发布求助
文献互助 智能选刊 最新文献

HotSDN '12最新文献

筛选
英文 中文
Using CPU as a traffic co-processing unit in commodity switches 在商品交换机中使用CPU作为流量协同处理单元
HotSDN '12 Pub Date : 2012-08-13 DOI: 10.1145/2342441.2342448
Guohan Lu, Rui Miao, Y. Xiong, Chuanxiong Guo
{"title":"Using CPU as a traffic co-processing unit in commodity switches","authors":"Guohan Lu, Rui Miao, Y. Xiong, Chuanxiong Guo","doi":"10.1145/2342441.2342448","DOIUrl":"https://doi.org/10.1145/2342441.2342448","url":null,"abstract":"Commodity switches are becoming increasingly important as they are the basic building blocks for the enterprise and data center networks. With the availability of all-in-one switching ASICs, these switches almost universally adopt single switching ASIC design. However, such design also brings two major limitations, i.e, limited forwarding table for flow-based forwarding scheme such as Openflow and shallow buffer for bursty traffic pattern. In this paper, we propose to use CPU in the switches to handle not only control plane but also data plane traffic. We show that this design can provide large forwarding table for flow-based forwarding scheme and deep packet buffer for bursty traffic. We build such a prototype switch on ServerSwitch platform. In our evaluation, we show that our prototype can achieve over 90% traffic offloading ratio, absorb large traffic bursts without a single packet drop, and can be easily programmed to detect and defend low-rate burst attacks.","PeriodicalId":164474,"journal":{"name":"HotSDN '12","volume":"185 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-08-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121089117","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 66
A management method of IP multicast in overlay networks using openflow 基于openflow的覆盖网络IP组播管理方法
HotSDN '12 Pub Date : 2012-08-13 DOI: 10.1145/2342441.2342460
Yukihiro Nakagawa, Kazuki Hyoudou, Takeshi Shimizu
{"title":"A management method of IP multicast in overlay networks using openflow","authors":"Yukihiro Nakagawa, Kazuki Hyoudou, Takeshi Shimizu","doi":"10.1145/2342441.2342460","DOIUrl":"https://doi.org/10.1145/2342441.2342460","url":null,"abstract":"Overlay networks stretch a Layer 2 network and increase mobility of virtual machines. VXLAN (Virtual eXtensible LAN) is one of Layer 2 overlay schemes over a Layer 3 net- work proposed in IETF and its definition covers 16M overlay networks or segments which solves 4K limitation of VLANs. However VXLAN uses IP multicast for the isolation of net- work traffic by tenant in the shared network infrastructure. IP multicast requires great amount of resources such as IP multicast table and CPU therefore the scalability is to be limited by handling of IP multicast. We propose to manage IP multicast in overlay networks using OpenFlow instead of using dynamic registration protocol such as IGMP. We describe our implementations of VXLAN controller, edge switch with VXLAN gateway and OpenFlow switch. Our method using OpenFlow eliminates periodical Join/Leave messages and achieves more than 4k tenants in our Layer 2 network at server edges, which was not possible before.","PeriodicalId":164474,"journal":{"name":"HotSDN '12","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-08-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130370722","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 57
Splendid isolation: a slice abstraction for software-defined networks 出色的隔离:软件定义网络的切片抽象
HotSDN '12 Pub Date : 2012-08-13 DOI: 10.1145/2342441.2342458
S. Gutz, A. Story, Cole Schlesinger, Nate Foster
{"title":"Splendid isolation: a slice abstraction for software-defined networks","authors":"S. Gutz, A. Story, Cole Schlesinger, Nate Foster","doi":"10.1145/2342441.2342458","DOIUrl":"https://doi.org/10.1145/2342441.2342458","url":null,"abstract":"The correct operation of many networks depends on keeping certain kinds of traffic isolated from others, but achieving isolation in networks today is far from straightforward. To achieve isolation, programmers typically resort to low-level mechanisms such as Virtual LANs, or they interpose complicated hypervisors into the control plane. This paper presents a better alternative: an abstraction that supports programming isolated slices of the network. The semantics of slices ensures that the processing of packets on a slice is independent of all other slices. We define our slice abstraction precisely, develop algorithms for compiling slices, and illustrate their use on examples. In addition, we describe a prototype implementation and a tool for automatically verifying formal isolation properties.","PeriodicalId":164474,"journal":{"name":"HotSDN '12","volume":"75 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-08-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130564244","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 141
Hey, you darned counters!: get off my ASIC! 嘿,你们这些该死的柜台!放开我的ASIC!
HotSDN '12 Pub Date : 2012-08-13 DOI: 10.1145/2342441.2342447
J. Mogul, Paul Congdon
{"title":"Hey, you darned counters!: get off my ASIC!","authors":"J. Mogul, Paul Congdon","doi":"10.1145/2342441.2342447","DOIUrl":"https://doi.org/10.1145/2342441.2342447","url":null,"abstract":"Software-Defined Networking (SDN) gains much of its value through the use of central controllers with global views of dynamic network state. To support a global view, SDN protocols, such as OpenFlow, expose several counters for each flow-table rule. These counters must be maintained by the data plane, which is typically implemented in hardware as an ASIC. ASIC-based counters are inflexible, and cannot easily be modified to compute novel metrics.\u0000 These counters do not need to be on the ASIC. If the ASIC data plane has a fast connection to a general-purpose CPU with cost-effective memory, we can replace traditional counters with a stream of rule-match records, transmit this stream to the CPU, and then process the stream in the CPU. These software-defined counters allow far more flexible processing of counter-related information, and can reduce the ASIC area and complexity needed to support counters.","PeriodicalId":164474,"journal":{"name":"HotSDN '12","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-08-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122983820","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 81
A security enforcement kernel for OpenFlow networks OpenFlow网络的安全执行内核
HotSDN '12 Pub Date : 2012-08-13 DOI: 10.1145/2342441.2342466
Phillip A. Porras, Seungwon Shin, V. Yegneswaran, Martin W. Fong, M. Tyson, G. Gu
{"title":"A security enforcement kernel for OpenFlow networks","authors":"Phillip A. Porras, Seungwon Shin, V. Yegneswaran, Martin W. Fong, M. Tyson, G. Gu","doi":"10.1145/2342441.2342466","DOIUrl":"https://doi.org/10.1145/2342441.2342466","url":null,"abstract":"Software-defined networks facilitate rapid and open innovation at the network control layer by providing a programmable network infrastructure for computing flow policies on demand. However, the dynamism of programmable networks also introduces new security challenges that demand innovative solutions. A critical challenge is efficient detection and reconciliation of potentially conflicting flow rules imposed by dynamic OpenFlow (OF) applications. To that end, we introduce FortNOX, a software extension that provides role-based authorization and security constraint enforcement for the NOX OpenFlow controller. FortNOX enables NOX to check flow rule contradictions in real time, and implements a novel analysis algorithm that is robust even in cases where an adversarial OF application attempts to strategically insert flow rules that would otherwise circumvent flow rules imposed by OF security applications. We demonstrate the utility of FortNOX through a prototype implementation and use it to examine performance and efficiency aspects of the proposed framework.","PeriodicalId":164474,"journal":{"name":"HotSDN '12","volume":"88 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-08-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115824235","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 571
Procera: a language for high-level reactive network control 程序:用于高级反应性网络控制的语言
HotSDN '12 Pub Date : 2012-08-13 DOI: 10.1145/2342441.2342451
A. Voellmy, Hyojoon Kim, N. Feamster
{"title":"Procera: a language for high-level reactive network control","authors":"A. Voellmy, Hyojoon Kim, N. Feamster","doi":"10.1145/2342441.2342451","DOIUrl":"https://doi.org/10.1145/2342441.2342451","url":null,"abstract":"Our previous experience building systems for implementing network policies in home and enterprise networks has revealed that the intuitive notion of network policy in these domains is inherently dynamic and stateful. Current configuration languages, both in traditional network architectures and in OpenFlow systems, are not expressive enough to capture these policies. As a result, most prototype OpenFlow systems lack a configurable interface and instead require operators to program in the system implementation language, often C++. We describe Procera, a control architecture for software-defined networking (SDN) that includes a declarative policy language based on the notion of functional reactive programming; we extend this formalism with both signals relevant for expressing high-level network policies in a variety of network settings, including home and enterprise networks, and a collection of constructs expressing temporal queries over event streams that occur frequently in network policies. Although sophisticated users can take advantage of Procera's full expressiveness by expressing network policies directly in Procera, simpler configuration interfaces (e.g., graphical user interfaces) can also easily be built on top of this formalism.","PeriodicalId":164474,"journal":{"name":"HotSDN '12","volume":"43 36","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-08-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134225333","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 270
OpenRadio: a programmable wireless dataplane OpenRadio:一个可编程的无线数据平面
HotSDN '12 Pub Date : 2012-08-13 DOI: 10.1145/2342441.2342464
M. Bansal, J. Mehlman, S. Katti, P. Levis
{"title":"OpenRadio: a programmable wireless dataplane","authors":"M. Bansal, J. Mehlman, S. Katti, P. Levis","doi":"10.1145/2342441.2342464","DOIUrl":"https://doi.org/10.1145/2342441.2342464","url":null,"abstract":"We present OpenRadio, a novel design for a programmable wireless dataplane that provides modular and declarative programming interfaces across the entire wireless stack. Our key conceptual contribution is a principled refactoring of wireless protocols into processing and decision planes. The processing plane includes directed graphs of algorithmic actions (eg. 54Mbps OFDM WiFi or special encoding for video). The decision plane contains the logic which dictates which directed graph is used for a particular packet (eg. picking between data and video graphs). The decoupling provides a declarative interface to program the platform while hiding all underlying complexity of execution. An operator only expresses decision plane rules and corresponding processing plane action graphs to assemble a protocol. The scoped interface allows us to build a dataplane that arguably provides the right tradeoff between performance and flexibility. Our current system is capable of realizing modern wireless protocols (WiFi, LTE) on off-the-shelf DSP chips while providing flexibility to modify the PHY and MAC layers to implement protocol optimizations.","PeriodicalId":164474,"journal":{"name":"HotSDN '12","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-08-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132780079","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 290
Fabric: a retrospective on evolving SDN Fabric:回顾SDN的发展
HotSDN '12 Pub Date : 2012-08-13 DOI: 10.1145/2342441.2342459
M. Casado, Teemu Koponen, S. Shenker, Amin Tootoonchian
{"title":"Fabric: a retrospective on evolving SDN","authors":"M. Casado, Teemu Koponen, S. Shenker, Amin Tootoonchian","doi":"10.1145/2342441.2342459","DOIUrl":"https://doi.org/10.1145/2342441.2342459","url":null,"abstract":"MPLS was an attempt to simplify network hardware while improving the flexibility of network control. Software-Defined Networking (SDN) was designed to make further progress along both of these dimensions. While a significant step forward in some respects, it was a step backwards in others. In this paper we discuss SDN's shortcomings and propose how they can be overcome by adopting the insight underlying MPLS. We believe this hybrid approach will enable an era of simple hardware and flexible control.","PeriodicalId":164474,"journal":{"name":"HotSDN '12","volume":"3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-08-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133799384","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 236
Openflow random host mutation: transparent moving target defense using software defined networking Openflow随机主机突变:使用软件定义网络的透明移动目标防御
HotSDN '12 Pub Date : 2012-08-13 DOI: 10.1145/2342441.2342467
J. H. Jafarian, E. Al-Shaer, Qi Duan
{"title":"Openflow random host mutation: transparent moving target defense using software defined networking","authors":"J. H. Jafarian, E. Al-Shaer, Qi Duan","doi":"10.1145/2342441.2342467","DOIUrl":"https://doi.org/10.1145/2342441.2342467","url":null,"abstract":"Static configurations serve great advantage for adversaries in discovering network targets and launching attacks. Identifying active IP addresses in a target domain is a precursory step for many attacks. Frequently changing hosts' IP addresses is a novel proactive moving target defense (MTD) that hides network assets from external/internal scanners. In this paper, we use OpenFlow to develop a MTD architecture that transparently mutates host IP addresses with high unpredictability and rate, while maintaining configuration integrity and minimizing operation overhead. The presented technique is called OpenFlow Random Host Mutation (OF-RHM) in which the OpenFlow controller frequently assigns each host a random virtual IP that is translated to/from the real IP of the host. The real IP remains untouched, so IP mutation is completely transparent for end-hosts. Named hosts are reachable via the virtual IP addresses acquired via DNS, but real IP addresses can be only reached by authorized entities. Our implementation and evaluation show that OF-RHM can effectively defend against stealthy scanning, worm propagation, and other scanning-based attack.","PeriodicalId":164474,"journal":{"name":"HotSDN '12","volume":"50 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-08-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134179165","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 516
Dynamic graph query primitives for SDN-based cloudnetwork management 基于sdn的云网络管理的动态图查询原语
HotSDN '12 Pub Date : 2012-08-13 DOI: 10.1145/2342441.2342461
R. Raghavendra, Jorge Lobo, Kang-Won Lee
{"title":"Dynamic graph query primitives for SDN-based cloudnetwork management","authors":"R. Raghavendra, Jorge Lobo, Kang-Won Lee","doi":"10.1145/2342441.2342461","DOIUrl":"https://doi.org/10.1145/2342441.2342461","url":null,"abstract":"The need to provide customers with the ability to configure the network in current cloud computing environments has motivated the Networking-as-a-Service (NaaS) systems designed for the cloud. Such systems can provide cloud customers access to virtual network functions, such as network-aware VM placement, real time network monitoring, diagnostics and management, all while supporting multiple device management protocols. These network management functionalities depend on a set of underlying graph primitives. In this paper, we present the design and implementation of the software architecture including a shared graph library that can support network management operations. Using the illustrative case of all pair shortest path algorithm, we demonstrate how scalable lightweight dynamic graph query mechanisms can be implemented to enable practical computation times, in presence of network dynamism.","PeriodicalId":164474,"journal":{"name":"HotSDN '12","volume":"90 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-08-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133220908","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 73
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信