Showing 1–7 of 7 results for author: Secci, S

Optimal Orchestration of Virtual Network Functions

Authors: Meihui Gao, Bernardetta Addis, Mathieu Bouet, Stefano Secci

Abstract: -The emergence of Network Functions Virtualization (NFV) is bringing a set of novel algorithmic challenges in the operation of communication networks. NFV introduces volatility in the management of network functions, which can be dynamically orchestrated, i.e., placed, resized, etc. Virtual Network Functions (VNFs) can belong to VNF chains, where nodes in a chain can serve multiple demands coming… ▽ More -The emergence of Network Functions Virtualization (NFV) is bringing a set of novel algorithmic challenges in the operation of communication networks. NFV introduces volatility in the management of network functions, which can be dynamically orchestrated, i.e., placed, resized, etc. Virtual Network Functions (VNFs) can belong to VNF chains, where nodes in a chain can serve multiple demands coming from the network edges. In this paper, we formally define the VNF placement and routing (VNF-PR) problem, proposing a versatile linear programming formulation that is able to accommodate specific features and constraints of NFV infrastructures, and that is substantially different from existing virtual network embedding formulations in the state of the art. We also design a math-heuristic able to scale with multiple objectives and large instances. By extensive simulations, we draw conclusions on the trade-off achievable between classical traffic engineering (TE) and NFV infrastructure efficiency goals, evaluating both Internet access and Virtual Private Network (VPN) demands. We do also quantitatively compare the performance of our VNF-PR heuristic with the classical Virtual Network Embedding (VNE) approach proposed for NFV orchestration, showing the computational differences, and how our approach can provide a more stable and closer-to-optimum solution. △ Less

Submitted 15 June, 2017; originally announced June 2017.

Can MPTCP Secure Internet Communications from Man-in-the-Middle Attacks?

Authors: Ho-Dac-Duy Nguyen, Chi-Dung Phung, Stefano Secci, Benevid Felix, Michele Nogueira

Abstract: -Multipath communications at the Internet scale have been a myth for a long time, with no actual protocol being deployed so that multiple paths could be taken by a same connection on the way towards an Internet destination. Recently, the Multipath Transport Control Protocol (MPTCP) extension was standardized and is undergoing a quick adoption in many use-cases, from mobile to fixed access networks… ▽ More -Multipath communications at the Internet scale have been a myth for a long time, with no actual protocol being deployed so that multiple paths could be taken by a same connection on the way towards an Internet destination. Recently, the Multipath Transport Control Protocol (MPTCP) extension was standardized and is undergoing a quick adoption in many use-cases, from mobile to fixed access networks, from data-centers to core networks. Among its major benefits -- i.e., reliability thanks to backup path rerouting; throughput increase thanks to link aggregation; and confidentiality thanks to harder capacity to intercept a full connection -- the latter has attracted lower attention. How interesting would it be using MPTCP to exploit multiple Internet-scale paths hence decreasing the probability of man-in-the-middle (MITM) attacks is a question to which we try to answer. By analyzing the Autonomous System (AS) level graph, we identify which countries and regions show a higher level of robustness against MITM AS-level attacks, for example due to core cable tapping or route hijacking practices. △ Less

Submitted 24 April, 2017; originally announced April 2017.

Securing Virtual Network Function Placement with High Availability Guarantees

Authors: Marco Casazza, Pierre Fouilhoux, Mathieu Bouet, Stefano Secci

Abstract: Virtual Network Functions as a Service (VNFaaS) is currently under attentive study by telecommunications and cloud stakeholders as a promising business and technical direction consisting of providing network functions as a service on a cloud (NFV Infrastructure), instead of delivering standalone network appliances, in order to provide higher scalability and reduce maintenance costs. However, the f… ▽ More Virtual Network Functions as a Service (VNFaaS) is currently under attentive study by telecommunications and cloud stakeholders as a promising business and technical direction consisting of providing network functions as a service on a cloud (NFV Infrastructure), instead of delivering standalone network appliances, in order to provide higher scalability and reduce maintenance costs. However, the functioning of such NFVI hosting the VNFs is fundamental for all the services and applications running on top of it, forcing to guarantee a high availability level. Indeed the availability of an VNFaaS relies on the failure rate of its single components, namely the servers, the virtualization software, and the communication network. The proper assignment of the virtual machines implementing network functions to NFVI servers and their protection is essential to guarantee high availability. We model the High Availability Virtual Network Function Placement (HA-VNFP) as the problem of finding the best assignment of virtual machines to servers guaranteeing protection by replication. We propose a probabilistic approach to measure the real availability of a system and design both efficient and effective algorithms that can be used by stakeholders for both online and offline planning. △ Less

Submitted 27 January, 2017; originally announced January 2017.

A Mood Value for Fair Resource Allocations

Authors: Francesca Fossati, Stefano Moretti, Stefano Secci

Abstract: In networking and computing, resource allocation is typically addressed using classical sharing protocols as, for instance, the proportional division rule, the max-min fair allocation , or other solutions inspired by cooperative game theory. In this paper, we argue that, describing the resource allocation problem as a cooperative game, such classical resource allocation approaches, as well as asso… ▽ More In networking and computing, resource allocation is typically addressed using classical sharing protocols as, for instance, the proportional division rule, the max-min fair allocation , or other solutions inspired by cooperative game theory. In this paper, we argue that, describing the resource allocation problem as a cooperative game, such classical resource allocation approaches, as well as associated notions of fairness, show important limitations. We identify in the individual satisfaction rate the key aspect of the challenge of defining a new notion of fairness and, consequently, a resource allocation algorithm more appropriate for the cooperative context. We generalize the concept of user satisfaction considering the set of admissible solutions for bankruptcy games. We adapt the Jain's fairness index to include the new user satisfaction rate. Accordingly, we propose a new allocation rule we call 'Mood Value'. For each user it equalizes our novel game-theoretic definition of user satisfaction with respect to a distribution of the resource. We test the mood value and the new fairness index through extensive simulations showing how they better support the fairness analysis. △ Less

Submitted 24 April, 2017; v1 submitted 27 January, 2017; originally announced January 2017.

Server Placement with Shared Backups for Disaster-Resilient Clouds

Authors: Rodrigo de Souza Couto, Stefano Secci, Miguel Elias Mitre Campista, Luís Henrique Maciel Kosmalski Costa

Abstract: A key strategy to build disaster-resilient clouds is to employ backups of virtual machines in a geo-distributed infrastructure. Today, the continuous and acknowledged replication of virtual machines in different servers is a service provided by different hypervisors. This strategy guarantees that the virtual machines will have no loss of disk and memory content if a disaster occurs, at a cost of s… ▽ More A key strategy to build disaster-resilient clouds is to employ backups of virtual machines in a geo-distributed infrastructure. Today, the continuous and acknowledged replication of virtual machines in different servers is a service provided by different hypervisors. This strategy guarantees that the virtual machines will have no loss of disk and memory content if a disaster occurs, at a cost of strict bandwidth and latency requirements. Considering this kind of service, in this work, we propose an optimization problem to place servers in a wide area network. The goal is to guarantee that backup machines do not fail at the same time as their primary counterparts. In addition, by using virtualization, we also aim to reduce the amount of backup servers required. The optimal results, achieved in real topologies, reduce the number of backup servers by at least 40%. Moreover, this work highlights several characteristics of the backup service according to the employed network, such as the fulfillment of latency requirements. △ Less

Submitted 19 October, 2015; originally announced October 2015.

Comments: Computer Networks 2015

Latency Versus Survivability in Geo-Distributed Data Center Design

Authors: Rodrigo de Souza Couto, Stefano Secci, Miguel Elias Mitre Campista, Luís Henrique Maciel Kosmalski Costa

Abstract: A hot topic in data center design is to envision geo-distributed architectures spanning a few sites across wide area networks, allowing more proximity to the end users and higher survivability, defined as the capacity of a system to operate after failures. As a shortcoming, this approach is subject to an increase of latency between servers, caused by their geographic distances. In this paper, we a… ▽ More A hot topic in data center design is to envision geo-distributed architectures spanning a few sites across wide area networks, allowing more proximity to the end users and higher survivability, defined as the capacity of a system to operate after failures. As a shortcoming, this approach is subject to an increase of latency between servers, caused by their geographic distances. In this paper, we address the trade-off between latency and survivability in geo-distributed data centers, through the formulation of an optimization problem. Simulations considering realistic scenarios show that the latency increase is significant only in the case of very strong survivability requirements, whereas it is negligible for moderate survivability requirements. For instance, the worst-case latency is less than 4~ms when guaranteeing that 80% of the servers are available after a failure, in a network where the latency could be up to 33 ms. △ Less

Submitted 16 October, 2015; originally announced October 2015.

Journal ref: 2014 IEEE Global Communications Conference (GLOBECOM)

Reliability and Survivability Analysis of Data Center Network Topologies

Authors: Rodrigo de Souza Couto, Stefano Secci, Miguel Elias Mitre Campista, Luís Henrique Maciel Kosmalski Costa

Abstract: The architecture of several data centers have been proposed as alternatives to the conventional three-layer one.Most of them employ commodity equipment for cost reduction. Thus, robustness to failures becomes even more important, because commodity equipment is more failure-prone. Each architecture has a different network topology design with a specific level of redundancy. In this work, we aim at… ▽ More The architecture of several data centers have been proposed as alternatives to the conventional three-layer one.Most of them employ commodity equipment for cost reduction. Thus, robustness to failures becomes even more important, because commodity equipment is more failure-prone. Each architecture has a different network topology design with a specific level of redundancy. In this work, we aim at analyzing the benefits of different data center topologies taking the reliability and survivability requirements into account. We consider the topologies of three alternative data center architecture: Fat-tree, BCube, and DCell. Also, we compare these topologies with a conventional three-layer data center topology. Our analysis is independent of specific equipment, traffic patterns, or network protocols, for the sake of generality. We derive closed-form formulas for the Mean Time To Failure of each topology. The results allow us to indicate the best topology for each failure scenario. In particular, we conclude that BCube is more robust to link failures than the other topologies, whereas DCell has the most robust topology when considering switch failures. Additionally, we show that all considered alternative topologies outperform a three-layer topology for both types of failures. We also determine to which extent the robustness of BCube and DCell is influenced by the number of network interfaces per server. △ Less

Submitted 14 October, 2015; v1 submitted 9 October, 2015; originally announced October 2015.

Comments: Journal of Network and Systems Management, 2015