Software Defined Networking (SDN) is an active area for network research, with many organizations exploring the opportunities provided by the decoupling of network control from packet forwarding. However, questions remain over the operation of such systems in production. In order to build operational confidence, we built Cardigan -a distributed router using OpenFlowand deployed it at a public Internet exchange. Cardigan applies a routing as a service abstraction to a RouteFlow controlled IP network in an effort to reduce operational complexity. The implementation and deployment efforts provide insights into the challenges involved with using these technologies, and suggests the viability of mixed device environments despite the limitations of early OpenFlow implementations.
Ian.Welch Christian.Seifert Dean.Pemberton} @mcs.vuw.ac.nz This paper introduces the Grid Enabled Internet Instrument concept and discusses instruments that are being developed at Victoria University to measure Internet quality. The first instrument is a Grid version of the network telescope for studying Internet Background Radiation (IBR) and the second is a hybrid client honeypot system using high and low interaction devices for scanning the web for malicious content and servers. A third instrument on VOIP quality has been approached through simulation. The GEII framework is a work in progress and the initial design is introduced in this paper as the basis of a new Grid of Internet sensors that could be deployed to improve Internet measurement and gain a global insight to Internet quality.
Over a decade of work has gone into securing the BGP routing control plane. Through all this, there has been an oft repeated refrain, "It is acknowledged that rigorous control plane verification does not in any way guarantee that packets follow the control plane." We describe what may be the first deployment of data plane enforcement of RPKI-based control plane validation. OpenFlow switches providing an exchange fabric and controlled by a Quagga BGP route server drop traffic for prefixes which have invalid origins without requiring any RPKI support by connected BGP peers.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.