optical network resource by employing a heuristic algorithm and a traffic matrix estimation algorithm. VNT is dynamically reconfigured by GMPLS protocols. We developed a prototype-system of traffic engineering server called "IP optical TE server" to demonstrate the proof-of-concept on the testbed consisting of commercial GMPLS routers and optical transport node system.

Next-Generation Internet Architectures and Protocols: KanseiGenie: software infrastructure for resource management and programmability of wireless sensor network fabrics

Abstract: This chapter describes an architecture for slicing, virtualizing, and federating wireless sensor network (WSN) resources. The architecture, which we call KanseiGenie, allows users—be they sensing/networking researchers or application developers—to specify and acquire node and network resources as well as sensor data resources within one or more facilities for launching their programs. It also includes server side measurement and management support for user programs, as well as client side support for experiment composition and control. We illustrate KanseiGenie architectural concepts in terms of a current realization of KanseiGenie that serves WSN testbeds and application-centric fabrics at The Ohio State University and at Wayne State University.

Characterizing User-Level Network Virtualization: Performance, Overheads and Limits

Abstract: Connectivity limitations of the current Internet pose challenges to e-Science infrastructure, as communication between resources is of key importance for the sharing of hardware, software and data across geographically distributed institutions. To overcome such limitations many overlay networks have been developed. Existing solutions report performance that can keep up with slow wide-area links - however the question remains as to how overlay networks perform on new high-speed Internet connections. This paper characterizes the performance of user-level packet processing, which is at the core of most overlay networks implementations. To this end, building blocks of packet processing software are identified and characterized, and performance of IP forwarders developed in C and Java are compared through extensive measurements. Factors that affect the performance of overlay networks and limitations of existing solutions are characterized, providing insights on possible improvements. Experimental results show the following: to achieve maximum throughput, only a few microseconds (2 to 5) can be spent in virtual network processing; processing of small packets can limit TCP throughput; and overlays need to be carefully architected as encapsulation overheads can be substantial.

Delay tolerant network simulation with VNUML

Abstract: This paper describes a simulation environment to easily create complex Delay Tolerant Network (DTN) scenarios using Virtual Network User Mode Linux (VNUML), a network virtualization environment based in User Mode Linux virtual machines running the DTN reference implementation. The simulation environment allows us to explore the applicability and behavior of the DTN architecture in real isolated-areas scenarios in developing countries. Furthermore, new developments built in the reference implementation (dynamic routing, multicast, anycast) can be easily debugged and analyzed.

VCSTC: Virtual Cyber Security Testing Capability --- An Application Oriented Paradigm for Network Infrastructure Protection

Abstract: Network security devices are becoming more sophisticated and so are the testing processes. Traditional network testbeds face challenges in terms of fidelity, scalability and complexity of security features. In this paper we propose a new methodology of testing security devices using network virtualization techniques, and present an integrated solution, including network emulation, test case specification and automated test execution. Our hybrid network emulation scheme provides high fidelity by host virtualization and scalability by lightweight protocol stack emulation. We also develop an intermediate level test case description language that is suitable for security tests at various network protocol layers and that can be executed automatically on the emulated network. The methodology presented in this paper has been implemented and integrated into a security infrastructure testing system for US Department of Defense and we report the experimental results.

At-scale experimentation with resource virtualization in a metro optical testbed.

Abstract: In this paper we describe several efforts to explore integrated approaches to resource virtualization in a metro-scale optical testbed dubbed BEN (Breakable Experimental Network) located in Research Triangle Park, NC. The first one is an extension of work done at Duke on the ORCA (Open Resource Control Architecture) framework. The effort between RENCI and Duke seeks to expand the scope ORCA to enable it to function as management plane for the network as well as edge resources, acting as a GENI management plane. The second describes an attempt to redefine the architecture of the protocol stack with important implications to network virtualization. This is done using the SILO (Services Integration controL and Optimization) framework being jointly developed at RENCI and NCSU.

Network virtualization under user control

Abstract: In this paper, we present the main challenges for offering end-to-end virtual network services under user control. This work is motivated by the growing need for end-to-end virtual services to support high-volume data transfer applications such as large data Center, grid applications and storage area networks over multi-domain networks. The virtualization of network services has to deal with some important issues, such as dynamic provisioning, sharing control, isolation and security. We have developed and implemented a solution called user control Virtual Service that allows the user to deploy and share different virtual services over a multi-domain network. UCVS is a network-driven virtual service solution that enables the coordinated provisioning and reuse of physical and virtualized computing, storage and network resources from shared pools. UCVS ensures that applications are dynamically supported throughout multi-domain infrastructure. UCVS also achieves cross-technology orchestration, helping further progress towards a service-oriented infrastructure.

Virtualization services: scalable methods for virtualizing multicore systems

Abstract: Multi-core technology is bringing parallel processing capabilities from servers to laptops and even handheld devices. At the same time, platform support for system virtualization is making it easier to consolidate server and client resources, when and as needed by applications. This consolidation is achieved by dynamically mapping the virtual machines on which applications run to underlying physical machines and their processing cores. Low cost processor and I/O virtualization methods efficiently scaled to different numbers of processing cores and I/O devices are key enablers of such consolidation. This dissertation develops and evaluates new methods for scaling virtualization functionality to multi-core and future many-core systems. Specifically, it re-architects virtualization functionality to improve scalability and better exploit multi-core system resources. Results from this work include a self-virtualized I/O abstraction, which virtualizes I/O so as to flexibly use different platforms' processing and I/O resources. Flexibility affords improved performance and resource usage and most importantly, better scalability than that offered by current I/O virtualization solutions. Further, by describing system virtualization as a service provided to virtual machines and the underlying computing platform, this service can be enhanced to provide new and innovative functionality. For example, a virtual device may provide obfuscated data to guest operating systems to maintain data privacy; it could mask differences in device APIs or properties to deal with heterogeneous underlying resources; or it could control access to data based on the "trust" properties of the guest VM. This thesis demonstrates that extended virtualization services are superior to existing operating system or user-level implementations of such functionality, for multiple reasons. First, this solution technique makes more efficient use of key performance-limiting resource in multi-core systems, which are memory and I/O bandwidth. Second, this solution technique better exploits the parallelism inherent in multi-core architectures and exhibits good scalability properties, in part because at the hypervisor level, there is greater control in precisely which and how resources are used to realize extended virtualization services. Improved control over resource usage makes it possible to provide value-added functionalities for both guest VMs and the platform. Specific instances of virtualization services described in this thesis are the network virtualization service that exploits heterogeneous processing cores, a storage virtualization service that provides location transparent access to block devices by extending the functionality provided by network virtualization service, a multimedia virtualization service that allows efficient media device sharing based on semantic information, and an object-based storage service with enhanced access control.

An Overlap Virtual Networks Testbed for Future Real-Time Multimedia Transmission

Abstract: In this paper, we argue that real-time multimedia streaming service can be deployed over multiple overlapped virtual networks in future Internet. Rather than carrying multimedia packets relying on a single network alone, our method provides network resources redundancy for reliability, avoiding service interrupted due to errors on some particular networks. In addition, it can balance traffic load as large amount of traffic congests a certain network, by which packet losses are reduced greatly. To verify this idea, a testbed based on local VINI is implemented imposing several open source components to realize our proposed idea. And then, by running a multimedia streaming service on this testbed introducing real video sequence source, we gladly find that many benefits are produced, and for the end user they have a better video quality performance.

Host and network adapter for networking offload in server environment

Abstract: An Ethernet adapter is disclosed. The Ethernet adapter comprises a plurality of layers for allowing the adapter to receive and transmit packets from and to a processor. The plurality of layers include a demultiplexing mechanism to allow for partitioning of the processor. A Host Ethernet Adapter (HEA) is an integrated Ethernet adapter providing a new approach to Ethernet and TCP acceleration. A set of TCP/IP acceleration features have been introduced in a toolkit approach: Servers TCP/IP stacks use these accelerators when and as required. The interface between the server and the network interface controller has been streamlined by bypassing the PCI bus. The HEA supports network virtualization. The HEA can be shared by multiple OSs providing the essential isolation and protection without affecting its performance.

A Network Virtualisation Concept based on the Ambient Networks SATO System

Abstract: Network virtualization can be one way of fixing the shortcomings of today’s Internet but also open the venue for new, unforeseen applications. In this extended abstract, we present a novel approach for network virtualisation based on the Service-Aware Transport Overlay (SATO) concept of Ambient Networks. SATOs introduce on-demand overlay creation and new interfaces to ease applications to use overlays.

The Case for Network Virtualization: Concurrent Multipath Transmission within Routing Overlays

Abstract: In this report we will investigate the deficiencies and the achievements of today's Internet. We outline why and how Network Virtualization (NV) can overcome the shortfalls of the current system and how it paves the way for the future Internet. Furthermore, we investigate the performance of a concurrent multipath transmission mechanisms which is implemented using routing overlays and which is facilitated by Network Virtualization. The major building blocks of NV are the a) use of application-specific routing overlays, b) the safe consolidation of resources by OS virtualization on a generic infrastructure, and c) the exploitation of the network diversity for performance enhancements and for new business models, such as the provisioning of intermediates nodes or path oracles. The performance investigation the concurrent multipath transmission reveals that an appropriate engineering of the high capacity pipe is required. This means that the path selection and the dimensioning of its mechanisms has to be done carefully