Научная статья на тему 'Key differences between traditional and software defined networks'

Key differences between traditional and software defined networks Текст научной статьи по специальности «Компьютерные и информационные науки»

CC BY
335
113
i Надоели баннеры? Вы всегда можете отключить рекламу.
Ключевые слова
TRADITIONAL NETWORKS / SOFTWARE DEFINED NETWORKS / NETWORK AND TELECOMMUNICATION / DATA CENTERS / VIRTUAL MACHINE / INFORMATION TECHNOLOGY / COMMUNICATION NETWORK / COMPUTER NETWORK / CONTROL SYSTEM / ТРАДИЦИОННЫЕ СЕТИ / ПРОГРАММНО-КОНФИГУРИРУЕМЫЕ СЕТИ / СЕТИ И ТЕЛЕКОММУНИКАЦИИ / ЦЕНТРЫ ОБРАБОТКИ ДАННЫХ / ВИРТУАЛЬНАЯ МАШИНА / ИНФОРМАЦИОННЫЕ ТЕХНОЛОГИИ / СЕТЬ СВЯЗИ / КОМПЬЮТЕРНАЯ СЕТЬ / СИСТЕМА УПРАВЛЕНИЯ

Аннотация научной статьи по компьютерным и информационным наукам, автор научной работы — Jakovlev V.V., Berkinbayeva Zh. M., Fernandez Del Campo Angel

Traditional data networks are complex and difficult to manage because the implementation of a global network policy should be generated separately for each network device, which includes risks associated with incorrect configurations. Software defined networks allow you to manage the network with software that eliminates the need for manual debugging or changing the settings of network equipment, and this in turn reduces the workload of IT specialists. The network control is performed in an automatic mode with the help of intelligent control algorithms. The article considers the comparison of traditional networks (TN) and software defined networks (SDN), their advantages in using and describing how to work and how to start creating a SDN that is completely different from today's principles of creating data transmission networks, will also be described the disadvantages of the SDN, which supports versatility and flexibility.

i Надоели баннеры? Вы всегда можете отключить рекламу.
iНе можете найти то, что вам нужно? Попробуйте сервис подбора литературы.
i Надоели баннеры? Вы всегда можете отключить рекламу.

Основные отличия между традиционными и программно-конфигурируемыми сетями

Традиционные сети передачи данных сложны и трудны в управлении, при этом глобальная сетевая политика должна формироваться отдельно для каждого сетевого устройства, а это связано с риском неправильной конфигурации. Программно-конфигурируемые сети (ПКС) позволяют управлять сетью с помощью программного обеспечения, которое избавляет от необходимости ручной отладки или изменения настроек сетевого оборудования, что, в свою очередь, уменьшает рабочую нагрузку IT-специалистов. Сетевое управление происходит в автоматическом режиме с помощью интеллектуальных алгоритмов контроля. В статье проводится сравнение традиционных сетей (ТС) и программно-конфигурируемых сетей (ПКС), преимущества их использования и описание того, как работать и как создавать ПКС, которые существенно отличаются от ТС. Кроме того, описаны недостатки ПКС.

Текст научной работы на тему «Key differences between traditional and software defined networks»

Key Differences between Traditional and Software

Defined Networks

V.V. Jakovlev, Zh.M. Berkinbayeva Emperor Alexander I St. Petersburg State Transport University St. Petersburg, Russia [email protected], [email protected]

Abstract. Traditional data networks are complex and difficult to manage because the implementation of a global network policy should be generated separately for each network device, which includes risks associated with incorrect configurations. Software defined networks allow you to manage the network with software that eliminates the need for manual debugging or changing the settings of network equipment, and this in turn reduces the workload of IT specialists. The network control is performed in an automatic mode with the help of intelligent control algorithms. The article considers the comparison of traditional networks (TN) and software defined networks (SDN), their advantages in using and describing how to work and how to start creating a SDN that is completely different from today's principles of creating data transmission networks, will also be described the disadvantages of the SDN, which supports versatility and flexibility.

Keywords: traditional networks, software defined networks, network and telecommunication, data centers, virtual machine, information technology, communication network, computer network, control system.

Introduction

Networks are built using switches routers and other devices that have become extremely complex because they are implementing an increasing number of complex distributed protocols, standardized by IETF [1], (today the number of active protocols and their versions exceeds 600) and use proprietary interfaces inside. In such circumstances, researchers cannot drive the experiments they need on a functioning network, operators cannot quickly enter new services for their users, the network hardware manufacturers cannot innovate to meet customer demands. Supporting and managing a complex network infrastructure today is more art than engineering.

The growth of network attacks, viruses, and other network threats suggests that security issues still have no durable solutions, and that computer and telecommunications networks are the object of national security. Increasing the number and heterogeneity of content the development of services and the extent of their coverage has led to a change in the paradigm of the organization of Computation in society: to the place of client-server computing organization came, the data processing centers (DPC) and cloud computing, and the file systems and databases have been transformed into a data storage network (DSN).

The term Software Definition Network (SDN) is not new. The first work and studies on this topic have been emerging since 1995 [2]. Technology came in response to the needs of distributed computing, the use of network technologies in

Angel Fernandez del Campo Universidad Politécnica de Madrid Madrid, Spain [email protected]

clouds (where the number of routers to manage can reach several tens of thousands), the emergence of large date centres, the beginning of Internet virtualization [3]. In fact, it's a new architecture that changes the organization of traditional data networks. In SDN networks, the core functions of switches and routers have been moved to the central Network ' controller, which simplifies both the application of network policies and the monitoring of network status. With this approach, the transmitting devices are responsible only for the transfer of data, based on the flow table, which is built by a centralized network controller that interacts with the transmitting device [4].

THE PROBLEMS OF MODERN COMPUTER NETWORKS AND THE KEY PRINCIPLES OF CREATION OF THE SDN NETWORKS

Computer networks and the Internet, as a fundamental infrastructure, are a strategic factor in the development of modern information technologies. However, the architecture of the global Internet, whose foundations were laid in the late 1960s and 1970s, is outdated and is not always able to respond adequately and effectively to the new needs of society. The increase in the number and diversity of mobile devices and the development of various wireless communications technologies have resulted in the number of users exceeding the number of fixed-link networks today. However, the growth of mobile power is boosting the computational capacity of applications, which in turn requires increased bandwidth. The volume of mobile traffic is growing exponentially, and traffic patterns are becoming more diversified. According to the leading network hardware manufacturers, traffic doubles every nine months, which in the next few years will increase the load by several orders. According to forecasts of the Cisco forecasts that the volume of traffic will quadruple over the next five years, with mobile traffic double yearly.

The modern computer networks consist of many separate network elements that perform specific functions: routers, switches, load balancing, NAT (Network Address Translation) [1], firewalls. SDN technology proposes to abandon such a trend in the development of computer networks by making the transition from individual network elements and the network as platforms in general to programmable entities. With the help of applications, you can optimize transport streams to find the shortest path, as it is done by the modern distributed routing protocols, and optimize the network to make maximum use of connections, make mobility of devices seamless or create different domains for different users.

To understand why writing routing protocols is so difficult, let's take a look at how routing is working in today's networks. Networks are created from target devices (personal computer and server) and intermediate devices connected to the cable system. The packet arrives at one port, the router checks it, and sends it through the port, which will make the package one step closer to the destination. Each router periodically polls the neighbours to which networks it is connected, and each neighbour collects that information and uses it to create a structure for all networks. Although routers share topological data among themselves, each of them performs a route calculation independently. Even if two neighbouring routers calculate the same results in a network topology, they will not pass overlapping results to each other. Because each processor cycle requires a certain amount of power, this duplication is not efficient. Implementing complex routing algorithms requires large processing power on devices. Each router individually is a costly device that performs the same computation as all others, just to get a slightly different result. Large networks require large computations. When an enterprise grows, the network increases, and each router must be updated to handle the additional calculations. The types and number of ports on the router do not change, but the processor does not have sufficient power to execute the algorithms. Sometimes it is sufficient to supplement the memory of random access, but it is often necessary to replace the processor unit with a more expensive one. This is a good business model for network providers: If you purchase enough routers, you should purchase updates and upgrade your hardware on a regular basis. In this case, these processors can only be obtained from these network providers because they are specialized, proprietary processors.

For today, the number of actually (actively) used protocols is more than 600, and this figure not finite. So, we can single out the following problems of modern computer networks [5]:

• scientific and technical - can't be controlled today and to safely foresee behavior of such difficult objects as wide computer networks;

• economic - networks are expensive, difficult and require for the service of highly qualified specialists;

• development problems - in the architecture of modern networks, there are available barriers to experimentation and the creation of new services.

The answer to the crisis of computer networks was the emergence of a fundamentally new approach to their construction - software defined networks (SDN).

Architecture for sdn

The concept of a new network architecture of software-defined networks was proposed in 2007 by the staff of Stanford University [6]. Since then, the SDN networks have developed mainly in the Stanford and Berkeley scientific laboratory, and no one has tried them on an industrially significant scale. The researches initiated by them found support not only in the academic circles, in universities worldwide, but also were actively perceived more than four tens by the leading vendors of a network equipment and the large IT companies which formed Open Networking Foundation in March, 2011. Interest of the leading IT companies is caused by the fact that as practical approbation showed, PKS approach allows to increase efficiency of a network equipment for 25%-30%, to lower costs of

operation of networks more than by 30%, to turn control of networks from art into engineering, it is essential to increase safety, to programmatically create new services and to quickly load them in a network equipment. Implementation of this approach, first of all, should have a significant impact on the network of data centers, corporate networks, WAN [7], cellular and home networks.

Researchers from Stanford and Berkeley assumed that on the computer networks it is possible to separate functions of control and data transfer.

Open Networking Foundation (ONF) [8] - the group which is most of all associated with development and standardization of SDN. According to ONF, «software defined networks (SDN) is a new architecture which is dynamic, controlled, effective on expenses and the adaptive that does it ideal for the dynamic modern applications requiring high throughput. This architecture disconnects the network control and transmission functions, which allows you to make control of the network directly programmable, and the underlying infrastructure to allocate for applications and network services. The OpenFlow protocol is the main element needed to create SDN solutions».

Figure 1 shows the architecture of SDN, as it is seen by ONF.

Application Layer

Control Layer

, I I.UMUUI LldUJ Mdlie

Infrastructure Layer } interface (e.g., OpenFlow)|

Network Device j [ Network Device j ^ Network Device j

Network Device 1 Network Device

Fig. 1. Architecture of SDN. Source ONF

Some of the basic concepts that are part of the SDN system architecture, shown in figure 1, are described below.

Business applications

Applications which are used by directly finite users. Opportunities include carrying out videoconferences, management of a chain of deliveries and management of relationship with clients.

Network services and services of safety

The functionality allowing business applications to work effectively and safely. Opportunities include ADC, WOC [9] and function of safety, such as firewalls, IDS/IPS [10] and ensuring protection against DDoS [11].

SDN switch

In a pure SDN switch, all the management functions of a traditional switch (i.e. the routing protocols used for creation of information bases on routing) are performed in the central controller. The functionality of the switch is entirely limited to the data plane.

Hybrid Switch

In a hybrid switch, SDN technologies and traditional switch protocols work at the same time. The network manager

can configure the SDN controller to detect and control specific traffic flows, while traditional distributed network protocols continue to direct the rest of the traffic over the network.

The origin of this technology was associated with several points.

• Traditional architecture networks are proprietary, closed for research and almost any changes from outside. Equipment of different manufacturers often with each other poorly compatible.

• The growth of traffic in a geometric progression and the thesis that the network of the current architecture can not cope with it at the required level of quality.

• Increase in the number of protocols and their stacks in the network. Researchers from Stanford and Berkeley suggested that in computer networks it is possible to separate the functions of control and data transmission.

Hybrid network

The hybrid network is a network on which traditional switches and the switches SDN (whether they are the pure switches SDN or hybrid switches) work in the same environment.

As can be seen in figures 1 and 2 in architecture of SDN of a network it is possible to select three levels [11]:

• The infrastructure layer including a set of network devices (switches and transmission channels).

• The control layer including network operating system which provides for applications a set of network services and the program interface (API) for control of network devices and a network.

• Layer of network applications for flexible and effective management of a network.

Fig. 2. Location of the North and South interfaces

Northbound API interface

According to figure 2, the northbound API interface is an interface which serves for interpretation of business logic in network instructions. By means of Northbound API of a business application can transfer information to the SDN controller for the subsequent programming of a network. The interface allows administrators to select flexibly network resources, based on application requirements, abstracting network infrastructure.

Southbound API interface

According to figure 2, the southbound API interface is an interface that provides an communication between the control layer and a infrastructure layer. The most famous interaction protocol is OpenFlow.

Part of the confusion associated with SDN is that many vendors do not fully agree with the definition of SDN submitted by ONF. For example, while some vendors consider Open-Flow to be the main element of their SDN solutions, other vendors are still thinking about the approach to OpenFlow. Another reason for the confusion is the disagreement over what constitutes the infrastructure layer. According to ONF, the infrastructure layer is a wide range of physical and virtual switches and routers. As described above, one of the current approaches to realizing networked virtualization is based on an architecture similar to that shown in figure 1, but including only virtual switches and routers.

The OpenFlow protocol, the first version of which was created in 2008, is the first SDN protocol and at the moment the standard «de facto» for SDN solutions on the basis of open technologies. OpenFlow describes the principles of interaction between the SDN controller (Control Plane) and network devices (Data Plane). The Open Networking Foundation (ONF) organization is responsible for the standardization of the protocol.

Vulnerabilities in the sdn architecture

Architecture of SDN, assuming significantly other approach to implementation of network infrastructure, it isn't deprived of potential vulnerabilities from the point of view of information security. The need to separate the access of network applications when working with the controller, the issues of authentication and authorization when running applications with the controller are just a few of the security aspects that have to be taken into account when designing SDN networks.

The controller as a key component in the management of the entire SDN infrastructure is the most vulnerable element, an attack on which can lead to consequences that are critical for the entire infrastructure [12]. Separation of access of network applications when working with the SDN controller is an actual problem of delimiting the areas of responsibility of network applications. The situation, when any network application is able to change the flow-tables of any switch controlled by this controller, does not meet modern information security requirements. Different types of applications require different levels of access, and the more detailed the limitations of each application (in accordance with the nature of the task), especially the network will be reliable. Different models of division of access can be applied to the decision of this task, for example, role, mandatory and discretionary, and also combinations of these models taking into account specifics of securable infrastructure.

Variations of such attacks as «failure in service», substitution of the controller, etc. remain the main threats arising from the network devices working by the principle of the program-configured network. Transfer of a «analytical» component of a network on the controller naturally transfers emphasis of many attacks from a network equipment to the providing functioning of the software network: the controller of a network and network applications addressing the controller [13].

The most simple and at the same time effective method of disrupting the integrity of the SDN network is attacks of type «failure in service». Danger of the attack follows from the algorithm of operation of the SDN switch when receiving an unknown (i.e. not suitable under the rules which are available

in the flow-table) a packet. In such situation two options are possible:

• The packet entirely goes to the controller for the analysis.

• The packet remains in the memory of the switch, only the packet headers are sent to the controller.

Both methods leave a wide field for the attacker to effectively implement the failure in service by generating a stream of different packets in the SDN network. Consider the network reaction in both of the above cases:

1. The switch starts forming a large number of messages to transfer unknown packets to the controller. The processor resources of the switch are consumed, the memory consumption is increased. Memory is especially strongly spent if the switch buffers packets and sends the controller only their titles.

2. The flow of packets from the switch to the controller loads the communication channel between the controller and the switch. If the communication environment is shared, then all the switches can experience a decrease in the speed of delivery of messages. Increased influence on the communication channel will be provided in the situation when the switch sends packets for the analysis entirely.

3. The controller accepts and processes a flow of messages, spending processor time and memory of the environment of execution. Formation of message queues will force legitimate messages to expect of queue and will reduce efficiency of making a decision on a network.

4. The controller generates a flow of different messages in response to requests of the attacked switch. The resources of the communication channel between the switch and the controllers are consumed.

5. The switch accepts commands from the controller and executes them, spending resources of the processor and memory. If commands comprise creation of new rules of tables of flows, then there is their avalanche increase, time of check of each new packet according to the table increases, expenditures on service of such table grow, and also possible overflowing of tables of flows is. As a result implementation of the attack can lead to the following consequences:

• Exhaustion of resources of the switch. Legitimate packets or generally won't be processed by this network point, or their processing will be followed by time delays.

• The communication link between the controller and the switch will not provide delivery of control messages when the data streams are loaded.

• The controller will be overloaded with incoming requests and will not be able to process control messages caused by legitimate traffic.

COMPRATION OF SDN WITH TRADITIONAL NETWORKS

The modern routers solve two main objectives: data transfer (forwarding) - advance of a packet from input port on a certain output port, and data management - processing of a packet and making decision on, where it to route, on the basis of a current status of the router. Thus, within all network it is possible to select the transmission level of data consisting of data transmission media (communication lines, the channel-forming equipment, routers and switches), and the control level with statuses of data transmission media.

The development of routers was on the way of convergence and «splicing» of the two levels, hardware acceleration, im-

provement of a software and implementation of new functional capabilities for an increase in speed of decision-making on routings of each packet. But at the same time the level of control remained enough primitive, leaning on the difficult distributed algorithms of routing and intricate instructions for configuring and setup of a network. It is necessary to mark, that the software of routers realizing control level remained proprietary and closed for developers, researchers and network operators.

In approach of SDN it was offered to separate the control layer and the data transmission layer. In the figure 3 it is provided comparing of traditional networks with the SDN networks.

Fig. 3. Comparison of traditional networks with SDN networks

Following table 1 describes difference between traditional and software defined networking types [14].

TABLE 1. Difference between traditional and software defined networks

Traditional Networking Software Defined Networking

They are static and inflexible networks. They are not useful for new business ventures. They possess little agility and flexibility They are programmable networks during time as well as at later stage based on change in the requirements. They help new business ventures through flexibility, agility and virtualization

They are hardware appliances They are configured using open software

They have distributed control plane They have logically centralized control plane

They use custom ASICs[15] and FPGAs[16] They use merchant silicon

They work using protocols They use APIs to configure as per need

Traditional data networks

With the traditional approach to network technologies, most of the network functionality is implemented in a special device, for example, a switch, a router, an application delivery controller. In addition to this, inside of special device the most functions is implemented on a special hardware, for example ASIC [17] (specialized integrated circuit).

Some key characteristics of this approach to the development of network devices:

• ASIC, providing network functionality, develop slowly;

• the development of ASIC functionality is under the control of the vendor of the device;

• devices are proprietary;

• each device is configured individually;

The organizations using network technologies are under the increasing pressure: demand from them to be more effective and flexible, than it is possible in case of traditional approach to data networks. One of the reasons for this pressure is the widespread use of server virtualization. As part of server virtu-alization, virtual machines (VM) dynamically move between servers in a matter of seconds or minutes. However if relocation of VM crosses boundary of the 3rd layer of a network stack, then for realignment of a network for the purpose of support of VM on its new place several days or even can be required weeks. Sometimes it is difficult to determine what exactly a flexible network means. In view of the above, if the network reconfiguration to support VM migration takes weeks, then such of the network is not at all flexible.

Transition to the software

As it was marked, the traditional data communication network is substantially oriented on the hardware. However in the last several years use of the virtualized network devices and the growing interest in Software Defined Data processing Centers (SDDC)[18] led to increase in trust to the network functionality based on the software. For example, in the middle -the end of the 2000th network devices, such as controllers of optimization of data transfer on a wide area network Optimization Controller (WAN, WOC)[6] and Application Delivery Controller, ADC[9], were specialized physical devices. It means that such functions as encoding / decoding and processing of TCP flows, were executed by means of the hardware intended especially for execution of these functions. Due to the growing need for more flexibility now functionality of WOC or ADC, as a rule, is provided with the software working at the universal server or at VM.

iНе можете найти то, что вам нужно? Попробуйте сервис подбора литературы.

SDDC can be considered as the complete antithesis of the traditional network of data-processing centers described above. For example, one of key characteristics of software defined data-processing center is that all infrastructure of data-processing center is virtualized and is provided in the form of service. Another key characteristic is that the automated control of data center applications and services is provided by a policy-based management system.

Potential opportunities

One of characteristics which often is associated with any fundamentally new approach to technologies is existence of confusion concerning opportunities which are given by this new approach. In order to successfully evaluate and apply a new approach to technology, such as SDN, IT organizations need to determine what opportunity or capabilities are important for the organization, best implemented through this approach.

After all discussions connected to SDN over the past few years the most probable set of opportunities which SDN can provide was defined:

• support of dynamic relocation, replication and distribution of the virtual resources;

• facilitation of administrative loading in case of a configuration and a provisioning of functionality, such as quality of service and safety;

• easier deployment and scaling of network functionality;

• regulation of a traffic thanks to open network transparency;

• more effective management of network resources;

• reduction of operating costs;

• faster development of network functionality based on the life cycle of software development;

• the ability of applications to dynamically request services from the network;

• Implementation of more effective safety functions;

• simplification.

According to ONF the architecture of SDN is:

• Directly programmable: control over a network is directly programmable as it is separated from transmission functions.

• Flexible: separation of monitoring from transmission allows administrators to regulate dynamically a flow of a network traffic according to permanently the changing needs.

• Centrally managed: network intelligence (logically) centralized in software-based SDN controllers that preserve the global appearance of the network, representing a single logical switch for applications and policies.

• Software configurable: SDN allows network managers to configure, manage, protect and optimize network resources very quickly, thanks to dynamic, automated SDN programs that they can create themselves, because the programs do not depend on proprietary software.

• Based on open standards and vendor-independent: implementation of SDN in accordance with open standards leads to simplification of the structure and operation of the network, since the instructions are provided by SDN controllers, rather than multiple devices and protocols from different vendors.

Advantages of sdn

Thus, the architecture of SDN and the offered centralized approach gives the following advantages in comparison with traditional networks with distributed data transmission control:

Programmability and flexibility of network management, the considerable simplification of a possibility of modification of network management due to creation of new applications or the modification existing control automation and administrations by networks.

• Adaptability of management of network, that is an opportunity to change behavior and a status of the network in real time taking into account the changing operating conditions and adapt to them, adapt to the changing needs of users of networks due to creation of new network applications and services. The development of network applications requires much less time in comparison with a manual reconfiguration of all network is required.

• Independence from hardware and proprietary software for network hardware manufacturers.

• The ability to independently deploy the control level and the level of data transfer.

• The possibility of independent scaling of the control level and the level of data transfer.

• Improving reliability by reducing the amount of distributed state for management. Instead of existing distributed protocols that operate on each node of the network, each of them

supports a database of distributed copies of channel states in each node, however such information can be collected centrally in one place - on the controller. Thus, such a centralized database will contain much less uncoordinated information, and such approach will allow to reduce probability of cycles on a network.

• Simplify the structure and logic of network devices, because now they do not need to process a huge number of standards and protocols, and it is enough to execute only the instructions received from the controller.

• Reducing the cost of switches and the network infrastructure as a whole by making the «brains of routers» in the controller.

Thus, the SDN approach allows to significantly automate and simplify network management due to the possibility of their «programming», allowing to build flexible scalable networks that can easily adapt to changing operating conditions and user needs.

Conclusion

The benefits of the SDN concept are obvious. It is centralized management, monitoring and independence from a specific manufacturer's technology, and easier upgrading and maintenance of the network. The SDN architecture significantly alters the structure of the network, and therefore new security threats are emerging due to the vulnerabilities of individual infrastructure components. In addition, most of the threats associated with traditional data networks are critical in the same or greater degree in the context of SDN networks. On the other hand, the SDN architecture offers opportunities for innovation in the development of security instruments. A combination of centralized network management and programmability improves network security.

REFERENCES

1. Cisco Systems, Inc. IP Addressing: NAT Configuration Guide. Available at:

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr_nat/configuration/12-4t/nat-12-4t-book.pdf.

2. Calvert K., Bhattacharjee S., Zegura E., Sterbenz J., Active Networks, Proc. IFIP-TC6 4th International Working Conference, IWAN, Zurich, 2002, pp. 72-78.

3. Diego K., Fernando MV R., P Esteves V., Christian E. R., Siamak A., Steve U. Software-defined networking : A comprehensive survey. Proc. IEEE, 103(1), Lisbon, 2015, pp. 14-76.

4. Jakovlev V. V., Berkinbayeva Zh. M., Angel Fernandez del Campo. Application of the OpenFlow protocol based on the Mininet network emulator with the installation of a Floodlight controller. Intellectual Technologies on Transport [Intel-lektual'nye tekhnologii na transporte]. 2018. No. 2. pp. 5-12.

5. Software-Defined Networking (SDN) Definition. Available at: https://www.opennetworking.org/sdn-resources/sdn-definition

6. Chuan L., Eric P., Donald R., Tom Zh. WAN Optimiza-tion Controller Technologies, EMC Techbooks, 2015, № H8076.7, pp. 32-71.

7. Introduction to WAN Protocols Protocols. Available at: http://www.cisco.com/networkers/nw01/pres/preso/WANand MultiserviceTechnologies/WMS-101.pdf

8. Open Networking Fundation. SDN Architecture Overview. Available at https://www.opennetworking.org

9. Brand Leader Report. Application Delivery Controller. URL: https://www.citrix.com.

10. Namiot D.E. Application Level Interfaces in SDN [In-terfeysy prikladnogo urovnya v sdn] // Modern Information Technology and IT-education [Sovremennye informatsionnye tekhnologii i IT-obrazovanie], vol. 2, no. 11, 2015, pp. 26-30.

11. SDN security: A survey. Available at: http://iranarze.ir/wp-content/uploads/2017/08/7602-English-IranArze.pdf

12. Kevin B., Jean C., Chris S. Openflow vulnerability assessment, Proc. In Proceedings of the Second ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, HotSDN '13, New York, 2013, pp. 151-152.

13. Seungwon Sh., Guofei Gu. Attacking software-defined networks: A first feasibility study, Proc. In Proceedings of the Second ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, HotSDN '13, New York, 2013, pp. 165166.

14. Traditional vs Software Defined Networking. Available

at: http://www.rfwireless-world.com/Terminology/traditional-networking-vs-software-defined-networking.html.

15. Elaine Rhodes. ASIC BASICS: An Introduction to Developing Application Specific Integrated Circuits. 2005. 62 p.

16. Guan-Lin Wu. Introduction to FPGA [www]. Available at: http://cc.ee.ntu.edu.tw/~jhjiang/instruction/courses/fall11-cvsd/LN13-FPGA.pdf.

17. Tewksbury S.K. Application-Specific Integrated Circuits (ASICS), Technical report of Microelectronic Systems Research Center, West Virginia, 1996, pp. 8-11.

18. VMware, Software-Defined Data Center. Capabilities and Outcomes.Available at: http://www.vmware.com.

Основные отличия между традиционными и программно-конфигурируемыми сетями

В.В. Яковлев, Ж.М. Беркинбаева Петербургский государственный университет путей сообщения Императора Александра I Санкт-Петербург, РФ [email protected], [email protected]

Ангел Фернандез дел Кампо Мадридский политехнический университет Мадрид, Испания [email protected]

Аннотация. Традиционные сети передачи данных сложны и трудны в управлении, при этом глобальная сетевая политика должна формироваться отдельно для каждого сетевого устройства, а это связано с риском неправильной конфигурации. Программно-конфигурируемые сети (ПКС) позволяют управлять сетью с помощью программного обеспечения, которое избавляет от необходимости ручной отладки или изменения настроек сетевого оборудования, что в свою очередь уменьшает рабочую нагрузку IT-специалистов. Сетевое управление происходит в автоматическом режиме с помощью интеллектуальных алгоритмов контроля.

В статье проводится сравнение традиционных сетей (ТС) и программно-конфигурируемых сетей (ПКС), преимущества их использования и описание того, как работать и как создавать ПКС, которые существенно отличаются от ТС. Кроме того, описаны недостатки ПКС.

Ключевые слова: традиционные сети, программно-конфигурируемые сети, сети и телекоммуникации, центры обработки данных, виртуальная машина, информационные технологии, сеть связи, компьютерная сеть, система управления.

Литература

1. Cisco Systems, Inc. IP Addressing: NAT Configuration Guide. Available at: https://www.cisc0.c0m/c/en/us/td/d0cs /ios-xml/ios/ipaddr_nat/configuration/12-4t/nat-12-4t-book.pdf.

2. Calvert K., Bhattacharjee S., Zegura E., Sterbenz J., Active Networks, Proc. IFIP-TC6 4th International Working Conference, IWAN, Zurich, 2002, pp. 72-78.

3. Diego K., Fernando MV R., P Esteves V., Christian E. R., Siamak A., Steve U. Software-defined networking : A comprehensive survey. Proc. IEEE, 103(1), Lisbon, 2015, pp. 14-76.

4. Jakovlev V. V., Berkinbayeva Zh. M., Angel Fernandez del Campo. Application of the OpenFlow protocol based on the Mininet network emulator with the installation of a Floodlight controller // Интеллектуальные технологии на транспорте. - 2018. № 2. - С. 5-12.

5. Software-Defined Networking (SDN) Definition. Available at: https://www.opennetworking.org/sdn-resources/sdn-definition

6. Chuan L., Eric P., Donald R., Tom Zh. WAN Optimization Controller Technologies, EMC Techbooks, 2015, № H8076.7, pp. 32-71.

7. Introduction to WAN Protocols Protocols. Available at: http://www.cisco.com/networkers/nw01/pres/preso/WANand MultiserviceTechnologies/WMS-101 .pdf

8. Open Networking Fundation. SDN Architecture Overview. Available at https://www.opennetworking.org

9. Brand Leader Report. Application Delivery Controller. URL: https://www.citrix.com.

10. Намиот Д.Е. Интерфейсы прикладного уровня в SDN // Современные информационные технологии и ИТ-образование, Т. 2, № 11, 2015, с. 26-30.

11. Sdn security: A survey. Available at: http://iranarze.ir/wp-content/uploads/2017/08/7602-English-IranArze.pdf

12. Kevin B., Jean C., Chris S. Openflow vulnerability assessment, Proc. In Proceedings of the Second ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, HotSDN '13, New York, 2013, pp. 151-152.

13. Seungwon Sh., Guofei Gu. Attacking software-defined networks: A first feasibility study, Proc. In Proceedings of the Second ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, HotSDN '13, New York, 2013, pp. 165166.

14. Traditional vs Software Defined Networking. Available at: http://www.rfwireless-world.com/Terminology/traditional-networking-vs-software-defined-networking.html.

15. Elaine Rhodes. ASIC BASICS: An Introduction to Developing Application Specific Integrated Circuits. 2005. 62 p.

16. Guan-Lin Wu. Introduction to FPGA [www]. Available at: http://cc.ee.ntu.edu.tw/~jhjiang/instruction/courses/fall11-cvsd/LN13-FPGA.pdf.

17. Tewksbury S.K. Application-Specific Integrated Circuits (ASICS), Technical report of Microelectronic Systems Research Center, West Virginia, 1996, pp. 8-11.

18. VMware, Software-Defined Data Center. Capabilities and Outcomes.Available at: http://www.vmware.com.

i Надоели баннеры? Вы всегда можете отключить рекламу.