Software-defined networking

Last updated

Software-defined networking (SDN) is an approach to network management that uses abstraction to enable dynamic and programmatically efficient network configuration to create grouping and segmentation while improving network performance and monitoring in a manner more akin to cloud computing than to traditional network management. [1] SDN is meant to improve the static architecture of traditional networks and may be employed to centralize network intelligence in one network component by disassociating the forwarding process of network packets (data plane) from the routing process (control plane). [2] The control plane consists of one or more controllers, which are considered the brains of the SDN network, where the whole intelligence is incorporated. However, centralization has certain drawbacks related to security, [1] scalability and elasticity. [1] [3]

Contents

SDN was commonly associated with the OpenFlow protocol for remote communication with network plane elements to determine the path of network packets across network switches since OpenFlow's emergence in 2011. However, since 2012, proprietary systems have also used the term. [4] [5] These include Cisco Systems' Open Network Environment and Nicira's network virtualization platform.

SD-WAN applies similar technology to a wide area network (WAN). [6]

History

The history of SDN principles can be traced back to the separation of the control and data plane first used in public switched telephone networks.[ citation needed ] This provided a manner of simplifying provisioning and management years before the architecture was used in data networks.

The Internet Engineering Task Force (IETF) began considering various ways to decouple the control and data forwarding functions in a proposed interface standard published in 2004 named Forwarding and Control Element Separation (ForCES). [7] The ForCES Working Group also proposed a companion SoftRouter architecture. [8] Additional early standards from the IETF that pursued separating control from data include the Linux Netlink as an IP services protocol [9] and a path computation element (PCE)-based architecture. [10]

These early attempts failed to gain traction. One reason is that many in the Internet community viewed separating control from data to be risky, especially given the potential for failure in the control plane. Another reason is that vendors were concerned that creating standard application programming interfaces (APIs) between the control and data planes would result in increased competition.

The use of open-source software in these separated architectures traces its roots to the Ethane project at Stanford's computer science department. Ethane's simple switch design led to the creation of OpenFlow, [11] and an API for OpenFlow was first created in 2008. [12] In that same year, NOX, an operating system for networks, was created. [13]

Several patent applications were filed by independent researchers in 2007 describing practical applications for SDN, [14] operating system for networks, [15] network infrastructure compute units as a multi-core CPU [16] and a method for virtual-network segmentation based on functionality. [17] These applications became public in 2009 and have since been abandoned.

SDN research included emulators such as vSDNEmul, [18] EstiNet, [19] and Mininet. [20]

Work on OpenFlow continued at Stanford, including with the creation of testbeds to evaluate the use of the protocol in a single campus network, as well as across the WAN as a backbone for connecting multiple campuses. [21] In academic settings, there were several research and production networks based on OpenFlow switches from NEC and Hewlett-Packard, as well as those based on Quanta Computer whiteboxes starting in about 2009. [22] [ failed verification ]

Beyond academia, the first deployments were by Nicira in 2010 to control OVS from Onix, codeveloped with NTT and Google. A notable deployment was Google's B4 in 2012. [23] [24] Later, Google announced the first OpenFlow/Onix deployments in is datacenters. [25] Another large deployment exists at China Mobile. [26]

The Open Networking Foundation was founded in 2011 to promote SDN and OpenFlow.

At the 2014 Interop and Tech Field Day, software-defined networking was demonstrated by Avaya using shortest-path bridging (IEEE 802.1aq) and OpenStack as an automated campus, extending automation from the data center to the end device and removing manual provisioning from service delivery. [27] [28]

Concept

SDN architectures decouple network control (control plane) and forwarding (data plane) functions, enabling the network control to become directly programmable and the underlying infrastructure to be abstracted from applications and network services. [29]

The OpenFlow protocol can be used in SDN technologies. The SDN architecture is:

New network architecture

The explosion of mobile devices and content, server virtualization, and the advent of cloud services are among the trends driving the networking industry to re-examine traditional network architectures. [31] Many conventional networks are hierarchical, built with tiers of Ethernet switches arranged in a tree structure. This design made sense when client-server computing was dominant, but such a static architecture may be ill-suited to the dynamic computing and storage needs of today's enterprise data centers, campuses, and carrier environments. [32] Some of the key computing trends driving the need for a new network paradigm include:

Changing traffic patterns
Within the enterprise data center, traffic patterns have changed significantly. In contrast to client-server applications where the bulk of the communication occurs between one client and one server, today's applications access different databases and servers, creating a flurry of east-west machine-to-machine traffic before returning data to the end user device in the classic north-south traffic pattern. At the same time, users are changing network traffic patterns as they push for access to corporate content and applications from any type of device, connecting from anywhere, at any time. Finally, many enterprise data center managers are deploying a utility computing model, which may include a private cloud, public cloud, or some mix of both, resulting in additional traffic across the wide-area network.
The consumerization of IT
Users are increasingly employing mobile personal devices such as smartphones, tablets, and notebooks to access the corporate network. IT is under pressure to accommodate these personal devices in a fine-grained manner while protecting corporate data and intellectual property and meeting compliance mandates.
The rise of cloud services
Enterprises have enthusiastically embraced both public and private cloud services, resulting in unprecedented growth of these services. Many enterprise businesses want the agility to access applications, infrastructure and other IT resources on demand and discretely. IT planning for cloud services must be performed in an environment of increased security, compliance and auditing requirements, along with business reorganizations, consolidations and mergers that can rapidly change assumptions. Providing self-service provisioning, whether in a private or public cloud, requires elastic scaling of computing, storage and network resources, ideally from a common viewpoint and with a common suite of tools.
Big data means more bandwidth
Handling today's big data requires massive parallel processing on thousands of servers, all of which need direct connections to each other. The rise of these large data sets is fueling a constant demand for additional network capacity in the data center. Operators of hyperscale data center networks face the daunting task of scaling the network to previously unimaginable size, maintaining any-to-any connectivity within a limited budget. [33]
Energy use on large datacenters
As Internet of Things, cloud computing and SaaS emerged, the need for larger datacenters has increased the energy consumption of those facilities. Many researchers have improved SDN's energy efficiency applying existing routing techniques to dynamically adjust the network data plane to save energy. [34] Also techniques to improve control plane energy efficiency are being researched. [35]

Architectural components

A high-level overview of the software-defined networking architecture SDN-architecture-overview-transparent.png
A high-level overview of the software-defined networking architecture

The following list defines and explains the architectural components: [36]

SDN Application
SDN Applications are programs that explicitly, directly, and programmatically communicate their network requirements and desired network behavior to the SDN Controller via a northbound interface (NBI). In addition, they may consume an abstracted view of the network for their internal decision-making purposes. An SDN Application consists of one SDN Application Logic and one or more NBI Drivers. SDN Applications may themselves expose another layer of abstracted network control, thus offering one or more higher-level NBIs through respective NBI agents.
SDN Controller
The SDN Controller is a logically centralized entity in charge of (i) translating the requirements from the SDN Application layer down to the SDN Datapaths and (ii) providing the SDN Applications with an abstract view of the network (which may include statistics and events). An SDN Controller consists of one or more NBI Agents, the SDN Control Logic, and the Control to Data-Plane Interface (CDPI) driver. Definition as a logically centralized entity neither prescribes nor precludes implementation details such as the federation of multiple controllers, the hierarchical connection of controllers, communication interfaces between controllers, nor virtualization or slicing of network resources.
SDN Datapath
The SDN Datapath is a logical network device that exposes visibility and uncontested control over its advertised forwarding and data processing capabilities. The logical representation may encompass all or a subset of the physical substrate resources. An SDN Datapath comprises a CDPI agent and a set of one or more traffic forwarding engines and zero or more traffic processing functions. These engines and functions may include simple forwarding between the datapath's external interfaces or internal traffic processing or termination functions. One or more SDN Datapaths may be contained in a single (physical) network element—an integrated physical combination of communications resources, managed as a unit. An SDN Datapath may also be defined across multiple physical network elements. This logical definition neither prescribes nor precludes implementation details such as the logical to physical mapping, management of shared physical resources, virtualization or slicing of the SDN Datapath, interoperability with non-SDN networking, nor the data processing functionality, which can include OSI layer 4-7 functions.
SDN Control to Data-Plane Interface (CDPI)
The SDN CDPI is the interface defined between an SDN Controller and an SDN Datapath, which provides at least (i) programmatic control of all forwarding operations, (ii) capabilities advertisement, (iii) statistics reporting, and (iv) event notification. One value of SDN lies in the expectation that the CDPI is implemented in an open, vendor-neutral and interoperable way.
SDN Northbound Interfaces (NBI)
SDN NBIs are interfaces between SDN Applications and SDN Controllers and typically provide abstract network views and enable direct expression of network behavior and requirements. This may occur at any level of abstraction (latitude) and across different sets of functionality (longitude). One value of SDN lies in the expectation that these interfaces are implemented in an open, vendor-neutral and interoperable way.

SDN Control Plane

Centralized - Hierarchical - Distributed

The implementation of the SDN control plane can follow a centralized, hierarchical, or decentralized design. Initial SDN control plane proposals focused on a centralized solution, where a single control entity has a global view of the network. While this simplifies the implementation of the control logic, it has scalability limitations as the size and dynamics of the network increase. To overcome these limitations, several approaches have been proposed in the literature that fall into two categories, hierarchical and fully distributed approaches. In hierarchical solutions, [37] [38] distributed controllers operate on a partitioned network view, while decisions that require network-wide knowledge are taken by a logically centralized root controller. In distributed approaches, [39] [40] controllers operate on their local view or they may exchange synchronization messages to enhance their knowledge. Distributed solutions are more suitable for supporting adaptive SDN applications.

Controller Placement

A key issue when designing a distributed SDN control plane is to decide on the number and placement of control entities. An important parameter to consider while doing so is the propagation delay between the controllers and the network devices, [41] especially in the context of large networks. Other objectives that have been considered involve control path reliability, [42] fault tolerance, [43] and application requirements. [44]

SDN Data Plane

In SDN, the data plane is responsible for processing data-carrying packets using a set of rules specified by the control plane. The data plane may be implemented in physical hardware switches or in software implementations, such as Open vSwitch. The memory capacity of hardware switches may limit the number of rules that can be stored where as software implementations may have higher capacity. [45]

The location of the SDN data plane and agent can be used to classify SDN implementations:

Flow table entries may be populated in a proactive, reactive, or hybrid fashion. [49] [50] In the proactive mode, the controller populates flow table entries for all possible traffic matches possible for this switch in advance. This mode can be compared with typical routing table entries today, where all static entries are installed ahead of time. Following this, no request is sent to the controller since all incoming flows will find a matching entry. A major advantage in proactive mode is that all packets are forwarded in line rate (considering all flow table entries in TCAM) and no delay is added. In the reactive mode, entries are populated on demand. If a packet arrives without a corresponding match rule in the flow table, the SDN agent sends a request to the controller for further instruction it the reactive mode. The controller examines the SDN agent requests and provides instructions, installing a rule in the flow table for the corresponding packet if necessary. The hybrid mode uses the low-latency proactive forwarding mode for a portion of traffic while relying on the flexibility of reactive mode processing for the remaining traffic.

Applications

SDMN

Software-defined mobile networking (SDMN) [51] [52] is an approach to the design of mobile networks where all protocol-specific features are implemented in software, maximizing the use of generic and commodity hardware and software in both the core network and radio access network. [53] It is proposed as an extension of SDN paradigm to incorporate mobile network specific functionalities. [54] Since 3GPP Rel.14, a Control User Plane Separation was introduced in the Mobile Core Network architectures with the PFCP protocol.

SD-WAN

An SD-WAN is a WAN managed using the principles of software-defined networking. [55] The main driver of SD-WAN is to lower WAN costs using more affordable and commercially available leased lines, as an alternative or partial replacement of more expensive MPLS lines. Control and management is administered separately from the hardware with central controllers allowing for easier configuration and administration. [56]

SD-LAN

An SD-LAN is a Local area network (LAN) built around the principles of software-defined networking, though there are key differences in topology, network security, application visibility and control, management and quality of service. [57] SD-LAN decouples control management, and data planes to enable a policy driven architecture for wired and wireless LANs. SD-LANs are characterized by their use of a cloud management system and wireless connectivity without the presence of a physical controller. [58]

Security using the SDN paradigm

SDN architecture may enable, facilitate or enhance network-related security applications due to the controller's central view of the network, and its capacity to reprogram the data plane at any time. While the security of SDN architecture itself remains an open question that has already been studied a couple of times in the research community, [59] [60] [61] [62] the following paragraphs only focus on the security applications made possible or revisited using SDN.

Several research works on SDN have already investigated security applications built upon the SDN controller, with different aims in mind. Distributed Denial of Service (DDoS) detection and mitigation, [63] [64] as well as botnet [65] and worm propagation, [66] are some concrete use-cases of such applications: basically, the idea consists in periodically collecting network statistics from the forwarding plane of the network in a standardized manner (e.g. using Openflow), and then apply classification algorithms on those statistics in order to detect any network anomalies. If an anomaly is detected, the application instructs the controller how to reprogram the data plane in order to mitigate it.

Another kind of security application leverages the SDN controller by implementing some moving target defense (MTD) algorithms. MTD algorithms are typically used to make any attack on a given system or network more difficult than usual by periodically hiding or changing key properties of that system or network. In traditional networks, implementing MTD algorithms is not a trivial task since it is difficult to build a central authority able of determining - for each part of the system to be protected - which key properties are hidden or changed. In an SDN network, such tasks become more straightforward thanks to the centrality of the controller. One application can for example periodically assign virtual IPs to hosts within the network, and the mapping virtual IP/real IP is then performed by the controller. [67] Another application can simulate some fake opened/closed/filtered ports on random hosts in the network in order to add significant noise during reconnaissance phase (e.g. scanning) performed by an attacker. [68]

Additional value regarding security in SDN enabled networks can also be gained using FlowVisor [69] and FlowChecker [70] respectively. The former tries to use a single hardware forwarding plane sharing multiple separated logical networks. Following this approach the same hardware resources can be used for production and development purposes as well as separating monitoring, configuration and internet traffic, where each scenario can have its own logical topology which is called slice. In conjunction with this approach FlowChecker [69] realizes the validation of new OpenFlow rules that are deployed by users using their own slice.

SDN controller applications are mostly deployed in large-scale scenarios, which requires comprehensive checks of possible programming errors. A system to do this called NICE was described in 2012. [71] Introducing an overarching security architecture requires a comprehensive and protracted approach to SDN. Since it was introduced, designers are looking at possible ways to secure SDN that do not compromise scalability. One architecture called SN-SECA (SDN+NFV) Security Architecture. [72]

Group Data Delivery Using SDN

Distributed applications that run across datacenters usually replicate data for the purpose of synchronization, fault resiliency, load balancing and getting data closer to users (which reduces latency to users and increases their perceived throughput). Also, many applications, such as Hadoop, replicate data within a datacenter across multiple racks to increase fault tolerance and make data recovery easier. All of these operations require data delivery from one machine or datacenter to multiple machines or datacenters. The process of reliably delivering data from one machine to multiple machines is referred to as Reliable Group Data Delivery (RGDD).

SDN switches can be used for RGDD via installation of rules that allow forwarding to multiple outgoing ports. For example, OpenFlow provides support for Group Tables since version 1.1 [73] which makes this possible. Using SDN, a central controller can carefully and intelligently setup forwarding trees for RGDD. Such trees can be built while paying attention to network congestion/load status to improve performance. For example, MCTCP [74] is a scheme for delivery to many nodes inside datacenters that relies on regular and structured topologies of datacenter networks while DCCast [75] and QuickCast [76] are approaches for fast and efficient data and content replication across datacenters over private WANs.

Relationship to NFV

Network Function Virtualization, or NFV for short, is a concept that complements SDN. Thus, NFV is not dependent on SDN or SDN concepts. NFV separates software from hardware to enable flexible network deployment and dynamic operation. NFV deployments typically use commodity servers to run network services software versions that previously were hardware-based. These software-based services that run in an NFV environment are called Virtual Network Functions (VNF). [77] SDN-NFV hybrid program was provided for high efficiency, elastic and scalable capabilities NFV aimed at accelerating service innovation and provisioning using standard IT virtualization technologies. [77] [78] SDN provides the agility of controlling the generic forwarding devices such as the routers and switches by using SDN controllers. On the other hand, NFV agility is provided for the network applications by using virtualized servers. It is entirely possible to implement a virtualized network function (VNF) as a standalone entity using existing networking and orchestration paradigms. However, there are inherent benefits in leveraging SDN concepts to implement and manage an NFV infrastructure, particularly when looking at the management and orchestration of VNFs, and that's why multivendor platforms are being defined that incorporate SDN and NFV in concerted ecosystems. [79]

Relationship to DPI

DPI Deep Packet Inspection provides network with application-awareness, while SDN provides applications with network-awareness. [80] Although SDN will radically change the generic network architectures, it should cope with working with traditional network architectures to offer high interoperability. The new SDN based network architecture should consider all the capabilities that are currently provided in separate devices or software other than the main forwarding devices (routers and switches) such as the DPI, security appliances [81]

Quality of Experience (QoE) estimation using SDN

When using an SDN based model for transmitting multimedia traffic, an important aspect to take account is the QoE estimation. To estimate the QoE, first we have to be able to classify the traffic and then, it's recommended that the system can solve critical problems on its own by analyzing the traffic. [82] [83]

See also

Related Research Articles

<span class="mw-page-title-main">Router (computing)</span> Device that forwards data packets between computer networks

A router is a computer and networking device that forwards data packets between computer networks, including internetworks such as the global Internet.

<span class="mw-page-title-main">Telecommunications network</span> Network for communications over distance

A telecommunications network is a group of nodes interconnected by telecommunications links that are used to exchange messages between the nodes. The links may use a variety of technologies based on the methodologies of circuit switching, message switching, or packet switching, to pass messages and signals.

<span class="mw-page-title-main">Content delivery network</span> Layer in the internet ecosystem addressing bottlenecks

A content delivery network or content distribution network (CDN) is a geographically distributed network of proxy servers and their data centers. The goal is to provide high availability and performance ("speed") by distributing the service spatially relative to end users. CDNs came into existence in the late 1990s as a means for alleviating the performance bottlenecks of the Internet as the Internet was starting to become a mission-critical medium for people and enterprises. Since then, CDNs have grown to serve a large portion of the Internet content today, including web objects, downloadable objects, applications, live streaming media, on-demand streaming media, and social media sites.

<span class="mw-page-title-main">Network processor</span>

A network processor is an integrated circuit which has a feature set specifically targeted at the networking application domain.

WAN optimization is a collection of techniques for improving data transfer across wide area networks (WANs). In 2008, the WAN optimization market was estimated to be $1 billion, and was to grow to $4.4 billion by 2014 according to Gartner, a technology research firm. In 2015 Gartner estimated the WAN optimization market to be a $1.1 billion market.

In network routing, the control plane is the part of the router architecture that is concerned with establishing the network topology, or the information in a routing table that defines what to do with incoming packets. Control plane functions, such as participating in routing protocols, run in the architectural control element. In most cases, the routing table contains a list of destination addresses and the outgoing interface(s) associated with each. Control plane logic also can identify certain packets to be discarded, as well as preferential treatment of certain packets for which a high quality of service is defined by such mechanisms as differentiated services.

<span class="mw-page-title-main">Data plane</span> Router architecture

In routing, the data plane, sometimes called the forwarding plane or user plane, defines the part of the router architecture that decides what to do with packets arriving on an inbound interface. Most commonly, it refers to a table in which the router looks up the destination address of the incoming packet and retrieves the information necessary to determine the path from the receiving element, through the internal forwarding fabric of the router, and to the proper outgoing interface(s).

In computing, network virtualization is the process of combining hardware and software network resources and network functionality into a single, software-based administrative entity, a virtual network. Network virtualization involves platform virtualization, often combined with resource virtualization.

A reliable multicast is any computer networking protocol that provides a reliable sequence of packets to multiple recipients simultaneously, making it suitable for applications such as multi-receiver file transfer.

OpenFlow is a communications protocol that gives access to the forwarding plane of a network switch or router over the network.

Hewlett Packard Enterprise Networking is the Networking Products division of Hewlett Packard Enterprise ("HP"). HPE Networking and its predecessor entities have developed and sold networking products since 1979. Currently, it offers networking and switching products for small and medium sized businesses through its wholly owned subsidiary Aruba Networks. Prior to 2015, the entity within HP which offered networking products was called HP Networking.

Network functions virtualization (NFV) is a network architecture concept that leverages IT virtualization technologies to virtualize entire classes of network node functions into building blocks that may connect, or chain together, to create and deliver communication services.

A network virtualization platform decouples the hardware plane from the software plane such that the host hardware plane can be administratively programmed to assign its resources to the software plane. This allows for the virtualization of CPU, memory, disk and most importantly network IO. Upon such virtualization of hardware resources, the platform can accommodate multiple virtual network applications such as firewalls, routers, Web filters, and intrusion prevention systems, all functioning much like standalone hardware appliances, but contained within a single hardware appliance. The key benefit to such technology is doing all of this while maintaining the network performance typically seen with that of standalone network appliances as well as enabling the ability to administratively or dynamically program resources at will.

Distributed Overlay Virtual Ethernet (DOVE) is a tunneling and virtualization technology for computer networks, created and backed by IBM. DOVE allows creation of network virtualization layers for deploying, controlling, and managing multiple independent and isolated network applications over a shared physical network infrastructure.

<span class="mw-page-title-main">Open vSwitch</span> Virtual network switch

Open vSwitch (OVS) is an open-source implementation of a distributed virtual multilayer switch. The main purpose of Open vSwitch is to provide a switching stack for hardware virtualization environments, while supporting multiple protocols and standards used in computer networks.

Time-Sensitive Networking (TSN) is a set of standards under development by the Time-Sensitive Networking task group of the IEEE 802.1 working group. The TSN task group was formed in November 2012 by renaming the existing Audio Video Bridging Task Group and continuing its work. The name changed as a result of the extension of the working area of the standardization group. The standards define mechanisms for the time-sensitive transmission of data over deterministic Ethernet networks.

<span class="mw-page-title-main">Albert Greenberg</span> American computer scientist

Albert Greenberg is an American software engineer and computer scientist who is notable for his contributions to the design of operating carrier and datacenter networks as well as to advances in computer networking and cloud computing. He currently serves as Vice President of Platform Engineering at Uber.

A Software-Defined Wide Area Network (SD-WAN) is a wide area network that uses software-defined networking technology, such as communicating over the Internet using overlay tunnels which are encrypted when destined for internal organization locations.

5G network slicing is a network architecture that enables the multiplexing of virtualized and independent logical networks on the same physical network infrastructure. Each network slice is an isolated end-to-end network tailored to fulfill diverse requirements requested by a particular application.

References

  1. 1 2 3 Benzekki, Kamal; El Fergougui, Abdeslam; Elbelrhiti Elalaoui, Abdelbaki (2016). "Software-defined networking (SDN): A survey". Security and Communication Networks. 9 (18): 5803–5833. doi:10.1002/sec.1737.
  2. Montazerolghaem, Ahmadreza (2020-07-13). "Software-defined load-balanced data center: design, implementation and performance analysis". Cluster Computing. 24 (2): 591–610. doi:10.1007/s10586-020-03134-x. ISSN   1386-7857. S2CID   220490312.
  3. Montazerolghaem, Ahmadreza (2021). "Software-defined Internet of Multimedia Things: Energy-efficient and Load-balanced Resource Management". IEEE Internet of Things Journal. 9 (3): 2432–2442. doi:10.1109/JIOT.2021.3095237. ISSN   2327-4662. S2CID   237801052.
  4. "Software-defined networking is not OpenFlow, companies proclaim". searchsdn.techtarget.com.
  5. "InCNTRE's OpenFlow SDN testing lab works toward certified SDN product". 10 February 2016.
  6. "Predicting SD-WAN Adoption". gartner.com. 2015-12-15. Retrieved 2016-06-27.
  7. L. Yang (Intel Corp.), R. Dantu (Univ. of North Texas), T. Anderson (Intel Corp.) & R. Gopal (Nokia.) (April 2004). Forwarding and Control Element Separation (ForCES) Framework. Internet Engineering Task Force. doi: 10.17487/RFC3746 . RFC 3746.{{citation}}: CS1 maint: multiple names: authors list (link)
  8. T. V. Lakshman, T. Nandagopal, R. Ramjee, K. Sabnani, and T. Woo (Nov 2004). "The SoftRouter Architecture" (PDF).{{cite web}}: CS1 maint: multiple names: authors list (link)
  9. J. Salim (Znyx Networks), H. Khosravi (Intel), A. Kleen (Suse), and A. Kuznetsov (INR/Swsoft) (July 2003). "Linux Netlink as an IP Services Protocol". doi:10.17487/RFC3549.{{cite journal}}: Cite journal requires |journal= (help)CS1 maint: multiple names: authors list (link)
  10. A. Farrel (Old Dog Consulting), J. Vasseur (Cisco Systems, Inc.), and J. Ash (AT&T) (August 2006). "A Path Computation Element (PCE)-Based Architecture". doi:10.17487/RFC4655.{{cite journal}}: Cite journal requires |journal= (help)CS1 maint: multiple names: authors list (link)
  11. Martìn Casado, Michael J. Freedman, Justin Pettit, Jianying Luo, and Nick McKeown (Stanford University) (August 2007). "Ethane: Taking Control of the Enterprise" (PDF).{{cite web}}: CS1 maint: multiple names: authors list (link)
  12. N. McKeown, T. Anderson, H. Balakrishnan, G. Parulkar, L. Peterson, J. Rexford, S. Shenker, and J. Turner. (April 2008). "OpenFlow: Enabling Innovation in Campus Networks" (PDF).{{cite web}}: CS1 maint: multiple names: authors list (link)
  13. N. Gude, T. Koponen, J. Pettit, B. Pfaff, M. Casado, N. McKeown, and S. Shenker. (July 2008). "NOX: Towards an Operating System for Networks" (PDF).{{cite web}}: CS1 maint: multiple names: authors list (link)
  14. USapplication 2009044270,Shelly, Asaf&Feldman, Moshe,"Network element and an infrastructure for a network risk management system",published 2009-02-12, abandoned 2011.
  15. WOapplication 2009010982,Shelly, Asaf,"Software for a real-time infrastructure",published 2009-01-22
  16. WOapplication 2009004628,Shelly, Asaf,"Multi-core CPU",published 2009-01-08
  17. WOapplication 2009093237,Shelly, Asaf,"Network interactions management using interest frames and clearance rings",published 2009-07-30
  18. Farias, Fernando N. N.; Junior, Antônio de O.; da Costa, Leonardo B.; Pinheiro, Billy A.; Abelém, Antônio J. G. (2019-08-28). "vSDNEmul: A Software-Defined Network Emulator Based on Container Virtualization". arXiv: 1908.10980 [cs.NI].
  19. Wang, S.; Chou, C.; Yang, C. (September 2013). "EstiNet openflow network simulator and emulator". IEEE Communications Magazine. 51 (9): 110–117. doi:10.1109/MCOM.2013.6588659. ISSN   1558-1896. S2CID   14375937.
  20. Oliveira, R. L. S. de; Schweitzer, C. M.; Shinoda, A. A.; Ligia Rodrigues Prete (June 2014). "Using Mininet for emulation and prototyping Software-Defined Networks". 2014 IEEE Colombian Conference on Communications and Computing (COLCOM). pp. 1–6. doi:10.1109/ColComCon.2014.6860404. ISBN   978-1-4799-4340-1. S2CID   17915639.
  21. "GENI. Campus OpenFlow topology". 2011.
  22. Kuang-Ching "KC" Wang (Oct 3, 2011). "Software Defined Networking and OpenFlow for Universities: Motivation, Strategy, and Uses" (PDF). Archived from the original (PDF) on 2018-01-03.
  23. Sushant Jain, Alok Kumar, Subhasree Mandal, Joon Ong, Leon Poutievski, Arjun Singh, Subbaiah Venkata, Jim Wanderer, Junlan Zhou, Min Zhu, Jonathan Zolla, Urs Hölzle, Stephen Stuart and Amin Vahdat (Google) (August 12–16, 2013). "B4: Experience with a Globally-Deployed Software Defined WAN" (PDF).{{cite web}}: |author= has generic name (help)CS1 maint: multiple names: authors list (link)
  24. brent salisbury (May 14, 2013). "Inside Google's Software-Defined Network".
  25. Arjun Singh, Joon Ong, Amit Agarwal, Glen Anderson, Ashby Armistead, Roy Bannon, Seb Boving, Gaurav Desai, Bob Felderman, Paulie Germano, Anand Kanagala, Jeff Provost, Jason Simmons, Eiichi Tanda, Jim Wanderer, Urs Hölzle, Stephen Stuart, Amin Vahdat (2015). "Jupiter Rising: A Decade of Clos Topologies and Centralized Control in Google's Datacenter Network".{{cite web}}: CS1 maint: multiple names: authors list (link)
  26. ""MPLS-TP OpenFlow Protocol Extensions for SPTN" becomes a formal ONF standard by unanimous approval". June 27, 2017.
  27. Camille Campbell (February 6, 2014). "Avaya Debuts Networking Innovations at 'Tech Field Day'".
  28. Elizabeth Miller Coyne (September 23, 2016). "Huawei Exec: SDN's Become a 'Completely Meaningless Term'". Light Reading.
  29. "Software-Defined Networking (SDN) Definition". Opennetworking.org. Retrieved 26 October 2014.
  30. Montazerolghaem, Ahmadreza; Yaghmaee, Mohammad Hossein; Leon-Garcia, Alberto (September 2020). "Green Cloud Multimedia Networking: NFV/SDN Based Energy-Efficient Resource Allocation". IEEE Transactions on Green Communications and Networking. 4 (3): 873–889. doi:10.1109/TGCN.2020.2982821. ISSN   2473-2400. S2CID   216188024.
  31. "White Papers". Opennetworking.org. Retrieved 26 October 2014.
  32. Montazerolghaem, Ahmadreza.; Yaghmaee, M. H.; Leon-Garcia, A. (2017). "OpenSIP: Toward Software-Defined SIP Networking". IEEE Transactions on Network and Service Management. PP (99): 184–199. arXiv: 1709.01320 . Bibcode:2017arXiv170901320M. doi:10.1109/tnsm.2017.2741258. ISSN   1932-4537. S2CID   3873601.
  33. Vicentini, Cleverton; Santin, Altair; Viegas, Eduardo; Abreu, Vilmar (January 2019). "SDN-based and multitenant-aware resource provisioning mechanism for cloud-based big data streaming". Journal of Network and Computer Applications. 126: 133–149. doi:10.1016/j.jnca.2018.11.005. S2CID   57941895.
  34. Assefa, Beakal Gizachew; Özkasap, Öznur (June 2020). "RESDN: A Novel Metric and Method for Energy Efficient Routing in Software Defined Networks". IEEE Transactions on Network and Service Management. 17 (2): 736–749. arXiv: 1905.12219 . doi:10.1109/TNSM.2020.2973621. S2CID   199442001.
  35. Oliveira, Tadeu F.; Xavier-de-Souza, Samuel; Silveira, Luiz F. (May 2021). "Improving Energy Efficiency on SDN Control-Plane Using Multi-Core Controllers". Energies. 14 (11): 3161. doi: 10.3390/en14113161 .
  36. "SDN Architecture Overview" (PDF). Opennetworking.org. Retrieved 22 November 2014.
  37. Yeganeh, S.H.; Ganjali, Y. "Kandoo: A Framework for Efficient and Scalable Offloading of Control Applications". doi: 10.1145/2342441.2342446 . S2CID   193153.{{cite journal}}: Cite journal requires |journal= (help)
  38. Ahmed, R.; Boutaba, R. (2014). "Design considerations for managing wide area software defined networks". IEEE Communications Magazine. 52 (7): 116–123. doi:10.1109/MCOM.2014.6852092. S2CID   7912785.
  39. Koponen, T. (2010). "Onix: A Distributed Control Platform for Large scale Production Networks" (PDF). Proceedings USENIX, Ser. OSDI'10. Vancouver, Canada.
  40. Tuncer, Daphne; Charalambides, Marinos; Clayman, Stuart; Pavlou, George (March 2015). "Adaptive Resource Management and Control in Software Defined Networks". IEEE Transactions on Network and Service Management. 12 (1): 18–33. doi:10.1109/TNSM.2015.2402752. hdl: 10044/1/63600 . S2CID   9215618.
  41. Heller, B.; Sherwood, R.; McKeown, N. (2012). "The Controller Placement Problem". Proceedings of the first workshop on Hot topics in software defined networks - HotSDN '12. p. 7. doi:10.1145/2342441.2342444. ISBN   9781450314770. S2CID   1770114.
  42. Hu, Yan-nan; Wang, Wen-Dong; Gong, Xiang-Yang; Que, Xi-Rong; Cheng, Shi-Duan (2012). "On the placement of controllers in software-defined networks". The Journal of China Universities of Posts and Telecommunications. 19: 92–171. doi:10.1016/S1005-8885(11)60438-X.
  43. Ros, Francisco Javier; Ruiz, Pedro Miguel (2014). "Five nines of southbound reliability in software-defined networks". Proceedings of the third workshop on Hot topics in software defined networking. pp. 31–36. doi:10.1145/2620728.2620752. ISBN   9781450329897. S2CID   17088018.
  44. Tuncer, Daphne; Charalambides, Marinos; Clayman, Stuart; Pavlou, George (2015). "On the Placement of Management and Control Functionality in Software Defined Networks". 2015 11th International Conference on Network and Service Management (CNSM). pp. 360–365. doi:10.1109/CNSM.2015.7367383. ISBN   978-3-9018-8277-7. S2CID   6977724.
  45. Wang, An; Guo, Yang; Hao, Fang; Lakshman, T.; Chen, Songqing (2 December 2014). "Scotch: Elastically Scaling up SDN Control-Plane using vSwitch based Overlay" (PDF). ACM CoNEXT.
  46. Taylor, Curtis; MacFarland, Douglas; Smestad, Doran; Shue, Craig (10 April 2014). "Contextual, flow-based access control with scalable host-based SDN techniques". IEEE INFOCOM 2016 - the 35th Annual IEEE International Conference on Computer Communications. pp. 1–9. doi:10.1109/INFOCOM.2016.7524498. ISBN   978-1-4673-9953-1. S2CID   17491115.
  47. Chuluundorj, Zorigtbaatar; Taylor, Curtis; Walls, Robert; Shue, Craig (6 December 2021). "Can the User Help? Leveraging User Actions for Network Profiling". 2021 Eighth International Conference on Software Defined Systems (SDS). pp. 1–8. doi:10.1109/SDS54264.2021.9732164. ISBN   978-1-6654-5820-7. S2CID   244036711.
  48. Lei, Yunsen; Lanson, Julian; Kaldawy, Remy; Estrada, Jeffrey; Shue, Craig (11 November 2020). "Can Host-Based SDNS Rival the Traffic Engineering Abilities of Switch-Based SDNS?". 2020 11th International Conference on Network of the Future (NoF). pp. 91–99. doi:10.1109/NoF50125.2020.9249110. ISBN   978-1-7281-8055-7. S2CID   221505891.
  49. "OpenFlow: Proactive vs Reactive". NetworkStatic.net. 2013-01-15. Retrieved 2014-07-01.
  50. "Reactive, Proactive, Predictive: SDN Models | F5 DevCentral". Devcentral.f5.com. 2012-10-11. Retrieved 2016-06-30.
  51. Pentikousis, Kostas; Wang, Yan; Hu, Weihua (2013). "Mobileflow: Toward software-defined mobile networks". IEEE Communications Magazine. 51 (7): 44–53. doi:10.1109/MCOM.2013.6553677. S2CID   10655582.
  52. Liyanage, Madhusanka (2015). Software Defined Mobile Networks (SDMN): Beyond LTE Network Architecture. UK: John Wiley. pp. 1–438. ISBN   978-1-118-90028-4.
  53. Costa-Requena, Jose; Liyanage, Madhusanka; Ylianttila, Mika; De Oca, Edgardo Montes; Santos, Jesus Llorente; Guasch, Vicent Ferrer; Ahokas, Kimmo; Premsankar, Gopika; Luukkainen, Sakari; Perez, Oscar Lopez; Itzazelaia, Mikel Uriarte; Ahmad, Ijaz (2015). "SDN and NFV Integration in Generalized Mobile Network Architecture". 2015 European Conference on Networks and Communications (EuCNC). pp. 154–158. doi:10.1109/EuCNC.2015.7194059. ISBN   978-1-4673-7359-3. S2CID   2453962.
  54. Liyanage, Madhusanka; Ylianttila, Mika; Gurtov, Andrei (2014). "Securing the Control Channel of Software-Defined Mobile Networks". Proceeding of IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks 2014. pp. 1–6. doi:10.1109/WoWMoM.2014.6918981. ISBN   978-1-4799-4786-7. S2CID   1378181.
  55. Haranas, Mark (8 October 2016). "16 Hot Networking Products Putting The Sizzle In SD-WAN". CRN. Retrieved 1 November 2016.
  56. "SD-WAN: What it is and why you'll use it one day". Network World. 2016-02-10. Retrieved 2016-06-27.
  57. Serries, William (12 September 2016). "SD-LAN et SD-WAN : Deux Approches Différentes pour le Software Defined Networking". ZDNet. Retrieved 1 November 2016.
  58. Kerravala, Zeus (13 September 2016). "Aerohive Introduces the Software-defined LAN". Network World. Retrieved 1 November 2016.
  59. Kreutz, Diego; Ramos, Fernando; Verissimo, Paulo (2013). "Towards secure and dependable software-defined networks". Proceedings of the second ACM SIGCOMM workshop on Hot topics in software defined networking. pp. 50–60.
  60. Scott-Hayward, Sandra; O'Callaghan, Gemma; Sezer, Sakir (2013). "SDN security: A survey". Future Networks and Services (SDN4FNS), 2013 IEEE SDN for. pp. 1–7.
  61. Benton, Kevin; Camp, L Jean; Small, Chris (2013). "Openflow vulnerability assessment". Proceedings of the second ACM SIGCOMM workshop on Hot topics in software defined networking. pp. 151–152.
  62. Abdou, AbdelRahman; van Oorschot, Paul; Wan, Tao (May 2018). "A Framework and Comparative Analysis of Control Plane Security of SDN and Conventional Networks". IEEE Communications Surveys and Tutorials. to appear. arXiv: 1703.06992 . Bibcode:2017arXiv170306992A.
  63. Giotis, K; Argyropoulos, Christos; Androulidakis, Georgios; Kalogeras, Dimitrios; Maglaris, Vasilis (2014). "Combining OpenFlow and sFlow for an effective and scalable anomaly detection and mitigation mechanism on SDN environments". Computer Networks. 62: 122–136. doi:10.1016/j.bjp.2013.10.014.
  64. Braga, Rodrigo; Mota, Edjard; Passito, Alexandre (2010). "Lightweight DDoS flooding attack detection using NOX/OpenFlow". Local Computer Networks (LCN), 2010 IEEE 35th Conference on. pp. 408–415.
  65. Feamster, Nick (2010). "Outsourcing home network security". Proceedings of the 2010 ACM SIGCOMM workshop on Home networks. pp. 37–42.
  66. Jin, Ruofan & Wang, Bing (2013). "Malware detection for mobile devices using software-defined networking". Research and Educational Experiment Workshop (GREE), 2013 Second GENI. 81-88.{{cite conference}}: CS1 maint: location (link)
  67. Jafarian, Jafar Haadi; Al-Shaer, Ehab; Duan, Qi (2012). "Openflow random host mutation: transparent moving target defense using software defined networking". Proceedings of the first workshop on Hot topics in software defined networks. pp. 127–132.
  68. Kampanakis, Panos; Perros, Harry; Beyene, Tsegereda. SDN-based solutions for Moving Target Defense network protection (PDF). Retrieved 16 February 2022.
  69. 1 2 Sherwood, Rob; Gibb, Glen; Yap, Kok-Kiong; Appenzeller, Guido; Casado, Martin; McKeown, Nick; Parulkar, Guru (2009). "Flowvisor: A network virtualization layer". OpenFlow Switch Consortium, Tech. Rep.
  70. Al-Shaer, Ehab & Al-Haj, Saeed (2010). "FlowChecker: Configuration analysis and verification of federated OpenFlow infrastructures". Proceedings of the 3rd ACM workshop on Assurable and usable security configuration. pp. 37–44.
  71. Canini, Marco; Venzano, Daniele; Peresini, Peter; Kostic, Dejan; Rexford, Jennifer; et al. (2012). A NICE Way to Test OpenFlow Applications. NSDI. pp. 127–140.
  72. Bernardo and Chua (2015). Introduction and Analysis of SDN and NFV Security Architecture (SA-SECA). 29th IEEE AINA 2015. pp. 796–801.
  73. B. Pfaf; et al. (February 28, 2011). "OpenFlow Switch Specification" (PDF). Retrieved July 8, 2017.
  74. T. Zhu; et al. (October 18, 2016). "MCTCP: Congestion-aware and robust multicast TCP in Software-Defined networks". 2016 IEEE/ACM 24th International Symposium on Quality of Service (IWQoS). IEEE. pp. 1–10. doi:10.1109/IWQoS.2016.7590433. ISBN   978-1-5090-2634-0. S2CID   28159768.
  75. M. Noormohammadpour; et al. (July 10, 2017). "DCCast: Efficient Point to Multipoint Transfers Across Datacenters". USENIX. Retrieved July 3, 2017.
  76. M. Noormohammadpour; et al. (2018). QuickCast: Fast and Efficient Inter-Datacenter Transfers using Forwarding Tree Cohorts. arXiv: 1801.00837 . Bibcode:2018arXiv180100837N. doi:10.31219/osf.io/uzr24 . Retrieved January 23, 2018.
  77. 1 2 William, Stalling (2016). "Foundations of Modern Networking: SDN, NFV, QoE, IoT, and Cloud". Pearson Education.
  78. Rowayda, A. Sadek (May 2018). "An Agile Internet of Things (IoT) based Software Defined Network (SDN) Architecture". Egyptian Computer Science Journal. 42 (2): 13–29.
  79. "Platform to Multivendor Virtual and Physical Infrastructure".
  80. Graham, Finnie (December 2012). "The Role Of DPI In An SDN World". White Paper.
  81. Series, Y. (May 2015). "Global Information Infrastructure, Internet Protocol Aspects And Next Generation Networks". ITU-T Y.2770 Series, Supplement on DPI Use Cases and Application Scenarios.
  82. Canovas, Alejandro (2020). "A robust multimedia traffic SDN-Based management system using patterns and models of QoE estimation with BRNN". Journal of Network and Computer Applications. 150: 102498. doi:10.1016/j.jnca.2019.102498. hdl: 10251/163292 . S2CID   210925444.
  83. Rego, Albert (2019). "Adapting reinforcement learning for multimedia transmission on SDN". Transactions on Emerging Telecommunications Technologies. 30 (9). doi:10.1002/ett.3643. hdl: 10251/186852 . S2CID   182028234.