Showing papers on "Virtual network published in 2012"

System and method for implementing and managing virtual networks

Abstract: A system and method for implementing and management virtual networks is disclosed. A method includes receiving a network packet arriving at a first network interface of a first node of an underlying network, communicating at least the packet and an identifier of the first network interface to a decision engine, determining how the packet should be processed based on a simulation by the decision engine of a traversal of a virtual network topology including a plurality of virtual network devices, wherein the decision engine communicates with a shared database accessible from the underlying network that stores the virtual network topology and virtual device configurations for the plurality of virtual network devices; and processing the packet based upon the simulation.

Virtual machine migration

Abstract: A source virtual machine (VM) hosted on a source server is migrated to a destination VM on a destination server without first powering down the source VM. After optional pre-copying of the source VM's memory to the destination VM, the source VM is suspended and its non-memory state is transferred to the destination VM; the destination VM is then resumed from the transferred state. The source VM memory is either paged in to the destination VM on demand, or is transferred asynchronously by pre-copying and write-protecting the source VM memory, and then later transferring only the modified pages after the destination VM is resumed. The source and destination servers preferably share common storage, in which the source VM's virtual disk is stored; this avoids the need to transfer the virtual disk contents. Network connectivity is preferably also made transparent to the user by arranging the servers on a common subnet, with virtual network connection addresses generated from a common name space of physical addresses.

The only constant is change: incorporating time-varying network reservations in data centers

Abstract: In multi-tenant datacenters, jobs of different tenants compete for the shared datacenter network and can suffer poor performance and high cost from varying, unpredictable network performance Recently, several virtual network abstractions have been proposed to provide explicit APIs for tenant jobs to specify and reserve virtual clusters (VC) with both explicit VMs and required network bandwidth between the VMs However, all of the existing proposals reserve a fixed bandwidth throughout the entire execution of a jobIn the paper, we first profile the traffic patterns of several popular cloud applications, and find that they generate substantial traffic during only 30%-60% of the entire execution, suggesting existing simple VC models waste precious networking resources We then propose a fine-grained virtual network abstraction, Time-Interleaved Virtual Clusters (TIVC), that models the time-varying nature of the networking requirement of cloud applications To demonstrate the effectiveness of TIVC, we develop Proteus, a system that implements the new abstraction Using large-scale simulations of cloud application workloads and prototype implementation running actual cloud applications, we show the new abstraction significantly increases the utilization of the entire datacenter and reduces the cost to the tenants, compared to previous fixed-bandwidth abstractions

Fully distributed routing over a user-configured on-demand virtual network for infrastructure-as-a-service (IaaS) on hybrid cloud networks

Abstract: A layer-3 virtual router connects two or more virtual networks. Virtual networks are overlaid upon physical networks. Each virtual network (VN) is a layer-2 network that appears to expand an organization's LAN using virtual MAC addresses. The network stack forms a virtual-network packet with a virtual gateway MAC address of the virtual router to reach a remote virtual network. A VN device driver shim intercepts packets and their virtual MAC and IP addresses and encapsulates them with physical packets sent over the Internet. A VN switch table is expanded to include entries for nodes on the remote virtual network so that all nodes on both virtual networks are accessible. A copy of the VN switch table is stored on each node by a virtual network management daemon on the node. A Time-To-Live field in the virtual-network packet is decremented for each virtual hop and a checksum recalculated.

VLAN frame format

Abstract: In a network device such as a network switch having a port coupled to a communications medium dedicated to a single virtual local area network and another port coupled to a communications medium shared among multiple virtual local area networks for transmitting data frames between the dedicated communications medium and the shared communications medium, a method of identifying the virtual network associated with each data frame received by the network switch when transmitting the data frames over the shared communications medium. The method comprises receiving data frames from the dedicated communications medium coupled to one port, and, with respect to each data frame so received, inserting a new type field and a virtual network identifier field. The contents of the new type field indicate the data frame comprises a virtual network identifier field. The method further includes placing a value in the virtual network identifier field identifying the virtual network associated with the data frame and transmitting the data frame over the shared communications medium. Upon receipt of the data frames from over the shared communications medium, another network device can discern from the virtual network identifier field in each data frame the virtual network from which the data frames were received and determine whether to forward the data frames accordingly.

Resource Discovery and Allocation in Network Virtualization

Abstract: Network virtualization is considered an important potential solution to the gradual ossification of the Internet. In a network virtualization environment, a set of virtual networks share the resources of a common physical network although each virtual network is isolated from others. Benefits include increased flexibility, diversity, security and manageability. Resource discovery and allocation are fundamental steps in the process of creating new virtual networks. This paper surveys previous work on, and the present status of, resource discovery and allocation in network virtualization. We also describe challenges and suggest future directions for this area of research.

Automatically Scaled Network Overlay with Heuristic Monitoring in a Hybrid Cloud Environment

Abstract: Techniques are provided for a management application in a first virtual network to start a first cloud gateway in the first virtual network First messages are sent to a second virtual network, the first messages comprising information configured to start a second cloud gateway and a first virtual switch in the second virtual network A connection is established between the first cloud gateway and the second cloud gateway, where the first cloud gateway, the second cloud gateway, and the first virtual switch form a first scalable cloud network element One or more second messages are sent to the second virtual network, the one or more second messages comprising information configured to start a virtual machine and a first virtual machine interface configured to allow the virtual machine to access processing resources in the second virtual network Data are stored that associates the virtual machine with the first virtual switch

System and method for simulating virtual machine migration in a network environment

Abstract: A method includes simulating network resources of a portion of a cloud in a simulated cloud within a enterprise network, the cloud being communicable with the enterprise network over a first communication channel, which may be external to the enterprise network. The method can also include simulating network behavior of the first communication channel in a second communication channel within the enterprise network, and validating application performance in the simulated cloud. Simulating network resources includes providing a cloud resources abstraction layer in the enterprise network, and allocating enterprise network resources in the enterprise network to the simulated cloud by the cloud resources abstraction layer. The method further includes adding a virtual network service appliance to the simulated cloud, and determining a change to a network topology of the enterprise network to accommodate the virtual appliance without materially impacting application performance.

System and methods for controlling network traffic through virtual switches

Abstract: A network may include network switches with network switch ports that may be coupled to end hosts. The network switches may be controlled by a controller such as a controller server. Virtual switches may be formed using the controller from groups of the network switch ports and the end hosts. Each virtual switch may include virtual interfaces associated with end hosts or network switches. Virtual links may be formed that define network connections between the virtual interfaces and end hosts or between two virtual interfaces. Virtual network policies such as selective packet forwarding, packet dropping, packet redirection, packet modification, or packet logging may be implemented at selected virtual interfaces to control traffic through the communications network. The controller may translate the virtual network policies into network switch forwarding paths that satisfy the virtual network policies.

Cloud-based middlebox management system

Abstract: A virtual network virtual machine may be implemented on a cloud computing facility to control communication among virtual machines executing applications and virtual machines executing middlebox functions. This virtual network virtual machine may provide for automatic scaling of middleboxes according to a heuristic algorithm that monitors the effectiveness of each middlebox on the network performance as application virtual machines are scaled. The virtual machine virtual network may also locate virtual machines in actual hardware to further optimize performance.

An Opportunistic Resource Sharing and Topology-Aware mapping framework for virtual networks

Abstract: Network virtualization provides a promising way to overcome Internet ossification. A major challenge is virtual network mapping, i.e., how to embed multiple virtual network requests with resource constraints into a substrate network, such that physical resources are utilized in an efficient and effective manner. Since this problem is known to be NP-complete, a variety of heuristic algorithms have been proposed. In this paper, we re-examine this problem and propose a virtual network mapping framework, ORS TA, which is based on Opportunistic Resource Sharing and Topology-Aware node ranking. Opportunistic resource sharing is taken into consideration at the entire network level for the first time and we develop an online approximation algorithm, FFA, for solving the corresponding time slot assignment problem. To measure the topology importance of a substrate node, a node ranking method, MCRank, based on Markov chain is presented. We also devise a simple and practical method to estimate the residual resource of a substrate node/link. Extensive simulation experiments demonstrate that the proposed framework enables the substrate network to achieve efficient physical resource utilization and to accept many more virtual network requests over time.

Dynamic graph query primitives for SDN-based cloudnetwork management

Abstract: The need to provide customers with the ability to configure the network in current cloud computing environments has motivated the Networking-as-a-Service (NaaS) systems designed for the cloud. Such systems can provide cloud customers access to virtual network functions, such as network-aware VM placement, real time network monitoring, diagnostics and management, all while supporting multiple device management protocols. These network management functionalities depend on a set of underlying graph primitives. In this paper, we present the design and implementation of the software architecture including a shared graph library that can support network management operations. Using the illustrative case of all pair shortest path algorithm, we demonstrate how scalable lightweight dynamic graph query mechanisms can be implemented to enable practical computation times, in presence of network dynamism.

Configuration management method of logical topology in virtual network and management server

Abstract: (1) A configuration management in a management server is carried out such that setting patterns regarding creation of plural types of virtual resources and setting patterns regarding connection between the plural types of virtual resources are extracted from setting information of network devices configuring a virtual network by using plural types of virtualization technologies, (2) an ID required for creating a virtual resource and a connection relation between virtual resources are extracted from the extracted setting pattern, (3) an element corresponding to a virtual resource or a connection between a pair of virtual resources is created by using information including the extracted ID, and (4) the elements created from setting information of individual devices are aggregated to thereby create logical topology information representing a topology of the virtual network.

Auto-discovery service and method of discovering applications within a virtual network

Abstract: Embodiments provide a system including a first host computing device that includes a first virtual machine (VM) and a first application. The system also includes a second host computing device including a virtualization software layer, a second VM, and an auto-discovery service at least partially instantiated within the virtualization software layer. The auto-discovery service is configured to receive a message and an auto-discovery packet from a second application executing on the second VM. The auto-discovery service inserts an option into the auto-discovery packet, and transmits the auto-discovery packet to the first application. The option in the auto-discovery packet includes the message received from the second application.

ExoGENI: A Multi-domain Infrastructure-as-a-Service Testbed

Abstract: NSF’s GENI program seeks to enable experiments that run within virtual network topologies built-to-order from testbed infrastructure offered by multiple providers (domains). GENI is often viewed as a network testbed integration effort, but behind it is an ambitious vision for multi-domain infrastructure-as-a-service (IaaS). This paper presents ExoGENI, a new GENI testbed that links GENI to two advances in virtual infrastructure services outside of GENI: open cloud computing (OpenStack) and dynamic circuit fabrics. ExoGENI orchestrates a federation of independent cloud sites and circuit providers through their native IaaS interfaces, and links them to other GENI tools and resources.

Optimizing Long-Lived CloudNets with Migrations

Abstract: This paper attends to the problem of embedding flexibly specified virtual networks connecting cloud resources (e.g., storage or computation) on a given substrate (e.g., a data center, an ISP backbone, a router site, or a virtual provider network). We study a scenario where a substrate provider (or a potential intermediate broker or reseller) wants to optimize the embedding of these so-called \CloudNets\ by migrating them to more suitable locations. For instance, such re-embeddings can be useful if the \CloudNets\ were requested at short notice and initially placed heuristically. Subsequent optimizations can, e.g., reduce the peak resource loads in the network by spreading \CloudNets\ across the infrastructure or save energy by moving \CloudNets\ together and switching off unused components. We present the generic mathematical programming algorithm used in our \CloudNet\ prototype to compute optimal embeddings. For example, this algorithm supports different objective functions (such as load minimization or energy conservation), arbitrary resource combinations and the mapping of multiple virtual nodes of a \CloudNet\ to a single substrate node, cost-aware migrations, and it can deal with all link types that arise in practice (e.g., full-duplex or even wireless or wired broadcast links with multiple endpoints). Of course, such rigorous \CloudNet\ optimizations are time consuming, and we report on the time complexities obtained from our experiments with our network virtualization prototype architecture. It turns out that optimizing \CloudNets\ over moderate sized infrastructures is feasible, even for scenarios with high flexibility and without tuning the solver software to speed up computations further.

Karnaugh-map like online embedding algorithm of wireless virtualization

Abstract: Wireless virtualization enables multiple concurrent wireless networks running on a shared wireless substrate to support different services (e.g. multimedia, VoIP). A fundamental challenge in wireless virtualization is how to efficiently assign wireless resource to virtual networks (VNs), i.e. embedding problem. However, so far there are few research results related to the embedding problems of wireless virtualization. This paper focuses on two important goals: (1) the embedding algorithm should handle online virtual network requests; (2) an efficient embedding algorithm is needed. Inspired from karnaugh-map, we present a karnaugh-map-like online embedding algorithm of wireless virtualization, which includes: online scheduling method and karnaugh-map-like embedding algorithm. Evaluation results show that our algorithm has better performance. To the best of authors' knowledge, it is not only the first detailed algorithm on embedding problem of wireless virtualization, but also the first algorithm handling the online requests of wireless virtualization.

Strategies for Virtual Optical Network Allocation

Abstract: This paper presents Integer Linear Programming (ILP) formulations to optimally allocate Virtual Optical Networks (VONs) over a transparent optical network substrate. These formulations serve the purpose of building either completely transparent VONs or opaque ones, where electrical termination capabilities are assumed at each virtual network node. In addition, a lightweight Greedy Randomized Adaptive Search (GRASP) heuristic is provided for the transparent case. The obtained results validate the accuracy of the proposed heuristic and reveal the benefits of the presented solutions against simpler shortest-path-based VON allocation strategies.

Connecting on-premise networks with public clouds

Abstract: A computer system for encapsulating a packet between a customer premise for delivery to customer resources within a public cloud data center. The computer system comprises a shim gateway. The shim gateway comprises a plurality of customer specific shim components. The shim gateway is configured to receive a packet from a customer premise. The packet has a VLAN tag. The packet identifies a tenant within a designated virtual network for the customer. The designated virtual network is within the public cloud data center. The shim gateway is further configured to encapsulate the packet into an encapsulated packet. Encapsulation includes mapping the VLAN tag to a destination network address of a tenant gateway for the customer. The tenant gateway is in the designated virtual network. The shim gateway is further configured to forward the encapsulated packet to the tenant gateway in the designated virtual network for delivery to the identified tenant.

Providing overlay networks via elastic cloud networking

Abstract: A device receives network infrastructure requirements from a user, and selects, based on the network infrastructure requirements, at least one of a virtual core network, a virtual network resource, and a virtual system from resources provided in a cloud computing environment. The device also enables use of the selected at least one of the virtual core network, the virtual network resource, and the virtual system by the user. The device receives, from the user, traffic destined for the selected at least one of the virtual core network, the virtual network resource, and the virtual system, and provides the traffic to the selected at least one of the virtual core network, the virtual network resource, and the virtual system.

Optimal allocation of virtual optical networks for the future internet

Abstract: Optical network infrastructures can be partitioned into multiple parallel, dedicated virtual networks for a physical infrastructure sharing purpose. However, different transport technologies may impact in both the amount and the characteristics of the different virtual instances that can be built on top of a single physical infrastructure. To analyse the impact of the transport technology in this regard, we present exact Integer Linear Programming (ILP) formulations that address the off-line problem of optimally allocate a set of virtual networks in two kind of substrates: wavelength switching and spectrum switching. Both formulations serve the purpose to provide opaque transport services from the virtual network point of view, where electronic terminations are assumed in the virtual network nodes. We carry out a series of experiments to validate the presented formulations and determine which is the impact of both substrates in the number of virtual networks that can be optimally allocated in the transport network.

Internet of Things Virtual Networks: Bringing Network Virtualization to Resource-Constrained Devices

Abstract: Networks of smart resource-constrained objects, such as sensors and actuators, can support a wide range of application domains. In most cases these networks were proprietary and stand-alone. More recently, many efforts have been undertaken to connect these networks to the Internet using standard protocols. Current solutions that integrate smart resource-constrained objects into the Internet are mostly gateway-based. In these solutions, security, firewalling, protocol translations and intelligence are implemented by gateways at the border of the Internet and the resource-constrained networks. In this paper, we introduce a complementary approach to facilitate the realization of what is called the Internet of Things. Our approach focuses on the objects, both resource-constrained and non-constrained, that need to cooperate by integrating them into a secured virtual network, named an Internet of Things Virtual Network or IoTVN. Inside this IoT-VN full end-to-end communication can take place through the use of protocols that take the limitations of the most resource-constrained devices into account. We describe how this concept maps to several generic use cases and, as such, can constitute a valid alternative approach for supporting selected applications. A first implementation demonstrating the key concepts of this approach is described. It illustrates the feasibility of integrating resource-constrained devices into virtual networks, but also reveals open challenges.

Border gateway protocol extension for the host joining/leaving a virtual private network

Abstract: A method for performing an automatic join and leave function for either a host or network using Border Gateway Protocol (BGP) signaling, the method comprising, sending a BGP join request that indicates a request to join a virtual network, receiving a BGP join response that indicates either an acceptance or a rejection of the BGP join request, adding the host to the virtual network when the BGP join response accepts the BGP join request, sending a BGP leave request that indicates a request to leave the virtual network, receiving a BGP leave response that indicates either an acceptance or a rejection of the BGP leave request, and removing the host from the virtual network when the BGP leave response accepts the BGP leave request, wherein the BGP join request comprises a quality of service (QoS) requirement and a bandwidth requirement.

System and method for managing virtual network in cloud computation data center

Abstract: The invention discloses a system and a method for managing a virtual network in a cloud computation data center, and relates to the technical field of network system structures and network communication protocols The system comprises physical servers and a controller, the physical servers are connected with a core switching network of the data center, each physical server is provided with at least one switch supporting OpenFlow related protocols and is connected with the controller, and the controller builds the virtual network, maintains configuration of the virtual network and a mapping relation among the virtual network, a virtual broadcast domain and a local broadcast domain, and configures and controls the switches of the physical servers By the aid of the system and the method, pressure on broadcasting and double-layer address tables and forwarding tables of the core switching network of the data center can be effectively reduced, large-scale management is facilitated, flows of different users can be effectively isolated, security is strengthened, and configuration of the virtual network of the data center can be quickly and flexibly changed along with dynamic distribution of virtual resources

Dynamic Profit Maximization of Cognitive Mobile Virtual Network Operator

Abstract: We study the profit maximization problem of a cognitive virtual network operator in a dynamic network environment. We consider a downlink OFDM communication system with various network dynamics, including dynamic user demands, uncertain sensing spectrum resources, dynamic spectrum prices, and time-varying channel conditions. In addition, heterogenous users and imperfect sensing technology are incorporated to make the network model more realistic. By exploring the special structural of the problem, we develop a low-complexity on-line control policies that determine pricing and resource scheduling without knowing the statistics of dynamic network parameters. We show that the proposed algorithms can achieve arbitrarily close to the optimal profit with a proper trade-off with the queuing delay.

Exploring online virtual networks mapping with stochastic bandwidth demand in multi-datacenter

Abstract: Network virtualization serves as a promising technique for providing a flexible and highly adaptable shared substrate network to satisfy the diversity of demands and overcoming the ossification of Internet infrastructure. As a key issue of constructing a virtual network (VN), various state-of-the-art algorithms have been proposed in many research works for addressing the VN mapping problem. However, these traditional works are efficient for mapping VN which with deterministic amount of network resources required, they even deal with the dynamic resource demand by using over-provisioning. These approaches are obviously not advisable, since the network resources are becoming more and more scarce. In this paper, we investigate the online stochastic VN mapping (StoVNM) problem, in which the VNs are generated as a Poisson process and each bandwidth demand x i follows a normal distribution, i.e., x i ~ N(μ i , ? i 2 ). Firstly, we formulate the model for StoVNM problem by mixed integer linear programming, which with objective including minimum-mapping-cost and load balance. Then, we devise a sliding window approach-based heuristic algorithm w-StoVNM for tackling this NP-hard StoVNM problem efficiently. The experimental results achieved from extensive simulation experiments demonstrate the effectiveness of the proposed approach and superiority than traditional solutions for VN mapping in terms of VN mapping cost, blocking ratio, and total net revenue in the long term.

V-lab: a cloud-based virtual laboratory platform for hands-on networking courses

Abstract: For computer-network education, hands-on laboratories are essential in addition to lectures. Existing laboratory solutions are usually expensive to build, configure and maintain, while still lacking reusability, flexibility and scalability. This paper presents a cloud-based virtual laboratory education solution, called V-Lab, where instructors can use an interactive web GUI to configure computer network testbeds based on a set of dedicated virtual computers interconnected through VLAN-based virtual networks. The established virtual network system can be accessed by students via remote access using standard Secure Shell (SSH), Virtual Network Computing (VNC), or Remote Desktop Protocol (RDP). By using a flexible and re-configurable design, V-Lab greatly reduces the effort needed to establish and maintain a physical laboratory, while providing a secure and reliable environment that encourages students to use the resources based on their own schedule. V-Lab also helps re-design laboratory curriculum to focus on six educational factors, and the survey results show that V-Lab system is easy to use and setup and has satisfactory performance and reliability. It is also indicated that V-Lab helps students understand and solve real-world problems with sufficient laboratory resources and improved efficiency.

Airtime-based resource control in wireless LANs for wireless network virtualization

Abstract: Wireless network virtualization is needed to build a virtual network over wireless and wired networks, which enables a rapid deployment of novel mobile services or novel mobile network architectures on a shared infrastructure. This paper proposes an airtime-based resource control technique for wireless network virtualization, in which wireless network resources are allocated among competing virtual networks while keeping their programmability. A WLAN system adopting the proposed technique is developed by enhancing an IEEE 802.11e EDCA (Enhanced Distributed Channel Access) MAC (Media Access Control) mechanism. The operation of the resource control technique is demonstrated by a simulation and the performance of airtime usage and throughput are investigated. It is shown that technique can successfully control the wireless network resource allocations with a target ratio even under conditions when the WLAN system suffers interferences.