Eduardo Jacob

Toward an SDN-enabled NFV architecture

This article presents the progressive evolution of NFV from the initial SDN-agnostic initiative to a fully SDN-enabled NFV solution, where SDN is not only used as infrastructure support but also influences how virtual network functions (VNFs) are designed. In the latest approach, when possible, stateless processing in the VNF shifts from the computing element to the networking element. To support these claims, the article presents the implementation of a flow-based network access control solution, with an SDN-enabled VNF built on IEEE 802.1x, which establishes services as sets of flow definitions that are authorized as the result of an end user authentication process. Enforcing the access to the network is done at the network element, while the authentication and authorization state is maintained at the compute element. The application of this proposal allows the performance to be enhanced, while traffic in the control channel is reduced to a minimum. The SDN-enabled NFV approach sets the foundation to increase the areas of application of NFV, in particular in those areas where massive stateless processing of packets is expected.

Railway signaling systems and new trends in wireless data communication

With the increment of passenger railway traffic especially in high speed lines, improvements in railway transportation safety become even more crucial. This paper presents technological and commercial trends in this area, enumerates innovative on-going related projects and proposes the application of new wireless communication standards such as, DSRC - WAVE (Dedicated Short Range Communications and Wireless Access in Vehicular Environment) or 802.11p; 802.16 or WiMAX; and MBWA (Mobile Broadband Wireless Access) or 802.20, in train control communications networks. In order to validate this proposal, we have designed a model for a wireless communication system deployed in a fully redundant configuration. The application of these new open-standard technologies will allow an affordable deployment, ubiquitous, always-on and interoperable muti-vendor mobile broadband train control communication system that supports new safety services and applications. Railway, signaling, wireless, 802.11b/g, MBWA

Using Software Defined Networking to manage and control IEC 61850-based systems

Display Omitted We describe the IEC 61850 communication model and provide an SDN-based framework.This framework mainly uses the OpenFlow, sFlow, and OVSDB protocols.It controls an IEC 61850 network, including resource analysis and management.It integrates traffic engineering techniques, such as QoS or traffic filtering. Smart Grid makes use of Information and Communications Technology (ICT) infrastructures for the management of the generation, transmission and consumption of electrical energy to increase the efficiency of remote control and automation systems. One of the most widely accepted standards for power system communication is IEC 61850, which defines services and protocols with different requirements that need to be fulfilled with traffic engineering techniques. In this paper, we discuss the implementation of a novel management framework to meet these requirements through control and monitoring tools that provide a global view of the network. With this purpose, we provide an overview of relevant Software Defined Networking (SDN) related approaches, and we describe an architecture based on OpenFlow that establishes different types of flows according to their needs and the network status. We present the implementation of the architecture and evaluate its capabilities using the Mininet network emulator.

FlowNAC: Flow-based Network Access Control

This paper presents FlowNAC, a Flow-based Network Access Control solution that allows to grant users the rights to access the network depending on the target service requested. Each service, defined univocally as a set of flows, can be independently requested and multiple services can be authorized simultaneously. Building this proposal over SDN principles has several benefits: SDN adds the appropriate granularity (fine-or coarse-grained) depending on the target scenario and flexibility to dynamically identify the services at data plane as a set of flows to enforce the adequate policy. FlowNAC uses a modified version of IEEE 802.1X (novel EAPoL-in-EAPoL encapsulation) to authenticate the users (without the need of a captive portal) and service level access control based on proactive deployment of flows (instead of reactive). Explicit service request avoids misidentifying the target service, as it could happen by analyzing the traffic (e.g. private services). The proposal is evaluated in a challenging scenario (concurrent authentication and authorization processes) with promising results.

An OpenFlow Based Network Virtualization Framework for the Cloud

The Cloud computing paradigm entails a challenging networking scenario. Due to the economy of scale, the Cloud is mainly supported by Data Center infrastructures. Therefore, virtualized environment manageability, seamless migration of virtual machines, inter-domain communication issues and scalability problems are some of the main concerns that should be addressed. A recently proposed abstract model is used as a reference for the Cloud computing architecture. This paper introduces a network virtualization framework for the Cloud based on this model. Accordingly, a proper abstraction of network elements (vhost, vnode and vlink) is defined in order to virtualize the physical infrastructure. Moreover, a novel Layer 2 network virtualization approach based on a new MAC addressing scheme is presented: we propose to build locally administered MAC addresses that hold context information, such as virtual operator, domain, node and host identifiers. In addition, implementation details are suggested, describing how the Open Flow technology can lead to an implementation of the proposed approach.

Towards Unified Programmability of Cloud and Carrier Infrastructure

The rise of cloud services poses considerable challenges on the control of both cloud and carrier network infrastructures. While traditional telecom network services rely on rather static processes (often involving manual steps), the wide adoption of mobile devices including tablets, smartphones and wearables introduce previously unseen dynamics in the creation, scaling and withdrawal of new services. These phenomena require optimal flexibility in the characterization of services, as well as on the control and orchestration of both carrier and cloud infrastructure. This paper proposes a unified programmability framework addressing: the unification of network and cloud resources, the integrated control and management of cloud and network, the description for programming networked/cloud services, and the provisioning processes of these services. In addition proofs-of-concept are provided based on existing open source control software components.

Implementing Layer 2 Network Virtualization Using OpenFlow: Challenges and Solutions

Novel approaches for network virtualization at Layer 2 which are not based on VLAN have became a real possibility since the appearance of Software Defined Networking and OpenFlow in particular. We have deployed our own network virtualization facility based on Layer 2 prefixes using OpenFlow: the EHU OpenFlow Enabled Facility (EHU-OEF). We have implemented a solution that allows research and production traffic to share the same infrastructure without interfering with each other. It requires minimum configuration in the case of researchers and none in the case of non-technical users. In our deployment we found several challenges with Layer 2 protocols that use broadcast/multicast addresses due to the use of OpenFlow. In order to solve those challenges, we developed several custom modules for the OpenFlow controller and made some changes in the Flow Visor. Finally, the design of the EHU-OEF facility as well as some configuration details are described.

A survey on the contributions of Software-Defined Networking to Traffic Engineering

Since the appearance of OpenFlow back in 2008, software-defined networking (SDN) has gained momentum. Although there are some discrepancies between the standards developing organizations working with SDN about what SDN is and how it is defined, they all outline traffic engineering (TE) as a key application. One of the most common objectives of TE is the congestion minimization, where techniques such as traffic splitting among multiple paths or advanced reservation systems are used. In such a scenario, this manuscript surveys the role of a comprehensive list of SDN protocols in TE solutions, in order to assess how these protocols can benefit TE. The SDN protocols have been categorized using the SDN architecture proposed by the open networking foundation, which differentiates among data-controller plane interfaces, application-controller plane interfaces, and management interfaces, in order to state how the interface type in which they operate influences TE. In addition, the impact of the SDN protocols on TE has been evaluated by comparing them with the path computation element (PCE)-based architecture. The PCE-based architecture has been selected to measure the impact of SDN on TE because it is the most novel TE architecture until the date, and because it already defines a set of metrics to measure the performance of TE solutions. We conclude that using the three types of interfaces simultaneously will result in more powerful and enhanced TE solutions, since they benefit TE in complementary ways.

Service description in the NFV revolution: Trends, challenges and a way forward

The telecommunications landscape has been undergoing a major shift in recent years. Initially Software Defined Networking (SDN), and then Network Function Virtualization (NFV) have opened up new ways of looking at the increasingly demanding service provider scenario. The description of the service to be provided will be a key point determining the success in the integration and interoperability of the different proposals. However, the refined understanding of the future scenario and its requirements has recently introduced unique challenges in the path to fully achieve the benefits of the NFV vision. In this paper we review the proposals of service description in the main initiatives related to the NFV arena. Then we elaborate on key novel challenges and evaluate how the different proposals solve them. Finally, we propose a straw man model of service and resource description addressing these challenges and defining the features that would serve as design directions for future initiatives and updates in this topic.

Design and implementation of an OpenFlow hardware abstraction layer

OpenFlow is a leading standard for Software-Defined Networking (SDN) and has already played a significant role in reshaping network infrastructures. However, a wide range of existing provider domains is still not equipped with a framework that supports wider deployment of an OpenFlow-based control plane beyond Ethernet-dominated networks. We address this gap by introducing a Hardware Abstraction Layer (HAL) which can transform legacy network elements into OpenFlow capable devices. This paper details the functional architecture of HAL, discusses the key design aspects and explains how HAL can support a number of network device classes. In addition, this paper presents the implementation details of HAL for hardware platforms such as DOCSIS (Data over Cable Service Interface Specification) and DWDM (Dense Wavelength Division Multiplexing) which have so far received little attention by the OpenFlow research community despite their wide real-world deployment.