The Internet traffic size is increasing dramatically, as shown by studies in AKARI project; that the traffic size increases by factor of 1.7 every year. Thus, causing the content serves to overload. Manny efforts were put to solve the server overloading problem; among them the concept of Content Delivery Network (CDN), which was introduced to provide high availability of the contents, and solve the previously mentioned problem by supporting multiple replica servers to serve the same contents. And to enable the CDN many technologies were introduced like, the concept of using DNS resolutions to point to different replica content servers, other way was to use routing based method as in the anycasting to deliver traffic to different replica servers, other way was to construct an overlay delivery network as in the P2P networks to help the server in providing service. However, each of those technologies had some advantages and disadvantages, for example; overlay solutions induced an increase in inter-network connections, because it lacked knowledge of the undelaying network. While, the DNS and routing based solutions lacked the ability to rapidly change the server information due to their stability constraints and delays.
And thus, this study tries to approach the server-overloading problem using SDN, since it provides more flexibility, and deeper ability to control and manipulate traffic. In this study, Content Anycasting was proposed to be built on SDN, to achieve; traffic locality and thus reducing inter-network connections, fine granularity for more accurate redirection, rapid updating to cope demands of some applications, while protecting vital network topology information, enable a server driven CDN for a more server friendly service, and provides the strength of managing and carrying out redirections by the network.
Simulation shows that using content anycasting with only a single content server; load can be reduced to 20% (in case that each client is capable of serving 4 other clients) which is the same load using 5 replica content servers in case of using the regular Anycast. Which
availability of the content server, while being able to reduce the number of required replica content server. This was shown by achieving the same load on content server as the regular anycasting while reducing the number of servers by 80%. More over content anycasting showed that it is capable of achieving better CDN traffic locality, shown by reducing the average hop count needed prior getting the content by 74%(in the case studied in this simulation), because it makes use of the network to redirect packets and so helps to redirect requests to a peer/server within the same network rather than randomly choosing peers regardless of their location. Also, content anycasting showed it could achieve better traffic localization and better ability to have rapid update of redirections, by taking the process of querying about content/servers one-step ahead by pre installing redirections on the network rather than having the server to reply to all of the queries. Thus, it improves the availability of the server in many cases and especially in case of flash crowds.
This makes the proposed Content Anycasting a suitable solution to be adopted by content delivery applications that require such flexibility as in the Video on Demand (VoD), IPTV, large file distribution network, Content Centric Network over IP, and many other applications; that can make Content Anycasting to support more clients in a network friendly and accurate manner.
Even though, SDN can provide attractive solution for network management and for some applications; it also comes with some cost. For example, there is a probability that the controller would be a source of bottleneck in the whole system. This can be confirmed by, Michael Jarschel et al. who concluded in his study titled “Modelling and performance evaluation of an OpenFlow architecture” that “When using OpenFlow in high speed networks with 10 Gbps links, today’s controller implementations are not able to handle the huge number of new flows.”. Moreover, the controller might be assigned more tasks if it has to debug or check to protect the network against malicious flow installations. Also, the controller can be under more burdens if the network has to support some service that produces a huge number of flows like P2PTV or content anycasting. For example, some statistics
showed that PPTV – a popular P2PTV application – have 34 million unique daily visitors.
Knowing the flow table size on the network equipment (router/switch) is also a limited resource.
Therefore,, this study proposed a new method for installing flows, that is, the
“network equipment-to-equipment flow installation” method. Through using this method, the controller does not have to program (install) flows to each one of network equipment one by one; instead it can ask the equipment to spread this flow to other equipment on behalf of the controller, this can be useful in cases where the controller needs to program non critical-start up time flows. And thus relieving some load off the controller. Also, the network equipment-to-equipment flow installation method can be used to make the SDN network more self-aware by having the network equipment cooperate and carry loads for each other upon the need and traffic situation by having the overloaded equipment delegating some of its flows to another network equipment. Thus enabling the network to react in cases of having an overloaded equipment without the intervention of the controller, which can be very useful in cases where the controller is also overloaded.
Simulation shows that the flow table size kept on increasing for the case of regular SDN; all of the routers with high installation focus the flow table size increased over 20 after 200 simulation cycles and kept on increasing. While for the case of the enhanced SDN, the flow table size of the routers under focus of high installation rate managed to keep their flow table size below 12 over the whole period of simulation. It should be mentioned here, that the flow table size shown here (e.g. over 20 and kept increasing for case of regular SDN, and below 12 in case of enhanced SDN) are specific for the cases of simulation run to assess this study, however those values and specially that of the case of the enhanced SDN depends on threshold values, and thus the flow table size can be made to meet the requirements of any network.
Moreover, this study proposed security methods for the proposed hybrid control model
goes along the well-known fact that all computer systems must be designed in a way that enforces security, and also goes along the already secure centralized SDN control. However, the proposed security mechanisms are specially designed to support the distributed control behaviour of the proposed hybrid control model of SDN. By enabling a secure distributed-based cooperation of the network equipment and flow delegation and transfer of flows. The proposed security methods were designed to withstand realistic threats, while still being able to achieve the timeliness required for the operation of SDN networks.
In order to achieve the desired security for the hybrid control, this study shows the designed security methods and algorithms. Where the proposed methods require; according to its design, a centralized trust manager to distribute a list of trusted equipment along with their public keys. In addition to the centralized trust manager, the network equipment must be able to perform digital signature, signature verification, and reporting any threat warnings to the trust manager, through implementing the proposed security methods. In more details, the proposed security methods provides the network equipment with the ability to assure that the genuine e-e request did traverse a trusted path. Moreover, the proposed security methods, enables securing the rest of the distributed behaviour of the hybrid control model; thanks to which, the originator of the distributed request (e-e request), upon receiving a reply can make sure that it came from an authentic equipment, that equipment did receive the original genuine request, and acknowledge positively or negatively to the received reply. Thus, by following the previous methodology, it is possible to secure the distributed control of the hybrid control model of SDNs, thus enjoying the benefits of the hybrid control without jeopardizing the whole network
The proposed hybrid SDN control, and its security methods, aims to provide future SDN networks with enhanced abilities to overcome cases of controller and equipment overloading in a way that is not supported by the current design of SDN’s control model. In addition to ensuring a secure and timely operation that goes along with the secure design of the current control model of SDN’s. And thus, enabling SDN network to have more abilities
to survive realistic network implementation conditions, threats, and loads. This effort is done as a step forward to support wider adoption of SDNs.
References
[1] M. Hirabaru, M. Inoue, H. Harai and e. al, “New Generation Network Architecture AKARI Conceptual Design (ver1.1). AKARI Arechitecture Design Project.,” October 2008. [Online]. Available: http://akari-project.nict.go.jp/eng/concept-design/AKARI_fulltext_e_translated_version_1_1.pdf.
[2] C. Hedrick, “RFC 1058: The Routing Information Protocol (RIP),” Internet Engineering Task Force (IETF) Request For Comments, 1988.
[3] G. Malkin, “RFC 2453: Rip version 2,” Internet Engineering Task Force (IETF) Request For Comments, 1998.
[4] J. Moy, “RFC 2328: OSPF Version 2,” Internet Engineering Task Force (IETF) Request For Comments, 1998.
[5] D. Oran, “RFC 1142: OSI IS-IS Intra-domain Routing Protocol,” Internet Engineering Task Force (IETF) Request For Comments, 1990.
[6] Y. Rekhter, T. Li and S. Hares, “RFC 4271: A Border Gateway Protocol 4 (BGP-4),”
Internet Engineering Task Force (IETF) Request For Comments, 2006.
[7] N. McKeown, T. Anderson, H. Balakrishnan, G. Parulkar, L. Peterson, J. Rexford, S.
Shenker and J. Turner, “OpenFlow: enabling innovation in campus networks,” in ACM SIGCOMM Computer Communication Review, 2008.
[8] A. Passarella, “A survey on content-centric technologies for the current Internet: CDN and P2P solutions,” Computer Communications, vol. 35, no. 1, pp. 1-32, 2012.
[9] J. Cochrane, W. Falconer, V. Mummert and W. Strich, “Latest network trends,”
Communications Magazine, IEEE, vol. 23, no. 10, pp. 17-31, 1985.
[10] H. Shimonishi and S. Ishii, “Virtualized network infrastructure using OpenFlow,” in Network Operations and Management Symposium Workshops (NOMS Wksps), 2010 IEEE/IFIP, 2010.
[11] R. Braga, E. Mota and A. Passito, “Lightweight DDoS flooding attack detection using NOX/OpenFlow,” in Local Computer Networks (LCN), 2010 IEEE 35th Conference on, 2010.
[12] P. Pisa, N. Fernandes, H. Carvalho, M. Moreira, M. Campista, L. Costa and O. Duarte,
“Openflow and Xen-based virtual network migration,” Communications: Wireless in Developing Countries and Networks of the Future, pp. 170-181, 2010.
[13] P. Dely, A. Kassler and N. Bayer, “Openflow for wireless mesh networks,” in Computer Communications and Networks (ICCCN), 2011 Proceedings of 20th International Conference on, 2011.
[14] G. Huang, C. Chuah, S. Raza and S. Seetharaman, “Dynamic measurement-aware routing in practice,” Network, IEEE, Vols. 25,3, 29-34.
[15] B. Sonkoly, A. Gulyas, F. Nemeth, J. Czentye, K. Kurucz, B. Novak and G. Vaszkun,
“On QoS Support to Ofelia and OpenFlow,” in Software Defined Networking (EWSDN), 2012 European Workshop on, 2012.
[16] Y. Nakagawa, K. Hyoudou and T. Shimizu, “A management method of IP multicast in overlay networks using openflow,” in Proceedings of the first workshop on Hot topics in software defined networks, 2012.
[17] R. Wang, D. Butnariu and J. Rexford, “OpenFlow-based server load balancing gone wild,” in Proceedings of the 11th USENIX conference on Hot topics in management of internet, cloud, and enterprise networks and services, 2011.
[18] G. Wang, T. Ng and A. Shaikh, “Programming your network at run-time for big data applications,” in Proceedings of the first workshop on Hot topics in software defined networks, 2012.
[19] M. Jarschel, S. Oechsner, D. Schlosser, R. Pries, S. Goll and P. Tran-Gia, “Modeling and performance evaluation of an OpenFlow architecture,” in Proceedings of the 23rd International Teletraffic Congress, 2011.
[20] iResearch, “PPTV Ranked No.1 by Daily User Traffic in China Online Video Industry, Driven by Differentiated Content Services,” 28 June 2012. [Online]. Available:
http://english.iresearch.com.cn/news/4262.html.
[21] Open Networking Foundation, “Software-Defined Networking: The New Norm for Networks,” Open Networking Foundation, 2012.
[22] T. A. Limoncelli, “OpenFlow: A Radical New Idea in Networking,” Queue, vol. 10, no.
6, pp. 40-46, 40, 2012.
[23] A. T. Campbell, I. Katzela, K. Miki and J. Vicente, “Open signaling for ATM, internet and mobile networks (OPENSIG'98),” SIGCOMM Comput. Commun. Rev., vol. 29, no.
1, pp. 97-108, 1999.
[24] A. Doria, F. Hellstrand, K. Sundell and T. Worster, “RFC 3292: General Switch Management Protocol (GSMP) V3,” Internet Engineering Task Force (IETF) Request For Comments, 2002.
[25] D. Tennenhouse, J. Smith, W. Sincoskie, D. Wetherall and G. Minden, “A survey of active network research,” Communications Magazine, IEEE, vol. 35, no. 1, pp. 80-86, 1997.
[26] D. Tennenhouse and D. Wetherall, “Towards an active network architecture,” in DARPA Active NEtworks Conference and Exposition, 2002. Proceedings, 2002.
[27] A. Doria, J. Hadi Salim, R. Haas, H. Khosravi, W. Wang, L. Dong, R. Gopal and J.
Halpern, “RFC 5810: Forwarding and Control Element Separation (ForCES) Protocol Specification.,” Internet Engineering Task Force (IETF) Request For Comments, 2010.
[28] A. Greenberg, G. Hjalmtysson, D. A. Maltz, A. Myers, J. Rexford, G. Xie, H. Yan, J.
Zhan and H. Zhang, “A clean slate 4D approach to network control and management,”
SIGCOMM Comput. Commun. Rev., vol. 35, no. 5, pp. 41-54, 2005.
[29] N. Gude, T. Koponen, J. Pettit, B. Pfaff, M. Casado, N. McKeown and S. Shenker,
“NOX: towards an operating system for networks,” SIGCOMM Comput. Commun. Rev., vol. 38, no. 3, pp. 105-110, 2008.
[30] R. Enns, “RFC 4741: NETCONF Configuration Protocol,” Internet Engineering Task Force (IETF) Request For Comments, 2006.
[31] M. Casado, M. J. Freedman, J. Pettit, J. Luo, N. McKeown and S. Shenker, “Ethane:
taking control of the enterprise,” SIGCOMM Comput. Commun. Rev., vol. 37, no. 4, pp.
1-12, 2007.
[32] D. E. Comer and D. L. Stevens, Internetworking with TCP/IP, Vol. III: Client-Server Programming and Applications, Linux/Posix Sockets Version, Prentice Hall, 2000.
[33] B. Alexandros, C. Chuck, D. Fred, R. Michael, S. Sandeep, S. Oliver and S. Walter,
“CDN brokering,” Computer Communications, vol. 25, no. 4, pp. 393 - 402, 2002.
[34] P. Jianping, H. Y.Thomas and L. Bo, “An overview of DNS-based server selections in content distribution networks,” Computer Networks, vol. 43, no. 6, pp. 695 - 711, 2003.
[35] J. Abley and K. Lindqvist, “RFC 4786: Operation of Anycast Services.,” Internet Engineering Task Force (IETF) Request For Comments, 2006.
[36] C. Partridge, T. Mendez and W. Milliken, “RFC 1546: Host anycasting service.,”
Internet Engineering Task Force (IETF) Request For Comments, 1993.
[37] D. McPherson, E. Osterweil, D. Oran and D. Thaler, “Architectural Considerations of IP Anycast,” Internet Engineering Task Force, 2013.
[38] “BitTorrent Protocol Specification v1.0.,” [Online]. Available:
http://wiki.theory.org/BitTorrentSpecification.
[39] J. Pouwelse, P. Garbacki, D. Epema and H. Sips, “The Bittorrent P2P File-Sharing System: Measurements and Analysis,” in Peer-to-Peer Systems IV, vol. 3640, M. a. R. R.
Castro, Ed., Springer Berlin Heidelberg, 2005, pp. 205-216.
[40] G. Neglia, G. Reina, H. Zhang, D. Towsley, A. Venkataramani and J. Danaher,
“Availability in BitTorrent systems,” in INFOCOM 2007. 26th IEEE International Conference on Computer Communications. IEEE, 2007.
[41] “DHT Protocol for BitTorrent,” [Online]. Available:
http://bittorrent.org/beps/bep_0005.html.
[42] H. Balakrishnan, M. F. Kaashoek, D. Karger, R. Morris and I. Stoica, “Looking up data in P2P systems,” Communications of the ACM, vol. 46, no. 2, pp. 43-48, 2003.
[43] V. Aggarwal, A. Feldmann and C. Scheideler, “Can ISPS and P2P Users Cooperate for Improved Performance?,” SIGCOMM Comput. Commun. Rev., vol. 37, no. 3, pp. 29-40, 2007.
[44] V. Aggarwal, O. Akonjang and A. Feldmann, “Improving user and ISP experience through ISP-aided P2P locality,” in INFOCOM Workshops 2008, IEEE, 2008.
[45] R. Alimi, Y. Yang and R. Penno., “ALTO Protocol,” Internet Engineering Task Force (IETF) Request For Comments, 2013.
[46] A. Tootoonchian and Y. Ganjali, “HyperFlow: A distributed control plane for OpenFlow,” in Proceedings of the 2010 internet network management conference on Research on enterprise networking, 2010.
[47] T. Koponen, M. Casado, N. Gude, J. Stribling, L. Poutievski, M. Zhu, R. Ramanathan, Y.
Iwata, H. Inoue, T. Hama and S. Shenker, “Onix: A Distributed Control Platform for Large-scale Production Networks,” in OSDI, 2010.
[48] S. Hassas Yeganeh and Y. Ganjali, “Kandoo: A Framework for Efficient and Scalable Offloading of Control Applications,” in Proceedings of the First Workshop on Hot Topics in Software Defined Networks, HotSDN, Helsinki, Finland, 2012.
[49] D. Levin, A. Wundsam, B. Heller, N. Handigol and A. Feldmann, “Logically Centralized?: State Distribution Trade-offs in Software Defined Networks,” in Proceedings of the First Workshop on Hot Topics in Software Defined Networks, HotSDN '12, Helsinki, Finland, 2012.
[50] M. Yu, J. Rexford, M. J. Freedman and J. Wang, “Scalable flow-based networking with DIFANE,” SIGCOMM Comput. Commun. Rev., vol. 40, no. 4, pp. 351--362, 2010.
[51] A. Curtis, J. Mogul, J. Tourrilhes, P. Yalagandula, P. Sharma and S. Banerjee,
“DevoFlow: scaling flow management for high-performance networks,” in SIGCOMM-Computer Communication Review, 2011.
[52] T. Dierks and E. Rescorla, “rfc5246: The Transport Layer Security (TLS) Protocol Version 1.2,” The Internet Engineering Task Force, 2008.
[53] T. Koponen, M. Chawla, B.-G. Chun, A. Ermolinskiy, K. H. Kim, S. Shenker and I.
Stoica, “A data-oriented (and beyond) network architecture,” in ACM SIGCOMM Computer Communication Review, 2007.
[54] V. Jacobson, D. K. Smetters, J. D. Thornton, M. F. Plass, N. H. Briggs and R. L.
Braynard, “Networking named content,” in Proceedings of the 5th international conference on Emerging networking experiments and technologies, 2009.
[55] A. Tavakoli, M. Casado, T. Koponen and S. Shenker, “Applying NOX to the Datacenter,” in Proc. HotNets (October 2009)2009.
[56] S. Kandula, S. Sengupta, A. Greenberg, P. Patel and R. Chaiken, “The nature of data center traffic: measurements & analysis,” in Proceedings of the 9th ACM SIGCOMM conference on Internet measurement conference, 2009.
[57] OMNeT++, “OMNeT++ Network Simulation Framework. (n.d.),” [Online]. Available:
http://www.omnetpp.org/.
[58] B. Heller, “Openflow switch specification, version 1.0. 0,” 2009.
[59] D. J. Bernstein, N. Duif, T. Lange, P. Schwabe and B.-Y. Yang, “High-speed high-security signatures,” Journal of Cryptographic Engineering, vol. 2, no. 2, pp. 77-89, 2012.
[60] D. J. Bernstein and T. Lange, “eBACS: ECRYPT Benchmarking of Cryptographic Systems.,” [Online]. Available: http://bench.cr.yp.to. [Accessed 10 June 2013].
[61] “OpenSSL,” [Online]. Available: http://www.openssl.org/.
[62] A. Tavakoli, M. Casado, T. Koponen and S. Shenker, “Applying NOX to the Datacenter,” in HotNets, Citeseer, 2009.
[63] M. Kim, H. Kong, S. Hong, S. Chung and J. Hong, “A flow-based method for abnormal network traffic detection,” in Network Operations and Management Symposium, 2004.
NOMS 2004. IEEE/IFIP, 2004.
[64] J. Mogul, J. Tourrilhes, P. Yalagandula, P. Sharma, A. Curtis and S. Banerjee,
“Devoflow: Cost-effective flow management for high performance enterprise networks,”
in Proceedings of the Ninth ACM SIGCOMM Workshop on Hot Topics in Networks, 2010.
[65] J. Song, S. Lee, K. Kang, N. Park, H. Park, S. Yoon, K. Chun, M. Chang, J. Joung and Y.
Kim, “Scalable network architecture for flow-based traffic control,” ETRI journal, vol.
30, no. 2, p. 205, 2008.
[66] W. Kim, P. Sharma, J. Lee, S. Banerjee, J. Tourrilhes, S. Lee and P. Yalagandula,
“Automated and scalable QoS control for network convergence,” in Proc. INM/WREN, 2010.
[67] O. M. Othman and K. Okamura, “Hybrid Control Model for Flow-Based Networks,” in the international conference COMPSAC 2013 - The First IEEE International Workshop on Future Internet Technologies, Kyoto, Japan, 2013.
[68] “OpenFlow Switch Specification, Version 1.1.0,” 2011.
[69] R. Coltun, D. Ferguson and J. Moy, “RFC 5340: OSPF for IPv6,” Internet Engineering Task Force (IETF) Request For Comments, 2008.
[70] R. Callon, “RFC 1195: Use of OSI IS-IS for Routing in TCP/IP and Dual Environments,” Internet Engineering Task Force (IETF) Request For Comments, 1990.
[71] M. I. M. H. H. e. a. Hirabaru. [Online].
Published Papers
(1) Othman Othman M. M. and Koji Okamura, "Wider Adaptation and Enhancement of OpenFlow", Proceedings of the 32nd Asia Pacific Advanced Network (APAN) on Research Network Workshop, pp. 14-25 ISSN: 2227-3026, DOI:
http://dx.doi.org/10.7125/APAN.32.3 . , August 2011.
(2) Othman Othman M. M. and Koji OKAMURA, "Design and Implementation of Content Anycasting", Proceedings of ENSEEIHT - Kyushu University Workshop on Data Mining and Media Processing (EKDM), November 2011.
(3) Othman M. M. OTHMAN and Koji OKAMURA , "On Demand Content Anycasting to Enhance Content Server Using P2P Network", IEICE Transactions on Information and Systems, Vol. E95.D No. 2, pp. 514-522, ISSN: 0916-8532 DOI:10.1587/
transinf.E95.D.514, February 2012.
(4) Othman Othman M. M. and Koji OKAMURA, "Evaluation of OpenFlow’s Enhancements", Proceedings of the 34nd Asia Pacific Advanced Network (APAN) on Research Network Workshop, pp. 1-10 ISSN: 2227-3026, DOI:
http://dx.doi.org/10.7125/APAN.34.1 . , August 2011.
(5) Othman Othman M. M. and Koji OKAMURA, "Localized P2P-Aided Content Distribution Using Content Anycasting", Proceedings of the 2013 International Syposium on Information Science and Electrical Engineering, January 2013.
(6) Othman OTHMAN M. M. and Koji OKAMURA, "Aiding OpenFlow Controller by Enhancing OpenFlow's Control Model, and Behaviour of Flows", In Proceedings of the TERENA 2013 Networking Conference (TNC2013), June 2013.
(7) Othman Othman M. M. and Koji OKAMURA, "Hybrid Control Model for Flow-based Networks", Proceedings of the Computer Software and Applications Conference Workshops (COMPSACW), 2013 IEEE 37th Annual , pp.765,770, 22-26 July 2013 DOI: 10.1109/COMPSACW.2013.13 , July 2013.
(8) Othman Othman M. M. and Koji OKAMURA, "Securing Distributed Control of Software Defined Networks", IJCSNS International Journal of Computer Science and Network Security, VOL.13 No.9 pp. 5-14 , ISSN: 1738-7906 September 2013.
(9) Othman Othman M. M. and Koji OKAMURA, "Enhancing Control Model to Ease off Centralized Control of Flow-based SDNs", Proceedings of The Doctoral Symposium, COMPSAC 2013 international conference, July 2013.