Software-Defined Networking: Challenges and Research Opportunities For Future Internet

Download as pdf or txt
Download as pdf or txt
You are on page 1of 26

Software-defined Networking: Challenges and Research Opportunities for Future

Internet

Akram Hakiria,b , Aniruddha Gokhalec , Pascal Berthoua,b , Douglas C. Schmidtc , Gayraud Thierrya,b
a CNRS, LAAS, 7 avenue du colonel Roche, F-31400 Toulouse, France
b Univ de Toulouse, UPS, LAAS, F-31400 Toulouse, France
c Institute for Software Integrated Systems, Dept of EECS

Vanderbilt University, Nashville, TN 37212, USA

Abstract
Currently many aspects of the classical architecture of the Internet are etched in stone – a so called ossification of
the Internet – which has led to major obstacles in IPv6 deployment and difficulty in using IP multicast services. Yet,
there exist many reasons to extend the Internet, e.g., for improving intra-domain and inter-domain routing for high
availability of the network, providing end-to-end connectivity for users, and allowing dynamic QoS management of
network resources for new applications, such as data center, cloud computing, and network virtualization. To address
these requirements, the next-generation architecture for the Future Internet has introduced the concept of Software-
Defined Networking (SDN). At the core of this emerging paradigm is the separation and centralization of the control
plane from the forwarding elements in the network as opposed to the distributed control plane of existing networks.
This decoupling allows deployment of control plane software components (e.g., OpenFlow controller) on computer
platforms that are much more powerful than traditional network equipment (e.g., switches/routers) while protecting
the data and intellectual property of the vendors of such equipment.
A critical understanding of this emerging paradigm is necessary to address the multiple challenges in realizing the
Future Internet and to resolve the ossification problem of the existing Internet. To address these requirements, this
paper surveys existing technologies and the wide range of recent and state-of-the-art projects on SDN followed by an
in-depth discussion of the major challenges in this area.
Keywords: Future Internet, Software-Defined Networking (SDN), OpenFlow, Network Function Virtualization,
Forwarding Plane, Control Plane.

1. Introduction bile devices and content, server virtualization, cloud ser-


vices, big data), which is generated due to a large number
1.1. The Need for a New Network Architecture. of users, sensors and applications [1, 2]. Existing net-
The capacity of the current Internet is rapidly becoming works built with multiple tiers of static Ethernet switches
insufficient to cater to the large volumes of traffic patterns arranged in a tree structure are ill-suited for the dynamic
delivered by the new services and modalities (e.g., mo- computing and storage needs of today’s and future enter-
prise hyper-scale data centers, campuses, and carrier en-
vironments. Instead, new networking infrastructures are
Email addresses: hakiri@laas.fr (Akram Hakiri), desired that will provide high performance, energy effi-
a.gokhale@vanderbilt.edu (Aniruddha Gokhale), ciency, and reliability. Moreover, they should improve the
berthou@laas.fr (Pascal Berthou), d.schmidt@vanderbilt.edu network speedup, scalability and robustness with the ef-
(Douglas C. Schmidt), gayraud@laas.fr (Gayraud Thierry)

Preprint submitted to Elsevier October 12, 2014


fective creation and delivery of versatile digital services tions while allowing easy modifications to the networking
that provide stringent quality of service (QoS) guaran- functions through the centralized control plane.
tees. Meeting these requirements is impossible with ex- Figure 1 depicts the SDN architecture illustrating the
isting network equipment due to their limited capabilities. separation between the applications, control plane and
Additionally, today’s protocols tend to be defined in iso- data plane. Applications use the northbound API sup-
lation and are meant to solve a specific problem without ported by the control plane to enforce their policies in the
the benefit of any fundamental abstractions. data plane without directly interacting with the data plane.
In addition, to implement network-wide policies and to The interface between the control and data plane is sup-
support any new services, managers today have to con- ported by southbound APIs, where a SDN controller will
figure thousands of network devices and protocols, which use these APIs to communicate with the network equip-
makes it difficult to apply a consistent set of QoS, security, ments in the data plane. These equipments are required to
and other policies. Networks become vastly more com- support the standardized APIs at this level.
plex with the addition of thousands of network devices
that must be configured and managed. These devices have
their control and forwarding logic parts both integrated Net App 1 Net App 2 Net App n
in monolithic, closed, and mainframe-like boxes. Con- Abstract Network View
sequently, only a small number of external interfaces are
standardized (e.g., packet forwarding) but all of their in- Open Northbound APIs
ternal flexibility is hidden. The internals differ from ven- Network Abstraction
Control Plane

dor to vendor, with no open software platform to experi-


(e.g., topology abstraction, QoS)
ment with new ideas.
Global Network View
A lack of standard open interfaces limits the ability of
network operators to tailor the networks to their individ- Network Operating System
ual environments and to improve either their hardware (SDN Controller)
or software. Hence, there is a need for a new network Open Southbound APIs
equipment architecture that decouples the forwarding and (e.g., OpenFlow)
control planes of the routers to dynamically associate for-
warding elements and control elements.
Data Plane

1.2. Software-Defined Networking.


Software-Defined Networking (SDN) [3, 4] has
emerged as the network architecture where the control OpenFlow Router
plane logic is decoupled from the forwarding plane. SDN
is a new approach for network programmability, which
refers to the ability to control, change, and manage net-
work behavior dynamically through software via open in-
terfaces in contrast to relying on closed boxes and pro-
prietary defined interfaces. The SDN framework enables Figure 1: Simplified view of an SDN architecture
centralized control of data path elements independently of
the network technology used to connect these devices that SDN makes it possible to manage the entire network
can originate from different vendors. The centralized con- through an intelligent orchestration and provisioning sys-
trol embeds all the intelligence and maintains a network- tem that enables on-demand resource allocation, self-
wide view of the data path elements and links that con- service provisioning, truly virtualized networking, and se-
nect them. This centralized up-to-date view makes the cure cloud services. Thus, the static network can evolve
controller suitable to perform network management func- into an extensible vendor-independent service delivery

2
platform capable of responding rapidly to changing busi- delivery and increase the service velocity using SDN tech-
ness, end-user, and market needs, which greatly simpli- nologies. In this section we present a number of SDN use
fies the network design and operation. Consequently, the cases.
devices themselves no longer need to understand and pro-
cess thousands of protocol standards but merely accept 2.1.1. Data Center Interconnects Use Case
instructions from the SDN controllers. Modern data centers are composed of tens of thousands
A concrete realization of the SDN approach is Open- of resources (e.g., processors, memory, storage, high-
Flow (OF) [5, 6]. OpenFlow aims to allow providers to speed network interfaces), which in turn are packaged into
reengineer their traffic to test out new protocols in existing racks and allocated as clusters consisting of thousands of
networks without disrupting production applications. The hosts that are tightly connected with a high bandwidth net-
key elements of this technology consists of three parts: (i) work. These clusters are orchestrated to exploit thread-
flow tables installed in OpenFlow-aware switches, (ii) a level parallelism to handle many Internet-based work-
controller installed in a remote host machine, and (iii) an loads. The traffic in the data center networks often ex-
OpenFlow protocol for the controller to talk securely with hibits bursty behavior where a large number of packets get
switches. The OpenFlow approach of splitting the control injected in the network over a short time, which in turn
logic from the forwarding behavior provides a flexible ca- induces a transient load imbalance that can affect other
pability for on-the-fly addition and update of several for- flows, and thereby significantly degrade the performance
warding roles in the data plane. of the entire network [7].

1.3. Paper Objectives and Organization Applications and Eco-system Integration


Plug-ins Applications
The goal of this paper is to understand the challenges Virtual
OpenStack Machines Analytics App1 App2 …. AppN
and research opportunities for SDN in defining the Future
Internet. The rest of the paper is organized as follows: REST REST API
API
Section 2 outlines the key use cases of SDN and standard-
OpenFlow Resource Abstractions
ization efforts, which help to understand the realm of SDN Controller Discovery, Topology, Configuration, QoS,
and the spectrum of avenues for research and standard- Performance, Flow/Resource Management
ization; Sections 3 through 8 outline the key areas where OpenFlow Common Services
more SDN research is needed to solve a number of unre- Protocol
OpenFlow
solved challenges. Finally, Section 9 provides concluding Protocol
remarks. Data Center Interconnect

Third Party
2. SDN Use Cases and Standardization Efforts Tool 1 Tool 2 Tool 3 Tool 4
Tools

This section highlights the important use cases of SDN


Figure 2: The use of OpenFlow for Cloud and Data-Center
and current standardization activities. The goal of this
section is to help the reader to situate their interests and
research investigations in the context of ongoing standard- The value of SDN in a data center interconnect lies
ization activities and use cases of the SDN technology. specifically in its ability to provide network virtualiza-
tion, abstraction and automation. In Figure 2, a cen-
tralized OpenFlow controller is used to provide dynamic
2.1. SDN Use Cases in Service Provider Networks
traffic steering between applications that can be located
The industry has recently undergone a significant trans- in virtual machines or physical computers in data cen-
formation of their network infrastructure to support both ters. Those applications use RESTful programming inter-
current and future business models of SDN. This trans- faces to expose their requirements to the underlying net-
formation offers a means to reduce the costs of service work over large-scale networks. The RESTful APIs en-

3
able them to perform a wide range of advanced network 2.1.3. Wireless Settings Use Case
operations, such as topology discovery, QoS allocation, Wireless networks require specific features like mo-
and load balancing. They also enable flexible network bility management, dynamic channel configuration, and
management with deterministic behavior by eliminating rapid client re-association. As depicted in Figure 4, the
the need for resource over provisioning. Moreover, SDN- value of SDN in wireless networks lies specifically in its
compliant third party tools can be easily plugged into data ability to provide new capabilities, such as network slic-
centers to perform faster recovery from link and node fail- ing, and the creation of new services on top of the virtual-
ures. That is, the OpenFlow controller reflects a unified ized resources in secure and isolated networks.
view of the data center and simplifies the control of the
entire network. Diverse Mobile Alice Bob Alex
Applications Mobile App Mobile App Mobile App
2.1.2. Network Slicing Use Case OpenFlow NOX Floodlight Ryu
Network slicing is a mechanism to divide the avail- Controller
able network infrastructure into different partitions to al-
low multiple instances to coexist. Each slice controls Flexible Network Slicing Flowvisor
its own packet forwarding without interfering with other & Orchestration OpenVirteX
slices even if they share the same underlying physical net-
Heterogeneous OpenFlow
work. Figure 3 shows a multi tenant infrastructure con-
Underlying Network Protocol
nected through OpenFlow switches over a virtual over-
lay network to provide private or even public cloud ser- OpenVSwitch
vices. This use case shows how slicing the network re- WiMax AP
sources into multiple partitions provides tenants access to
WAN Router
their virtual L2 slices without interfering with others. The
Wi-Fi AP
SDN controller can achieve policy-based network man-
Laptop
agement and flexible resource allocation, and at the same Laptop
time can continue to support per-tenant/per-slice instanti-
ation. This means that the controller can honor its rule Figure 4: Wireless OpenFlow Infrastructure
to provide robustness, stability and scalability in terms
of number of tenants, support for concurrent experiments In Figure 4 Flowvisor and OpenVirteX are OpenFlow-
and number of managed resources. based proxy layers that allow creating slices based
on multiple parameters such as bandwidth, flow-space
(src/dst MAC, src/dst IP, and src/dst TCP ports), and CPU
switch load. Each slice is independent, e.g., traffic from
Computing Cluster
OF Switch
Alice’s mobile application does not alter Bob’s and Alex’s
SDN Controller
VM 1 Tenant traffic in the other slices. Moreover, wireless virtualiza-
Virtual L2 VM 2 1 tion enables the migration of the switch configuration that
Computing Cluster Slice 1
OF Switch Virtual L2 VM 3 Tenant manages Alice’s application to another device seamlessly
1
Slice 2
Tenant 2 VM 3 VM 4 Tenant 1 without disrupting the active network traffic of Bob and
VM 1 Computing Cluster
Alex. Such a configuration was introduced by the Odin
Tenant 1
VM 2 OF Switch
VM 5 Tenant framework [8], which is a programmable wireless data
Tenant 3 VM 4 VM 6 1 plane with modular and declarative programming inter-
Underlying VM 11
Tenant faces across the wireless stack. This decoupling provides
Network VM 12 2 virtual access point abstractions to simplify network man-
agement for a wide range of enterprise requirements (e.g.,
an airport, a restaurant, public library) [9].
Figure 3: OpenFlow Network Slicing use case Additionally, one of the most interesting complemen-

4
tary technologies that can benefit from SDN are smart grained control to different customers flow data with re-
home gateways, which aim to interconnect residential spect to the services they provide.
home-gateway to their network providers. It also offers Figure 5 shows how a centralized SDN controller can
seamless and mobile connectivity without compromising manage three different traffic streams (HTTP traffic, VoIP,
security. For example, [10] introduced a Virtual Home- and VoD) over different underlying network technologies.
gateway Control (VHC) to improve seamless mobility, For example, at the Toulouse access network, the user ap-
service delivery and home energy management. plications send their data through an OpenFlow-enabled
router to the Bern network through the core network,
2.1.4. Network Traffic Engineering Use Case which can be a circuit-based ATM technology. The cen-
Traffic Engineering is a soft method for optimizing the tralized controller is able to control, manage and supervise
performance of the ISP networks. It offers IP-based L2 the overall network equipment in the path between end-
or L3 enterprise VPN services and enables transmitting users. It performs traffic engineering with common con-
traffic to non IP networks like ATM and frame relay net- trol over packet and circuit networks using OpenFlow as
works. Network providers use traffic engineering to sup- a multi-layer Unified Control Plane (UCP). Thus, instead
port high transmission capacity and resilient communica- of using traditional distributed routing protocols like BGP,
tion by dynamically analyzing, predicting and regulating the centralized controller installs all routing decisions in
the behavior of the transmitted data. In traditional net- the network equipment without using the traditional full-
works, some protocols such as OSPF and BGP allow the mesh of packet links[11], thereby enhancing the network
nodes to share their control information between their im- flexibility and the scalability. Further, the controller can
mediate neighbors and in a limited way to avoid network support application-specified routing as well as traffic ag-
congestion. This means that there is no global view of the gregation based on IP source/destination addresses.
network available. If the users need to control or modify a
particular path for a particular flow, the administrator has 2.2. Standardization Activities around SDN
to test with parameters and priorities to achieve the ex-
pected behavior of the network. Each modification in the Driven by their attractive features and potential advan-
network policy requires individual configuration directly tages, the development and deployment of SDN-based in-
or remotely from each device. frastructures have gained tremendous momentum in the
industry and research community in recent years. In this
Nashville section, we briefly discuss the standardization trends in
OpenFlow (USA)
Controller
SDNOpenFlow.

2.2.1. Clean Slate Design Initiative


Video traffic,
dynamic bandwidth, The Internet has evolved to this day based on incremen-
free jitter,
Toulouse
(France)
tal changes to the protocols and by retrofitting the archi-
Web traffic, static, tecture to solve the current problems. However, it has not
predefined path
been possible to introduce any major changes to the de-
Voice over IP, delay sensitive,
ployed base of the Internet. The small and incremental
dynamic bandwidth changes that solve the current problems have introduced
Bern
Gigabit Ethernet VoD Traffic
HTTP traffic BGP Routing
(Suisse) other problems so that the incremental approaches have
VoIP Traffic OpenVSwitch
arguably stretched the current design to its limit – a so
called ossification of the Internet [12].
Figure 5: Traffic engineering with OpenFlow-based SDN A new architectural design called the Clean Slate De-
sign [13] considered how the Internet could be redesigned
The added value of SDN is to provide flexible and pro- from a “clean slate” without being restrained by the accu-
grammable network devices to optimize and enable fine- mulated complexity of the incremental approaches. The

5
SDN Application SDN Application

Application Plane
SDN Application SDN Application
Logic Logic Contract (SLA)

NBI Driver NBI Driver

Network States,
requirements

Stats, health
Application
explicit
SDN Network control Plane

Legacy Network control Plane


Westbound Eastbound
SDN controller

Management Plane
Interface Expose APIs Interface
Translate requirements down; NBI Agent
report Stats, events up
SDN Control Logic
Control Plane

Configure Policy
SBI Driver Monitor Performance
Enforce Behavior, Low-level
control, Capability discovery,
stats, events, health
SDN Southbound Interface (SBI)

Network Device Network Device


Data Plane

SDN DataPath SDN DataPath Element


SBI Agent SBI Agent Setup

Forwarding Engine Forwarding Engine

Hypervisor

Hypervisor OpenVSwitch
Hypervisor OpenVSwitch
SDN WAN Legacy
OpenVSwitch Network

Cloud

Figure 6: ONF Reference Architecture for SDN

research funding agencies all over the world are support- rier Grade Networks) program [19] to support numerous
ing the world-wide efforts to develop the next generation next generation networking projects under the 7th Frame-
Internet [14]. work Program of the European Union, the AKARI Archi-
tecture Design Project [20] and the RISE (Research In-
The United States National Science Foundation (NSF) frastructure for large-Scale network Experiments) [21] in
was among the first to announce the GENI (Global En- Japan.
vironment for Networking Innovations) [15] program for
developing and testing new Internet architectural designs
as part of its FIND (Future Internet Design) program. This 2.2.2. Open Networking Foundation for SDN
effort was followed by the FIRE (Future Internet Research The Open Networking Foundation [22] (ONF) was the
and Experimentation) [16] program, the OFELIA (Open- first organization dedicated to the growth and success
Flow in Europe: Linking Infrastructure and Applications) of SDN. Its mission was to evolve the OpenFlow pro-
program [17, 18], and the SPARC (Split Architecture Car- tocol from its academic roots to a commercially viable

6
substrate for building networks and networking products. of network flow across heterogeneous SDN domains.
The ONF has formed working groups including carrier Some conventional protocols like BGP can be used
operators, software vendors, switch chip vendors, net- between remote SDN domains as westbound inter-
work equipment vendors, and system virtualization ven- face.
dors to conduct the technical standardization tasks of
SDN/OpenFlow. These groups continue to analyze SDN 2.2.3. The Open Daylight Framework
requirements, evolve the OpenFlow Standard to address The OpenDaylight Project [23] is a collaborative open
the needs of commercial deployments, and research new source project hosted by The Linux Foundation. It aims
standards to expand SDN benefits that cover the standard- to create platform-neutral, and open-source SDN tech-
ized protocols and technology points shown in Figure 6. nology. The OpenDaylight project provides a common
The example scenario described in this Figure consist of controller infrastructure, protocol plug-ins, SDN applica-
interconnecting three different networks: a conventional tions, virtual overlay networks and standards-based north-
IP network (legacy network), SDN-based core network bound interfaces. It also provides support for a vari-
and a SDN-enabled data center (cloud). The different ety of southbound protocols, including OpenFlow, I2RS,
SDN interfaces shown in the figure are as follows: Path Computation Element (PCE), Network Configura-
tion (NetConf) and Application Layer Traffic Optimiza-
• Northbound Interface: It enables the exchange of tion (ALTO), as well as a Topology Manager module
data between the SDN controller and the applica- based on most of the active YANG data models for net-
tion running on top of the network – a so called work topologies.
application-driven network. The kind of informa-
tion that is exchanged, its form, and its frequency 2.2.4. IETF and ITU-T Standardization Efforts for SDN
depends on each network application. There is no The IETF has recently begun to extend their specifi-
standardization for this interface. cations to support SDN principles [24]. In the IETF,
the ForCES (Forwarding and Control Element Separa-
• Southbound Interface: It refers to the APIs exposed
tion) project [25] defines a new architecture for net-
to lower layers that allow the externalization of the
work devices by specifying a framework [26] and a well-
SDN control plane to the data plane. OpenFlow and
defined communication protocol (using a XML-based for-
the Network Configuration Protocol (NetConf) are
mal modeling language) to standardize the information
the southbound APIs used for a majority of SDN im-
exchange between the control and forwarding plane in a
plementations to date.
ForCES network element (NE) [27]. The ForCES NE fol-
• Eastbound Interface: It allows interconnecting con- lows a master-slave mode in which the forwarding ele-
ventional IP networks with SDN networks. Stan- ments (FE) are slaves and the control elements (CE) are
dardization of this interface is not provided and its masters.
implementation depends on the technology used by ForCES physically separates the control and the for-
the non-SDN network. Usually, a translation mod- warding plane by breaking the closed box of existing net-
ule between SDN and legacy technology is required. work equipment (i.e., routers) and replaces them with two
For example, the SDN domain should be able to use separate network elements (FE and CE) each of which
legacy routing protocol to react to message requests can connect to existing routers transparently, for example
(e.g., Path Computation Element protocol, (PCE), based on MPLS LSP (Label Switch Path) [28]. Despite
MPLS). ForCES being a mature standard solution with published
RFCs and drafts [29, 30, 31, 32, 27, 33], it was not de-
• Westbound Interface: They serve as the informa- fined for SDN, and a limited number of vendor imple-
tion conduit between multiple SDN control planes mentations exist. However, it can be used to design a new
of different SDN domains. They help to achieve a protocol in SDN [34].
global network view and influence routing decisions Additionally, since many research and industrial SDN
of each controller. They also allow seamless setup communities provided different SDN applications, con-

7
trollers and routers, it became hard to inter-operate them elements and requirements to consider. This section de-
with standardized interfaces. Therefore, the IETF defined scribes each SDN model along with a discussion about
the Interface to the Routing System (I2RS) [35] with two their advantages and drawbacks. Finally, we introduce the
major goals. The first is to standardize network-wide, hybrid SDN models which combines the benefits of both
multilayer topologies that include both virtual and real el- approaches.
ements, network overlays and underlays. The second is to
standardize the routing information base (RIB) program- 3.1. Pros and Cons of the Centralized SDN Model
ming of a device (virtual or real). Another goal of I2RS The centralized SDN model is based on a single cen-
was to program Network Features Virtualization (NFV) tralized controller that manages and supervises the en-
service chains. The NFV aims to provide modern pro- tire network. This model is supported by the Open Net-
grammatic interfaces that offer fast, interactive access and working Foundation (ONF). The network intelligence and
can easily be manipulated by modern applications and states are logically centralized inside a single decision
programming methods. point. OpenFlow is the official protocol for use by the cen-
Additionally, the Focus Group On Next Generation tralized controller to make global management and con-
Networks (FGNGN) proposed the concept of “Soft- trol operations.
router” [36]. Softrouter advocates disaggregating the con- Since only one centralized controller is used to pro-
trol and forwarding plane of a router. It separates the con- gram the entire network, it must have a global vision
trol plane processing functions (e.g., routing protocol pro- about the load on each switch across the routing path. It
cessing) from the packet forwarding plane. These func- must also keep track of which flow inside which router
tions are implemented in outsourced dedicated servers presents a bottleneck on certain links between the remote
that communicate with the forwarding elements via spe- SDN nodes. Additionally, the controller communicates
cific standard interfaces, i.e., Softrouter protocol. with OpenFlow switches to collect statistics, errors and
faults from each network device, and sends these data
2.2.5. Object Management Group efforts for SDN to the management plane. The latter is often a software
The Object Management Group (OMG) is recently composed of a database module and analytic algorithms
looking to provide its own specification to support north- that can detect the switch overloads and predict the future
bound SDN ecosystem for middleware and related plat- loads that may occur in the network.
form [37]. In the OMG, the Software Defined Networking Although the centralized control plane promises a sin-
(SDN) Working Group was established to investigate the gle point of management and better control over the con-
opportunities for the development of open specification to sistency of the network state, it incurs several key limi-
support standard Information Model that represents the tations. First, the controller needs to update OpenFlow
observable and controllable state of SDN network ele- switches more frequently than traditional routers. Thus,
ments. the topology discovery produces higher overload because
One of the issues being considered at the OMG on SDN all ports must be scanned linearly, which increases the re-
is the use of the Data Distribution Service [38] (DDS) as sponse time and may impose a higher overload. For ex-
a mechanism to monitor and configure SDN controllers. ample, the controller may classify flows with different pri-
The OMG envisions DDS as a transport mechanism used orities into multiple classes, where each class requires a
to carry the OpenFlow commandsconfigurations as well specific QoS setting that should be approved individually
as to observe the statestatistics of the SDN switches. at setup time for every new flow received by OpenFlow
switches [39]. Such an approach can incur substantial
flexibility and robustness challenges for large-scale net-
3. Challenges and Opportunities in the Evolution of works.
SDN Architecture Second, the simplicity of the centralized model can
come at the cost of control plane scalability. That is,
SDN supports both centralized and distributed con- grouping all the functionalities in a single node requires
troller models. Each model has different infrastructure more computation power, data storage and throughput

8
to deliver the traffic causing its response time to be de- 3.2. Pros and Cons of the Distributed SDN Model
graded. For example, as the size of data centers and
cloud computing networks keeps increasing, neither the The distributed SDN model aims to eliminate the sin-
over-provisioning mechanisms nor load-balancing solu- gle point of failure and enables scale up by sharing the
tions can solve the scalability problems. Also, with re- load among several controllers. Distributed SDN control
spect to the hardware limitations, the switches may im- planes have been designed to be more responsive to han-
pose greater scalability bottlenecks and quickly hit real- dle local network events in data centers, where the con-
life limits. troller instances share a huge amount of information to
ensure fine-grained, network-wide consistency. In par-
ticular, for multi-domain SDNs with a large variety of
Third, in the centralized model, the first packet of ev- network technologies ranging from high-capacity optical
ery new flow that is introduced in the system must first be fiber to bandwidth-limited wireless links, the distributed
forwarded to a centralized SDN controller for inspection. SDN architecture is easily able to adapt to the users’ and
The controller determines the future path for the flow hop- applications’ requirements. Moreover, a distributed con-
by-hp and programs the flow entries into every switch on troller is more responsive, robust and can react faster and
the path including both the aggregation and core switches. efficiently to global event handling.
Thus, when a new flow is to be programmed, the con- The research efforts closely related to the distributed
troller has to contact all the switches in the path, which
SDN model can be classified into three classes. The
is a scalability challenge for large networks and might re-
first class focuses on improving the performance of spe-
sult in an explosion in the number of forwarding states in
cific controllers like Maestro [40] and McNettle [41].
the flow tables if fine-grained flow matching is required. These controllers exploit switch-level parallelism to pro-
The consequence is extra latency and the possibility of cess flows from different switches concurrently. A second
network failure as the number of new flows programmed class of solutions proposes to distribute controllers. Hy-
increases. The centralized controller could also represent
perFlow [42], Onix [43], and Devolved [44] controllers
a single point of failure which makes the network highly
try to distribute the control plane between different net-
vulnerable to disruptions and attacks. Also, the time re-
work partitions while maintaining a logically centralized
quired by the controller to setup all the properties for the control using rendezvous synchronization points between
flow will add to the latency. Any failure at any step may locally selected events, distributed hash table to support
result in instability and convergence problems in the net- controller clustering, or even distributed file system.
work.
A third class of solutions proposes multi layered dis-
tributed controllers. Kandoo [45] distinguishes two-layers
Finally, SDN networks are becoming more complex of hierarchical distributed controllers: (i) bottom-layer,
and heterogeneous since they are designed to support ver- a group of locally non-connected distributed controllers,
satile communication services and provide diverse func- i.e., each managing one or more switches without any
tionalities such as security enforcement, firewall, network knowledge of the network-wide state, and (ii) the top-
virtualization, and load balancing. These services need to layer, a logically centralized root controller that main-
coordinate their activities in the control plane to realize tains the network-wide state. In addition, authors in [46]
complicated control objectives and maintain a global vi- propose a cluster-based distributed model where a master
sion of the entire network. However, it is hard to tightly controller is selected based on the load in the network so
coordinate the control actions and keep the consistency that if the load increases, the master node can be switched
of network states among distributed functions. For exam- to a less loaded one. Likewise, authors in [47] introduce a
ple, inconsistent routing decisions may be generated from SDN Controller Cluster (SCC) composed of multiple con-
inconsistent topology information collected from rout- troller instances interconnected over East-West interfaces.
ing protocols, which could create forwarding loops and Similarly, [48] describes a controller placement problem
broadcast storms in the network, and involve serious per- to decide the optimal number of controllers needed and
formance and correctness problems. their placement in a SDN network.

9
Despite the ability of those solutions to provide a dis- be possible to adjust more finely and automate each aspect
tributed SDN model, several key challenges must be ad- of the network at the application level. Furthermore, the
dressed in the future SDN to improve scalability and ro- hybrid SDN model could provide management policies
bustness of networks. First, the above approaches re- to solve state synchronization, security issues, and enable
quire a consistent network-wide view in all controllers. network optimization in cases of control plane overload.
Also, the mapping between control planes and forward- Also, hybrid SDN deployment model could allow truly
ing planes must be automated instead of the current static non-disruptive migration. It allows upgrading existing in-
configuration which can result in uneven load distribution frastructure without the need to change the overall system.
among the controllers. Second, these approaches cannot
obtain a global optimal view of the entire network. Fur- 4. Enhanced Programmability Needs for SDN-based
ther, finding an optimal number of distributed controllers Network Visibility and Management
that ensure linear scale up of the SDN network when
their number increases is hard. Finally, most of these With the increasing adoption of SDN, monitoring the
approaches use local algorithms to develop coordination activity between the controller and the switch to deter-
protocols in which each controller needs to respond only mine potential future impact, e.g., security vulnerabilities,
to events that take place in its local neighborhood. Thus, is becoming more complex and error prone. This section
there remains the need to synchronize the overall local describes key issues in SDN-based network visibility and
and distributed events to provide a global picture of the management highlighting the challenges in enabling con-
network. sistent SDN models, and provides promising directions to
handle these challenges.
3.3. Opportunities in Evolving towards a Hybrid SDN
Control architecture 4.1. Network Visibility and Management Challenges with
To address the limitations in each of the approaches de- SDN
scribed above, hybrid SDN architectures are being con- SDN introduces new management and monitoring ca-
sidered. However, a critical challenge stems from deter- pabilities that can improve performance and reduce the
mining how much of network abstraction modules can be bottlenecks in the network. Although SDN monitoring
centralized and efficiently designed to support logically tools can be powerful in small and medium sized net-
centralized control tasks, and at the same time provide work topologies, yet debugging, troubleshooting, moni-
physically distributed protocols. Consequently, to derive toring and enforcing security compliance are very diffi-
the advantages of both the centralized and the distributed cult tasks in distributed SDN. OpenFlow makes this even
architectures, a hybrid control plane is required to achieve harder due to the poor choice of the monitoring location
such coordination. The hybrid SDN model leverages the and the statistics that should be output for the OpenFlow
benefits of the simple control of managing specific data SDN session. Diagnosing the network performance and
flows as in the centralized model with the scalability and bottlenecks without visibility into the traffic characteris-
resilience of the distributed model. tics introduces new complexity with regard to the consis-
It requires several key components to orchestrate the tency of the SDN network.
communication between SDN controllers. These orches- SDN monitoring tools should be able to capture the net-
trators will require standard interfaces, mechanisms, and work’s information and behavior to help in carrying out
policies to manipulate and interact with the control planes management decisions. In particular, network configu-
in distributed environments, and support high-availability ration remains a difficult task in carrier-grade networks
and fault-tolerance capabilities [49]. because administrators are required to grapple with low-
The hybrid SDN model may be useful in providing an- level, vendor-specific interfaces to implement high-level
swers as to what state belongs in distributed protocols, functions. Ideally, network operators should be able to en-
what state must stay local in switches, and what state force various high-level policies, respond to a wide range
should be centralized. It could enhance network perfor- of network events (e.g., intrusions). However, specify-
mance by enabling efficient resource usage because it will ing high-level policies in terms of distributed, low-level

10
configurations remains difficult because SDN provides ing troubleshooting, and monitor the flow’s status such as
little to no mechanism for automatically responding to bandwidth statistics [55].
events that may occur. To enable these possibilities, ser- The expected impact of SDN monitoring tools is to be
vice providers need programming interfaces to support an able to scale to large-scale networks to deal with multiple
event-driven model to coordinate different asynchronous controllers (i.e., in a distributed SDN model). They have
events associated with their networks. to provide closed control loop functions dedicated to self-
Several tools for testing OpenFlow networks had been configuration, self-optimization, and self-healing. The
developed to provide monitoring functionality. For exam- control loop diagnostics and decision making processes
ple, ENVI [50] and SAGE [51] can retrieve switch config- need to be adapted automatically, e.g., by predicting the
urations, query link utilizations, or even modify a switch’s future actions based on the results of the previous ones.
flow table to alter routing. Moreover, they provide user This proactive capability should leverage the flexibility
interfaces to supervise the network bottlenecks in case of and programmability of SDN, and improve its effective-
congestion, monitor flow status (e.g., bandwidth, delay, ness and efficiency, owing to the cognitive processes that
and loss) and computing/networking resources (e.g., net- will enable creating more elastic network management ei-
work I/O, CPU, memory). Despite these capabilities, both ther for the entire network or specific slices [56].
efforts incur critical limitations in terms of their real-time To further enhance the monitoring efficiency, Dy-
performance. namic Measurement-Aware (DMR) Routing was intro-
duced in [57]. The DMR selects flows based on their
4.2. Promising Directions in Network Visibility and Man- importance, i.e., big flows are split into several small sub-
agement for SDN flows, and the most important flows are routed using a
separate flow table entry. The sub-flows belonging to the
The SDN monitoring tools should provide a proactive same category can be inspected using Deep Packet In-
capability that leverages the flexibility and programma- spection (DPI) box [58]. The DPI can be used to learn
bility of SDN to create elastic network monitoring. They and update flows dynamically and send them back to the
should provide high-level, declarative management lan- monitoring tools.
guages to ensure the consistency of the network states In summary, implementing SDN traffic monitoring
and detect failures in real-time. These languages should tools pose a series of challenges. First, there is substan-
implement a wide range of network policies for different tial difficulty in creating network baselines with differ-
management tasks (i.e., QoS, VLAN, network isolation, ent taxonomies. For example, simplistic approaches try
slicing, etc.) to prevent errors as they arise, indepen- to describe traffic in terms of protocols and port num-
dent of any specific controller’s implementation. Thus, bers. Other approaches concentrate on bandwidth uti-
existing tools need to be extended to support service- lization and network topology to provide a global view
awareness [52] to interactively map the flows onto ser- of flows on the network. More advanced monitoring ap-
vices, identify selected flows from all lists of flows proaches try to classify traffic according to the flow’s im-
(i.e., flowspace), and monitor the status of the selected portance. Additional difficulties include finding the right
flows [53]. tools which provide visualization at scale. Unfortunately,
Moreover, the proactive capabilities of the monitoring existing tools that are able to depict dozens or hundreds
tools should be able to classify the flows into different of nodes, face severe limitations when working with thou-
categories based on their behaviors and allocate differ- sands or millions of nodes. They also face problems sup-
ent ports to each class based on multiple packet match- porting multiple strategies, i.e., they suffer from topology
ing (e.g., IP, TCP port, VLAN, etc.) [54]. Additionally, location problem, cannot place instruments in enough lo-
they should provide individual functional modules to su- cations, and are unable to visualize the network based on
pervise the topology discovery either of the entire network observed traffic patterns. Doing this in an automated way
or specific slices. Furthermore, a proactive SDN monitor- would prove extremely useful to network administrators
ing tool should be able to scale to wide area networks to and defenders. Finally, these tools must operate in an
deal with multiple controllers, alternate flow paths dur- open SDN and vendor-independent environment, i.e., net-

11
working teams should be willing to consider deploying instantiation of the OpenFlow rules. For the permanent
their tools and techniques on open platforms so they can path deployment, OpenFlow rules are injected as perma-
devise and deploy their own network appliances. nent entries in the flow table. However, this approach lim-
its the scalability of the network because the rules will
never be removed, which restricts the deployed flows to
5. Routing and Service Convergence using SDN the number of available flow entries.
The transient path deployment allows the injection of
The value of SDN for service providers with dense and
the flow rules on demand as temporary entries. That is,
highly distributed networks lies specifically in the abil-
when a switch cannot find a flow table entry that matches
ity to provide them more options on locating resources
an incoming packet, the switch forwards the packet to
thereby conferring a competitive advantage when deliv-
the controller to dynamically compute the path “online”
ering certain kinds of services. SDN may reduce the pol-
and determine the appropriate policy to be applied and in-
icy complexity by enabling scalability in inter-domain and
jected. These operations increase the delay for flow setup
providing validation for the claims of seamless evolution.
but could improve scalability when combined with a suit-
The major challenges for operators in the near fu-
able replacement policy for flow table entries.
ture pertain to providing convergent, dynamic and adap-
tive networks in the context of a multi-services, multi- 5.2. SDN for Coordination between Routing protocols
protocols, and multi-technology environment. Also, they
The coordination between Interior Gateway Protocols
are likely to face other key issues concerning the nec-
(IGP), such as RIP2 [59], and Exterior Gateway Proto-
essary network resources required to deliver differenti-
cols (EGP), such as BGP [60], is one of the most impor-
ated and measurable quality of service (QoS). In this sec-
tant challenges in SDN networks. The limitation of the
tion we describe the key challenges and open issues in
existing routing systems arises from their inability to co-
OpenFlow-based SDN for network operators.
ordinate their activities in an autonomous system (AS).
For example, the violation of the SLA (Service Level
5.1. SDN-based Routing Algorithms Agreement) in the network may limit the automatic reac-
The design of routing algorithms with OpenFlow can tion of IGP protocols even if the link characteristics (e.g.,
be performed either using native forwarding or tunneling link weight) allow the delivery of the packets because the
mechanisms. With the native OpenFlow forwarding, the scope of IGP protocols is limited to ingress routers inside
controller installs flow entries for specific header fields of a given AS. The violation of the SLA outside its AS is
the traffic. The selected fields should be unique within the hidden and cannot be detected. Thus, the outgoing traf-
entire network to allow the controller to perform conflict fic may increase drastically in the network in the absence
resolution and ensure the isolation of the traffic. For the of load balancing and traffic management policies in the
tunneling mechanism, the controller should allow routing network.
strategies by establishing a tunnel between the ingress and Traditional approaches, such as the Routing Control
the egress nodes to perform packet encapsulation and de- Platform (RCP) [61], coordinate the inter-domain com-
capsulation. The latter solution eliminates the need for munication and route all the traffic on behalf of the BGP
conflict resolution and reduces the size of flow table en- routers. Nevertheless, RCP incurs a couple of issues when
tries in the switch. Such a functionality can be imple- choosing the best forwarding path: (i) it does not provide
mented either with MPLS-TE (i.e., MPLS Traffic Engi- a clear separation between control and data planes; (ii)
neering) or Q-in-Q VLAN (i.e., 802.1Q). It also avoids the enhancement of RCP based on the externalization of
the complex and error-prone process of per-packet veri- routing tables inside the hash tables compliant with Open-
fication in favor of creating a globally-consistent policy. Flow routing tables [62] helped to improve the conver-
Both mechanisms should provide the ability to add and gence time of finding the best path selection [63], but it
remove an end-to-end path easily. does not provide a way to split traffic over multiple paths.
Using the approach outlined above, SDN should be SDN can provide full coordination within intra-AS and
able to deploy permanent and transient paths based on the inter-AS by simplifying the forwarding plane and let-

12
ting the SDN controller deal with the routing algorithms. tunnels over overlay network between end points. How-
Pushing routing strategies into separate controllers may ever, tunneling mechanisms require that end-to-end path
enhance traffic management and load balancing, and ab- must be fixed a priori between source and destinations.
sorb temporary picks in the network. Authors in [64] Future SDN networks should address this issue by en-
introduced the CONTRACT framework to dynamically couraging further investigation in facilitating IP multicast.
adapt routing policies and improve SLA requirements. We believe that OpenFlow could provide a promising and
CONTRACT provides a set of algorithms for SDN routers flexible solution to solve the dynamic group member join-
to coordinate their routing actions. It evaluates routing ing/leaving problem in IP multicast supported in overlay
decisions against the SLA and performs load balancing, networks.
traffic policing and filtering as necessary. However, in
large-scale networks the interconnection of BGP routers 5.4. Network Convergence and QoS
should cope with forwarding loop management, signal- With the need for flexibility and the efficient coex-
ing, and routing decisions. These tasks may increase istence of multiple services (i.e., telephone, video and
the traffic congestion when packets traverse inter-domain data) within a single switch, enterprises have to cope
multi-paths. with a large demand for Quality of Service (QoS), Qual-
To cope with SDN congestion issues, we believe that ity of Experience (QoE), robustness, ease of modifica-
routing with SDN should provide the controller with sim- tion/upgrading, security and privacy [68, 69]. Providers
pler and less error-prone policies that allow the best path must be able to create virtual network slices in the same
selection to deliver SDN packets. For example, in this network equipment while simultaneously assuring per-
context the OpenFlow SDN wild-card rules must be re- formance and isolation required across different services
visited. These rules match on certain packet-header fields to enable application-driven QoS. However, SDN and its
(e.g., MAC addresses, IP addresses, and TCP/UDP ports) OpenFlow specification do not provide any support for
with a timeout that triggers the switch to delete the rule differentiated QoS.
after a fixed time interval (i.e., a hard timeout) or a spec- Recently, some researchers focused on providing QoS
ified period of inactivity (i.e., a soft timeout) to limit the support for SDN-enabled applications without involving
convergence time of the routing algorithm. OpenFlow. For example, [70, 71, 72] introduced the
OpenQoS framework to enable route optimization and
5.3. Multicast Communication per-flow granularity management. OpenQoS helps net-
Multicast communication is another important criterion work administrators specify the QoS strategy that flows
for scalable communications. To demonstrate the feasibil- should follow, and how the controller can allocate the net-
ity of implementing multicast in OpenFlow switches, the work resources and perform service differentiation. Like-
authors in [65] implemented a prototype to demonstrate wise, authors in [39] proposed enhancing SDN controllers
the feasibility of stateless multicast with Bloom filters. with QoS API to provide service differentiation and fine-
Even if the Bloom controller implements flexible multi- grained automated QoS control in networks having mul-
cast policies on the flow table entries, it does not provide tiple slices. Additionally, authors in [73] introduced the
any approach to manage multicast groups. Likewise, the Port Control Protocol (PCP) to provide application-driven
authors in [66] extended a SDN controller with a Domain QoS. Applications explicitly signal their QoS require-
Title Service Agents (DTSA) to act as a logical bus that ments to the PCP, which uses the application’s meta-data
spans the applications and the switches. The DTSA es- to implement the required QoS into the network equip-
tablishes and maintains OpenFlow sessions between end ment.
applications by intercepting incoming messages from the Although these different approaches aim to provide
controller to modify the flow tables accordingly. Simi- QoS mechanisms to support flexible and differentiated
larly, authors in [67] extended OpenFlow to support mul- service management across different applications, none
ticast communication in a data center. They implemented of them can automate QoS provisioning in real-time. In-
a Layer 2 (MAC address) SDN controller that encapsu- stead, a human in the loop, e.g., a network administra-
lates MAC addresses into IP headers and creates virtual tor, is required to specify the configuration of each service

13
before the communication begins. This strategy unfortu- a single operator or collaborating operators. Intercon-
nately loses the flexibility of network. We believe that necting isolated SDN domains involves some coordina-
the integration of session control protocols as a north- tion to define who will be allowed to manage the entire
bound interface is a promising approach to enable end- network, install/update new program on the core infras-
to-end QoS signaling among distributed SDN domains. tructure, what actions can each program execute, and how
This layer may provide proactive application-driven con- they can be performed within each tier of the network.
figuration of dynamic resource allocation with support One way to match isolated SDN domains can be per-
for authentication and authorization [74]. From this per- formed through novel SDN-specific protocols. For ex-
spective, the ability to predict the network behavior as ample, Inter-SDN domain protocol (SDNi) [77] can be
a function of the network services to be delivered is of seen as an interface between isolated SDN domains to
paramount importance for service providers. This way coordinate the controller’s behaviors. It should enable
they can assess the impact of introducing new services, them to exchange control information related to topolo-
activating additional network features or enforcing a given gies, events, energy consumption, and QoS requirements
set of (new) policies from both a financial and technical on each domain. Additionally, the SDNi protocol should
standpoints. be able to exchange reachability information and propa-
gate the Service Level Agreement (SLA) end-to-end over
5.5. Shortest Path Forwarding using OpenFlow heterogeneous networks.
However, SDNi still lacks a semantic network model to
Spanning Tree Protocols (STPs) were proposed for dif- ensure the extensibility of its transport mechanisms and
ferent controller platforms to ensure loop-free topologies syntax. We suggest defining new types of message for-
and to prevent broadcast storms for Ethernet-based net- mats that may be used inside SDNi to ensure interop-
works, such as data centers and cloud computing. The erability across multi-technologies, multi-domain SDNi
NOX Basic Spanning Tree module is an example of a con- networks. We believe SDNi can be implemented as an
troller with built-in STP. In contrast to their ability to pre- extension to BGP and SIP signaling to provide policy-
vent broadcast radiation, the existence of different STPs based, vertical integration between an overlay-virtual-
together in the same network may introduce several inter- network technology (including SIP/SBC) and the data
operability problems as they are not able to communicate plane. SBCs (Session Border Controllers) may be imple-
with existing L2 forwarding protocols. In particular, the mented as northbound interface to pool the intelligence
controllers lack control of the active topology and topol- from the application/session layers within the network
ogy recovery after a link failure. Topology discovery is layer. The session management may be integrated with
needed by the STP module to allow removing flows for application-enabled SDN (A-SDN) provisioning mecha-
subsequent frames after failure. Also, SDN controllers nisms [73]. The A-SDN enables dynamic and automatic
will suffer from suboptimal path calculation, interruption resource provisioning on network switches thereby allow-
and long convergence every time topologies change [75]. ing service providers to effectively deal with the surge in
Path re-calculation should be triggered thereby yielding a traffic without resorting to over provisioning of networks
new active path. typically required in the past. Ideally, a fully automated
service is required [78], from negotiation to ordering [79],
5.6. Inter SDN Domain Communication through delivery assurance and charging should be sup-
ported.
SDN is gradually being adopted by carrier-grade
providers over heterogeneous, multi-technologies (e.g., 6. SDN for Cloud-based Networks
WiFi, WiMax, UMTS/3G/4G, satellite, IP/Ethernet/ATM,
etc.), and large-scale networks [76]. Each portion of these The introduction and deployment of cloud-based ser-
networks can be seen as independent isolated domains, vices have emerged as an important solution that offers
typically controlled by a set of SDN controllers across enterprises a cost-effective business model. However,
multiple SDN domains, perhaps under the authority of many network functions have extreme characteristics and

14
performance requirements, which have created new chal- Despite these solutions not requiring the replacement of
lenges such as servers and network virtualization, mobile existing network nodes, they incur several key limitations
clouds, and security. These need to be addressed with related to packet fragmentation introduced by their packet
intelligent network virtualization, high-speed packet pro- format. In particular, since supporting ICN over SDN re-
cessing, and load-balancing. SDN can be seen as a new quires ICN information in each packet, packet fragmenta-
and complementary technology to virtualization, which is tion remains a bottleneck that decreases the performance
poised to tackle the challenges of network-enabled cloud of the network. An approach that may resolve this is-
and web-scale deployments. In this section we describe sue is to let SDN controllers assign fixed-length labels to
the different challenges and opportunities in this space. uniquely identify the different network paths and allow
them to forward packets based on these path labels [84].
6.1. SDN Model for Information-Centric Networking
Information-Centric Networking (ICN) is receiving 6.2. SDN for Data Centers and Cloud
substantial attention in cloud networks because it pro-
vides users with data content that is based on naming the The value of SDN in clouds and data centers lies
information instead of the communication channels be- specifically in its ability to provide new capabilities like
tween hosts. It also introduces new features such as in- network virtualization, automating resource provision-
network caching or content-based service differentiation. ing, and creating new services on top of the provisioned
Yet, ICN still faces a number of challenges in realizing its network resources [85]. SDN promises an interactive
full potential. In particular, a typical deployment of ICN solution to implement new capabilities, e.g., to enable
schemes employs different transmission techniques and cloud applications and services to retrieve network topol-
packet formats that are not interoperable. Also, deploying ogy, monitor the underlying network conditions such
ICN-capable equipment in existing networks is hard, and as failures, and initiate and adjust network connectiv-
requires replacing and/or updating existing operational ity/tunneling. For instance, FlowN [86] virtualizes the ad-
network equipment with ICN-aware ones. Moreover, ICN dress space of each application based on the fields in the
schemes need to ensure the uniqueness of names in the packet headers and maps these virtual address spaces to
network to handle lookups from large name spaces which physical addresses. The FlowN virtualized layer allows
can be greater than IP address spaces. resource isolation and customized control logic for each
SDN offers a promising solution to facilitate the de- tenant running its own controller.
ployment of different ICN schemes without requiring re- Although data center interconnects allow bypassing
deployment of new ICN capable hardware. The au- the existing control plane protocols such as STP, yet in-
thors in [80] propose a unified framework over virtu- terconnecting heterogeneous data centers to form feder-
alized networks to enable interoperability between dif- ated clouds raises a challenging issue for SDN. Some re-
ferent ICN architectures. Similarly, the CONET (COn- searchers have extended the controller’s northbound in-
tent NETwork) framework [81] provides content-centric terfaces to develop customized real-time forwarding pro-
users access to remote named resources rather than to re- cesses as cloud plug-ins, such as Neutron OpenStack, that
mote hosts. CONET extensions provide northbound in- enable virtualized address space and bandwidth isolation
terfaces to interconnect ICN nodes to the OpenFlow con- for each virtual link [87]. The northbound interfaces may
troller [82]. A unified packet format achieves end-to- be used by third party applications to monitor the SLA
end connectivity among different ICN schemes. Like- violation and adjust the network resources, if needed.
wise, the SAIL (Scalable and Adaptive Internet Solutions) However, SDN-based virtualization incurs several key
project [83] supports the notion of a flash network to en- challenges, including the data center performance (e.g.,
able dynamic resource provisioning on a time-scale com- coping with the increasing memory and processing over-
parable to existing compute and storage resources. Flash head), slicing (e.g., network partitioning), resource provi-
network slices are used to construct and connect scalable sioning (e.g., operators may over provision network links
and distributed virtual services across data centers to end to overcome potential network congestion and packet
users across the globe. drop within data centers, which makes it unpredictable

15
and costly in many networking scenarios), and QoS man- trary number of applications during the migration opera-
agement (e.g., many SDN applications require north- tions, which could have significant performance degrada-
bound interfaces to communicate with third party appli- tion and high bandwidth costs to redirect traffic to other
cations, which requires monitoring the SLA violation to virtual network slices. Furthermore, the network may
adjust the network resource if necessary). Since SDN have a large amount of state collected from a set of dis-
is part of the network service evolution, we believe that tributed SDN switches that should be kept consistent to
a global solution should be provided to cope with these avoid outages, transient loops, and violation of SLAs dur-
issues. Such an architecture may introduce a modulator ing the migration process. Meanwhile, controllers should
SDN layer to orchestrate the communication between the maintain connectivity and forward path re-routing with-
applications, services and the data center infrastructure as out interruption. As such, the centralized SDN model is
shown by [85]. a single point of failure and not suitable to guarantee the
consistency of the network states. It does not reduce the
6.3. Network Function Virtualization downtime and packet loss during the migration of network
Network function virtualization provides a powerful functions between virtual machines [89].
way to run multiple concurrent virtual networks over a
shared substrate. Cloud providers can offer virtual net-
works with a topology and a configuration customized to Migrating network functions requires a real-time
the users’ needs. With a growing dependence on the net- scheduling model that can prevent failures caused by con-
work configuration, we argue that the ability to migrate gestion and bandwidth violation. Such a model is per-
the entire network would enable important new capabili- ceived to be NP-hard and not guaranteed all the time [90].
ties such as simplifying network resource allocation. Such In resolving these issues, there is a need to rethink
an approach has motivated a novel business model called the mapping of virtual slice requirements throughout a
Networking-as-a-Service (NaaS) to enable customers to communication matrix onto the physical infrastructure
access virtualized network functions. For example, virtu- as introduced by CloudNaaS controller framework [91].
alized home gateways can be implemented as virtualized The controller uses a placement optimizer to choose the
functions inside virtual machines in the cloud. Users can best virtual network placement and dynamic provision-
access the most recent versions without the need to up- ing model to reallocate resources based on their avail-
grade the content by themselves. ability. We believe that a self-service provisioning model
As network functions are deployed in virtual ma- provided by the cloud can provide a rich set of network
chines, cloud operators may upgrade their infrastructure services such as seamless network isolation, customized
by adding new racks, installing new virtual machines or network addressing as well as service differentiation.
even deleting and migrating existing ones [88]. Network
migration can also be applied to create green networks be-
cause virtual networks can be placed on different physical Another possible direction to enhance virtual network
routers according to the traffic demand to reduce energy migration can be achieved by synchronizing network
consumption. Moreover, factors such as server consolida- states among distributed switches and create overlay tun-
tion, load balancing, and security enforcement are driving nels to relay traffic between network slices [92]. How-
most experiments with virtual network migration. For ex- ever, this approach requires an additional proxy layer to
ample, a link shared by different virtual networks could create synchronization points for redundancy and state
be jammed because of a DDoS attack to one of the virtual duplication. We believe that more advanced algorithms
networks. In such a case, the non compromised networks for scheduling virtual network migration need to be ex-
could be migrated to different physical routers until the plored to leverage technologies like redundancy elimina-
attack is resolved. tion, and reduce the overhead of copying the state for mul-
Often there are unintended consequences from virtual tiple slices. The NetGraph [93] framework is an example
network migration that directly affect the physical un- that supports incremental algorithms with practical com-
derlying network. SDN controllers may stop an arbi- putation time and memory requirements.

16
7. SDN in Wireless and Mobility Settings reachability with respect to the receiver signal. Although
these approaches help to simplify the mobility manage-
Software Defined Wireless Networking (SDWN) is a ment, SDN mobility functions must be enhanced to pro-
SDN technology for wireless that provides radio resource vide rapid client re-association, load balancing, and pol-
and mobility management, routing, and multi homing. icy management such as charging, QoS, authentication,
SDWN can provide a programmable wireless data plane and authorization.
to allow modular and declarative programming inter- Another key challenge in wireless/broadband networks
faces across the wireless stack. It also enables refac- concerns multi homing[97]. Multi homing implies the at-
toring wireless protocols into processing and decision tachment of an end-host to multiple networks at the same
planes [9] as introduced by the OpenWRT [94] and In- time so users can freely move between wireless infrastruc-
digo [95] firmware. This decoupling allows programming tures. This approach can be realized by applying SDN
the enterprise-specific requirements (e.g., an airport, a capabilities to the relay between the home network and
restaurant, public library) in a wireless access point (AP). edge networks. For example, within home networks, a
This section describes the key challenges in SDWN. virtualized residential gateway can improve service de-
livery between the core home network and the network-
7.1. Mobility and Multi homing Management with SDN enabled devices [98]. The target architecture (i.e., virtu-
By 2020 it is predicted that there will be thousand times alized residential gateway) is realized by applying SDN
more connected mobile devices than today with different and NFV between the home gateway and the access net-
QoS requirements, which will interconnect to all kinds work, and moving most of the gateway functionality to a
of heterogeneous and customized Internet-based services virtualized execution environment. Since the virtualized
and applications. Accordingly, these developments de- residential gateway is cloud-based, it forms the core of a
mand a rethinking of the network design, which in turn user’s home network by connecting their network-enabled
requires us to understand the implications of using SDN devices while benefiting from broadband Internet services
in the most common wireless networking scenarios. It is such as connection sharing, Firewall security, VPN con-
also important to understand the key challenges that exist nectivity, IP telephony, audio/video streaming, Wireless
in this realm and how they can be addressed. LAN connectivity, etc.
IP mobility support has been specified in traditional Another important key challenge in wireless SDN is
IPv4 and IPv6 networks, but presently there is not much related to routing packets in Wireless Mesh Networks
discussion regarding mobility support in SDN. Thus, (WMNs). A WMN is a multihop wireless ad-hoc network
SDWN should provide radio resource management, mo- in which stationary wireless mesh routers relay traffic on
bility management and routing [96]. It should include behalf of other mesh routers or client stations to form a
novel mobility management mechanisms to maintain ses- wireless backbone [99]. The primary advantages of wire-
sion continuity from the application’s perspective. In less ad-hoc networks lie in their ability to provide high
particular, handoff management is a challenging issue in fault tolerant communication even when a large number of
supporting SDN mobility because mobile terminals move nodes fail, simplicity of configuring wireless nodes, and
rapidly between virtualized APs. Thus, SDWN should their capacity to provide broadband connectivity. These
provide network connectivity through dynamic channel networks require dynamic routing algorithms to cope with
configuration. the limitations of wireless channels such as fading, inter-
The authors in [10] introduced the concept of slicing ference, and broadcast [100].
the wireless infrastructure into logical virtualized parti- SDN can partially solve these challenges by enabling
tions, each managed by virtual APs. Similarly, the ef- programmability of the network [101]. For example, the
fort described in [8] introduced the Odin framework as authors in [102] introduced SDN-based CloudMAC ar-
a mobile agent that communicates with SDN controllers chitecture to enhance the reconfigurability and the flexi-
to keep a global view of flows in the network. It dele- bility of wireless ad-hoc networks. CloudMAC helps to
gates the handoff management to a virtual AP that invokes improve the wireless connectivity through seamless AP
the physical AP to manage the mobility and maintain host switching, which provides fast packet processing and re-

17
duced packet loss. However, several key issues of WMNs ory consumption and extra latency). For example, mobile
remain unresolved [103]. In particular, the topology of interactive applications (e.g., mobile gaming, virtual vis-
ad-hoc wireless networks changes at a much higher pace its) require reliable connectivity to the cloud as well as
than in wired networks due the variation in link quality low latency and impose higher bandwidth requirements
and node movement. Additionally, wireless nodes may from wireless access networks to cloud service.
join and leave the network at any time so any SDN-based Furthermore, mobile users move frequently between
routing protocol must provide autonomous topology dis- multiple access networks, using either the same or dif-
covery as well as adaptive neighbor discovery to react ferent mobile terminals, but often with a unique persona.
swiftly to changes in the network [104]. In general, it is difficult to realize a Mobile Personal Grid
(MPG), which requires maintaining seamless connectiv-
7.2. SDN for Mobile Cloud ity of a set of devices that belong to a particular individual
Mobile cloud computing is one of the technologies that to a remote public and private cloud. Maintaining seam-
are converging into a rapidly growing field of mobile and less wireless connectivity for the MPG introduces mul-
wireless network. It provides an excellent backend for tidimensional challenges including the need to deal with
applications on mobile devices giving access to resources dynamic mobility management across heterogenous net-
such as storage and computing power, which are limited works, power saving, resource availability, fluctuating op-
in the mobile device itself. The close interaction with erating conditions, and limitations on the movement of
the cloud may create an environment in which mobile content across multiple devices and the cloud [105].
devices appear attached locally to the cloud with low la- Addressing these limitations simultaneously may in-
tency [105]. Both SDN and NFV can extend wireless ac- crease device complexity, degrade the network perfor-
cess infrastructure to cloud computing and enable logical mance, and cause connectivity problems. The key chal-
slicing of resources to multiple devices. SDN promises lenge for mobile clouds lies in transforming physical ac-
an attractive solution to implement new capabilities to cess networks to multiple virtual and isolated networks
cloud applications and services. It can help to retrieve while maintaining and managing seamless connectivity.
network topology, monitor the underlying network condi- Virtualized switch functions such as those provided by
tions (e.g., failures), initiate and adjust network connec- OpenVSwitch may enable controllers to connect to a spe-
tivity and support tunneling. cific virtual partition with autonomic reconfiguration and
Additionally, given the dynamic needs and supply of lossless connectivity. The virtualization of mobile proto-
the network resources due to the rich set of resources col stacks could abstract mobile resources to accommo-
available in the cloud, mobile users can benefit from re- date their different requirements. We argue that a close
source virtualization to accommodate different require- interaction with the cloud may help achieve the multi-
ments of their mobile terminals moving within the mobile dimensional mobility requirements [105] and relieve the
cloud. Weaving different wireless access technologies to- network infrastructure from complex network tasks (e.g.,
gether in a fluid fashion and creating smart gateways in configuration, traffic analysis) to the cloud [106].
the cloud in a transparent manner is important to realize
the full potential of mobile clouds. To this end, virtualized 7.3. SDN for WPAN
access networks should support fine-grained isolation per Since SDN promises to reduce the complexity of the
person or per application for each device in the cloud. configuration and management of networks, its function-
Despite SDN having some advantages, such as resource ality can also be applied to many wireless infrastructure
sharing and session management, it incurs several limita- networks such as the Low-Rate Wireless Personal Area
tions in the context of mobile clouds. In particular, since Networks (LR-WPANs). Extending SDN to LR-WPAN
mobile users can repeatedly trigger the embedded con- was considered impractical because these networks are
troller for marshalling and unmarshalling of flow rules highly constrained. LR-WPAN requires numerous low-
(e.g., in OpenFlow messages), the overhead increases cost nodes communicating over multiple hops to cover a
more significantly because of the limited computing capa- large geographical area. These nodes require duty cycles
bilities and resources of mobile devices (i.e., extra mem- to provide low energy consumption to operate for multi

18
year lifetimes on batteries with modest lifetimes. They To increase the capacity of cellular systems, SDN can
also require small software footprint due their limited provide solutions to overcome the limitations of multihop
amount of memory storage and CPU processing speeds. wireless networks. Cellular SDN networks (or briefly,
Additionally, to enable SDN for LR-WPANs, several CellSDN) [112] could maintain a Subscriber Information
challenges must be resolved to provide cross-layer op- Base (SIB) to translate a subscriber’s attributes into the
timization [107] as well as data aggregation. We argue switch rules to set up and reconfigure services flexibly.
that future SDN controllers should provide an appropriate To this end, finer grained control of traffic in CellSDN
module to define the rules that consider specific match- must be adapted to cellular infrastructures to handle noti-
ing fields for LR-WPAN environment [108]. These rules fications from the users’ terminals. The authors in [113]
may route packets based on their specific values included introduce a Deep Packet Inspection (DPI) engine to en-
within the payload they carry. For example, packets may able finer grained classification at the application layer.
include a specific value of temperature sensors that exceed Section 4 described the use of DPI in monitoring tools,
a given threshold. SDN controllers will need to configure whereas here it is used for routing flows across multi-
multipath routing algorithms to route LR-WPAN pack- channel cellular networks. Application level control could
ets based on multilevel thresholds. Moreover, controllers then provide flexible and fine-grained control of the users
must address several key problems related to node mobil- data and analyze packet contents to identify malicious
ity, topology discovery, self-configuration as well as self- traffic. Despite these possibilities, CellSDN requires spe-
organization [109]. They should also deal with link un- cific SDN protocols to orchestrate the remote virtualized
reliability, and robustness to the failure of generic nodes resources [114]. Moreover, these protocols must enable
and the control node [110]. network slicing, traffic engineering, minimizing delays
and reduction in packet loss [115].
7.4. SDN for Cellular networks In cellular communications, an architecture based on
The growing demand and the diverse patterns of mo- SDN techniques may give operators greater freedom
bile traffic place an increasing strain on cellular networks. to balance operational parameters, such as network re-
The best way to increase per-user capacity is to make cells silience, service performance and QoE. CellSDN con-
small and bring the base station closer to the mobile client. trollers may implement Radio Resource Management
SDN may provide rapid response to mobile terminals and (RRM) protocol [116] as northbound interfaces to sim-
avoid disruptions in the service across different technolo- plify the QoS provisioning. Similarly, CellSDN routers
gies. However, supporting an increasing number of sub- could support techniques like header compression and de-
scribers with frequent changes in user location incurs se- compression to reduce the overhead with small packet
rious issues [111]. Cellular network infrastructures must payloads on low bandwidth links. Another important
redirect user’s data to load balancing servers to accom- challenge in CellSDN is designing the architecture of the
modate changing network conditions and handle traffic in network. Traditionally, CellSDN was designed with cen-
real-time with specific QoS priority [8]. Presently, cel- tralized control and data structures in mind to improve its
lular systems have a single direct link between the base performance. Centralized SDN model in CellSDN results
station and the terminal. However, multihop networks re- in a single point of failure. Thus, when the cellular in-
quire maintaining multilink between multiple transmitter frastructure fails, the entire network will be unavailable.
and receiver to form multipath communication – the so Hence, a rethinking of architecting CellSDN using a dis-
called multihop cooperative network. Compared to ex- tributed SDN model is needed.
isting technology, which include mechanisms for retrans- Distributed CellSDN could provide high-performance,
mission and multiple acknowledgments, multihop coop- cost-effective and distributed mobility management [117]
erative networks can overcome these limitations by pro- in CellSDN. We believe that a distributed SDN model
viding high density access networks. However, they often could also provide multiple parallel virtualized transmis-
suffer throughput penalties since they operate in a half du- sion channels to support the increasing number of mobile
plex mode and therefore introduce insufficiency of spec- terminals requesting the network resources [114]. As for
trum usage. fixed network virtualization, there is a need to reconsider

19
the issue of isolating traffic into multiple wireless slices, no mention about how a secure connection can be estab-
where each slice could support a specific traffic pattern. lished nor how the certificate can be checked between the
Such an approach may help to create virtual base sta- controllers and the switches. Security issues also stem
tions and orchestrate the available resources among dif- from the diversity in network configurations. The security
ferent mobile devices, thereby saving power and memory mechanisms defined by the specification are ill-suited to
usage. protect the network against eavesdropping and controller
impersonation.
8. Challenges and Opportunities for Security in SDN In developing solutions to address the myriad of secu-
rity challenges in SDNs, we need to cope with one pri-
Security in SDN networks poses significant challenges mary challenging issue: managing the trade-offs between
because its programmable aspect presents a complex set the network security and performance.
of problems to cope with [118]. It is expected that the
increasing number of DDoS and malware attacks, spam, 8.2. Opportunities for Addressing Security Concerns in
and phishing activities will change the dynamics around SDNs
securing SDN infrastructures. In this context, mobile A promising approach to address the different security
wireless networks are more vulnerable than fixed wired problems in SDN involves developing security policies
networks since broadcast wireless channels easily allow with a unified syntax for the OpenFlow protocol. These
message eavesdropping and injection (i.e., vulnerability policies should enable authentication, authorization, ac-
of channels). Moreover, mobile ad-hoc networks in- cess control, and secure transport between applications
cur more complex security challenges due to their lack and SDN controllers, or even between multiple controllers
of infrastructure (e.g., security servers), which renders and a set of switches. These policies can be defined via
classical security solutions infeasible. Traditional secu- the Security Assertion Markup Language (SAML) to ex-
rity approaches require downtime to orchestrate topology change public/private keys as part of the OpenFlow poli-
changes while the network is reconfigured, new security cies, e.g., within confidential OpenFlow messages that
configuration is inserted, and multiple security services may be transported using the Datagram Transport Layer
are turned on and debugged. Security (DTLS) protocol.
Supporting intrusion detection is a crucial part of a se-
8.1. Security Challenges in SDN cure SDN framework. A promising approach is to pro-
Security is minimally specified in SDN; thus the Open- vide an Intrusion Prevention System (IPS) based on the
Flow specification does not describe the certificate for- open source SNORT project [119]. In particular, Open-
mat to ensure data integrity. SDN security will require Flow security algorithms should provide role-based au-
more sophisticated encryption and authentication mech- thentication to check for contradictions in flow rules when
anisms to prevent hackers and to recover packets from applications attempt to insert disallowed flow rules. It
failure. For example, multiple controllers may mutually may be possible to add customized security services into
authenticate each other by exchanging certificates signed the network, either on a per-flow basis or per-group of
by third party private keys. The difference between these flow [120]. Another approach to resolving the mobile
keys, however, raises unexpected security vulnerabilities SDN security challenges could consider separating these
in the entire network. Thus, the controllers may be unable functions or outsource them to a third party server, as de-
to interoperate with each other since they have different scribed in the OpenWiFi project [121].
keys. The OpenFlow specification recommends using a Yet another promising approach involves inserting dif-
plain TCP connection for the secure channel but gives no ferent security policies in the OpenFlow protocol using
indication about what sort of alternatives can be used to L4 to L7 services, such as URL filtering between an end-
that end. Optionally, TLS sessions can be used to provide point, rejecting flows toward a specific destination, redi-
encrypted and secure channels in both directions to pre- recting HTTP and HTTPS traffic using a proxy, firewall,
vent eavesdropping but without details about the interop- etc. Extending the OpenFlow matching rules to incor-
erable version that could be used. The specification makes porate new security rules using different fields, such as

20
wild-cards, physical/virtual ports and IP addresses is an- was to present these challenges and present current stan-
other possibility. However, exposing IP addresses to net- dardization efforts.
work attacks may hand the adversaries significant advan- By no means have we presented an exhaustive list of
tage to remotely scan networks and identify their targets opportunities. We believe additional challenges and op-
accurately and quickly. The authors in [122] introduced a portunities for research exists along a broad spectrum
technique called OpenFlow Random Host Mutation (OF- ranging from SDN solutions used in converged packet
RHM) to hide real IP addresses from external attacks. and circuit switched networks to formal modeling and
They assign virtual IP addresses to hosts so that they can model checking to improve the trustworthiness of the
be reached only by authorized entities. SDN-based solutions.

9. Conclusions
References
Most researchers argue that the current Internet ar-
chitecture is inadequate and has reached a tipping point [1] A. Metzger, C. C. Marquezan, Future internet apps: The
where most of the time and effort is spent addressing ex- next wave of adaptive service-oriented systems, in: Ser-
viceWave, 2011, pp. 230–241.
isting flaws rather than developing new ideas. To address
the challenge of ossification of the Internet, researchers [2] C. C. Marquezan, A. Metzger, K. Pohl, V. Engen,
have started to focus on redesigning the overall architec- M. Boniface, S. Phillips, Z. Zlatev, Adaptive Web Ser-
ture by breaking the tight integration of the forwarding vices for Modular and Reusable Software Development:
and control plane implementations. As a result, major Tactics and Solution, IGI, 2012, Ch. Adaptive Future In-
research projects focus on the SDN architecture to con- ternet Applications: Opportunities and Challenges for
struct and present a logically centralized map of the net- Adaptive Web Services Technology.
work. The next-generation of SDN networks will benefit
not only from the simplicity of the implementation, but [3] N. McKeown, Software-defined networking, INFOCOM
keynote talk, Apr.
also from the fact that maintaining and updating applica-
tions will be easier as well. [4] H. Kim, N. Feamster, Improving network manage-
In this paper, we have surveyed a wide range of recent ment with software defined networking, Communications
and state-of-the-art projects in SDN. Based on the sur- Magazine, IEEE 51 (2) (2013) 114–119.
vey, we classified key challenges and opportunities along
a number of different areas including architectural mod- [5] N. McKeown, T. Anderson, H. Balakrishnan, G. Parulkar,
els, programmability, convergence, wireless and mobility, L. Peterson, J. Rexford, Openflow: enabling innovation
cloud platforms, and security. We showed that the net- in campus networks, ACM SIGCOMM Computer Com-
munication Review (2008) 69–74.
working community is heavily involved in SDN research,
however, most of the investigations continue to focus on [6] ONF, The openflow 1.3.1 specification, Tech. rep.
topics such as control plane/data plane, distributed vs cen-
tralized control plane, scalability of solutions, Hybrid so- [7] C. Lam, H. Liu, B. Koley, X. Zhao, V. Kamalov, V. Gill,
lutions, call graph, networking models etc. Fiber optic communication technologies: What’s needed
We argue that while these research efforts are impor- for datacenter network operations, IEEE Communica-
tant, they need to occur in the context of overall net- tions Magazine.
work programmability and scalability goals. Although
[8] L. Suresh, J. Schulz-Zander, R. Merz, A. Feldmann,
OpenFlow, which is a prominent SDN implementation,
T. Vazao, Towards programmable enterprise wlans with
promises a flexible, open, and dynamic flow transmission
odin, HotSDN ’12, 2012, pp. 115–120.
mechanism, it also poses a set of challenges in terms of
network virtualization, mobility management, operation, [9] M. Bansal, J. Mehlman, S. Katti, P. Levis, Openradio:
which will require coordinated attention from the research a programmable wireless dataplane, HotSDN ’12, 2012,
community for its success and wide acceptance. Our goal pp. 109–114.

21
[10] K.-K. Yap, M. Kobayashi, R. Sherwood, T.-Y. Huang, [20] H. Harai, Akari architecture design for new generation
M. Chan, N. Handigol, N. McKeown, Openroads: em- network, in: Summer Topical Meeting, 2009. LEOSST
powering research in mobile networks, SIGCOMM Com- ’09. IEEE/LEOS, 2009, pp. 155–156.
put. Commun. Rev. 40 (1) (2010) 125–126.
[21] Y. Kanaumi, S. Saito, E. Kawai, S. Ishii, K. Kobayashi,
[11] J. Vasseur, J. Leroux, S. Yasukawa, S. Previdi, P. Psenak, S. Shimojo, Rise: A wide-area hybrid openflow network
P. Mabbey, Routing Extensions for Discovery of Multi- testbed., IEICE Transactions 96-B (1) (2013) 108–118.
protocol (MPLS) Label Switch Router (LSR) Traffic En-
gineering (TE) Mesh Membership (2007). [22] O. N. Foundation, Onf overview (2013).
URL https://www.opennetworking.org/about/
[12] J. Turner, D. Taylor, Diversifying the internet, in: Global onf-overview
Telecommunications Conference, 2005. GLOBECOM
’05. IEEE, Vol. 2, 2005. [23] L. Foundation, Opendaylight: An open source commu-
nity and meritocracy for software-defined networking, A
[13] A. Feldmann, Internet clean-slate design: What and Linux Foundation Collaborative Project (April 2013).
why?, SIGCOMM Comput. Commun. Rev. 37 (3) (2007) URL http://www.opendaylight.org/resources/
59–64. publications

[14] S. Paul, J. Pan, R. Jain, Architectures for the future net- [24] E. Haleplidis, S. Denazis, K. Pentikousis, J. H. Salim,
works and the next generation internet: A survey, Com- O. Koufopavlou, Sdn layers and architecture terminology,
put. Commun. 34 (1) (2011) 2–42. Tech. Rep. 01 (2013).

[15] M. Berman, J. S. Chase, L. Landweber, A. Nakao, M. Ott, [25] A. Doria, J. H. Salim, R. Haas, H. Khosravi, W. Wang,
D. Raychaudhuri, R. Ricci, I. Seskar, Geni: A federated L. Dong, R. Gopal, J. Halpern, Forwarding and control
testbed for innovative network experiments, Computer element separation (forces) protocol specification (2010).
Networks 61 (0) (2014) 5 – 23.
[26] L. Yang, R. Dantu, T. Anderson, R. Gopal, Forward-
URL http://www.geni.net/
ing and control element separation (forces) framework
[16] [link]. (2004).
URL http://www.ict-fire.eu/home.html
[27] L. Dong, A. Doria, R. Gopal, R. HAAS, J. H. Salim,
[17] P. Frosi, L. J. Camargos, R. Pasquini, M. S. Soares, L. F. H. Khosravi, W. Wang, Forces protocol specification,
Faina, D. M. F. O. Silva, P. R. S. L. Coelho, V. B. Bernal, Tech. Rep. draft-ietf-forces-protocol-17 (2008).
S. T. Kofuji., Experimenting domain title service to meet
[28] I. Kovacevic, Forces protocol as a solution for interaction
mobility and multicast aggregation by using openflow
of control and forwarding planes in distributed routers,
(Sep. 2011).
17th Telecommunications forum TELFOR (2009) 529–
532.
[18] M. Sun, L. Bergesio, H. Woesner, T. Rothe, A. Kpsel,
D. Colle, B. Puype, D. Simeonidou, R. Nejabati, [29] R. Haas, Forwarding and control element separation
M. Channegowda, M. Kind, T. Dietz, A. Autenri- (forces) mib (2010).
eth, V. Kotronis, E. Salvadori, S. Salsano, M. Krner,
S. Sharma, Design and implementation of the OFELIA [30] A. Crouch, H. Khosravi, A. Doria, X. Wang, K. Ogawa,
FP7 facility: The european openflow testbed, Computer Forwarding and control element separation (forces) ap-
Networks 61 (0) (2014) 132 – 150. plicability statement (2010).
URL http://www.fp7-ofelia.eu/
[31] E. Haleplidis, O. Koufopavlou, S. Denazis, Forwarding
[19] M. Kind, F. Westphal, A. Gladisch, S. Topp, Splitarchi- and control element separation (forces) implementation
tecture: Applying the software defined networking con- experience (2011).
cept to carrier networks, in: World Telecommunications
Congress (WTC), 2012, 2012, pp. 1–6. [32] J. Halpern, J. H. Salim, Forces forwarding element
URL http://www.fp7-sparc.eu/ model, Tech. Rep. draft-ietf-forces-model-15 (2008).

22
[33] R. HAAS, Forces mib, Tech. Rep. draft-ietf-forces-mib- [47] Z. Cao, Z. Li, Analysis of sdn controller cluster in large-
10 (2008). scale production networks, Tech. Rep. 00 (2013).

[34] E. Haleplidis, O. Cherkaoui, S. Hares, W. Wang, For- [48] B. Heller, R. Sherwood, N. McKeown, The controller
warding and control element separation (forces) open- placement problem, in: Proceedings of the first workshop
flow model library, Tech. Rep. draft-haleplidis-forces- on Hot topics in software defined networks, HotSDN ’12,
openflow-lib-01 (2012). 2012.

[35] D. Liu, B. Khasnabish, H. Deng, Architecture discussion [49] T. Nadeau, P. Pan, Framework for software defined net-
of i2rs, Tech. Rep. 02 (2013). works, Internet-Draft draft-nadeau-sdn-framework-01,
internet-Draft (Oct. 2011).
[36] IUT FG NGN, The softrouter concept and the proposal
for the study of separation of forwarding and routing in [50] D. G. Underhill, An extensible network visualization and
the next generation network (2004). control framework, Thesis, Stanford University.

[37] Object Management Group, SDN Application Ecosys- [51] Scalable adaptive graphics environment.
tem RFI, Software Defined Networking (SDN) Working URL http://www.openflow.org/wp/gui/
Group (Mars 2013). [52] M. C. Andrea Simeoni, Extension of the OpenFlow
framework to foster the Software Defined Network
[38] Object Management Group, Data-Distribution Service
paradigm in the Future Internet (2011).
for Real-Time Systems - Version 1.2, http://portals.
omg.org/dds/ (January 2007). [53] S. Shin, J. Kim, Toward service-aware flow visualiza-
tion over openflow-based programmable networks (8–13
[39] W. Kim, P. Sharma, J. Lee, S. Banerjee, J. Tourrilhes, S.- 2011).
J. Lee, P. Yalagandula, Automated and scalable qos con-
trol for network convergence, in: Proceedings of the 2010 [54] S. Natarajan, X. Huang, An interactive visualization
internet network management conference on Research on framework for next generation networks, in: Proceedings
enterprise networking, INM/WREN’10, 2010. of the ACM CoNEXT Student Workshop, CoNEXT ’10
Student Workshop, 2010, pp. 1–14.
[40] Z. Cai, A. L. Cox, T. S. E. Ng, Maestro: A system for
scalable openflow control, Tech. rep. (2010). [55] D. Mattos, N. Fernandes, V. da Costa, L. Cardoso,
M. Campista, L. H. M. K. Costa, O. Duarte, Omni: Open-
[41] A. Voellmy, H. Kim, N. Feamster, Procera: a language for flow management infrastructure, in: Network of the Fu-
high-level reactive network control, HotSDN ’12, 2012, ture (NOF), 2011 International Conference on the, 2011,
pp. 43–48. pp. 52–56.
URL http://www.gta.ufrj.br/omni/
[42] T. Amin, G. Yashar, Hyperflow: a distributed control
plane for openflow, 2010. [56] FI-WARE Consortium, Future internet core platform,
Tech. Rep. D2.2, Europeen 7th FP (November 2011).
[43] K. Teemu et al , Onix: a distributed control platform for URL http://www.fi-ware.eu/
large-scale production networks, OSDI’10, 2010, pp. 1–
6. [57] G. Huang, C.-N. Chuah, S. Raza, S. Seetharaman, Dy-
namic measurement-aware routing in practice, IEEE Net-
[44] A. S.-W. Tam, K. Xi, H. J. Chao, Use of devolved con- work 25 (3) (2011) 29–34.
trollers in data center networks, CoRR.
[58] R. Antonello, S. Fernandes, C. Kamienski, D. Sadok,
[45] H. Y. Soheil, G. Yashar, Kandoo: a framework for ef- J. Kelner, I. G´dor, G. Szabó, T. Westholm, Deep packet
ficient and scalable offloading of control applications, inspection tools and techniques in commodity platforms:
2012, pp. 19–24. Challenges and trends, Journal of Network and Computer
Applications 35 (6) (2012) 1863–1878.
[46] M. O. S. Volkan Yazici, A. O. Ercan, Controlling
a software-defined network via distributed controllers, [59] G. Malkin, RIP Version 2 - Carrying Additional Informa-
2012 NEM Summit Proceedings. tion, RFC 1723 (Standard) (1994).

23
[60] Y. Rekhter, T. Li, S. Hares, A Border Gateway Protocol 4 [71] A. T. H.E. Egilmez, S. Civanlar, A distributed qos rout-
(BGP-4), RFC 4271 (Draft Standard) (2006). ing architecture for scalable video streaming over multi-
domain openflow networks, Proc. IEEE International
[61] N. Feamster, H. Balakrishnan, J. Rexford, A. Shaikh, Conference on Image Processing (ICIP 2012).
J. van der Merwe, The case for separating routing from
routers, in: Proceedings of the ACM SIGCOMM work- [72] H. Egilmez, Adaptive video streaming over openflow net-
shop on Future directions in network architecture, FDNA works with quality of service, Ph.D. thesis, Koç Univer-
’04, 2004, pp. 5–12. sity (2012).
[62] M. Schlansker, Y. Turner, J. Tourrilhes, A. Karp, En-
semble routing for datacenter networks, in: Proceedings [73] R. Penno, T. Reddy, M. Boucadair, D. Wing, S. Vina-
of the 6th ACM/IEEE Symposium on Architectures for pamula, Application enabled sdn (a-sdn), Tech. Rep. 01
Networking and Communications Systems, ANCS ’10, (2013).
2010.
[74] E. Kissel, G. Fernandes, M. Jaffee, M. Swany, M. Zhang,
[63] A. Bianco, R. Birke, L. Giraudo, M. Palacin, Openflow Driving software defined networks with xsp, SDN’12
switching: Data plane performance, Communications (2012).
(ICC), 2010 IEEE International Conference on (2010).
[75] J. Soeurt, I. Hoogendoorn, Shortest path forwarding us-
[64] Z. Cai, F. Dinu, J. Zheng, A. L. Cox, T. S. E. Ng, Con- ing openflow, Tech. rep. (February 2012).
tract: Incorporating coordination into the ip network con-
trol plane, in: Proceedings of the 2010 IEEE 30th Inter- [76] C. Kolias, Openflow &sdnfornetworkproviders: Smart
national Conference on Distributed Computing Systems, devices need smartnetworks (November 2011).
ICDCS ’10, 2010, pp. 189–198.
[77] H. Yin, H. Xie, T. Tsou, D. Lopez, P. Aranda, R. Sidi,
[65] F. Nmeth, A. Stipkovits, B. Sonkoly, A. Gulyás, Towards
Sdni: A message exchange protocol for software de-
smartflow: case studies on enhanced programmable for-
fined networks (sdns) across multiple domains, Tech.
warding in openflow switches, SIGCOMM Comput.
Rep. draft-yin-sdn-sdni-00.txt (2012).
Commun. Rev. 42 (4) (2012) 85–86.
[66] F. O. Silva, M. A. Gonalves, J. H. de S. Pereira, L. J. Ca- [78] M. Boucadair, C. Jacquenet, Requirements for Au-
margos, R. Pasquini, P. F. Rosa, S. T. Kofuji, Implement- tomated (Configuration) Management, Internet-Draft
ing the domain title service atop openflow (May 2012). draft-boucadairnetwork-automation-requirements-01,
IETF Secretariat (Jun. 2013).
[67] Y. Nakagawa, K. Hyoudou, T. Shimizu, A management
method of ip multicast in overlay networks using open- [79] S. Shah, K. Patel, S. Bajaj, L. Tomotaki, M.Boucadair,
flow, in: Proceedings of the first workshop on Hot topics Inter-domain SLA Exchange, Tech. Rep. draft-ietf-idrsla-
in software defined networks, HotSDN ’12, 2012, pp. 91– exchange-01 (June 2013).
96.
[80] J. R. W. Liu, J. Wang, A unified framework for software-
[68] S. Civanlar, M. Parlakisik, A. M. Tekalp, B. Gorkemli, defined information-centric network, Tech. Rep. 00
B. Kaytaz, E. Onem, A qos-enabled openflow envi- (2013).
ronment for scalable video streaming, IEEE Globecom
Workshops. [81] A. Detti, N. Blefari Melazzi, S. Salsano, M. Pomposini,
[69] H. E. Egilmez, B. Gorkemli, A. M. Tekalp, S. Civanlar, Conet: a content centric inter-networking architecture,
Scalable video streaming over openflow networks: An in: Proceedings of the ACM SIGCOMM workshop on
optimization framework for qos routing, in: ICIP, 2011, Information-centric networking, ICN ’11, 2011, pp. 50–
pp. 2241–2244. 55.

[70] H. E. Egilmez, S. T. Dane, B. Gorkemli, A. M. Tekalp, [82] N. Blefari-Melazzi, A. Detti, G. Morabito, S. Salsano,
Openqos: Openflow controller design and test network L. Veltri, Information centric networking over {SDN} and
for multimedia delivery with quality of service, NEM openflow: Architectural aspects and experiments on the
Summit. {OFELIA} testbed, Computer Networks.

24
[83] FP7-ICT-SAIL, SAILScalable and Adaptable Internet [97] T. Hau, D. Burghardt, W. Brenner, Multihoming, content
Solutions, Techreport, d-5.2 (D-D.1) Cloud Network Ar- delivery networks, and the market for internet connectiv-
chitecture Description (Jul. 2011). ity, Telecommunications Policy 35 (2011) 532 – 542.

[84] B. J. Ko, V. Pappas, R. Raghavendra, Y. Song, R. B. Dil- [98] F. den Hartog, P. Nooren, A. Delphinanto, E. Fledderus,
maghani, K.-w. Lee, D. Verma, An information-centric On managed services lanes and their use in home net-
architecture for data center networks, 2012, pp. 79–84. works, in: Proceedings of the 2013 ACM conference on
Pervasive and ubiquitous computing adjunct publication,
[85] P. Pan, T. Nadeau, Software-defined network (sdn) prob-
UbiComp ’13 Adjunct, 2013, pp. 769–776.
lem statement and use cases for data center applications,
Tech. Rep. 00 (2013). [99] Y. Zhang, J. Luo, H. Hu, Wireless Mesh Networking:
Architectures, Protocols and Standards, Wireless Net-
[86] D. Drutskoy, E. Keller, J. Rexford, Scalable network vir-
works and Mobile Communications, Taylor & Francis,
tualization in software-defined networks (2012).
2006.
[87] C. Rotsos, R. Mortier, A. Madhavapeddy, B. Singh, A. W. URL http://books.google.fr/books?id=
Moore, Cost, performance & flexibility in openflow: Pick 7t4szWRwnFkC
three., in: ICC, IEEE, 2012, pp. 6601–6605.
[100] Y. Peng, Y. Yu, L. Guo, D. Jiang, Q. Gai, An efficient
[88] R. Raghavendra, J. Lobo, K.-W. Lee, Dynamic graph joint channel assignment and qos routing protocol for
query primitives for sdn-based cloudnetwork manage- {IEEE} 802.11 multi-radio multi-channel wireless mesh
ment, 2012, pp. 97–102. networks, Journal of Network and Computer Applica-
tions 36 (2) (2013) 843 – 857.
[89] P. Pisa, N. Fernandes, H. Carvalho, M. Moreira,
M. Campista, L. Costa, O. Duarte, Openflow and xen- [101] I. Ahmed, A. Mohammed, H. Alnuweiri, On the fairness
based virtual network migration, in: Communications: of resource allocation in wireless mesh networks: a sur-
Wireless in Developing Countries and Networks of the vey, Wirel. Netw. 19 (6) (2013) 1451–1468.
Future, Vol. 327, 2010, pp. 170–181.
[102] P. Dely, Towards an architecture for openflow and wire-
[90] S. Ghorbani, M. Caesar, Walk the line: consistent net- less mesh networks, Ofelia Summer School.
work updates with bandwidth guarantees, in: Proceed-
ings of the first workshop on Hot topics in software de- [103] I. COMCAS) (Ed.), Wireless Software Defined Net-
fined networks, HotSDN ’12, 2012. works: Challenges and Oppportunities, 2013.
[91] T. Benson, A. Akella, A. Shaikh, S. Sahu, Cloudnaas: [104] N. Bayer, P. Dely, A. Kassler, Openflow for wireless
a cloud networking platform for enterprise applications, mesh networks, IEEE International Workshop on Wire-
2011. less Mesh and Ad Hoc Networks (WiMAN 2011).
[92] E. Keller, S. Ghorbani, M. Caesar, J. Rexford, Live mi- [105] K.-H. Kim, S.-J. Lee, P. Congdon, On cloud-centric net-
gration of an entire network (and its hosts) (Oct. 2012). work architecture for multi-dimensional mobility, 2012.
[93] V. S. Zaborovsky, A. Lukashin, S. Kupreenko, V. Mu-
[106] R. Bifulco, M. Brunner, R. Canonico, P. Hasselmeyer,
lukha, Dynamic access control in cloud services, in:
F. Mir, Scalability of a mobile cloud management system,
SMC, 2011, pp. 1400–1404.
2012.
[94] Pantou, Open wireless freedom.
[107] L. D. Mendes, J. J. Rodrigues, A survey on cross-layer
URL https://openwrt.org/
solutions for wireless sensor networks, Journal of Net-
[95] OpenFlowHub, Indigo - open source openflow switches. work and Computer Applications 34 (2) (2011) 523 –
URL http://www.openflowhub.org/display/ 534.
Indigo
[108] T. Luo, H.-P. Tan, T. Q. S. Quek, Sensor openflow: En-
[96] D. Liu, H. Deng, Mobility support in software defined abling software-defined wireless sensor networks, IEEE
networking, Tech. Rep. 00 (2013). Communications Letters 16 (11) (2012) 1896–1899.

25
[109] M. Peng, D. Liang, Y. Wei, J. Li, H.-H. Chen, Self- [121] K.-K. Yap, Y. Yiakoumis, M. Kobayashi, S. Katti,
configuration and self-optimization in lte-advanced het- G. Parulkar, N. McKeown, Separating authentication, ac-
erogeneous networks, Communications Magazine, IEEE cess and accounting: A case study with openwifi, Tech.
51 (5). rep. (2011).

[110] S. Costanzo, L. Galluccio, G. Morabito, S. Palazzo, Soft- [122] J. H. Jafarian, E. Al-Shaer, Q. Duan, Openflow random
ware defined wireless networks: Unbridling sdns, Pro- host mutation: transparent moving target defense using
ceedings of European Workshop on Software Defined software defined networking, HotSDN ’12, 2012, pp.
Networking. 127–132.

[111] M. Mendonca, K. Obraczka, T. Turletti, The case for


software-defined networking in heterogeneous networked
environments, in: ACM-CoNEXT 2012, 2012, pp. 59–
60.

[112] L. L. Erran, M. Z. Morley, J. Rexford, Cellsdn: Software-


defined cellular networks, Tech. rep. (2012).

[113] S. Kumar, J. Turner, J. Williams, Advanced algorithms


for fast and scalable deep packet inspection, in: Proceed-
ings of the 2006 ACM/IEEE symposium on Architecture
for networking and communications systems, ANCS ’06,
2006, pp. 81–92.

[114] L. E. Li, Z. M. Mao, J. Rexford, Toward software-defined


cellular network, Proceedings of European Workshop on
Software Defined Networking.

[115] K.-K. Yap, M. Kobayashi, D. Underhill, S. Seetharaman,


P. Kazemian, N. McKeown, The stanford openroads de-
ployment, WINTECH ’09, 2009, pp. 59–66.

[116] J. Gozalvez, M. C. Lucas-Estañ, J. Sanchez-Soriano,


Joint radio resource management for heterogeneous wire-
less systems, Wirel. Netw. 18 (4) (2012) 443–455.

[117] H. Chan, D. Liu, P. Seite, H. Yokota, J. Korhonen, Re-


quirements for distributed mobility management, Tech.
Rep. draft-ietf-dmm-requirements-09.txt (2013).

[118] M. Wasserman, S. Hartman, D. Zhang, Security analysis


of the open networking foundation (onf) openflow switch
specification, Internet-Draft draft-mrw-sdnsec-openflow-
analysis-00, informational (Oct. 2012).

[119] S. project. [link].


URL http://www.snort.org/

[120] P. Porras, S. Shin, V. Yegneswaran, M. Fong, M. Tyson,


G. Gu, A Framework for Enabling Security Controls in
OpenFlow Networks, ACM (Aug. 2012).

26

You might also like