GRD Journals- Global Research and Development Journal for Engineering | Volume 5 | Issue 6 | May 2020 ISSN- 2455-5703
Architecture of Software Defined Wide-Area Network: A Review Pooja Batra Nagpal Assistant Professor Department of Computer Science Amity University Sarika Chaudhary Assistant Professor Department of Computer Science Amity University
Naman Verma PG Student Department of Computer Science Amity University
Abstract The SD-WAN is network architecture of the virtual wide-area system which provides facility to network services to better invest in broadband, LTE, MPLS internet services included in the transport services. This paper consists of full analysis review of SDWAN and its logical architecture for further development according to the new generation internet demands. During analysis of existing architectures many limitations were found like existing architecture of wan is no more capable to provide high performance with the massive bandwidth of data being on websites, full edge functionalities of data servers and network services. Newly developed advanced applications and with new upgraded technology has inflated the requirements of the long-distance data transmission, which leads to redesigning the wide-area network with a newly designed structure and perspectives which accomplishes the network demands. Some good features also identified like some of the vulnerabilities that can be possible to obtain the information of the version of operating system, version of web server, and type of device which can be used to detect vulnerabilities in the network device. Keywords- Data Transmission, Wide-Area Network, Cloud Solution, Internet Services, New Generation Internet
I. INTRODUCTION In the earlier few decades, there's a lot of advancement in technology in courses of internet services. As the essential synchromesh mechanisms available on the Internet, a WAN just like the inter-data network in the center, industry channels, and transport systems, has developed the crucial foundations of the knowledge community [1]. Now, this fast-upgrading of systems and creation up of innovative software has elevated the demanding the extensive area networks requirements. Let's take an example, a service provider for Video conferencing needs a communicating broadcaster to their spectator's latency should be more inadequate than 400 ms; Service providers of Internet expect for the begin further ventures in their systems within specified times as most of the WAN's were devised formerly to operate with the reliable and best comprehension, as they did not grant any (QOS) excellence service guarantees. With the extension, numerous labels of tools in service providers grade networks, and each project is mostly configured in service provider's low-level system, starting a unique experiment on a network ordinarily needs numerous months and up to several years and also requires a lot of manpower [2]. Considering the raising of the expense, maintaining, and WAN debugging is notably huge and common WAN shows several limitations on numerous perspectives such as guaranteeing the quality of service status and efficiently upgrading the network, establishing WAN with new patterns are essential. The SD-WAN is considered as one of the best architectures of next-generation WAN [10], which provides network operators with a new possibility to build a network. SD-WAN is advised to utilize techniques of software defined architecture in networking corporations comprising a broad terrestrial range, and it accomplishes the objective of managing by practicing the software conception that is diverse as of the SDN termed as Software Defined Network. SD-WAN simplifies the association structure and contriving among various positions, as compared to the conventional WAN, SD-WAN has two advantages that are fitting as per the modern demands [3]. As first, it implements the integrated computerized structure for controlling hosting pertinence that is constructed in a centric way while getting in with the tolerance of level of application requirements to support the Quality of Experience as per perceived by users; And second is that it is able to provide convenient defined system strategies and maintains internet traffic without needing old-fashioned standard configuration on every system [4]. The above resources enable it to guarantee to implement service specific software, users, locations, and simplify the network superintendence responsibilities and expedite internet performance grades.
II. RELATED WORK On 29 October 2014, A Paper has published "Network utilization optimizer for SD-WAN" where they performed a simplistic resolution solving network utilization problem. In the case of any link fault, the issues induced by the interruption are re-routed
All rights reserved by www.grdjournals.com
1
Architecture of Software Defined Wide-Area Network: A Review (GRDJE/ Volume 5 / Issue 6 / 001)
over an alternative route. In this, the whole network structure acts as the single distributed switch from an external connections perspective. Still, their solution architecture allows modifying the entire network design from switch to assigned router. On 29 October 2018, another paper published "SD-WAN Internet Census" Stating the completion of passive and active fingerprinting for SD-WAN systems using a threat intelligence approach. They explored Internet-based and cloud-based publicly available SD-WAN systems using well-known Censys and Shodan search engines, and custom-developed computerization tools and shown that most of the SD-WAN systems have known vulnerabilities related to outdated software and precarious configuration. On 27 December 2018, A paper published "Method and system of providing quality of experience visibility in an SDWAN." Stating that the path state machine ascertains a set of flags configured to define path acceptability that meets specified scheduling patterns for a path selection provision.
III. LIMITATIONS IN CURRENT APPROACH OF ARCHITECTURE There are a lot of limitations of the current approach of WAN architecture. This includes: 1) It does not interface with the underlying network to access data transport services. It is not capable of integrating packet-level network services. 2) The integrated devices of ADC hardware are easy to configure, but they are too much expensive and creates problem to scale out. 3) Routers that are based on content may create a bottleneck because they need to process all the traffic of application. 4) Challenging to deploy with the multi-cloud services and creates several issues. Because ADC needs to have full access to application-level data. While the ASPs may not be ready to share the data with the CSP. And the existing ADCs are very costly; thus, they need to be virtualized so that it can be shared and work with multiple ASPs. 5) An application neutral and better traffic steering solution is required so that it can be capable of benefiting both the sender and receiver parties.
IV. ARCHITECTURE OF SD-WAN The architectures of the underlying WAN's are inappropriate to cooperate with new era's more vibrant networking courses and adhere to the requirements for QoE and current users. SD-WAN is being extensively considered to substitute the existing network. The central concept of SD-WAN to clarify Internet services in Wide Area Networks, optimize the internet network superintendence and advanced reform and acceptability as corresponded to old architectures of WAN [3]. In this, we give a study of the physical and logical flow structures of the SD-WAN.
Fig. 1: Logical Flow Architecture and physical architecture of SD-WAN
A. Logical Flow Architecture of SD-WAN Starting from the base to the topmost layer, the SD-WAN is divided into three layers, and this includes the data layer, control layer and the application layer as shown in Figure 1. The purposes of the data layer are for bandwidth virtualization and data forwarding [3]. Commonly, a Wide Area Network contains various kinds of networks like switching fabric, 4G, and Internet multiple protocol labels [9]. To appropriate the resources of bandwidth thoroughly, virtualization of bandwidth consolidates different network All rights reserved by www.grdjournals.com
2
Architecture of Software Defined Wide-Area Network: A Review (GRDJE/ Volume 5 / Issue 6 / 001)
sections supporting one volume into a resource pool that is available for all applications and services [4]. Forwarding of data contains a different assemblage of network forwarding components that is mainly switched in forwarding packets order utilizing the bandwidth provided by virtualization of bandwidth. Both of them receive directions from the controller of the top layer network with the help of interface protocols such as Open Flow. Control layer contains many network functions. These functions of the network are managed and achieved autonomously [8]. These features allow internet operators to develop, modify, remove irrational, and debug at a moderate expense without affecting others. The extension of operating individually, system roles can be combined or connected mutually to perform numerous assistances and enhance the acceptability of SD-WAN [5]. For instance, internet monitoring gives an overall traffic avenue to network planning, by the help of these results, the optimal scheduling analysis to accomplish in the network is estimated. Quality of Service holds the assessment of gratifying software requirements at the time of transmission of data. The layer of Application allows the developers of the Application and the providers of the internet services to demonstrate their necessary system demands for the system within the representation of Application and network composition can render specifications of high level stated around in straightforward language within acquiescent conďŹ guration of networks. As an increase in a lot of more dimensional requirements of applications, that is essential to customize designs of the network while catching the narrative of properties of software [5]. For instance, to satisfy users, it is required to have a high bitrate and low latency in the live video streaming services. Developers of Application may demonstrate the policies regarding managing some unyielding conditions plus reducing them in a WAN [11]. Comparable to the representation of applications, network composition is intended to summarize fundamentals of the network, just like networking with multi objects and also networking with cost-productive manners [12]. The layer of Application facilitates developers of applications and internet providers to be further concerned regulating the internet network. B. Physical Architecture of SD-WAN Multiple factions of switches of SDN are connected to each other by physical links in the layer of data [3]. The controller of the network is the administrator of these systems. Generally, the controller of the network is a batch or a server that depends upon the capacity of bandwidth. The controller of the network instructs various network functions [6]. The internet service provider and software developers can verbalize the conditions to the controller of the system, and then the controller of the network will persuade them toward policies and conďŹ gurations [7]. Commonly, in different places, there are more numerous controllers of the network distributed, in which one of them is elected as the central controller as master and the rest of the others as controllers for backup So that when the main controller master crashes, immediately it will be taken over by a controller from the backup [3]
V. SD-WAN THREAT VULNERABILITY IDENTIFICATION There are some of the vulnerabilities that can be possible to obtain the information of the version of operating system, version of webserver, and type of device which can be used to detect vulnerabilities in the network device [16]. The most vendors for SDWAN system are belonging to the segment of enterprise level vendors. This includes 493 hosts from Riverbed, 452 hosts from VMWare, and 255 hosts from Arista followed by 240 from Sonus as shown in the table 1. But based on the parameter of analysis, the version information of SD-WAN deployed on the Internet is using outdated software, this includes several vulnerabilities even Amazon web services marketplace was outdated [17]. This increases the chances of attack and vulnerability against the SD-WAN system architecture. Table 1: Existing Vendors of SD -WAN Architecture System Vendor Name Number of Hosts Share in Percentage Riverbed 520 23.0% VMWare 452 20.0% Arista 255 11.3% Sonus 240 10.6% Silver Peak Systems 234 10.3% Veisa 203 9.0% Fatpipe 166 7.3% Vipnnet 68 3.0% Nuage 67 3.0% Cisco 60 2.6%
VI. CONCLUSION The Software DeďŹ ned Wide Area Network is reliable for analyzing, and it's also the one of significant concern regarding the new generation Wide Area Network. By this paper analysis, we presented some difficulties of the traditional WAN as SD-WAN is considered as the assuring structure of new engendering purpose of the WAN, as impersonated the architectures of physical and logical structures. The representational advances conceived are examined to promote it. Analysis presented in this paper supports encouragement of the SD-WAN ahead.
All rights reserved by www.grdjournals.com
3
Architecture of Software Defined Wide-Area Network: A Review (GRDJE/ Volume 5 / Issue 6 / 001)
ACKNOWLEDGEMENT I would like to show my gratitude towards my guide Ms. Pooja Batra Nagpal for sharing her pearls of wisdom during the course of this research, and I also thank Ms. Sarika Chaudhary for her so-called insights. I am immensely grateful for their comments on an earlier version of the manuscript, although any errors are my own and should not tarnish the reputations of these esteemed persons.
REFERENCES [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12] [13] [14] [15] [16] [17]
K.-T. Foerster, S. Schmid, S. Vissicchio, “Survey of consistent software-defined network updates,” IEEE Communications Surveys & Tutorials, 2018. X. Zuo, Y. Cui, M. Wang, T. Wang, X. Wang, “Low-latency networking: Architecture, techniques, and opportunities,” IEEE Internet Computing, 2018. F. Bannour, S. Souihi, A. Mellouk, “Distributed sdn control: Survey, taxonomy, and challenges,” IEEE Communications Surveys & Tutorials, 2018. O.Michel and E.Keller,“Sdn in wide-area networks:A survey,” in IEEE Fourth International Conference on Software Defined Systems (2017). W. Braun and M. Menth, “Software-defined networking using openflow: Protocols, applications and architectural design choices,” Future Internet, 2014. Z. A. Qazi, C.-C. Tu, L. Chiang, R. Miao, V. Sekar, and M. Yu, “Simplefying middlebox policy enforcement using sdn,” in ACM SIGCOMM (2013). A. Gember-Jacobson, R. Viswanathan, C. Prakash, R. Grandl, J. Khalid, S.Das,andA.Akella,“Opennf:Enablinginnovationinnetworkfunction control,” in ACM SIGCOMM (2014). S. Jain, A. Kumar, S. Mandal, J. Ong, L. Poutievski, A. Singh, S. Venkata, J. Wanderer, J. Zhou, M. Zhu et al., “B4: Experience with a globallydeployed software defined wan,” in ACM SIGCOMM (2013). H. Nam, K.-H. Kim, J. Y. Kim, and H. Schulzrinne, “Towards qoeaware video streaming using sdn,” in IEEE Global Communications Conference (2014). R. Hartert, S. Vissicchio, P. Schaus, O. Bonaventure, C. Filsfils, T. Telkamp, and P. Francois, “A declarative and expressive approach to control forwarding paths in carrier-grade networks,” ACM SIGCOMM (2015). X. Yin, A. Jindal, V. Sekar, and B. Sinopoli, “A control-theoretic approach for dynamic adaptive video streaming over http,” in ACM SIGCOMM (2015). V. Jalaparti, I. Bliznets, S. Kandula, B. Lucier, and I. Menache, “Dynamic pricing and traffic engineering for timely inter-datacenter transfers,” in ACM SIGCOMM (2016). S. Liu and B. Li, “On scaling software-defined networking in wide-area networks,” Tsinghua Science and Technology, 2015. P. Berde, M. Gerola, J. Hart, Y. Higuchi, M. Kobayashi, T. Koide, B. Lantz, B. O’Connor, P. Radoslavov, W. Snow et al., “Onos: towards an open, distributed sdn os,” in ACM HotSDN (2014). C.-Y. Hong, S. Kandula, R. Mahajan, M. Zhang, V. Gill, M. Nanduri, and R. Wattenhofer, “Achieving high utilization with software-driven wan,” in ACM SIGCOMM (2013). Silver Peak VXOA < 6.2.11 - Multiple Vulnerabilities. URL https://www.exploitdb.com/exploits/38197/. Arista Security Advisories. Security Advisory 0037. URL https://www.arista.com/en/support/advisories-notices/security-advisories/5782security-advisory37
All rights reserved by www.grdjournals.com
4