vDNS closed-loop control: A framework for an elastic control plane service

Virtual Network Functions (VNFs) promise great efficiencies in deploying and operating new services, in terms of performance, resiliency and cost. However, today most operational VNF clouds are still generally static after their initial instantiation, thus not realizing many of the potential benefits of virtualization and enhanced orchestration. In this paper, we explore a large-scale operational instantiation of a virtual Domain Name System (vDNS) and present an analytical framework and platform to improve its efficiency during normal and adverse network traffic conditions, such as those caused by Distributed Denial-of-Service (DDoS) attacks and site failures. Using dynamic virtual machine instantiation, we show that under normal daily cycles we can run vDNS resolvers at higher target load, increasing the transactional efficiency of the underlying hardware by more than 10%, and improving client latency due to lower recursion rates. We demonstrate a method of reducing reaction time and service impacts due to malicious network traffic, such as during a DDoS event, by automatically redeploying virtual resources at selected nodes in the network. We quantify the tradeoff between spare hardware costs and latency under site failures, taking advantage of SDN controller-based flow redirection. This work is part of AT&T's ongoing network transformation through network function virtualization (NFV), software-defined networking (SDN), and enhanced orchestration.