An adaptable rule placement for software-defined networks

Shuyuan Zhang, Franjo Ivančić, Cristian Lumezanu, Yifei Yuan, Aarti Gupta, Sharad Malik

Research output: Chapter in Book/Report/Conference proceedingConference contribution

20 Scopus citations

Abstract

There is a strong trend in networking to move towards Software-Defined Networks (SDN). SDNs enable easier network configuration through a separation between a centralized controller and a distributed data plane comprising a network of switches. The controller implements network policies through installing rules on switches. Recently the 'Big Switch' abstraction [1] was proposed as a specification mechanism for high-level network behavior, i.e., the network policies. The network operating system or compiler can use his specification for placing rules on individual switches. However, this is constrained by the limited capacity of the Ternary Content Addressable Memories (TCAMs) used for rules in each switch. We propose an Integer Linear Programming (ILP) based solution for placing rules on switches for a given firewall policy while optimizing for the total number of rules and meeting the switch capacity constraints. Experimental results demonstrate that our approach is scalable to practical sized networks.

Original languageEnglish (US)
Title of host publicationProceedings of the International Conference on Dependable Systems and Networks
PublisherIEEE Computer Society
Pages88-99
Number of pages12
ISBN (Electronic)9781479922338
DOIs
StatePublished - Sep 18 2014
Event44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2014 - Atlanta, United States
Duration: Jun 23 2014Jun 26 2014

Publication series

NameProceedings of the International Conference on Dependable Systems and Networks

Other

Other44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2014
CountryUnited States
CityAtlanta
Period6/23/146/26/14

All Science Journal Classification (ASJC) codes

  • Software
  • Hardware and Architecture
  • Computer Networks and Communications

Keywords

  • Big Switch Abstraction
  • Distributed Firewall
  • Rule Placement
  • SDN

Fingerprint Dive into the research topics of 'An adaptable rule placement for software-defined networks'. Together they form a unique fingerprint.

  • Cite this

    Zhang, S., Ivančić, F., Lumezanu, C., Yuan, Y., Gupta, A., & Malik, S. (2014). An adaptable rule placement for software-defined networks. In Proceedings of the International Conference on Dependable Systems and Networks (pp. 88-99). [6903570] (Proceedings of the International Conference on Dependable Systems and Networks). IEEE Computer Society. https://doi.org/10.1109/DSN.2014.24