1,720,971 research outputs found
SDN Architecture and Southbound APIs for IPv6 Segment Routing Enabled Wide Area Networks
Full text linkThe SRv6 architecture (segment routing based on IPv6 data plane) is a promising solution to support services like Traffic Engineering, service function chaining and virtual private networks in IPv6 backbones and datacenters. The SRv6 architecture has interesting scalability properties as it reduces the amount of state information that needs to be configured in the nodes to support the network services. In this paper, we describe the advantages of complementing the SRv6 technology with an software defined networking (SDN) based approach in backbone networks. We discuss the architecture of a SRv6 enabled network based on Linux nodes. In addition, we present the design and implementation of the Southbound API between the SDN controller and the SRv6 device. We have defined a data-model and four different implementations of the API, respectively based on gRPC, REST, NETCONF, and remote command line interface. Since it is important to support both the development and testing aspects we have realized an Intent-based emulation system to build realistic and reproducible experiments. This collection of tools automate most of the configuration aspects relieving the experimenter from a significant effort. Finally, we have realized an evaluation of some performance aspects of our architecture and of the different variants of the Southbound APIs and we have analyzed the effects of the configuration updates in the SRv6 enabled nodes
Implementation of Accurate Per-Flow Packet Loss Monitoring in Segment Routing over IPv6 Networks
No full textSegment Routing over IPv6 (SRv6 in short) is a networking solution for IP backbones and datacenters, which has been recently adopted in several of large scale network deployments. The SRv6 research, standardization and implementation activities are going on at a remarkable pace. In particular, a number of Internet Drafts have been submitted related to the Performance Monitoring (PM) of flows in an SRv6 network. In this paper we discuss the proposed PM approaches, considering both data plane and control plane aspects and focusing on loss monitoring. Then we describe the implementation of a per-flow packet loss measurement (PF-PLM) solution based on the “alternate marking” method. Our implementation is based on Linux kernel networking and it is open source. We describe a platform that can be used to validate the standardization proposals from a functional perspective and the implemented solution from the performance point of view. We analyze two different design choices for the implementation of PF-PLM and evaluate their impact on the maximum forwarding throughput of a software based (Linux) route
SERA: SEgment Routing Aware Firewall for Service Function Chaining scenarios
No full textn this paper we consider the use of IPv6 Segment Routing (SRv6) for Service Function Chaining(SFC) in an NFV infrastructure. We first analyze the issues of deploying Virtual Network Functions (VNFs) based on SR-unaware applications, which require the introduction of SR proxies in the NFV infrastructure, leading to high complexity in the configuration and in the packet processing. Then we consider the advantages of SR-aware applications, focusing on a firewall application. We present the design and implementation of the SERA (SEgment Routing Aware) firewall, which extends the Linux iptables firewall. In its basic mode the SERA firewall works like the legacy iptables firewall (it can reuse an identical set of rules), but with the great advantage that it can operate on the SR encapsulated packets with no need of an SR proxy. Moreover we define an advanced mode, in which the SERA firewall can inspect all the fields of an SR encapsulated packet and can perform SR-specific actions. In the advanced mode the SERA firewall can fully exploit the features of the IPv6 Segment Routing network programming model. A performance evaluation of the SERA firewall is discussed, based on its result a further optimized prototype has been implemented and evaluated
SR-Snort: IPv6 Segment Routing Aware IDS/IPS
Full text linkService Function Chaining (SFC) allows the delivery of advanced end-to-end services composed of one or more network functions. IPv6 Segment Routing (SRv6) is a network architecture based on source routing, where a list of segments isattached to packets to enforce different path from the shortest one. SRv6 supports SFC by assigning each network function a segment and combining these segments into a segment list.In order to fully leverage the SRv6 network programming capabilities, network functions are required to be SR-aware. In this paper, we present our implementation of SR-Snort, a SR-aware intrusion detection system (IDS) and intrusion prevention system (IPS). We extended the open-source implementation of Snort, so it can apply the configured rules to the inner packet of SR traffic. SR-Snort can handle both inner IPv4 and inner IPv6traffic. It can work in either IDS or IPS mode
Performance Monitoring with H^2: Hybrid Kernel/eBPF data plane for SRv6 based Hybrid SDN
No full textSegment Routing with IPv6 (SRv6) is a leading Hybrid SDN (HSDN) architecture, as it fully exploits standard IP routing and forwarding both in the control plane and in the data plane. In this paper we design, implement and evaluate a programmable data plane solution for Linux routers called HIKE (HybrId Kernel/eBPF forwarding), integrated in an HSDN/SRv6 architecture. HIKE integrates the conventional Linux kernel packet forwarding with custom designed eBPF/XDP (extended Berkeley Packet Filter/eXtreme Data Path) bypass to speedup performance of SRv6 software routers. Thus, in addition to the hybrid IP/SDN forwarding, we foster an additional hybrid approach inside a Linux forwarding engine combining eBPF/XDP and kernel based forwarding, taking the best from both worlds. Therefore, considering the two different conceptual levels of hybridization, we call our overall solution Hybrid squared or Hˆ2.We have applied the Hˆ2 solution to Performance Monitoring (PM) in Hybrid SDNs, and we show how our HIKE data plane architecture supports SRv6 networking and Performance Monitoring (in particular Loss Monitoring) allowing a significant increase in performance: our implementation results show a remarkable throughput improvement (5x) with respect to a conventional Linux based solution
High Performance Delay Monitoring for SRv6-Based SD-WANs
No full textSoftware-Defined Wide Area Networks (SD-WANs) are used to provide services to enterprises with geographically dispersed locations in a flexible and efficient way. We focus on SD-WAN services based on the Segment Routing over IPv6 (SRv6) technology. Performance Monitoring solutions are needed in SD-WANs to detect performance degradation and outages, and optimize network operations. In this paper, we describe a high performance solution for end-to-end delay monitoring for SRv6 based SD-WAN services. The proposed solution leverages the Simple Two-way Active Measurement Protocol (STAMP) to monitor the delay of an SRv6 path between two nodes called STAMP Session-Sender and Session-Reflector. We describe three implementations of the STAMP Session-Sender and Session-Reflector for a Linux software router and compare their performance. In particular, two implementations are based on user space processing and one is based on eBPF. The results show that the eBPF-based implementation outperforms the user space implementations and has a negligible impact on the forwarding capacity of the Linux software router
Going Beyond Counting First Authors in Author Co-citation Analysis
Full text linkThe present study examines one of the fundamental aspects of author co-citation analysis (ACA) - the way co-citation
counts are defined. Co-citation counting provides the data on which all subsequent statistical analyses and mappings
are based, and we compare ACA results based on two different types of co-citation counting - the traditional type that
only counts the first one among a cited work's authors on the one hand and a non-traditional type that takes into
account the first 5 authors of a cited work on the other hand. Results indicate that the picture produced through this non-traditional author co-citation counting contains more coherent author groups and is therefore considerably clearer. However, this picture represents fewer specialties in the research field being studied than that produced through the traditional first-author co-citation counting when the same number of top-ranked authors is selected and analyzed. Reasons for these effects are discussed
Variations on the Author
Full text link“Variations on the Author” discusses two of Eduardo Coutinho’s recent films (Um Dia na Vida, from 2010, and Últimas Conversas, posthumously released in 2015) and their contribution to the general question of documentary authorship. The director’s filmography is characterized by a consistent yet self-effacing form of authorial self-inscription: Coutinho often features as an interviewer that rather than express opinions propels discourses; an interviewer that is good at listening. This mode of self-inscription characterizes him as an author who is not expressive but who is nonetheless markedly present on the screen. In Um Dia na Vida, however, Coutinho is completely absent form the image, while Últimas Conversas, on the contrary, includes a confessional prologue that moves the director from the margins to the center of his films. This article examines the ways in which these works stand out in the filmography of a director who offers new insights into the notion of cinematic authorship
Segment Routing: a Comprehensive Survey of Research Activities, Standardization Efforts and Implementation Results
No full textFixed and mobile telecom operators, enterprise network operators and cloud providers strive to face the challenging demands coming from the evolution of IP networks (e.g., huge bandwidth requirements, integration of billions of devices and millions of services in the cloud). Proposed in the early 2010s, Segment Routing (SR) architecture helps face these challenging demands, and it is currently being adopted and deployed. SR architecture is based on the concept of source routing and has interesting scalability properties, as it dramatically reduces the amount of state information to be configured in the core nodes to support complex services. SR architecture was first implemented with the MPLS dataplane and then, quite recently, with the IPv6 dataplane (SRv6). IPv6 SR architecture (SRv6) has been extended from the simple steering of packets across nodes to a general network programming approach, making it very suitable for use cases such as Service Function Chaining and Network Function Virtualization. In this article, we present a tutorial and a comprehensive survey on SR technology, analyzing standardization efforts, patents, research activities and implementation results. We start with an introduction on the motivations for Segment Routing and an overview of its evolution and standardization. Then, we provide a tutorial on Segment Routing technology, with a focus on the novel SRv6 solution. We discuss the standardization efforts and the patents providing details on the most important documents and mentioning other ongoing activities. We then thoroughly analyze research activities according to a taxonomy. We have identified 8 main categories during our analysis of the current state of play: Monitoring, Traffic Engineering, Failure Recovery, Centrally Controlled Architectures, Path Encoding, Network Programming, Performance Evaluation and Miscellaneous. We report the current status of SR deployments in production networks and of SR implementations (including several open source projects). Finally, we report our experience from this survey work and we identify a set of future research directions related to Segment Routing
- …
