Software-defined networking (SDN): a survey

With the advent of cloud computing, many new networking concepts have been introduced to simplify network management and bring innovation through network programmability. The emergence of the software-defined networking (SDN) paradigm is one of these adopted concepts in the cloud model so as to eliminate the network infrastructure maintenance processes and guarantee easy management. In this fashion, SDN offers real-time performance and responds to high availability requirements. However, this new emerging paradigm has been facing many technological hurdles; some of them are inherent, while others are inherited from existing adopted technologies. In this paper, our purpose is to shed light on SDN related issues and give insight into the challenges facing the future of this revolutionary network model, from both protocol and architecture perspectives. Additionally, we aim to present different existing solutions and mitigation techniques that address SDN scalability, elasticity, dependability, reliability, high availability, resiliency, security, and performance concerns. Copyright © 2017 John Wiley & Sons, Ltd.

[1]  Sujata Banerjee,et al.  DevoFlow: scaling flow management for high-performance networks , 2011, SIGCOMM.

[2]  I. Baldine,et al.  Network Virtualization: Technologies, Perspectives, and Frontiers , 2013, Journal of Lightwave Technology.

[3]  Yashar Ganjali,et al.  Kandoo: a framework for efficient and scalable offloading of control applications , 2012, HotSDN '12.

[4]  Thyaga Nandagopal,et al.  Coping with link failures in centralized control plane architectures , 2010, 2010 Second International Conference on COMmunication Systems and NETworks (COMSNETS 2010).

[5]  David Walker,et al.  Frenetic: a network programming language , 2011, ICFP.

[6]  Andrea Bianco,et al.  OpenFlow Switching: Data Plane Performance , 2010, 2010 IEEE International Conference on Communications.

[7]  Rob Sherwood,et al.  The controller placement problem , 2012, HotSDN '12.

[8]  Nick McKeown,et al.  OpenFlow: enabling innovation in campus networks , 2008, CCRV.

[9]  Pankesh Patel,et al.  Service Level Agreement in Cloud Computing , 2009 .

[10]  Harald Baier,et al.  COFFEE: a Concept based on OpenFlow to Filter and Erase Events of botnet activity at high-speed nodes , 2013, GI-Jahrestagung.

[11]  Theophilus Benson,et al.  Tolerating SDN Application Failures with LegoSDN , 2014, HotNets.

[12]  Chu YuHunag,et al.  A novel design for future on-demand service and security , 2010, 2010 IEEE 12th International Conference on Communication Technology.

[13]  Azer Bestavros,et al.  Verifiably-safe software-defined networks for CPS , 2013, HiCoNS '13.

[14]  Carla Raffaelli,et al.  Scalability analysis of SDN-controlled optical ring MAN with hybrid traffic , 2014, 2014 IEEE International Conference on Communications (ICC).

[15]  Sebastian Abt,et al.  Blessing or curse? Revisiting security aspects of Software-Defined Networking , 2014, 10th International Conference on Network and Service Management (CNSM) and Workshop.

[16]  Mohamed Faten Zhani,et al.  Dynamic Controller Provisioning in Software Defined Networks , 2013, Proceedings of the 9th International Conference on Network and Service Management (CNSM 2013).

[17]  Dino Farinacci,et al.  Software Defined Networking extensions for the Locator/ID Separation Protocol , 2014 .

[18]  Aamir Shafi,et al.  An architectural evaluation of SDN controllers , 2013, 2013 IEEE International Conference on Communications (ICC).

[19]  Carl E. Landwehr,et al.  Basic concepts and taxonomy of dependable and secure computing , 2004, IEEE Transactions on Dependable and Secure Computing.

[20]  Ehab Al-Shaer,et al.  Openflow random host mutation: transparent moving target defense using software defined networking , 2012, HotSDN '12.

[21]  Dahai Xu,et al.  Architectures and Protocols for Capacity Efficient, Highly Dynamic and Highly Resilient Core Networks [Invited] , 2012, IEEE/OSA Journal of Optical Communications and Networking.

[22]  Yashar Ganjali,et al.  HyperFlow: A Distributed Control Plane for OpenFlow , 2010, INM/WREN.

[23]  Xian Zhang,et al.  Network operator independent resilient overlay for mission critical applications (ROMCA) , 2009, 2009 Fourth International Conference on Communications and Networking in China.

[24]  J. Rexford,et al.  Logic Programming for Software-Defined Networks , 2012 .

[25]  Antonio Capone,et al.  Detour planning for fast and reliable failure recovery in SDN with OpenState , 2014, 2015 11th International Conference on the Design of Reliable Communication Networks (DRCN).

[26]  Kevin Benton,et al.  OpenFlow vulnerability assessment , 2013, HotSDN '13.

[27]  Sakir Sezer,et al.  OperationCheckpoint: SDN Application Control , 2014, 2014 IEEE 22nd International Conference on Network Protocols.

[28]  Yan Huang,et al.  A Study on the Dependability of Software Defined Networks , 2015 .

[29]  Andrei V. Gurtov,et al.  Enabling Secure Mobility with OpenFlow , 2013, 2013 IEEE SDN for Future Networks and Services (SDN4FNS).

[30]  Minlan Yu,et al.  FlowTags: enforcing network-wide policies in the presence of dynamic middlebox actions , 2013, HotSDN '13.

[31]  Julio Ortega Lopera,et al.  Accelerating OpenFlow switching with network processors , 2009, ANCS '09.

[32]  Alan L. Cox,et al.  Maestro: A System for Scalable OpenFlow Control , 2010 .

[33]  Brighten Godfrey,et al.  VeriFlow: verifying network-wide invariants in real time , 2012, HotSDN '12.

[34]  T. S. Eugene,et al.  Maestro: achieving scalability and coordination in centralizaed network control plane , 2012 .

[35]  Abdul Jabbar,et al.  Path diversification: A multipath resilience mechanism , 2009, 2009 7th International Workshop on Design of Reliable Communication Networks.

[36]  Anees Shaikh,et al.  A measurement-based analysis of multihoming , 2003, SIGCOMM '03.

[37]  Dario Bruneo,et al.  Dependability modeling of Software Defined Networking , 2015, Comput. Networks.

[38]  Jörg Schwenk,et al.  SoK: Lessons Learned from SSL/TLS Attacks , 2013, WISA.

[39]  Deepak Bansal,et al.  Hierarchical SDN for the hyper-scale, hyper-elastic data center and cloud , 2015, SOSR.

[40]  Dimitrios Katsaros,et al.  Architectural Requirements for Cloud Computing Systems: An Enterprise Cloud Approach , 2011, Journal of Grid Computing.

[41]  Sanjay P. Ahuja,et al.  A Survey of the State of Cloud Security , 2012, Netw. Commun. Technol..

[42]  Syed Ali Khayam,et al.  Revisiting Traffic Anomaly Detection Using Software Defined Networking , 2011, RAID.

[43]  Nick Feamster,et al.  CORONET: Fault tolerance for Software Defined Networks , 2012, 2012 20th IEEE International Conference on Network Protocols (ICNP).

[44]  Guofei Gu,et al.  Attacking software-defined networks: a first feasibility study , 2013, HotSDN '13.

[45]  Alexander Shalimov,et al.  Advanced study of SDN/OpenFlow controllers , 2013 .

[46]  Baek-Young Choi,et al.  Reliability and Scalability Issues in Software Defined Network Frameworks , 2013, 2013 Second GENI Research and Educational Experiment Workshop.

[47]  Jia Wang,et al.  Scalable flow-based networking with DIFANE , 2010, SIGCOMM '10.

[48]  Nerea Toledo,et al.  Implementing Layer 2 Network Virtualization Using OpenFlow: Challenges and Solutions , 2012, 2012 European Workshop on Software Defined Networking.

[49]  Michiaki Hayashi,et al.  Redundancy Method for Highly Available OpenFlow Controller , 2014 .

[50]  Rastin Pries,et al.  A Flexible OpenFlow-Controller Benchmark , 2012, 2012 European Workshop on Software Defined Networking.

[51]  David Erickson,et al.  The beacon openflow controller , 2013, HotSDN '13.

[52]  Bram Naudts,et al.  Techno-economic Analysis of Software Defined Networking as Architecture for the Virtualization of a Mobile Network , 2012, 2012 European Workshop on Software Defined Networking.

[53]  Jun Bi,et al.  On the cascading failures of multi-controllers in Software Defined Networks , 2013, 2013 21st IEEE International Conference on Network Protocols (ICNP).

[54]  Stefan Schmid,et al.  Provable data plane connectivity with local fast failover: introducing openflow graph algorithms , 2014, HotSDN.

[55]  Kamal Benzekki,et al.  A Secure Cloud Computing Architecture Using Homomorphic Encryption , 2016 .

[56]  Basil S. Maglaris,et al.  Combining OpenFlow and sFlow for an effective and scalable anomaly detection and mitigation mechanism on SDN environments , 2014, Comput. Networks.

[57]  M.P.V. Manthena Network-as-a-Service Architecture with SDN and NFV: A Proposed Evolutionary Approach for Service Provider Networks , 2015 .

[58]  Xinpei Jia,et al.  Distributed firewall for P2P network in data center , 2013, 2013 IEEE International Conference on Consumer Electronics - China.

[59]  A. Murat Tekalp,et al.  OpenQoS: An OpenFlow controller design for multimedia delivery with end-to-end Quality of Service over Software-Defined Networks , 2012, Proceedings of The 2012 Asia Pacific Signal and Information Processing Association Annual Summit and Conference.

[60]  Wayne A. Jansen,et al.  Cloud Hooks: Security and Privacy Issues in Cloud Computing , 2011, 2011 44th Hawaii International Conference on System Sciences.

[61]  Mabry Tyson,et al.  FRESCO: Modular Composable Security Services for Software-Defined Networks , 2013, NDSS.

[62]  Eric Keller,et al.  Active security , 2013, HotNets.

[63]  Stephen J. Nadas,et al.  Virtual Router Redundancy Protocol (VRRP) Version 3 for IPv4 and IPv6 , 2010, RFC.

[64]  Amin Vahdat,et al.  Hedera: Dynamic Flow Scheduling for Data Center Networks , 2010, NSDI.

[65]  Marcial P. Fernandez,et al.  Evaluating OpenFlow Controller Paradigms , 2013 .

[66]  Vinod Yegneswaran,et al.  AVANT-GUARD: scalable and vigilant switch flow management in software-defined networks , 2013, CCS.

[67]  Fernando M. V. Ramos,et al.  Software-Defined Networking: A Comprehensive Survey , 2014, Proceedings of the IEEE.

[68]  Nick McKeown,et al.  Where is the debugger for my software-defined network? , 2012, HotSDN '12.

[69]  Andrew Warfield,et al.  Split/Merge: System Support for Elastic Execution in Virtual Middleboxes , 2013, NSDI.

[70]  Yanghee Choi,et al.  Implementation of Content-oriented Networking Architecture ( CONA ) : A Focus on DDoS Countermeasure , 2010 .

[71]  Kpatcha M. Bayarou,et al.  OrchSec: An orchestrator-based architecture for enhancing network-security using Network Monitoring and SDN Control functions , 2014, 2014 IEEE Network Operations and Management Symposium (NOMS).

[72]  Randy H. Katz,et al.  A view of cloud computing , 2010, CACM.

[73]  Xirong Que,et al.  On reliability-optimized controller placement for Software-Defined Networks , 2014, China Communications.

[74]  Costin Raiciu,et al.  SymNet: static checking for stateful networks , 2013, HotMiddlebox '13.

[75]  Mounir Hamdi,et al.  CheetahFlow: Towards low latency software-defined network , 2014, 2014 IEEE International Conference on Communications (ICC).

[76]  Marina Thottan,et al.  Measuring control plane latency in SDN-enabled switches , 2015, SOSR.

[77]  Francisco J. Ros,et al.  Five nines of southbound reliability in software-defined networks , 2014, HotSDN.

[78]  Fang Hao,et al.  Towards an elastic distributed SDN controller , 2013, HotSDN '13.

[79]  Didier Colle,et al.  Enabling fast failure recovery in OpenFlow networks , 2011, 2011 8th International Workshop on the Design of Reliable Communication Networks (DRCN).

[80]  Alberto Schaeffer-Filho,et al.  Towards SLA Policy Refinement for QoS Management in Software-Defined Networking , 2014, 2014 IEEE 28th International Conference on Advanced Information Networking and Applications.

[81]  Jun Bi,et al.  Source address validation solution with OpenFlow/NOX architecture , 2011, 2011 19th IEEE International Conference on Network Protocols.

[82]  Ehab Al-Shaer,et al.  FlowChecker: configuration analysis and verification of federated openflow infrastructures , 2010, SafeConfig '10.

[83]  Pontus Sköldström,et al.  Scalable fault management for OpenFlow , 2012, 2012 IEEE International Conference on Communications (ICC).

[84]  Monia Ghobadi,et al.  Rethinking end-to-end congestion control in software-defined networks , 2012, HotNets-XI.

[85]  O. Othman,et al.  Securing Distributed Control of Software Defined Networks , 2013 .

[86]  Jörg Schwenk,et al.  Lessons Learned From Previous SSL/TLS Attacks - A Brief Chronology Of Attacks And Weaknesses , 2013, IACR Cryptol. ePrint Arch..

[87]  Fang Hao,et al.  ElastiCon; an elastic distributed SDN controller , 2014, 2014 ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS).

[88]  Rob Sherwood,et al.  On Controller Performance in Software-Defined Networks , 2012, Hot-ICE.

[89]  David Watson,et al.  Enhancing end-to-end availability and performance via topology-aware overlay networks , 2008, Comput. Networks.

[90]  Yi Li,et al.  SmartTunnel: Achieving Reliability in the Internet , 2007, IEEE INFOCOM 2007 - 26th IEEE International Conference on Computer Communications.

[91]  Pavlin Radoslavov,et al.  ONOS: towards an open, distributed SDN OS , 2014, HotSDN.

[92]  Paul Smith,et al.  OpenFlow: A security analysis , 2013, 2013 21st IEEE International Conference on Network Protocols (ICNP).

[93]  Jeffrey F. Naughton,et al.  A software-defined networking based approach for performance management of analytical queries on distributed data stores , 2014, SIGMOD Conference.

[94]  Yi Wang,et al.  Towards a secure controller platform for openflow applications , 2013, HotSDN '13.

[95]  Vainius Dangovas,et al.  SDN-Driven Authentication and Access Control System , 2014 .

[96]  Lei Liu,et al.  Experimental validation and performance evaluation of OpenFlow-based wavelength path control in transparent optical networks. , 2011, Optics express.

[97]  Martín Casado,et al.  NOX: towards an operating system for networks , 2008, CCRV.

[98]  Brent Byunghoon Kang,et al.  Rosemary: A Robust, Secure, and High-performance Network Operating System , 2014, CCS.

[99]  Simon Oechsner,et al.  Modeling and performance evaluation of an OpenFlow architecture , 2011, 2011 23rd International Teletraffic Congress (ITC).

[100]  Hamid Farhadi,et al.  Software-Defined Networking: A survey , 2015, Comput. Networks.

[101]  David Tipper,et al.  Resilient network design: challenges and future directions , 2014, Telecommun. Syst..

[102]  Andreas Voellmy,et al.  Scalable software defined network controllers , 2012, SIGCOMM '12.

[103]  Sunhee Yang,et al.  RAON: Recursive Abstraction of OpenFlow Networks , 2014, 2014 Third European Workshop on Software Defined Networks.

[104]  R. L. Smeliansky,et al.  SDN for network security , 2014, 2014 First International Science and Technology Conference (Modern Networking Technologies) (MoNeTeC).

[105]  Aaron Gember,et al.  Pratyaastha: an efficient elastic distributed SDN control plane , 2014, HotSDN.

[106]  Tarik Taleb,et al.  Toward Elastic Distributed SDN/NFV Controller for 5G Mobile Cloud Management Systems , 2015, IEEE Access.

[107]  Nick McKeown,et al.  Delegating network security with more information , 2009, WREN '09.

[108]  Wu Chou,et al.  SDN Northbound REST API with Efficient Caches , 2014, 2014 IEEE International Conference on Web Services.

[109]  Rodrigo Braga,et al.  Lightweight DDoS flooding attack detection using NOX/OpenFlow , 2010, IEEE Local Computer Network Conference.

[110]  Tal Garfinkel,et al.  SANE: A Protection Architecture for Enterprise Networks , 2006, USENIX Security Symposium.

[111]  Thomas Pfeiffenberger,et al.  Reliable and flexible communications for power systems: Fault-tolerant multicast with SDN/OpenFlow , 2015, 2015 7th International Conference on New Technologies, Mobility and Security (NTMS).

[112]  Taesang Choi,et al.  Toward control path high availability for software-defined networks , 2015, 2015 11th International Conference on the Design of Reliable Communication Networks (DRCN).

[113]  Chen Sun,et al.  SFA: Stateful Forwarding Abstraction in SDN Data Plane , 2014, ONS.

[114]  Michael Schapira,et al.  VeriCon: towards verifying controller programs in software-defined networks , 2014, PLDI.

[115]  Hwee Pink Tan,et al.  Enhancing responsiveness and scalability for OpenFlow networks via control-message quenching , 2012, 2012 International Conference on ICT Convergence (ICTC).

[116]  Martín Casado,et al.  Onix: A Distributed Control Platform for Large-scale Production Networks , 2010, OSDI.

[117]  Sakir Sezer,et al.  Sdn Security: A Survey , 2013, 2013 IEEE SDN for Future Networks and Services (SDN4FNS).

[118]  Fernando M. V. Ramos,et al.  Towards secure and dependable software-defined networks , 2013, HotSDN '13.

[119]  Ram Dantu,et al.  Forwarding and Control Element Separation (ForCES) Framework , 2004, RFC.

[120]  Paul Congdon,et al.  Hey, you darned counters!: get off my ASIC! , 2012, HotSDN '12.

[121]  Jun Bi,et al.  Performing software defined route-based IP spoofing filtering with SEFA , 2014, 2014 23rd International Conference on Computer Communication and Networks (ICCCN).

[122]  Hani Jamjoom,et al.  Cementing high availability in openflow with RuleBricks , 2013, HotSDN '13.

[123]  Ross J. Anderson,et al.  Authentication for Resilience: The Case of SDN , 2013, Security Protocols Workshop.

[124]  Arjun Guha,et al.  Machine-verified network controllers , 2013, PLDI.

[125]  Muhammad Awais,et al.  Performance evaluation of OpenDaylight SDN controller , 2014, 2014 20th IEEE International Conference on Parallel and Distributed Systems (ICPADS).

[126]  Martín Casado,et al.  Ethane: taking control of the enterprise , 2007, SIGCOMM '07.

[127]  T. V. Lakshman,et al.  The SoftRouter Architecture , 2016 .

[128]  Otto Carlos Muniz Bandeira Duarte,et al.  AuthFlow: authentication and access control mechanism for software defined networking , 2016, Ann. des Télécommunications.

[129]  Andrei V. Gurtov,et al.  Securing the control channel of software-defined mobile networks , 2014, Proceeding of IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks 2014.

[130]  Vyas Sekar,et al.  Testing stateful and dynamic data planes with FlowTest , 2014, HotSDN.

[131]  Wang Wendong,et al.  Autonomic QoS management mechanism in Software Defined Network , 2014, China Communications.

[132]  Vinod Yegneswaran,et al.  Securing the Software Defined Network Control Layer , 2015, NDSS.

[133]  Rob Sherwood,et al.  FlowVisor: A Network Virtualization Layer , 2009 .

[134]  Thomas Magedanz,et al.  Elastic Network Design and Adaptive Flow Placement in Software Defined Networks , 2013, 2013 22nd International Conference on Computer Communication and Networks (ICCCN).

[135]  Song Guo,et al.  Byzantine-resilient secure software-defined networks with multiple controllers , 2014, 2014 IEEE International Conference on Communications (ICC).

[136]  H. Kim,et al.  A SDN-oriented DDoS blocking scheme for botnet-based attacks , 2014, 2014 Sixth International Conference on Ubiquitous and Future Networks (ICUFN).

[137]  Edjard de Souza Mota,et al.  A replication component for resilient OpenFlow-based networking , 2012, 2012 IEEE Network Operations and Management Symposium.

[138]  Fernando A. Kuipers,et al.  An SDN-based architecture for Network-as-a-Service , 2015, Proceedings of the 2015 1st IEEE Conference on Network Softwarization (NetSoft).

[139]  Jinwook Kim,et al.  QoS-aware Network Operating System for software defined networking with Generalized OpenFlows , 2012, 2012 IEEE Network Operations and Management Symposium.

[140]  Harry G. Perros,et al.  SDN-based solutions for Moving Target Defense network protection , 2014, Proceeding of IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks 2014.

[141]  Kamal Benzekki,et al.  Devolving IEEE 802.1X authentication capability to data plane in software-defined networking (SDN) architecture , 2016, Secur. Commun. Networks.

[142]  Rob Sherwood,et al.  OFLOPS: An Open Framework for OpenFlow Switch Evaluation , 2012, PAM.

[143]  David A. Maltz,et al.  Unraveling the Complexity of Network Management , 2009, NSDI.

[144]  Jamal Hadi Salim,et al.  Forwarding and Control Element Separation (ForCES) Protocol Specification , 2010, RFC.

[145]  Markus Hidell,et al.  Improving PC-based OpenFlow switching performance , 2010, 2010 ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS).

[146]  Dawei Li,et al.  Evaluation of Security Vulnerabilities by Using ProtoGENI as a Launchpad , 2011, 2011 IEEE Global Telecommunications Conference - GLOBECOM 2011.

[147]  Mabry Tyson,et al.  A security enforcement kernel for OpenFlow networks , 2012, HotSDN '12.

[148]  Martin Maier,et al.  Optical Switching Networks: Resilient packet ring , 2008 .

[149]  Martín Casado,et al.  Extending Networking into the Virtualization Layer , 2009, HotNets.

[150]  Mianxiong Dong,et al.  Quality-of-Experience (QoE) in Emerging Mobile Social Networks , 2014, IEICE Trans. Inf. Syst..

[151]  Zhiyang Li,et al.  The SDN controller placement problem for WAN , 2014, 2014 IEEE/CIC International Conference on Communications in China (ICCC).

[152]  Adrian Farrel,et al.  A Path Computation Element (PCE)-Based Architecture , 2006, RFC.

[153]  Azer Bestavros,et al.  Software-Defined IDS for securing embedded mobile devices , 2013, 2013 IEEE High Performance Extreme Computing Conference (HPEC).

[154]  Brighten Godfrey,et al.  Debugging the data plane with anteater , 2011, SIGCOMM.