Network Revolution - Software Defined Networking and Network Function Virtualization playing their part in the next Industrial Revolution - Group project sketch

-


Network Revolution - Software Defined Networking and

Network Function Virtualization playing their part in the

next Industrial Revolution

Information Technology started to change with the evolution of the cloud computing which was driven by virtualization in the computing era. The benefits of the cloud computing stand on networking and telecommunication as Software Defined Networks(SDN) and Network Function Virtualization(NFV). Software Defined Networking is basically separating the control functionality from the networking hardware  and leaves the data forwarding plane on the hardware as the data plane. Typically, it is on the separation data and control planes in the networking hardware and the control functionalities are migrated as software functions. Network Function Virtualization(NFV) is about replacing the existing specialized hardware functions with a virtualized function which are written in some programmable language.

       In the current IT community, the software developer and the network engineer are engaging in different technologies and applications. With the new evolution with the SDN and NFV, the command line configurations are going to be replaced with dependence on programming and scripting skills.

      The functionalities in networking devices are implemented with the aged protocols like Border Gateway Protocols(BGP) to do communication. Encapsulation process is run over several network levels and with the layering of abstraction over other abstraction is not fully compatible for the network management, because the traffic patterns are inferred in each layer separately.

       With SDN architecture development, the route control platform concept is revisioned since the central controlling is going to be applied on the network and the controller is going to act as the main controlling point on commanding for the data planes in the hardwares where the data plane is contained.

       The key concepts for the new system were, network routings and the policies in networking. As the outcome of the fundamental concepts, the data plane and the controlling plane are extracted by implementing a govern of a controller for managing the communication between the network devices. It originated for a further development on OpenFlow which was a simple protocol where a controller could be used over a secure channel(Transport Layer Security).

When developing a SDN, it consists of the ability to automatically generate and install corresponding rules on the SDN switches.

        Several SDN controllers, such as NOX, POX, RYU, Beacon and OpenDaylight,etc are released by several foundations and organizations. Also the latest version of the platform is “Hydregon” which is followed on from the first release of OpenDaylight.

        In the telephone network, the communication was done over a physical link and both signalling and bearer channels used the same link as well in this scenario. The voice was equivalent to a data plane in SDn called Inter Machine Trunk(IMT). Service Switching Point(SSP) is an entity in the switches which performs the Signal Transfer Point(STP) which does the processing on calls and acts as routing devices which continues the communication between SSPs, Service Control Points(SCP) and other STPs. so the signalling system is under a control plane while Intelligent Network(IN) is a telephone network.

      NFV and cloud computing is an origine for granting a centralised virtualized infrastructure. SDN and NFV can be operated together although they are not interdependent yet. When extracting these concepts in an existing infrastructure, the concerns for the portability to a new virtualized system are raised, and also the standards of the  virtualized functions which are going to be replaced with the hardware functionalities, integration into overall NFV and its existence with the legacy system, the security and stability as well. With a hardware based network scenario, regular replacements might have to be done due to aging of hardware components and engaging on  proceeds for complicated maintenance. These considerations affect the financial benefits of an organization. 

       With implementing SDN and NFV, the hardware functionalities and the devices are replaced with the software functionalities which can be backed up easily when they are needed and the migration can be done rather than tackling with hardware components. 

Also it reduces the equipment costs and reduces the power consumption due to hardware reduction which are going to be replaced with the software and virtualized functionalities. The scaling up and down can be done as we go. 

The traffic patterns in specified networks can be automated and managed using controllers. Network, compute and hypervisor are the main domains, which are contained in a Network Function Virtualized Infrastructure(NFVI).

      Key considerations and the benefits going to have on developing NFV and SDN are, stability, reliability, availability, interoperability,  testing, maintainability, establishment of NFV ecosystem, performance and security.

SDN and NFV is a key concept for raising the third industrial revolution and the next generation in networking in the future.


SDN on Cloud Computing

Cloud computing environment is functioning on Virtualizing network functions through transport layer for promising the services. With the separation of the control plane and the data plane in network devices, the modules are implemented for transferring packets, with the rules for filtering and forwarding packets with filtering rules for packet filtering and on limiting the rate of the packets in libraries for packet filtering. For having a separated virtual machine from forwarding devices, processes on forwarding and updating are done via all broadband access, wireless access, telephone networks and the switching devices for audio, video, texts and other media.


A network can consist of all kinds of networks including wired and wireless networks with higher generations, media terminals, mobile devices, gateways and switching devices. When dealing with the upcoming applications and the rapid innovations, SDN and NFV are used for cloud networking technology on transport layers to virtualize the functioning of the network towards an open architecture on applications with programming interfaces to reduce the complexity of the services and the operational functions. Diversity and variations of the network traffic and reliability on expectations in networks which were integrated with single functioning methodologies with more hardware in traditional networks were regressed before antenatal of SDN and NFV on networks which is based on software implementation with promising better internet services.


SDN On Layers

Network services and applications would be executed on layer 4 - 7 as virtual machines, hosts, or SDN controllers on the Application layer.

With the separation of the data plane, providing functionalities and the decision making, basically the central controls are done by the control Layer on SDN.

The SDN abstraction layer engages with the standards of the communication of a specified network and APIs between Infrastructure and controller layers, also deals in managing protocols and APIs in other networks.

Infrastructure Layer in SDN might rely on  the vendor and it is seizing in maintaining forwarding tables on devices and data forwarding functions according to the forwarding plans on the devices which are controlled by the centralized controller.


SDN with 5G{a novel QoE-aware SDN-enabled , NFV based management architecture for future multimedia applications on 5G systems}


Management and controlling on the future multimedia applications are done by using SDN and NFV architecture on 5th generation. Improving current systems, Quality of Experience and overcome the drawbacks in 4G are the key points under tackling with the 5G with SDN and NFV. With the expansion of the applications and the growth of the new technologies, end user demands, network traffics and the capability to adapt for the applications dynamically are gulfed with the complexity in 4th generation architecture. With origination of SDN and NFV on 5G, modern architecture is inherited with all the advantages, including cost effectiveness and the effectiveness on adaptability of dynamically changing applications,reducing the latency on applications such as IoT and video streaming, also for the sensitive applications which cost more bandwidth. Solving the challenges for cloud providers and the massive applications is done with 5G, having SDN and NFV implemented, will enhance QoE for suitable networks such as LTE networks, providing better connectivity with enhanced performance in the networks. 5G promises QoE softwarisation with better policies and techniques in SDN and NFV implementing future multimedia.

Security in SDN (OpenFlow Vulnerability Assessment,A Security Assessment Mechanism for Software-Defined Networking-Based Mobile Networks)

Traditional networks are driven towards softwarized scenarios with new implementations with SDN and NFV. With more changes and new technologies, new challenges and new vulnerabilities are occured in the systems.As a step, the connections between controller and forwarding devices are protected with Transport Layer Security(TLS) with public and private keys, which is carried over TCP.


Man-in-the-middle attacks can be happened if insecure protocols are used such as Telnet, SNMPv2. After having credentials for the switches and the components in the network, the attacker can eavesdrop on the media or control the devices on the network. If the unauthenticated connections are configured on the switches using "listener Mode", new rules can be written for the switches and hijacking can be done using external connections and handle the flow of the network, and configure the network devices for more attacks as well. Even with a

tls implemented connection, attacker can perform attacks on controllers where there is no switch authentication implemented. with analysing the behaviour of the packets in the network, attacks can happen. In a fully TLS implemented connection, it provides better security, but the flow tables on switches can be recorded and attacks are performed by detecting mismatches between controller and the network devices. With implementation of SDN and NFV, the centralised control and management is inherited and it leads to Denial of services risks.Vulnerabilities in the controller can be caused for damages in the network. By having better and richer rule design and better security on the controllers, attacks can be prevented.

Group members:

Chandima Jayawickrama - Faculty of Engineering, University of Peradeniya

Deepthi Gunasekara - Faculty of Engineering, University of Peradeniya

Senani Dananjali - Faculty of Engineering, University of Peradeniya

Comments

Post a Comment

Popular posts from this blog

How to push a file into a docker container

-
Let's  see how to push a file into the container from the host.  We are assuming the test.html file is the file we are going to copy into the docker container.  web-application is container docker cp test.html web-application:/folderpath we can verify  after log in to the container. docker exec -it web-application bash And then check in the folder path and you will see the file there copied Sources : https://www.linkedin.com/events/kubernetes-freetechnicalworksho6807993779836985344/
Read more

Docker - Begginer 1

-
Image
Docker What, Docker? Opensource platform tool  Manages the containers Allow to build applications in a container with the libraries, binaried and dependencies run from anywhere Why Docker? portability light weight OS fast delivery(impact of light weight os) Multiple isolated OS Resource optimization Continous development and testing Architecture Docker Client Docker Host  Docker Hub(Registery) Also Docker images , Docker containers , Dcker Network and storages are contains in the architecture. Docker client is used to communicate with Docker hosts using Docker daemon is installed in Docker host. Clients are used to manage the Docker components and operations such as create, delete, pull, push, bulid, run etc. Docker client can connect to the Docker host remotly using REST API, UNIX sockets or using a network interface. Docker hub(Registery) is used to pull and push Docker images There are two types of docker hubs Docker Hub Online/Docker Hub
Read more

Project(on going) - IPv6 Fragmentation

-
An IP Datagram travels over different networks, each of which may have different MTU (Maximum Transmit Unit ) , which is the largest IP datagram that can be carried by a network. MTU - - maximum size of an unit which can be transmitted in a network and it depends on the network and media and how they be allowed to transmitted. also encapsulation....etc. It happens when the MTU values of hosts and routers are different from each other;         When we have two different type of network/media connected with router which have different MTU in such case router broke down packet to appropriate size regarding network/media type payload exceed the Maximum Transmission Unit in the interface. so the payload has to be chopped and put them into IP fragmented packets. they are:     -reassembled at destination     -each fragment is independent datagram        - could be routed in a different direction        - could be delivered out of order        - can be used to bypass IPS       
Read more