heterogenous_policy.pdf (716.5 kB)

Enforcing network policy in heterogeneous network function box environment

Download (716.5 kB)
journal contribution
posted on 11.06.2018, 13:02 by Lin Cui, Fung Po Tso, Weijia Jia
Data center operators deploy a variety of both physical and virtual network functions boxes (NFBs) to take advantages of inherent efficiency offered by physical NFBs with the agility and flexibility of virtual ones. However, such heterogeneity faces great challenges in correct, efficient and dynamic network policy implementation because, firstly, existing schemes are limited to exclusively physical or virtual NFBs and not a mix, and secondly, NFBs can co-exist at various locations in the network as a result of emerging technologies such as Software Defined Networking (SDN) and Network Function Virtualization (NFV). In this paper, we propose a Heterogeneous netwOrk pOlicy enforCement scheme (HOOC) to overcome these challenges. We first formulate and model HOOC, which is shown be to NP-Hard by reducing from the Multiple Knapsack Problem (MKP). We then propose an efficient online algorithm that can achieve optimal latency-wise NF service chaining amongst heterogenous NFBs. In addition, we also provide a greedy algorithm when operators prefer smaller run-time than optimality. Our simulation results show that HOOC is efficient and scalable whilst testbed implementation demonstrates that HOOC can be easily deployed in the data center environments.


The work has been partially supported in part by Chinese National Research Fund (NSFC) nos. 61772235 and 61402200; the Fundamental Research Funds for the Central Universities (21617409); the UK Engineering and Physical Sciences Research Council (EPSRC) grants EP/P004407/2 and EP/P004024/1; DCT-MoST Joint-project no. (025/2015/AMJ); University of Macau Funds no. CPG2018-00032-FST & SRG2018-00111-FST; NSFC Key Project no. 61532013; National China 973 Project no. 2015CB352401; Shanghai Scientific Innovation Act of STCSM no. 15JC1402400 and 985 Project of Shanghai Jiao Tong University: WF220103001.



  • Science


  • Computer Science

Published in

Computer Networks




108 - 118


CUI, L., TSO, F.P. and JIA, W., 2018. Enforcing network policy in heterogeneous network function box environment. Computer Networks, 138, pp.108-118.


© Elsevier


AM (Accepted Manuscript)

Publisher statement

This work is made available according to the conditions of the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International (CC BY-NC-ND 4.0) licence. Full details of this licence are available at: https://creativecommons.org/licenses/by-nc-nd/4.0/

Acceptance date


Publication date



This paper was published in the journal Computer Networks and the definitive published version is available at https://doi.org/10.1016/j.comnet.2018.03.029.