Network Performance and Security Analysis of Software Defined Networking

Ayman Haggag¹ , Dalia Hanafy²

Section:Research Paper, Product Type: Journal-Paper
Vol.9 , Issue.6 , pp.41-47, Dec-2021

Online published on Dec 31, 2021

Copyright © Ayman Haggag, Dalia Hanafy . This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
 

View this paper at   Google Scholar | DPI Digital Library

XML View     PDF Download

How to Cite this Paper

Abstract :
Software-Defined Networks (SDN) have gained a great interest among both academic and industry professionals. As this direction has not yet reached maturity, there is still a lot of research needed to help make it a dominant industrial technology choice. This paper presents the current status and identifies the future trends of SDN networks. Several SDN network topologies are implemented using Mininet and various benchmarking tools are applied for performance evaluation. Simulation results show that the global view of the SDN controller greatly enhances network performance at heavy network traffic loads and allows for efficient load balancing. On the other hand, the SDN controller represents a single point of attack vulnerability that requires special security precautions against DoS and DDoS attacks.

Key-Words / Index Term :
Software-Defined Networks; Open flow; Network Management

References :
[1] Diego Kreutz, Fernando M. V. Ramos, Paulo Esteves Ver?´ssimo, Christian Esteve Rothenberg, Siamak Azodolmolky and Steve Uhlig, “Software-Defined Networking: A Comprehensive Survey,” Proceedings of the IEEE | Vol. 103, No. 1, January 2015.
[2] R. Barrett, S. Haar, and R. Whitestone, ‘‘Routing snafu causes internet outage,’’ Interactive Week, vol. 25, 1997.
[3] K. Butler, T. Farley, P. McDaniel, and J. Rexford, ‘‘A survey of BGP security issues and solutions,’’ Proc. IEEE, vol. 98, no. 1, pp. 100–122, Jan. 2010.
[4] N. Mckeown, ‘‘How SDN will shape networking,’’ Oct. 2011. [Online]. Available: http://www.youtube.com/watch?v=c9-K5O_qYgA.
[5] S. Schenker, ‘‘The future of networking, the past of protocols,’’ Oct. 2011. [Online]. Available: http://www.youtube.com/watch?v=YHeyuD89n1Y.
[6] T. Koponen et al., ‘‘Onix: A distributed control platform for large-scale production networks,’’ in Proc. 9th USENIX Conf. Oper.Syst. Design Implement., 2010, pp. 1–6.
[7] N. McKeown et al., ‘‘OpenFlow: Enabling innovation in campus networks,’’ SIGCOMM Comput. Commun. Rev., vol. 38, no. 2, pp. 69–74, Mar. 2008.
[8] Open Networking Foundation (ONF), 2014. [Online]. Available: https://www.opennetworking.org/
[9] VMware, Inc., NSX Virtualization Platform, 2013. [Online]. Available: https://www.vmware.com/products/nsx/.
[10] P. Newman, G. Minshall, and T. L. Lyon, ‘‘IP switchingVATM under IP,’’ IEEE/ACM Trans. Netw., vol. 6, no. 2, pp. 117–129, Apr. 1998.
[11] N. Gude et al., ‘‘NOX: Towards an operating system for networks,’’ Comput. Commun.Rev., vol. 38, no. 3, pp. 105–110, 2008.
[12] H. Jamjoom, D. Williams, and U. Sharma, ‘‘Don’t call them middle-boxes, call them middlepipes,’’ in Proc. 3rd Workshop Hot Topics Softw. Defined Netw., 2014, pp. 19–24.
[13] T. D. Nadeau and K. Gray, SDN: Software Defined Networks, 1st ed. Sebastopol, CA, USA: O’Reilly Media, 2013.
[14] S. Ghorbani and B. Godfrey, ‘‘Towards correct network virtualization,’’ in Proc. 3rd Workshop Hot Topics Softw. Defined Netw., 2014, pp. 109–114.
[15] M. Casado, N. Foster, and A. Guha, ‘‘Abstractions for software-defined networks,’’ ACM Commun., vol. 57, no. 10, pp. 86–95, Sep. 2014.
[16] OpenDaylight, A Linux Foundation Collaborative Project, 2013. [Online]. Available: http://www.opendaylight.org.
[17] Juniper Networks, ‘‘Opencontrail,’’ 2013. [Online]. Available: http://opencontrail.org/.
[18] HP, ‘‘SDN controller architecture,’’ Tech. Rep., Sep. 2013.
[19] K. Phemius, M. Bouet, and J. Leguay, ‘‘DISCO: Distributed multi-domain SDN controllers,’’ Aug. 2013. [Online]. Available: http://arxiv.org/abs/1308.6138.
[20] D. Erickson, ‘‘The Beacon OpenFlow controller,’’ in Proc. 2nd ACM SIGCOMM Workshop Hot Topics Softw. Defined Netw., 2013, pp. 13–18.
[21] A. Haggag, “Network Optimization for Improved Performance and Speed for SDN and Security Analysis of SDN Vulnerabilities”, International Journal of Computer Networks and Communications Security, 7, 83–90 July 2019.
[22] T. Koponen et al., ‘‘Network virtualization in multi-tenant datacenters,’’ in Proc. 11th USENIX Symp. Netw. Syst. Design Implement., Apr. 2014, pp. 203–216.
[23] K. Pentikousis, Y. Wang, and W. Hu, ‘‘MobileFlow: Toward software-defined mobile networks,’’ IEEE Commun. Mag., vol. 51, no. 7, pp. 44–53, Jul. 2013.
[24] J. Reich, C. Monsanto, N. Foster, J. Rexford, and D. Walker, ‘‘Modular SDN programming with pyretic,’’ USENIX Mag., vol. 38, no. 5, Oct. 2013.
[25] S. Gutz, A. Story, C. Schlesinger, and N. Foster, ‘‘Splendid isolation: A slice abstraction for software-defined networks,’’ in Proc. 1st Workshop Hot Topics Softw. Defined Netw., 2012, pp. 79–84.
[26] N. Handigol, B. Heller, V. Jeyakumar, D. Mazie´res, and N. McKeown, ‘‘Where is the debugger for my software-defined network?’’ in Proc. 1st Workshop Hot Topics Softw. Defined Netw., 2012, pp. 55–60.
[27] A. Wundsam, D. Levin, S. Seetharaman, and A. Feldmann, ‘‘OFRewind: Enabling record and replay troubleshooting for networks,’’ in Proc. USENIX Conf. USENIX Annu. Tech. Conf., 2011, p. 29.
[28] M. Canini, D. Venzano, P. Peres??´ni, D. Kostic´, and J. Rexford, ‘‘A NICE way to test OpenFlow applications,’’ in Proc. 9th USENIX Conf. Netw. Syst. Design Implement., Apr. 2012, pp. 127–140.
[29] C. Rotsos, N. Sarrar, S. Uhlig, R. Sherwood, and A. W. Moore, ‘‘OFLOPS: An open framework for OpenFlow switch evaluation,’’ in Proc. 13th Int. Conf. Passive Active Meas., 2012, pp. 85–95.
[30] E. Al-Shaer and S. Al-Haj, ‘‘FlowChecker: Configuration analysis and verification of federated OpenFlow infrastructures,’’ in Proc. 3rd ACM Workshop Assurable Usable Security Config., 2010, pp. 37–44.
[31] A. Khurshid, W. Zhou, M. Caesar, and P. B. Godfrey, ‘‘VeriFlow: Verifying network-wide invariants in real time,’’ in Proc. 1st Workshop Hot Topics Softw. Defined Netw., 2012, pp. 49–54.
[32] M. Kuzniar, M. Canini, and D. Kostic, ‘‘OFTEN testing OpenFlow networks,’’ in Proc. 1st Eur. Workshop Softw. Defined Netw., 2012, pp. 54–60.
[33] G. Altekar and I. Stoica, ‘‘Focus replay debugging effort on the control plane,’’ Electr. Eng. Comput. Sci., Univ. California Berkeley, Berkeley, CA, USA, Tech. Rep., May 2010.
[34] N. Ruchansky and D. Proserpio, ‘‘A (not) nice way to verify the OpenFlow switch specification: Formal modelling of the OpenFlow switch using alloy,’’ in Proc. ACM SIGCOMM Conf., 2013, pp. 527–528.
[35] H. Zeng et al., ‘‘Libra: Divide and conquer to verify forwarding tables in huge networks,’’ in Proc. 11th USENIX Symp. Netw. Syst. Design Implement., Apr. 2014, pp. 87–99.
[36] B. Lantz, B. Heller, and N. McKeown, ‘‘A network in a laptop: Rapid prototyping for software-defined networks,’’ in Proc. 9th ACM SIGCOMM Workshop Hot Topics Netw., 2010, pp. 19:1–19:6.
[37] S. Azodolmolky, P. Wieder, and R. Yahyapour, ‘‘Performance evaluation of a scalable software-defined networking deployment,’’ in Proc. 2nd Eur. Workshop Softw. Defined Netw., Oct. 2013, pp. 68–74.
[38] M. Desai and T. Nandagopal, ‘‘Coping with link failures in centralized control plane architectures,’’ in Proc. 2nd Int. Conf. Commun. Syst. Netw., 2010, DOI: 10.1109/ COMSNETS.2010.5431977.
[39] A. R. Curtis et al., ‘‘DevoFlow: Scaling flow management for high-performance networks,’’ Comput. Commun. Rev., vol. 41, no. 4, pp. 254–265, Aug. 2011.
[40] J. C. Mogul and P. Congdon, ‘‘Hey, you darned counters! Get off my asic!’’ in Proc. 1st Workshop Hot Topics Softw. Defined Netw., 2012, pp. 25–30.
[41] A. Tootoonchian, S. Gorbunov, Y. Ganjali, M. Casado, and R. Sherwood, ‘‘On controller performance in software-defined networks,’’ in Proc. 2nd USENIX Conf. Hot Topics Manage. Internet Cloud Enterprise Netw. Services, 2012, p. 10.
[42] Z. Cai, A. L. Cox, and T. S. E. Ng, ‘‘Maestro: A system for scalable OpenFlow control,’’ Rice Univ., Houston, TX, USA, Tech. Rep., 2011.
[43] S. Hassas Yeganeh and Y. Ganjali, ‘‘Kandoo: A framework for efficient and scalable offloading of control applications,’’ in Proc. 1st Workshop Hot Topics Softw. Defined Netw., 2012, pp. 19–24.
[44] A. Voellmy, J. Wang, Y. R. Yang, B. Ford, and P. Hudak, ‘‘Maple: Simplifying SDN programming using algorithmic policies,’’ in Proc. ACM SIGCOMM Conf., 2013, pp. 87–98.
[45] M. Yu, J. Rexford, M. J. Freedman, and J. Wang, ‘‘Scalable flow-based networking with difane,’’ SIGCOMM Comput. Commun. Rev., vol. 40, no. 4, pp. 351–362, Aug. 2010.
[46] M. Kobayashi et al., ‘‘Maturing of OpenFlow and software-defined networking through deployments,’’ Comput. Netw., vol. 61, Special Issue on Future Internet TestbedsVPart I, pp. 151–175, 2014.
[47] M. Jarschel et al., ‘‘Modeling and performance evaluation of an OpenFlow architecture,’’ in Proc. 23rd Int. Teletraffic Congr., Sep. 2011, pp. 1–7.
[48] Intel Corporation, ‘‘Intel data plane development kit,’’ 2014. [Online]. Available: http://www.intel.com/content/dam/www/ public/us/en/documents/guides/intel-dpdkgetting-started-guide.pdf.
[49] J. Hwang, K. K. Ramakrishnan, and T. Wood, ‘‘NetVM: High performance and flexible networking using virtualization on commodity platforms,’’ in Proc. 11th USENIX Symp. Netw. Syst. Design Implement., Apr. 2014, pp. 445–458.
[50] Y. Dong, Z. Yu, and G. Rose, ‘‘SR-IOV networking in Xen: Architecture, design and implementation,’’ in Proc. 1st Conf. I/O Virtualization, 2008, p. 10.
[51] S. Sorensen, ‘‘Security implications of software-defined networks,’’ Fierce Telecom, 2012. [Online]. Available: http://www.fiercetelecom.com/story/securityimplications-software-defined-networks/2012-05-14.
[52] S. M. Kerner, ‘‘Is SDN secure?’’ Enterprise Networking Planet, Mar. 2013. [Online]. Available: http://www.enterprisenetworkingplanet.com/netsecur/is-sdn-secure.html.
[53] R. Kloti, ‘‘OpenFlow: A security analysis,’’ M.S. thesis, Dept. Inf. Tech. Elec. Eng., Swiss Fed. Inst. Technol. Zurich (ETH), Zurich, Switzerland, 2013.
[54] S. Shin and G. Gu, ‘‘Attacking software-defined networks: A first feasibility study,’’ in Proc. 2nd Workshop Hot Topics Softw. Defined Netw., 2013, pp. 1–2.
[55] K. Benton, L. J. Camp, and C. Small, ‘‘OpenFlow vulnerability assessment,’’ in Proc. 2nd ACM SIGCOMM Workshop Hot Topics Softw. Defined Netw., 2013, pp. 151–152.
[56] S. Shin et al., ‘‘Rosemary: A robust, secure, high-performance network operating system,’’ in Proc. 21st ACM Conf. Comput. Commun. Security, Scottsdale, AZ, USA, Nov. 2014, pp. 78–89.
[57] M. Caesar et al., ‘‘Design and implementation of a routing control platform,’’ in Proc. 2nd Conf. Symp. Netw. Syst. Design Implement., 2005, vol. 2, pp. 15–28.
[58] S. Racherla et al., Implementing IBM Software Defined Network for Virtual Environments. Durham, NC, USA: IBM RedBooks, May 2014.
[59] C. Li et al., ‘‘Software defined environments: An introduction,’’ IBM J. Res. Develop., vol. 58, no. 2, pp. 1–11, Mar. 2014.
[60] W. Arnold et al., ‘‘Workload orchestration and optimization for software defined environments,’’ IBM J. Res. Develop., vol. 58, no. 2, pp. 1–12, Mar. 2014.
[61] C. Dixon et al., ‘‘Software defined networking to support the software defined environment,’’ IBM J. Res. Develop., vol. 58, no. 2, pp. 1–14, Mar. 2014.
[62] IBM Systems and Technology Group, ‘‘IBM software defined network for virtual environments,’’ IBM Corporation, Tech. Rep., Jan. 2014.
[63] A. Alba et al., ‘‘Efficient and agile storage management in software defined environments,’’ IBM J. Res. Develop., vol. 58, no. 2, pp. 1–12, Mar. 2014.
[64] IBM Systems, ‘‘Manage all workloads with an efficient, scalable software defined environment (SDE),’’ 2014. [Online]. Available: http://www-03.ibm.com/systems/infrastructure/us/en/software-definedenvironment/
[65] A. Haggag, “Network Optimization for Improved Performance and Speed for SDN and Security Analysis of SDN Vulnerabilities,” International Journal of Computer Networks and Communications Security 7(5):83-90, May 2019.
[66] A. Haggag, “Benchmarking and Performance Analysis of Software Defined Networking Controllers in Normal and Failsafe Operations using Multiple Redundant Controllers,” Turkish Journal of Computer and Mathematics Education (TURCOMAT) 12(13):5192-5202, 2021.
[67] P. Kumari, D. Thakur “Load Balancing in Software Defined Network,” International Journal of Computer Sciences and Engineering, vol. 5, issue-12, pp. 227-232, Dec. 2017.
[68] Deepak Singh Rana, Shiv Ashish Dhondiyal, Sushil Kumar Chamoli, “Software Defined Networking (SDN) Challenges, issues and Solution,” International Journal of Computer Sciences and Engineering, vol. 7, issue-1, pp. 882-889, Jan. 2019.