Lightweight Flow-Based Policy Enforcement for SDN-Based Multi-Domain Communication

IF 1.5 4区 计算机科学 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS
Abdulhakim Sabur
{"title":"Lightweight Flow-Based Policy Enforcement for SDN-Based Multi-Domain Communication","authors":"Abdulhakim Sabur","doi":"10.1002/nem.2312","DOIUrl":null,"url":null,"abstract":"<div>\n \n <p>Although software-defined networking (SDN) is commonly employed for intra-domain communication, inter-domain communication still heavily relies on conventional routing methods, specifically BGP-based routers. The BGP router plays a crucial role in managing control and data planes, but this traditional approach hinders the exploitation of SDN advantages. Previous studies demonstrated the use of BGP for inter-domain and end-to-end communication. This paper advocates for the adoption of a fully SDN-based data plane packet switching strategy through the introduction of LPEES, a lightweight policy framework tailored for SDN-based inter-domain communication. LPEES strategically confines BGP's functionality to the control plane, preserving SDN benefits. Evaluation results confirm the effectiveness of LPEES compared to the BGP routing approach, as measured by throughput and various network quality of service (QoS) metrics. Additionally, LPEES streamlines inter-domain communication by utilizing a trust-based routing policy approach that can establish trust between communicating domains. The presented solution's main advantage is that it loosens the burden on the administrator by requiring less human interference to check the inter-domain communication security and privacy. Our evaluations show LPEES outperform the BGP-based in terms of throughput as LPEES achieves a <span></span><math>\n <semantics>\n <mrow>\n <mo>∼</mo>\n </mrow>\n <annotation>$$ \\sim $$</annotation>\n </semantics></math>27 Gbps versus <span></span><math>\n <semantics>\n <mrow>\n <mo>∼</mo>\n </mrow>\n <annotation>$$ \\sim $$</annotation>\n </semantics></math>22 Gbps in the traditional approach. Based on our experiments, LPEES also enhances the communication delay by an average of <span></span><math>\n <semantics>\n <mrow>\n <mo>∼</mo>\n </mrow>\n <annotation>$$ \\sim $$</annotation>\n </semantics></math>17% compared to the traditional BGP-based approach.</p>\n </div>","PeriodicalId":14154,"journal":{"name":"International Journal of Network Management","volume":"35 1","pages":""},"PeriodicalIF":1.5000,"publicationDate":"2024-10-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Network Management","FirstCategoryId":"94","ListUrlMain":"https://onlinelibrary.wiley.com/doi/10.1002/nem.2312","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

Abstract

Although software-defined networking (SDN) is commonly employed for intra-domain communication, inter-domain communication still heavily relies on conventional routing methods, specifically BGP-based routers. The BGP router plays a crucial role in managing control and data planes, but this traditional approach hinders the exploitation of SDN advantages. Previous studies demonstrated the use of BGP for inter-domain and end-to-end communication. This paper advocates for the adoption of a fully SDN-based data plane packet switching strategy through the introduction of LPEES, a lightweight policy framework tailored for SDN-based inter-domain communication. LPEES strategically confines BGP's functionality to the control plane, preserving SDN benefits. Evaluation results confirm the effectiveness of LPEES compared to the BGP routing approach, as measured by throughput and various network quality of service (QoS) metrics. Additionally, LPEES streamlines inter-domain communication by utilizing a trust-based routing policy approach that can establish trust between communicating domains. The presented solution's main advantage is that it loosens the burden on the administrator by requiring less human interference to check the inter-domain communication security and privacy. Our evaluations show LPEES outperform the BGP-based in terms of throughput as LPEES achieves a $$ \sim $$ 27 Gbps versus $$ \sim $$ 22 Gbps in the traditional approach. Based on our experiments, LPEES also enhances the communication delay by an average of $$ \sim $$ 17% compared to the traditional BGP-based approach.

基于 SDN 的多域通信中基于流量的轻量级策略执行
虽然软件定义网络(SDN)通常用于域内通信,但域间通信仍严重依赖传统路由方法,特别是基于 BGP 的路由器。BGP 路由器在管理控制平面和数据平面方面发挥着至关重要的作用,但这种传统方法阻碍了 SDN 优势的发挥。以前的研究表明,BGP 可用于域间和端到端通信。本文通过引入为基于 SDN 的域间通信量身定制的轻量级策略框架 LPEES,倡导采用完全基于 SDN 的数据平面数据包交换策略。LPEES 从战略上将 BGP 的功能限制在控制平面,保留了 SDN 的优势。通过吞吐量和各种网络服务质量(QoS)指标来衡量,评估结果证实了 LPEES 与 BGP 路由方法相比的有效性。此外,LPEES 采用基于信任的路由策略方法,可以在通信域之间建立信任,从而简化域间通信。该解决方案的主要优点是减轻了管理员的负担,减少了检查域间通讯安全性和隐私性的人工干预。我们的评估显示,LPEES 在吞吐量方面优于基于 BGP 的方案,LPEES 达到了 27 Gbps,而传统方案为 22 Gbps。根据我们的实验,与传统的基于 BGP 的方法相比,LPEES 还将通信延迟平均提高了 ∼ $ $ \sim $ 17%。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
International Journal of Network Management
International Journal of Network Management COMPUTER SCIENCE, INFORMATION SYSTEMS-TELECOMMUNICATIONS
CiteScore
5.10
自引率
6.70%
发文量
25
审稿时长
>12 weeks
期刊介绍: Modern computer networks and communication systems are increasing in size, scope, and heterogeneity. The promise of a single end-to-end technology has not been realized and likely never will occur. The decreasing cost of bandwidth is increasing the possible applications of computer networks and communication systems to entirely new domains. Problems in integrating heterogeneous wired and wireless technologies, ensuring security and quality of service, and reliably operating large-scale systems including the inclusion of cloud computing have all emerged as important topics. The one constant is the need for network management. Challenges in network management have never been greater than they are today. The International Journal of Network Management is the forum for researchers, developers, and practitioners in network management to present their work to an international audience. The journal is dedicated to the dissemination of information, which will enable improved management, operation, and maintenance of computer networks and communication systems. The journal is peer reviewed and publishes original papers (both theoretical and experimental) by leading researchers, practitioners, and consultants from universities, research laboratories, and companies around the world. Issues with thematic or guest-edited special topics typically occur several times per year. Topic areas for the journal are largely defined by the taxonomy for network and service management developed by IFIP WG6.6, together with IEEE-CNOM, the IRTF-NMRG and the Emanics Network of Excellence.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信