HU Guangwu, JIANG Yong, CHEN Wenlong, CHEN Tan, WU Jianping. SuperFlow: A Reliable and Scalable Architecture for Large-Scale Enterprise Networks[J]. Chinese Journal of Electronics, 2016, 25(6): 1134-1140. doi: 10.1049/cje.2016.06.012
Citation: HU Guangwu, JIANG Yong, CHEN Wenlong, CHEN Tan, WU Jianping. SuperFlow: A Reliable and Scalable Architecture for Large-Scale Enterprise Networks[J]. Chinese Journal of Electronics, 2016, 25(6): 1134-1140. doi: 10.1049/cje.2016.06.012

SuperFlow: A Reliable and Scalable Architecture for Large-Scale Enterprise Networks

doi: 10.1049/cje.2016.06.012
Funds:  This work is supported by the National Nature Science Foundation of China (No.61402255, No.61170292, No.61373161), the National High Technology Research and Development Program of China (863 Program) (No.SS2015AA010203), China Postdoctoral Science Foundation (No.2014M560970), Guangdong Natural Science Foundation (No.2015A030310492), Fundamental Research Project of Shenzhen Municipality (No.JCYJ20160228172531429), and Shenzhen Key Laboratory of Software Defined Networking (No.ZDSYS20140509172959989).
  • Received Date: 2014-08-27
  • Rev Recd Date: 2015-02-06
  • Publish Date: 2016-11-10
  • With the increasing number of users, enterprise networks have become more and more important, but it also faced new challenges in various aspects. Though OpenFlow, the promising de facto Software defined networking (SDN) scheme which can provide fine-grained and flow-level control for enterprise networks, yet it still has a few undesirable designs in credibility and scalability. Inspired by OpenFlow-included many excellent studies, we have proposed a reliable and scalable architecture——SuperFlow for large-scale enterprise networks in this paper. It inherits the merits of OpenFlow, and overcomes OpenFlow’s limitations by introducing some novel features. The prototype experiment has proved that SuperFlow possesses these features with desirable performance.
  • loading
  • A. Lara, A. Kolasani and B. Ramamurthy, "Network innovation using OpenFlow: A survey", IEEE Communication and Tutorials, Vol.16, No.1, pp.493-512, 2014.
    Spoofer Project, available at http://spoofer.cmand.org/summary.php,2005-2/2015-2-7.
    Andrew R. Curtis, Jeffrey C. Mogul, et al., "DevoFlow: Scaling flow management for high-performance networks", ACM SIGCOMM Computer Communication Review, Vol.41, No.4, pp.254-265, 2011.
    J. Wu, J. Bi, et al., "Source address validation improvement framework", IETF RFC 7039, 2013.
    R. Sherwood, G. Gibb, et al., "Can the production network be the testbed?", Proc. of the Usenix OSDI, Vancouver, British Columbia, Canada, pp.1-14, 2010.
    M. Yu, J. Rexford, et al., "Scalable flow-based networking with DIFANE", Proc. of the ACM SIGCOMM, New Delhi, India, pp.351-362, 2010.
    A. Tootoonchian and Y. Ganjali, "HyperFlow: A distributed control plane for OpenFlow", Proc. of the Internet Network Management Conference on Research on Enterprise Networking, San Jose, CA, USA, pp.1-6, 2010.
    B. Sonkoly, A. Gulyas, et al., "OpenFlow virtualization framework with advanced capabilities", Proc. of the EWSDN, Darmstadt, Germany, pp.18-23, 2012.
    S. Hassas Yeganeh and Y. Ganjali, "Kandoo: A framework for efficient and scalable offloading of control applications", Proc. of the ACM HotSDN, New York, USA, pp.19-24, 2012.
    Cisco company, "Unicast reverse path forwarding", available at http://www.cisco.com/c/en/us/td/docs/routers/10000/100-08/configuration/guides/broadband/bba/urpf.pdf,2007-6/2015-2-7.
    C. Wei and Dit-Yan Yeung, "Defending against TCP SYN flooding attacks under different types of IP spoofing", Proc. of the ICN/ICONS/MCL, Morne, Mauritius, pp.38, 2006.
    C. Jin, H.N. Wang and K.G. Shin, "Hop-count filtering: An effective defense against spoofed DdoS traffic", Proc. of the ACM CCS, Washington, D.C., USA, pp.30-41, 2003.
    T. Peng, C. Leckie and K. Ramamohanarao, "Protection from distributed denial of service attacks using history-based IP filtering", Proc. of the IEEE ICC, Anchorage, Alaska, USA, pp.482-486, 2003.
    T. Aura, Cryptographically generated addresses (CGA), IETF RFC 3972, 2005.
    D. Andersen, H. Balakrishnan, N. Feamster, et al., "Accountable Internet protocol (AIP)", Proc. of ACM SIGCOMM, Seattle, WA, USA, pp.1-12, 2008.
    R. Moskowitz and P. Nikander, "Host identity protocol (HIP) architecture", RFC 4423, 2006.
    X.M. Zhu, et al., "MOTP: An identity authentication scheme for M-commerce", Chinese Journal of Electronics, Vol.22, No.1, pp.146-150, 2013.
    Y. Zhu, et al., "Identity-based encryption on RSA without pairings and key escrow", Chinese Journal of Electronics, Vol.23, No.4, pp.842-850, 2014.
    K. Xu, M. Zhu, G.W. Hu, et al., "Towards evolvable Internet architecture-design constraints and models analysis", Vol.57, No.11, pp.1-24, Science China, 2014.
    G.W. Hu, K. Xu and J.P. Wu, "SuperFlow: A controllable, manageable and scalable architecture for large-scale enterprise networks", Proc. of IEEE HPCC, Zhangjiajie, China, pp.1195- 1202, 2013.
    G.W. Hu, K. Xu, J.P. Wu, et al., "A general framework of source address validation and traceback for IPv4/IPv6 transition scenarios", IEEE Network, Vol.27, No.6, pp.66-73, 2013.
    F. Shi, K. Xu, L. Zhu and G. Hu, "SAVI requirements and solutions for ISP IPv6 access network", available at http://www.ietf.org/id/draft-shi-savi-access-06.txt,2014-10/2015-2-7.
    NOXRepo, available at http://www.noxrepo.org,2012-6/2015-2-7.
    K. Xu, W.L. Chen, et al., "Toward a practical reconfigurable router: A software component development approach", Vol.28, No.5, pp.74-80, IEEE Network, 2014.
  • 加载中

Catalog

    通讯作者: 陈斌, bchen63@163.com
    • 1. 

      沈阳化工大学材料科学与工程学院 沈阳 110142

    1. 本站搜索
    2. 百度学术搜索
    3. 万方数据库搜索
    4. CNKI搜索

    Article Metrics

    Article views (160) PDF downloads(609) Cited by()
    Proportional views
    Related

    /

    DownLoad:  Full-Size Img  PowerPoint
    Return
    Return