heterogenous_policy.pdf (716.5 kB)
Enforcing network policy in heterogeneous network function box environment
journal contribution
posted on 2018-06-11, 13:02 authored by Lin Cui, Fung Po TsoFung Po Tso, Weijia JiaData center operators deploy a variety of both physical and virtual network functions boxes (NFBs) to take advantages of inherent efficiency offered by physical NFBs with the agility and flexibility of virtual ones. However, such heterogeneity faces great challenges in correct, efficient and dynamic network policy implementation because, firstly, existing schemes are limited to exclusively physical or virtual NFBs and not a mix, and secondly, NFBs can co-exist at various locations in the network as a result of emerging technologies such as Software Defined Networking (SDN) and Network Function Virtualization (NFV). In this paper, we propose a Heterogeneous netwOrk pOlicy enforCement scheme (HOOC) to overcome these challenges. We first formulate and model HOOC, which is shown be to NP-Hard by reducing from the Multiple Knapsack Problem (MKP). We then propose an efficient online algorithm that can achieve optimal latency-wise NF service chaining amongst heterogenous NFBs. In addition, we also provide a greedy algorithm when operators prefer smaller run-time than optimality. Our simulation results show that HOOC is efficient and scalable whilst testbed implementation demonstrates that HOOC can be easily deployed in the data center environments.
Funding
The work has been partially supported in part by Chinese National Research Fund (NSFC) nos. 61772235 and 61402200; the Fundamental Research Funds for the Central Universities (21617409); the UK Engineering and Physical Sciences Research Council (EPSRC) grants EP/P004407/2 and EP/P004024/1; DCT-MoST Joint-project no. (025/2015/AMJ); University of Macau Funds no. CPG2018-00032-FST & SRG2018-00111-FST; NSFC Key Project no. 61532013; National China 973 Project no. 2015CB352401; Shanghai Scientific Innovation Act of STCSM no. 15JC1402400 and 985 Project of Shanghai Jiao Tong University: WF220103001.
History
School
- Science
Department
- Computer Science
Published in
Computer NetworksVolume
138Pages
108 - 118Citation
CUI, L., TSO, F.P. and JIA, W., 2018. Enforcing network policy in heterogeneous network function box environment. Computer Networks, 138, pp.108-118.Publisher
© ElsevierVersion
- AM (Accepted Manuscript)
Publisher statement
This work is made available according to the conditions of the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International (CC BY-NC-ND 4.0) licence. Full details of this licence are available at: https://creativecommons.org/licenses/by-nc-nd/4.0/Acceptance date
2018-03-26Publication date
2018Notes
This paper was published in the journal Computer Networks and the definitive published version is available at https://doi.org/10.1016/j.comnet.2018.03.029.ISSN
1389-1286Publisher version
Language
- en