Browse > Article
http://dx.doi.org/10.4218/etrij.2018-0565

Toward manageable middleboxes in software-defined networking  

Zadkhosh, Ehsan (Information and Communication Technology Department, Malekashtar University of Technology)
Bahramgiri, Hossein (Information and Communication Technology Department, Malekashtar University of Technology)
Sabaei, Masoud (Department of Computer Engineering and Information Technology, Amirkabir University of Technology)
Publication Information
ETRI Journal / v.42, no.2, 2020 , pp. 186-195 More about this Journal
Abstract
Software-defined networking (SDN) acts as a centralized management unit, especially in a network with devices that operate under the transport layer of the OSI model. However, when a network with layer 7 middleboxes (MBs) is considered, current SDNs exhibit limitations. As such, to achieve a real-centralized management unit, a new architecture is required that decouples the data and control planes of all network devices. In this report, we propose such a complementary architecture to the current SDN in which SDN-enabled MBs are included along with contemporary SDN-enabled switches. The management unit of this architecture improves network performance and reduces routing cost by considering the status of the MBs during flow forwarding. This unit consists of the following two parts: an SDN controller (SDNC) and a middlebox controller (MBC). The latter selects the best MBs for each flow and the former determines the best path according to its routing algorithm and provides information via the MBC. The results show that the proposed architecture improved performance because the utilization of all network devices including MBs is manageable.
Keywords
load-balancing; middlebox; network utilization; software-defined networking;
Citations & Related Records
연도 인용수 순위
  • Reference
1 V. Sekar et al., The middlebox manifesto, in Proc. ACM Workshop Hot Topics Netw., Cambridge, MA, USA, Nov. 2011, pp. 21:1-6.
2 RFC3234, Middleboxes: Taxonomy and issues, 2002.
3 RFC1812, Requirements for IP version 4 routers, 1995.
4 SIGCOMM, ACM SIGCOMM workshop on Hot Topics in Middleboxes and Network function virtualization-HotMiddlebox, 2015, available at http://conferences.sigcomm.org/sigcomm/2015/hotmiddlebox.php.
5 M. Honda et al., Is it still possible to extend TCP?, in Proc. ACM SIGCOMM Conf. Internet Meas. Conf., Berlin, Germany, Nov. 2011, pp. 181-194.
6 ONF, $OpenFlow^{(R)}$ Switch Specification Ver 1.5.1, available at https://www.opennetworking.org/technicalcommunities/areas/specification
7 C. Cui et al., Network functions virtualisation, Course.Ipv6.Club.Tw.
8 M. Casado et al., Ethane, ACM SIGCOMM Comput. Commun. Rev. 37 (2007), no. 4, 1-12.   DOI
9 D.A. Joseph, A. Tavakoli, and I. Stoica, A policy-aware switching layer for data centers, ACM SIGCOMM Comput. Commun. Rev. 38 (2008), no. 4, 51-62.   DOI
10 A. Gember et al., Stratos: A network‐aware orchestration layer for virtual middleboxes in clouds, 2013, arXiv:1305.0209.
11 C. ‐Y. Hong et al., Achieving high utilization with software-driven WAN, in Proc. ACM SIGCOMM 2013 Conf. SIGCOMM, Hong Kong, China, Aug. 2013, pp. 15-26.
12 A. Khurshid et al., Veriflow: Verifying network-wide invariants in real time, ACM SIGCOMM Comput. Commun. Rev. 42 (2012), no. 4, 467-472.   DOI
13 P. Kazemian, G. Varghese, and N. McKeown, Header space analysis: Static checking for networks, in Proc. USENIX Conf. Netw. Syst. Des. Implement, San Jose, CA, USA, Apr. 2012, p. 5.
14 A. Gember, T. Benson, and A. Akella, Challenges in unifying control of middlebox traversals and functionality, in Proc. Large‐Scale Distributed Syst. Middleware (LADIS), Madeira, Portugal, 2012, pp. 1-2.
15 IETF, Service function chaining: Framework & architecture, Internet-Draft, 2014, pp. 1-24.
16 V. Sekar et al., Network‐wide deployment of intrusion detection and prevention systems, in Proc. Int. Conf. (Co-NEXT), Philadelphia, PA, USA, 2010, pp. 18:1-12.
17 Z.A. Qazi et al., SIMPLE‐fying middlebox policy enforcement using SDN, ACM SIGCOMM Comput. Commun. Rev. 43 (2013), no. 4, 27-38.   DOI
18 V. Sekar et al., Design and Implementation of a Consolidated Middlebox Architecture, in Proc. USENIX Conf. Netw. Syst. Des. Implement., San Jose, CA, USA, Apr. 2012, pp. 1-14.
19 S.K. Fayazbakhsh et al., FlowT ags: enforcing network-wide policies in the presence of dynamic middlebox actions, in Proc. ACM SIGCOMM Workshop on Hot topics Softw. Defined Netwo. - HotSDN, Hong Kong China, Aug. 2013, pp. 19-24 .
20 P. Patel et al., Ananta: Cloud scale load balancing, ACM SIGCOMM Comput. Commun. Rev. 43 (2013), no. 4, 207-218.   DOI
21 J. Sherry et al., Making middleboxes someone else's problem, ACM SIGCOMM Comput. Commun. Rev. 42 (2012), no. 4, 13.   DOI
22 W. Ma et al., SDN‐based traffic aware placement of NFV middleboxes, IEEE Trans. Netw. Serv. Manag. 14 (2017), no. 3, 528-542.   DOI
23 E. Kohler et al., The click modular router, ACM Trans. Comput. Syst., 18 (2000), no. 3, 263-297.   DOI
24 IEEE, 802.1D-2004 - IEEE Standard for Local and metropolitan area networks: Media Access Control (MAC) Bridges, 2004.
25 mininet, available at https://github.com/mininet/mininet
26 IETF, Service function chaining problem statement, Internet-Draft, 2015, pp. 1-19.
27 pox, available at https://github.com/noxrepo/pox
28 snort, available at https://www.snort.org/
29 T. Koponen et al., Onix: A distributed control platform for largescale production networks, in Proc. USENIX Symp. Operating Syst. Des. Implement., Vancouver, Canada, Oct. 2010, pp. 1-6.