Skip to main content
SpringerLink
Log in

Automatic rule installation in case of policy change in software defined networks

  • Published:
Telecommunication Systems Aims and scope Submit manuscript

Abstract

Software Defined Networking (SDN) has emerged recently as a new network architecture. It implements both control and management planes at centralized controller and data plane at forwarding devices. Therefore, SDN helps to simplify network management and improves network programmability. Changes in network policies occur frequently by making modifications at controller. However, in existing approaches, the rules installed at switches before policy change at controller are not modified. This can cause violation of network policy by packets. To address this problem, this paper presents a new approach that stores the rules generated at controller. After detecting the change in policy, the proposed approach finds the rules that will be affected by policy change by examining stored rules at controller. Then the affected rules are removed from the forwarding devices. Simulation results reveal that our proposed approach provides less packets violation ratio and normalized traffic overhead as compared to existing approach. Therefore, the proposed approach increases network performance and efficiency.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15

Similar content being viewed by others

References

  1. OME Committee. (2012). Software-defined networking: The new norm for networks. Open Networking Foundation.

  2. Han, Bo, Gopalakrishnan, Vijay, Ji, Lusheng, & Lee, Seungjoon. (2015). Network function virtualization: Challenges and opportunities for innovations. IEEE Communications Magazine, 53(2), 90–97.

    Article  Google Scholar 

  3. Gude, Natasha, Koponen, Teemu, Pettit, Justin, Pfaff, Ben, Casado, Martí-n, McKeown, Nick, et al. (2008). NOX: towards an operating system for networks. ACM SIGCOMM Computer Communication Review, 38(3), 105–110.

    Article  Google Scholar 

  4. McKeown, Nick, Anderson, Tom, Balakrishnan, Hari, Parulkar, Guru, Peterson, Larry, Rexford, Jennifer, et al. (2008). OpenFlow: enabling innovation in campus networks. ACM SIGCOMM Computer Communication Review, 38(2), 69–74.

    Article  Google Scholar 

  5. Understanding OpenFlow Flow Entry Timers on Devices Running Junos OS, Online Available http://www.juniper.net/documentation/en_US/junos13.3/topics/concept/junos-sdn-openflow-flow-entry-timers-overview.html.

  6. Zhu, H., Fan, H., Luo, X., & Jin, Y. (2015). Intelligent timeout master: Dynamic timeout for SDN-based data centers. In 2015 IFIP/IEEE international symposium on integrated network management (IM) (pp. 734-737). IEEE.

  7. Tracey, W. (2012). Securing networks: Access control list (ACL) concepts, May 16, Online available https://www.pluralsight.com/blog/it-ops/access-control-list-concepts.

  8. Handigol, N., Heller, B., Jeyakumar, V., Maziéres, D., & McKeown, N. (2012). Where is the debugger for my software-defined network?. In Proceedings of the first workshop on hot topics in software defined networks (pp. 55–60). ACM.

  9. GDB: The GNU Project Debugger, Available Online http://www.gnu.org/software/gdb/.

  10. Khurshid, Ahmed, Zhou, Wenxuan, Caesar, Matthew, & Godfrey, P. (2012). Veriflow: Verifying network-wide invariants in real time. ACM SIGCOMM Computer Communication Review, 42(4), 467–472.

    Article  Google Scholar 

  11. Varghese, G. (2004). Network algorithmics: An interdisciplinary approach to designing fast networked devices. Burlington: Morgan Kaufmann.

    Google Scholar 

  12. Canini, Marco, Venzano, Daniele, Peresini, Peter, Kostic, Dejan, & Rexford, Jennifer. (2012). A NICE way to test OpenFlow applications. NSDI, 12(2012), 127–140.

    Google Scholar 

  13. Kazemian, Peyman, Varghese, George, & McKeown, Nick. (2012). Header space analysis: Static checking for networks. NSDI, 12, 113–126.

    Google Scholar 

  14. Mao, Jianbiao, Han, Biao, Sun, Zhigang, Lu, Xicheng, & Zhang, Ziwen. (2016). Efficient mismatched packet buffer management with packet order-preserving for OpenFlow networks. Computer Networks, 110, 91–103.

  15. Monsanto, Christopher, Reich, Joshua, Foster, Nate, Rexford, Jennifer, & Walker, David. (2013). Composing software defined networks. NSDI, 13, 1–13.

    Google Scholar 

  16. The Frenetic project, Online Available http://www.frenetic-lang.org.

  17. Prakash, Chaithan, Lee, Jeongkeun, Turner, Yoshio, Kang, Joon-Myung, Akella, Aditya, Banerjee, Sujata, et al. (2015). Pga: Using graphs to express and automatically reconcile network policies. ACM SIGCOMM Computer Communication Review, 45(4), 29–42.

    Article  Google Scholar 

  18. Mattos, Diogo Menezes Ferrazani, Duarte, Otto Carlos Muniz Bandeira, & Pujolle, Guy. (2016). Reverse update: A consistent policy update scheme for software-defined networking. IEEE Communications Letters, 20(5), 886–889.

    Article  Google Scholar 

  19. Reitblatt, M., Foster, N., Rexford, J., Schlesinger, C., & Walker, D. (2012). Abstractions for network update. In Proceedings of the ACM SIGCOMM 2012 conference on applications, technologies, architectures, and protocols for computer communication (pp. 323–334). ACM.

  20. Heller, B., Scott, C., McKeown, N., Shenker, S., Wundsam, A., Zeng, H., Whitlock, S., et al. (2013). Leveraging SDN layering to systematically troubleshoot networks. In Proceedings of the second ACM SIGCOMM workshop on Hot topics in software defined networking (pp. 37–42). ACM.

  21. Reich, J., Monsanto, C., Foster, N., Rexford, J., & Walker, D. (2013). Modular SDN programming with pyretic. Technical Reprot of USENIX.

  22. Cormen, T. H. (2009). Introduction to algorithms. Cambridge: MIT press.

    Google Scholar 

  23. Karger, D., Lehman, E., Leighton, T., Panigrahy, R., Levine, M., & Lewin, D. (1997). Consistent hashing and random trees: Distributed caching protocols for relieving hot spots on the World Wide Web. In Proceedings of the 29th annual ACM symposium on theory of computing (pp. 654–663). ACM.

  24. Open Networking Foundation. (2015). OpenFlow switch specification. Version 1.5.0.

  25. Mininet, Available Online http://mininet.org/

  26. POX, Available Online https://github.com/noxrepo/pox.

  27. Katta, N., et al. (2015). Ravana: Controller fault-tolerance in software-defined networking. In Proceedings of the 1st ACM SIGCOMM symposium on software defined networking research. ACM.

  28. Dixit, A., Hao, F., Mukherjee, S., Lakshman, T.V., Kompella, R. (2013). Towards an elastic distributed SDN controller. In ACM SIGCOMM Computer Communication Review (Vol. 43(4), pp. 7–12). ACM.

  29. Tootoonchian, A., & Ganjali, Y. (2010). HyperFlow: A distributed control plane for OpenFlow. In Proceedings of the 2010 internet network management conference on research on enterprise networking.

  30. Berde, P., et al. (2014). ONOS: Towards an open, distributed SDN OS. In Proceedings of the 3rd workshop on hot topics in software defined networking. ACM.

  31. Braun, Wolfgang, & Menth, Michael. (2014). Software-defined networking using OpenFlow: Protocols, applications and architectural design choices. Future Internet, 6(2), 302–336.

    Article  Google Scholar 

  32. Sarrar, N., Uhlig, S., Feldmann, A., Sherwood, R., & Huang, X. (2012). Leveraging Zipf’s law for traffic offloading. ACM SIGCOMM Computer Communication Review, 42, 16–22.

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Comsats Institute of Information Technology, Wah Cantt, Pakistan

    Mudassar Hussain & Nadir Shah

  2. University of Wah, Wah Cantt, Pakistan

    Mudassar Hussain

Authors
  1. Mudassar Hussain
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Nadir Shah
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Nadir Shah.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Hussain, M., Shah, N. Automatic rule installation in case of policy change in software defined networks. Telecommun Syst 68, 461–477 (2018). https://doi.org/10.1007/s11235-017-0404-2

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11235-017-0404-2

Keywords

Search

Navigation