Jon Matias

Toward an SDN-enabled NFV architecture

This article presents the progressive evolution of NFV from the initial SDN-agnostic initiative to a fully SDN-enabled NFV solution, where SDN is not only used as infrastructure support but also influences how virtual network functions (VNFs) are designed. In the latest approach, when possible, stateless processing in the VNF shifts from the computing element to the networking element. To support these claims, the article presents the implementation of a flow-based network access control solution, with an SDN-enabled VNF built on IEEE 802.1x, which establishes services as sets of flow definitions that are authorized as the result of an end user authentication process. Enforcing the access to the network is done at the network element, while the authentication and authorization state is maintained at the compute element. The application of this proposal allows the performance to be enhanced, while traffic in the control channel is reduced to a minimum. The SDN-enabled NFV approach sets the foundation to increase the areas of application of NFV, in particular in those areas where massive stateless processing of packets is expected.

Railway signaling systems and new trends in wireless data communication

With the increment of passenger railway traffic especially in high speed lines, improvements in railway transportation safety become even more crucial. This paper presents technological and commercial trends in this area, enumerates innovative on-going related projects and proposes the application of new wireless communication standards such as, DSRC - WAVE (Dedicated Short Range Communications and Wireless Access in Vehicular Environment) or 802.11p; 802.16 or WiMAX; and MBWA (Mobile Broadband Wireless Access) or 802.20, in train control communications networks. In order to validate this proposal, we have designed a model for a wireless communication system deployed in a fully redundant configuration. The application of these new open-standard technologies will allow an affordable deployment, ubiquitous, always-on and interoperable muti-vendor mobile broadband train control communication system that supports new safety services and applications. Railway, signaling, wireless, 802.11b/g, MBWA

Using Software Defined Networking to manage and control IEC 61850-based systems

Display Omitted We describe the IEC 61850 communication model and provide an SDN-based framework.This framework mainly uses the OpenFlow, sFlow, and OVSDB protocols.It controls an IEC 61850 network, including resource analysis and management.It integrates traffic engineering techniques, such as QoS or traffic filtering. Smart Grid makes use of Information and Communications Technology (ICT) infrastructures for the management of the generation, transmission and consumption of electrical energy to increase the efficiency of remote control and automation systems. One of the most widely accepted standards for power system communication is IEC 61850, which defines services and protocols with different requirements that need to be fulfilled with traffic engineering techniques. In this paper, we discuss the implementation of a novel management framework to meet these requirements through control and monitoring tools that provide a global view of the network. With this purpose, we provide an overview of relevant Software Defined Networking (SDN) related approaches, and we describe an architecture based on OpenFlow that establishes different types of flows according to their needs and the network status. We present the implementation of the architecture and evaluate its capabilities using the Mininet network emulator.

FlowNAC: Flow-based Network Access Control

This paper presents FlowNAC, a Flow-based Network Access Control solution that allows to grant users the rights to access the network depending on the target service requested. Each service, defined univocally as a set of flows, can be independently requested and multiple services can be authorized simultaneously. Building this proposal over SDN principles has several benefits: SDN adds the appropriate granularity (fine-or coarse-grained) depending on the target scenario and flexibility to dynamically identify the services at data plane as a set of flows to enforce the adequate policy. FlowNAC uses a modified version of IEEE 802.1X (novel EAPoL-in-EAPoL encapsulation) to authenticate the users (without the need of a captive portal) and service level access control based on proactive deployment of flows (instead of reactive). Explicit service request avoids misidentifying the target service, as it could happen by analyzing the traffic (e.g. private services). The proposal is evaluated in a challenging scenario (concurrent authentication and authorization processes) with promising results.

An OpenFlow Based Network Virtualization Framework for the Cloud

The Cloud computing paradigm entails a challenging networking scenario. Due to the economy of scale, the Cloud is mainly supported by Data Center infrastructures. Therefore, virtualized environment manageability, seamless migration of virtual machines, inter-domain communication issues and scalability problems are some of the main concerns that should be addressed. A recently proposed abstract model is used as a reference for the Cloud computing architecture. This paper introduces a network virtualization framework for the Cloud based on this model. Accordingly, a proper abstraction of network elements (vhost, vnode and vlink) is defined in order to virtualize the physical infrastructure. Moreover, a novel Layer 2 network virtualization approach based on a new MAC addressing scheme is presented: we propose to build locally administered MAC addresses that hold context information, such as virtual operator, domain, node and host identifiers. In addition, implementation details are suggested, describing how the Open Flow technology can lead to an implementation of the proposed approach.

Implementing Layer 2 Network Virtualization Using OpenFlow: Challenges and Solutions

Novel approaches for network virtualization at Layer 2 which are not based on VLAN have became a real possibility since the appearance of Software Defined Networking and OpenFlow in particular. We have deployed our own network virtualization facility based on Layer 2 prefixes using OpenFlow: the EHU OpenFlow Enabled Facility (EHU-OEF). We have implemented a solution that allows research and production traffic to share the same infrastructure without interfering with each other. It requires minimum configuration in the case of researchers and none in the case of non-technical users. In our deployment we found several challenges with Layer 2 protocols that use broadcast/multicast addresses due to the use of OpenFlow. In order to solve those challenges, we developed several custom modules for the OpenFlow controller and made some changes in the Flow Visor. Finally, the design of the EHU-OEF facility as well as some configuration details are described.

Service description in the NFV revolution: Trends, challenges and a way forward

The telecommunications landscape has been undergoing a major shift in recent years. Initially Software Defined Networking (SDN), and then Network Function Virtualization (NFV) have opened up new ways of looking at the increasingly demanding service provider scenario. The description of the service to be provided will be a key point determining the success in the integration and interoperability of the different proposals. However, the refined understanding of the future scenario and its requirements has recently introduced unique challenges in the path to fully achieve the benefits of the NFV vision. In this paper we review the proposals of service description in the main initiatives related to the NFV arena. Then we elaborate on key novel challenges and evaluate how the different proposals solve them. Finally, we propose a straw man model of service and resource description addressing these challenges and defining the features that would serve as design directions for future initiatives and updates in this topic.

Design and implementation of an OpenFlow hardware abstraction layer

OpenFlow is a leading standard for Software-Defined Networking (SDN) and has already played a significant role in reshaping network infrastructures. However, a wide range of existing provider domains is still not equipped with a framework that supports wider deployment of an OpenFlow-based control plane beyond Ethernet-dominated networks. We address this gap by introducing a Hardware Abstraction Layer (HAL) which can transform legacy network elements into OpenFlow capable devices. This paper details the functional architecture of HAL, discusses the key design aspects and explains how HAL can support a number of network device classes. In addition, this paper presents the implementation details of HAL for hardware platforms such as DOCSIS (Data over Cable Service Interface Specification) and DWDM (Dense Wavelength Division Multiplexing) which have so far received little attention by the OpenFlow research community despite their wide real-world deployment.

The WiMAX ASN Network in the V2I Scenario

This article presents a mobile WiMAX network deployment as a candidate for broadband and low latency V2I communication architecture. Firstly, it looks over the current state of development of the standards involved, outlining the newest trends (i.e. 802.16m support for 500 km/h). Secondly, the opportunities and the main characteristics that this technology offers are highlighted. Thirdly, by stressing this network in two highly demanding scenarios, the challenges that this WiMAX network deployment faces are also identified. Network simulation modeling techniques have been used to carry out the corresponding performance analysis. The inter ASN handover is identified as the critical point to be tackled, so that, the proposed mobile WiMAX architecture meets the WiMAX radio system profile release 1.0 and RNM (reference network model) requirements when the class 2 group real time applications (VoIP & video conference) are deployed.

The EHU-OEF: An OpenFlow-based Layer-2 experimental facility

Abstract The current limitations of the Internet have prompted the appearance of the Future Internet initiative, which promotes the deployment of newly proposed infrastructures. In this context, experimental facilities emerge to provide realistic scenarios that allow the testing and advance the research of these novel approaches. From a technical standpoint, building a facility’s infrastructure is challenging and demanding because several requirements, such as its flexibility, support for multiple experiments, isolation and virtualisation, must be fulfilled. To investigate potential Future Internet initiatives, we designed, developed, and deployed our own experimental facility that addresses the aforementioned requirements: the EHU OpenFlow Enabled Facility (EHU-OEF). In this article, we present the EHU-OEF, which is a campus-wide facility based on OpenFlow that simultaneously supports both research and production traffic over the same infrastructure. Because this facility is based, in particular, on the OpenFlow technology and, more generally, follows the Software Defined Networking paradigm, the EHU-OEF provides researchers with the ability to programme the network. Thanks to this property, flexibility and isolation of both the control and the data planes among the experiments are addressed. This article also presents a novel method of network virtualisation at the link layer, the L2PNV approach, which ensures scalability by aggregating MAC addresses. This approach has been implemented with a modification of the FlowVisor controller originally developed at Stanford, which is a special-purpose OpenFlow controller that introduces a software slicing layer between OpenFlow switches and multiple OpenFlow controllers. This article also presents other contributions that have been developed through a successful deployment methodology in the facility, including an authentication and authorisation module, a MAC configuration module and a Prefix-Based Forwarding Decision module. In conclusion, the EHU-OEF facility possesses an excellent infrastructure designed to test and to validate novel proposals under real conditions, and this facility acts as a stepping stone for Future Internet testbeds.