Showing papers on "Virtual network published in 2007"

Method and system for reconfiguring a virtual network path

Abstract: In general in one aspect, the invention relates to a method for reconfiguring a virtual network path. The method includes populating a virtual switching table associated with virtual network interface cards (VNICs), implementing the virtual network path using the virtual switching table, where the virtual network path includes a first virtual wire between a first VNIC located in a first computer and a second VNIC located in a second computer, placing a first network packet and a second network packet in a receive buffer associated with the second VNIC, transmitting the first network packet to the second VNIC using the virtual switching table, migrating the second VNIC from the second computer to a third computer, updating the virtual switching table based on migrating the second VNIC, and transmitting the second network packet to the second VNIC in the third computer using the virtual switching table.

Concurrent Direct Network Access for Virtual Machine Monitors

Abstract: This paper presents hardware and software mechanisms to enable concurrent direct network access (CDNA) by operating systems running within a virtual machine monitor. In a conventional virtual machine monitor, each operating system running within a virtual machine must access the network through a software-virtualized network interface. These virtual network interfaces are multiplexed in software onto a physical network interface, incurring significant performance overheads. The CDNA architecture improves networking efficiency and performance by dividing the tasks of traffic multiplexing, interrupt delivery, and memory protection between hardware and software in a novel way. The virtual machine monitor delivers interrupts and provides protection between virtual machines, while the network interface performs multiplexing of the network data. In effect, the CDNA architecture provides the abstraction that each virtual machine is connected directly to its own network interface. Through the use of CDNA, many of the bottlenecks imposed by software multiplexing can be eliminated without sacrificing protection, producing substantial efficiency improvements

Virtual network architecture for space data processing

Abstract: An adaptable virtual network system comprises a plurality of network elements and a plurality of virtual links. Each network element is communicatively coupled to at least one other network element via at least one physical link. At least one physical link comprises at least two virtual links. The adaptable virtual network system supports at least two virtual networks, each virtual network comprising at least one virtual link communicatively coupling at least two network elements.

Method and apparatus for load balancing over virtual network links

Abstract: Techniques for load balancing network traffic over virtual point-to-point data links at a data-link layer include determining a particular group of virtual point-to-point data links that reach a particular local area network of one or more network nodes. A particular data-link address for a particular node of the particular local area network is associated with each virtual point-to-point data link of the particular group. When a data packet is received that includes data that indicates the particular data-link address as a destination; one virtual point-to-point data link of the group is determined to balance traffic among the group. The data packet is sent only over the one virtual point-to-point data link. These techniques enable virtual point-to-point data links through two or more intermediate network nodes, such as a pair of provider edge nodes, to be bundled for load balancing purposes.

Methods and systems for automatic inference and adaptation of virtualized computing environments

Abstract: Certain embodiments of the present invention provide systems and method for automatic inference and adaptation of a virtualized computer environment. Certain embodiments of a system include a virtual topology and traffic inference framework tool adapted to monitor traffic for an application on a virtual network to produce a view of network demands for the application. The system also includes a monitoring tool adapted to monitor performance of an underlying physical network associated with the virtual network using traffic for the application. Further, the system includes an adaptation component adapted to automatically adapt the application to the virtual network based on the measured application traffic, the monitored network performance, and one or more adaptation control algorithms.

Event correlation using network data flow simulation over unmanaged network segments

Abstract: A network simulator comprises a virtual network and event correlation logic. The virtual model models a network that comprises a managed portion and an unmanaged portion. The event correlation logic, when executed, is operable to perform receiving first data indicating that an event occurred in the network. A network flow is initiated at a source virtual network element (VNE) corresponding to the source network device toward a destination VNE corresponding to the destination network device. A first VNE is communicatively coupled to a particular VNE corresponding to an unmanaged portion of the network. A logical topological link to a second VNE is identified and traversed. Second data that is associated with the unmanaged portion of the network is identified. As a result, the first data is stored in association with the second data.

Private virtual lan spanning a public network for connection of arbitrary hosts

Abstract: Architecture for exposing a virtual private network of peer devices into the public domain via an overlay network. Computing devices, peripheral devices, as well as mobile devices can be physically distributed, but appear to belong to the same virtual private (or home) network, and be accessible from anywhere. Benefits include access to user media/documents from anywhere, searching of all connected devices from one location, multicast and broadcast connectivity, management of the private network and the associated policies, and device discovery on the private network from across public networks. P2P networks and ad-hoc networks can be exposed as a virtual interface, as well as the utilization of client operating systems to create the virtual network, grouping, graphing, the integration with relay services and other NAT/firewall traversal schemes, and the creation of a P2P overlay manager on a physical NIC (network interface card) address rather than a virtual address.

System and method for securing information in a virtual computing environment

Abstract: A virtual security appliance (figure 2, 140) is provided for disposition in a virtual network having at least one other virtual network device, the virtual network residing on a host data processing machine The virtual security appliance comprises an interface configured for receiving a data communication directed to the at least one other virtual network device and a security function module (figure 2, 148) adapted for initiating a security function responsive to said data communication meeting predetermined criteria

A virtual machine for sensor networks

Abstract: Sensor networks are increasingly being deployed for a wide variety of tasks. Today, in these networks, the development, deployment, and maintenance of applications are performed largely ad-hoc. Existing platforms help somewhat but also introduce implicit trade-offs. In one extreme, low-level programming platforms and languages make programming cumbersome and error-prone. In the other extreme, declarative approaches greatly facilitate programming but restrict what can be done. In both cases, additional limitations include lack of support for concurrency, difficulties in changing applications, and insufficient abstractions from low-level details. This paper presents SwissQM, a virtual machine designed to address all these limitations. SwissQM offers a platform-independent programming abstraction that is geared towards data acquisition and in-network data processing.

Managing connectivity in a virtual network

Abstract: Embodiments include methods, apparatus, and systems for managing connectivity in a virtual network. One embodiment determines if information received from a device in a virtual land area network (VLAN) matches a configuration of a virtual connect domain (VCD) in order to label links as being either internal or external.

Approximation via cost sharing: Simpler and better approximation algorithms for network design

Abstract: We present constant-factor approximation algorithms for several widely-studied NP-hard optimization problems in network design, including the multicommodity rent-or-buy, virtual private network design, and single-sink buy-at-bulk problems. Our algorithms are simple and their approximation ratios improve over those previously known, in some cases by orders of magnitude.We develop a general analysis framework to bound the approximation ratios of our algorithms. This framework is based on a novel connection between random sampling and game-theoretic cost sharing.

Provisioning virtual private networks under traffic uncertainty

Abstract: We investigate a network design problem under traffic uncertainty that arises when provisioning Virtual Private Networks (VPNs): given a set of terminals that must communicate with one another, and a set of possible traffic matrices, sufficient capacity has to be reserved on the links of the large underlying public network to support all possible traffic matrices while minimizing the total reservation cost. The problem admits several versions depending on the desired topology of the reserved links, and the nature of the traffic data uncertainty. We present compact linear mixed-integer programming formulations for the problem with the classical hose traffic model and for a less conservative robust variant relying on the traffic statistics that are often available. These flow-based formulations allow us to solve optimally medium-to-large instances with commercial MIP solvers. We also propose a combined branch-and-price and cutting-plane algorithm to tackle larger instances. Computational results obtained for several classes of instances are reported and discussed. © 2006 Wiley Periodicals, Inc. NETWORKS, Vol. 49(1), 100–115 2007

Network element and an infrastructure for a network risk management system

Abstract: A system for a communication infrastructure in a network including at least one connected system (CS) and at least one network risk management network element (SW), wherein the network acts as a virtual network comprising at least one virtual network element, and wherein the at least one virtual network element takes over the roles of existing network elements comprising at least one of a switch, a router, a firewall and an intrusion prevention system (IPS), and wherein the virtual network is comprised of physical elements that work together to form the network's infrastructure.

TCP/IP offload engine virtualization system and methods

Abstract: A virtual computer system enabling dynamic, aggregated use of multiple TCP/IP offload engines (TOEs) by the set of guest computer systems hosted on the virtual computer system. Each of the guest computer systems includes an offload selection switch and the associated virtual machine monitor includes a first virtual context component. Second virtual context components are associated with a set of TCP/IP stacks and TOEs and interoperate with the first virtual context components to establish a virtual routing of network connections between the offload selection switches and the TOEs. The virtual context mapping retains the initially requested network connection information as well as the resolved virtual network connection established, thereby allowing the initial network connection request to be internally reapplied as required to accommodate dynamic changes in the network protocol parameters of the TOEs.

Method and system for creating a virtual network path

Abstract: In general, the invention relates to a method for creating a virtual network path. The method includes instantiating a number of virtual network interface cards (VNICs) on a number of virtual machines, where each virtual machines is located in one of the computers, each of the computers is connected using a chassis interconnect, and the computers share a physical network interface. The method further includes populating a virtual switching table associated with the VNICs and implementing the virtual network path using the virtual switching table. The virtual network path includes a first virtual wire between a first VNIC and a second VNIC, wherein the first VNIC is located in a first computer and wherein the second VNIC is located in a second computer selected from the plurality of computers.

MAC layer bridging of network frames between isolated and external networks

Abstract: An apparatus, program product and method bridge an isolated network such as a virtual network to an external network such as another virtual network or physical network by utilizing a network adapter on the other network that is assigned the same Media Access Control (MAC) address as an isolated network adapter on the isolated network.

An Ontology for Virtual Organization Breeding Environments

Abstract: Companies and individuals connect into networks to share their resources with the purpose of achieving a common goal. The field of collaborative network organizations covers various types of organizational structures. Knowledge, which is stored in such networks, can be separated into two different levels. First, there is a common knowledge about the organizational structure itself that can be used and reused in any of such networks. The second level represents the domain-specific knowledge, which such networks cover and use to function. In this paper, we address both levels, first, by proposing an ontology representing the common vocabulary and identifying the actors and relationships in a specific type of network, namely virtual organization breeding environment (VBE), and second, by proposing a methodology for extracting network-specific knowledge related to competencies. The instantiation of the proposed VBE ontology and the developed approach to semiautomated construction of competencies have been applied to real problem scenarios of Virtuelle Fabrik, a Swiss-German cluster of companies in mechanical engineering.

Virtual network connection apparatus, system, method for controlling connection of a virtual network and computer-readable storage medium

Abstract: There is provided a virtual network connection apparatus having a unit that receives an instruction for forming a virtual network; an unit that assigns a unique virtual network identifier in response to the instruction; a unit that receives designation of an information processor; a unit that issues permission information for a designated information processor and registers the issued permission information in correlation to the assigned identifier; a processor that determines, upon receipt of the permission information from an information processor, a virtual network identifier correlated to the permission information and executes a process to correlate an address of the information processor to the determined identifier; and a transmission controller that determines a virtual network identifiers correlated to a source and a destination addresses of a transmitted information, and executes a control to transmit the transmitted information to the destination address by reference to the determined identifiers.

Joint Design of Source Rate Control and QoS-Aware Congestion Control for Video Streaming Over the Internet

Abstract: Multimedia streaming over the Internet has been a very challenging issue due to the dynamic uncertain nature of the channels. This paper proposes an algorithm for the joint design of source rate control and congestion control for video streaming over the Internet. With the incorporation of a virtual network buffer management mechanism (VB), the quality of service (QoS) requirements of the application can be translated into the constraints of the source rate and the sending rate. Then at the application layer, the source rate control is implemented based on the derived constraints, and at the transport layer, a QoS-aware congestion control mechanism is proposed that strives to meet the send rate constraint derived from VB, by allowing temporary violation of transport control protocol (TCP)-friendliness when necessary. Long-term TCP-friendliness, nevertheless, is preserved by introducing a rate-compensation algorithm. Simulation results show that compared with traditional source rate/congestion control algorithms, this cross-layer design approach can better support the QoS requirements of the application, and significantly improve the playback quality by reducing the overflow and underflow of the decoder buffer, and improving quality smoothness, while maintaining good long-term TCP-friendliness

Virtual network of real-world entities

Abstract: Methods and systems for providing a virtual network of real-world entities are provided. In various embodiments, the methods and systems receive a database identifying real-world entities wherein the database can include relationships between entities and attributes. Some attributes can be associated with strengths. Upon receiving a search query from a user, the methods and systems can dynamically match entities based on the received query and the strengths to provide a response to the received search query.

Reinforce Networking Theory with OPNET Simulation.

Abstract: Introduction The explosive growth of the Internet in recent years has created a need for scientists and engineers, who can maintain, tune, debug, and innovate the networking infrastructure. Mastery of these technologies involves both theory and practice. The IEEE/ACM Computing Curriculum 2001 (Computing Curriculum, 2001) strongly recommends integrating hands-on experimentation and analysis into networking courses as they reinforce student understanding of concepts and their applications to real-world problems. It also has been stated that laboratory components are absolutely essential for a networking curriculum and deep understanding of networking requires laboratory facilities that allow one to build, observe, experiment, and measure (Comer, 2004). Many different approaches have been taken in developing "hands-on" laboratory-based networking courses. Some laboratory courses focus on network management and configuration (Brown, 2002; Fabrega, 2002; Fitzhugh, 2002; Kneale & Box, 2003) and even domain network administration (Nakagawa, Suda, Ukigai, & Miida, 2003). There is also some laboratory environments focus on one layer of networking protocols, such as link-layer network traffic analysis (Jipping, Bugaj, Mihalkova, & Porter, 2003) and implementation of transport level protocols (Richards, 2001). A few large networking education programs (Mayo & Kearns, 1999; Steenkiste, 2003) provide dedicated hardware in which students can experiment with a number of real networks and develop network functionality at the kernel level. However, such environments require extensive resources to setup and manage, and the high cost of providing dedicated networks makes it financially unworkable for most programs. The Virtual Network System (Casado & Mckeown, 2005) is a teaching tool designed to allow hundreds of students working remotely to develop user space programs that function as network infrastructure components. Most of those networking laboratory courses are introduced as a second course in computer networks. However, due to limited faculty and facility resources, most colleges and universities are only able to offer one networking course, mostly without any laboratory components. In fact, courses that expose students to actual network environments are still mostly absent in undergraduate and graduate curriculum (Kurose, Leibeherr, Ostermann, & Ott-Boisseau, 2002). There is an urgent need to integrate introductory networking courses with laboratory components. One way to integrate laboratory components into an introductory networking course is with simulation. Network simulation allows students to examine problems with much less work and of much larger scope than are possible with experiments on real hardware. An invaluable tool in this case is the free OPNET network simulator (OPNET, 2006) that offers the tools for modeling, design, simulation, data mining and analysis. OPNET can simulate a wide variety of different networks which are linked to each other. The students can therefore exercise various options available to networks and visually see the impact of their actions just by sitting at their workstations. Data message flows, packet losses, control/routing message flows, link failures, bit errors, etc. can be seen by the students at visible speed. This is the most cost effective solution for universities to demonstrate the behaviors of different networks and protocols. This paper describes our OPNET simulation laboratory development and our experience using it in introductory networking courses. We begin by describing our teaching objectives and discussing why we choose it over other major simulation software packets. We then present the representative projects of the OPNET simulation labs. Our simulation labs emphasize the understanding of the dynamics of network protocols instead of configuration and management and contain some extension or development of the topic beyond the lecture/reading. …

An Open and Scalable Emulation Infrastructure for Large-Scale Real-Time Network Simulations

Abstract: We present a software infrastructure that embeds physical hosts in a simulated network. Aiming to create a large-scale real-time virtual network testbed, our real-time interactive simulation approach combines the advantages of both simulation and emulation, by maintaining flexibility of the simulation models and increasing fidelity as real systems are included in the simulation. In our approach, real-world distributed applications and network services can run together with the real-time simulator; real packets are injected into the simulation and subject to the simulated network conditions computed as a result of both real and virtual traffic competing for network resources. A prototype of the proposed emulation infrastructure has been implemented based on virtual private network (VPN). One distinct advantage of our approach is that it does not require special hardware. Furthermore, it is flexible, secure, and scalable-attributes inherited directly from the VPN implementation. We conducted a set of preliminary experiments to assess the performance limitations of our emulation infrastructure. We also present an interesting case study to demonstrate the capability of our approach.

Virtual network connection system, virtual network connection apparatus, and computer-readable medium

Abstract: There is provided a virtual network connection apparatus including a first storage unit that stores first correspondence information representing a correspondence relationship between a real address of an information processor in a site and a virtual address of the information processor in a virtual network, an address conversion unit that executes an address conversion for transmitted information between an information processor in the site and an information processor outside of the site by referring to the first correspondence information, a second storage unit that stores second correspondence information representing a correspondence relationship between a name of an information processor in the site and a real address of the information processor, a generation unit that generates third correspondence information representing a correspondence relationship between a name of an information processor in the site and a virtual address of the information processor based on the first and the second correspondence information.

Method and system for controlling network traffic in a blade chassis

Abstract: In general, embodiments of the invention relates to a method for controlling network traffic in a chassis. The method includes assigning control of a network express manager located in the chassis to a control virtual machine selected from a number of virtual machines. The method further includes configuring the network express manager, by the control virtual machine, where the network express manager is configured to route network traffic in the chassis. The method further includes implementing a virtual network path using the network express manager, where the virtual network path includes a virtual wire between a first VNIC and a second VNIC, where the first VNIC is located in a first computer and the second VNIC is located in a second computer.

S-GRID: a versatile approach to efficient query processing in spatial networks

Abstract: Mobile services is emerging as an important application area for spatio-temporal database management technologies. Service users are often constrained to a spatial network, e.g., a road network, through which points of interest, termed data points, are accessible. Queries that implement services will often concern data points of some specific type, e.g., Thai restaurants or art museums. As a result, the relatively few data points are relevant to a query in comparison to the number of network edges, meaning that queries, e.g., k nearest-neighbor queries, must access large portions of the network. Existing query processing techniques pre-compute distances between data points and network vertices for improving the performance. However, precomputation becomes problematic when the network or data points must be updated, possibly concurrently with the querying; and if the data points are moving, the existing techniques are inapplicable. In addition, multiple pre-computed structures must be maintained--one for each type of data point. We propose a versatile pre-computation approach for spatial network data. This approach uses a grid for pre-computing a simplified network. The above-mentioned shortcomings are avoided by making the pre-computed data independent of the data points. Empirical performance studies show that the structure is competitive with respect to the existing, more specialized techniques.

Launching service applications using a virtual network management system

Abstract: A network service administration system including a plurality of service objects, a plurality of address objects; and a service configuration application for a multifunction appliance running on a client computer coupled to the appliance via a network. The service configuration application includes an interface allowing subscribers to configure at least a subset of application content services provided by the appliance and including a rule set implementing rules in ones of said application content services in said subset based on changes to configurations of any other of said application content services. Each of said service objects may comprise an individual network service definition.

CIVIC: a Hypervisor based Virtual Computing Environment

Abstract: The purpose of virtual computing environment is to improve resource utilization by providing a unified integrated operating platform for users and applications based on aggregation of heterogeneous and autonomous resources. With the rapid development in recent years, hypervisor technologies have become mature and comprehensive with four features, including transparency, isolation, encapsulation and manageability. In this paper, a hypervisor based computing infrastructure, named CIVIC, is proposed. Compared with existing approaches, CIVIC may benefit in several ways. It offers separated and isolated computing environment for end users, and realizes hardware and software consolidation and centralized management. Beside this, CIVIC provides a transparent view to upper layer applications, by hiding the dynamicity, distribution and heterogeneousness of underlying resources. Performance of the infrastructure is evaluated by an initial deployment and experiment. The result shows that CIVIC can facilitate installation, configuration and deployment of network-oriented applications.