• Title/Summary/Keyword: TCP/IP Layer

Search Result 74, Processing Time 0.023 seconds

Deployment and Performance Analysis of Nation-wide OpenFlow Networks over KREONET (KREONET 기반의 광역 규모 오픈플로우 네트워크 구축 및 성능 분석)

  • Hong, Won-Taek;Kong, Jong-Uk;Chung, Jin-Wook
    • The KIPS Transactions:PartC
    • /
    • v.18C no.6
    • /
    • pp.423-432
    • /
    • 2011
  • Recently, OpenFlow has been paid attention to as a fundamental technology which provides a function of virtualization and programmability in network. In Korea, deployment of OpenFlow networks in campuses and the interconnection between them through tunneling in layer 3 has been performed. However, the performance of the interconnected networks is decreased due to delay in IP layer. In this paper, we design and deploy nation-wide, not local, OpenFlow networks in a pure layer 2 environment over KREONET. After that, we do end-to-end Round-trip Time measurements and TCP/UDP performance tests in OpenFlow and normal networks, and do comparison and analysis on the test results. The results show that the nation-wide OpenFlow networks provide equal performance to normal networks except for the initial packet loss for UDP streaming. In regards to the performance decrease due to early UDP packet loss, we can mitigate it by implementing exceptional procedures in a controller which deal with the same continuous "Packet_in" events.

Performance Evaluation on SCTP multi-homing Feature (SCTP의 멀티호밍 특성에 대한 성능 평가)

  • Song, Jeong-Hwa;Lee, Mee-Jeong;Koh, Seok-Joo
    • The KIPS Transactions:PartC
    • /
    • v.11C no.2
    • /
    • pp.245-252
    • /
    • 2004
  • Stream Control Transmission Protocol(SCTP) is a new connection-oriented, reliable delivery transport protocol operating on top of an unreliable connectionless packet service such as IP. It inherits many of the functions developed for TCP, including flow control and packet loss recovery functions. In addition, it also supports transport layer multihoming and multistreaming In this paper, we study the impact of multi-homing on the performance of SCTP. We first compare performance of single-homed SCTP. multi-homed SCTP, TCP Reno and TCP SACK. We, then describe potential flaw in the current SCTP retransmission policy, when SCTP host is multihomed. Our Results show that SCTP performs better than TCP Reno and TCP SACK due to several changes from TCP in its congestion control mechanism. In particular. multi-homed SCTP shows the best result among the compared schemes. Through experimentation for multi-homed SCTP, we found that the current SCTP retransmission policy nay deteriorate the perfomance when the retransmission path it worse than the original path. Therefore, the condition of retransmission path is a very important factor In SCTP performance and a proper mechanism would be required to measure the condition of the retransmission path.

Conformance Testing of Multi-protocol IUTs (다중계층 프로토콜의 적합성시험 방안)

  • Park, Yong-Beom;Kim, Myeong-Cheol;Kim, Jang-Gyeong
    • The Transactions of the Korea Information Processing Society
    • /
    • v.6 no.11
    • /
    • pp.3086-3096
    • /
    • 1999
  • To declare conformance of multi-protocol Implementation Under Test(IUT), every layer of the multi-protocol IUT should be tested. According to ISO9646, single-layer test method is applied to testing the highest layer of multi-protocol IUT and single-layer embedded test method is used for the layers by layer all the protocols in a multi-protocol IUT. This paper proposes a new method for testing a multi-protocol IUT. The proposed test method assumes that a multi-protocol IUT is under test and that the interfaces between the layers cannot be controlled or observed by the tester. We apply the proposed test method to TCP/IP and compare the application results with those of the existing test turns out that the proposed test method significantly reduces the number of test cases as well as the number of test events while providing the same test coverage. In addition, the proposed test method shows the capability to locate the layer that is source of failure in testing multi-protocol IUTs.

  • PDF

An Analysis of the Vulnerability of SSL/TLS for Secure Web Services (안전한 웹 서비스를 위한 SSL/TLS 프로토콜 취약성 분석)

  • 조한진;이재광
    • Journal of the Korea Computer Industry Society
    • /
    • v.2 no.10
    • /
    • pp.1269-1284
    • /
    • 2001
  • The Secure Sockets Layer is a protocol for encryption TCP/IP traffic that provides confidentiality, authentication and data integrity. Also the SSL is intended to provide the widely applicable connection-oriented mechanism which is applicable for various application-layer, for Internet client/server communication security. SSL, designed by Netscape is supported by all clients' browsers and server supporting security services. Now the version of SSL is 3.0. The first official TLS vl.0 specification was released by IETF Transport Layer Security working group in January 1999. As the version of SSL has had upgraded, a lot of vulnerabilities were revealed. SSL and TLS generate the private key with parameters exchange method in handshake protocol, a lot of attacks may be caused on this exchange mechanism, also the same thing may be come about in record protocol. In this paper, we analyze SSL protocol, compare the difference between TLS and SSL protocol, and suggest what developers should pay attention to implementation.

  • PDF

A Distributed Layer 7 Server Load Balancing (분산형 레이어 7 서버 부하 분산)

  • Kwon, Hui-Ung;Kwak, Hu-Keun;Chung, Kyu-Sik
    • The KIPS Transactions:PartA
    • /
    • v.15A no.4
    • /
    • pp.199-210
    • /
    • 2008
  • A Clustering based wireless internet proxy server needs a layer-7 load balancer with URL hashing methods to reduce the total storage space for servers. Layer-4 load balancer located in front of server cluster is to distribute client requests to the servers with the same contents at transport layer, such as TCP or UDP, without looking at the content of the request. Layer-7 load balancer located in front of server cluster is to parse client requests in application layer and distribute them to servers based on different types of request contents. Layer 7 load balancer allows servers to have different contents in an exclusive way so that it can minimize the total storage space for servers and improve overall cluster performance. However, its scalability is limited due to the high overhead of parsing requests in application layer as different from layer-4 load balancer. In order to overcome its scalability limitation, in this paper, we propose a distributed layer-7 load balancer by replacing a single layer-7 load balancer in the conventional scheme by a single layer-4 load balancer located in front of server cluster and a set of layer-7 load balancers located at server cluster. In a clustering based wireless internet proxy server, we implemented the conventional scheme by using KTCPVS(Kernel TCP Virtual Server), a linux based layer-7 load balancer. Also, we implemented the proposed scheme by using IPVS(IP Virtual Server), a linux-based layer-4 load balancer, installing KTCPVS in each server, and making them work together. We performed experiments using 16 PCs. Experimental results show scalability and high performance of the proposed scheme, as the number of servers grows, compared to the conventional scheme.

An End to End Security in the WAP environment : TLS(Transport Layer Security)-Plus Protocol (WAP환경에서 안전한 종단간 보안을 제공하는 TLS(Transport Layer Security)-Plus 프로토콜)

  • 최진규;이헌길
    • Proceedings of the Korean Information Science Society Conference
    • /
    • 2002.04a
    • /
    • pp.811-813
    • /
    • 2002
  • WAP은 WAP Forum에서 제정한 무선 환경에서의 데이터 통신을 위한 표준 프로토콜이다. WAP에서는 보안 통신을 위한 프로토콜로서 WTLS(Wireless Transport Layer Security)를 제안하고 있다. 이것은 TCP/IP 상의 TLS(Transport Layer Security)를 바탕으로 무선 환경에 맞게 최적화한 것이다. 그러나, WAP은 기본적으로 게이트웨이 모델에 따른 프로토콜이라는 점과 무선 구간에서의 전송 효율을 높이기 위한 인코딩 기능 때문에 게이트웨이에서 클라이언트와 서버 사이에 교환되는 정보가 노출되는 이른바 종단간의 보안 (End-to-End Security)문제가 존재한다. 이러한 이유로 유선에서와는 달리 안전한 종단간 보안을 제공하지 못하고 있다. 이에 본 논문에서는 기존 TLS와 WTLS를 합친 새로운 TLS(Transport Layer Security)-Plus 프로토콜을 제안하여 무선 환경에서 무선 단말기에 부담을 주지 않는 안전한 종단간 보안을 제공하려고 한다.

  • PDF

Cross-layer Optimized Vertical Handover Schemes between Mobile WiMAX and 3G Networks

  • Jo, Jae-Ho;Cho, Jin-Sung
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.2 no.4
    • /
    • pp.171-183
    • /
    • 2008
  • Nowadays, wireless packet data services are provided over Wireless MAN (WMAN) at a high data service rate, while 3G cellular networks provide wide-area coverage at a low data service rate. The integration of mobile WiMAX and 3G networks is essential, to serve users requiring both high-speed wireless access as well as wide-area connectivity. In this paper, we propose a cross-layer optimization scheme for a vertical handover between mobile WiMAX and 3G cellular networks. More specifically, L2 (layer 2) and L3 (layer 3) signaling messages for a vertical handover are analyzed and reordered/combined, to optimize the handover procedure. Extensive simulations using ns-2 demonstrate that the proposed scheme enhances the performance of a vertical handover between mobile WiMAX and 3G networks: low handover latency, high TCP throughput, and low UDP packet loss ratio.

A Study on the Hierarchical Real-time Operation Control and Monitoring for an Flexible Manufacturing System (유연생산시스템의 계층구조적 실시간 운용제어 및 모니터링에 관한 연구)

  • Kim, Jong-Won
    • Journal of the Korean Society for Precision Engineering
    • /
    • v.9 no.4
    • /
    • pp.36-43
    • /
    • 1992
  • This paper presents a hierarchical real-time operation control and monitoring scheme of the FMS/CIM center which has been implemented at the Automation and Systems Research Institute of Seoul National University. The hierarchical structure of the whole scheme consists of three lavers. The upper layer is in charge of on-line scheduling, computer network control, shop-floor monitoring and command generation for AGV dispatching, machining, assembly, inspection, set-up, etc. The middle layer has six modules, which are installed in the FMS host computer with the upper layer and run on the multi-tasking basis. Each module is connected to one of six cell controllers distributed in the FMS model plant and transfers operation command down to each cell controller through the Ethernet/TCP-IP local area network. The lower layer is comprised of six cell control software modules for machining cell, assembly cell, inspection cell, set-up stations. AS/RS and AGV. Each cell controller reports the status of the manufacturing facilites to the middle layer as well as ecxecuting the appropriate sequence control of the manufacturing processes.

  • PDF

Implementation and Performance Evaluation of Software Distributed Shared Memory for SMP Clusters (SMP 클러스터를 위한 소프트웨어 분산 공유메모리의 구현 및 성능 측정)

  • 이동현;이상권;박소연;맹승렬
    • Journal of KIISE:Computer Systems and Theory
    • /
    • v.30 no.7_8
    • /
    • pp.331-340
    • /
    • 2003
  • Low-cost commodity SMP(Symmetric Multiprocessor) is widely used as a node of cluster system. In this paper, we implement and evaluate the performance of SDSM system for SMP clusters. Our SDSM system provides HLRC(Home-based Lazy Release Consistency) memory consistency model. Our protocol utilize shared memory within same SMP node, so that page fetch and message passing through network can be reduced. It is implemented on 8 node of 2-way Pentium-III SMP interconnected with 100Mbps Fast Ethernet, and uses TCP/IP for transport/network layer protocol. The experiment with eight applications shows that our SMP protocol achieves maximum 33% speedup improvement and 13%-52% reduction of page fetch compared with uniprocessor protocol.

Development of DC MOTOR Remote Control System using Ethernet (Ethernet을 이용한 DC MOTOR 윈격 제어시스템 개발)

  • Lee, Jea-Ho;Kim, Yi-Cheal;Jung, Joon-Houng;Park, Ki-Heun
    • Proceedings of the KIEE Conference
    • /
    • 2003.11c
    • /
    • pp.437-440
    • /
    • 2003
  • Recently, the study on the design of NCS(Network Control System) using Ethernet is being rapidly progressed. NCS can be extensively applied in manufacturing automation, office automation, home automation, remote control and ect. A merit of NCS on based Ethernet is to make good use of advanced Internet environment and to apply a application of abundant TCP/IP upper layer to NCS. The purpose of this paper is to control a speed of DC-motor using NCS on based Ethernet. The control system is divided into a server part and a client part. A server transfers a value of reference speed of a DC-motor. A client receives a output signal of DC-motor and a reference input obtained from the server. A client computes a error of two signals and then makes a control input. The control input is transferred to a actuator In this pater, A controller uses a classical control using a general feedback. In this paper, a viewpoint is to compare performance of NCS with performance of a classical control and to analyze the cause of that.

  • PDF