Abstract:
With the decoupling of network control and data
planes, the upcoming Software Defined Networking (SDN)
paradigm advocates better network control and manageability. It
introduces logical centralized control, network programmability
and abstraction of underlying infrastructure from network
services and applications. With global visibility of network state
and central control that eases real time monitoring, policy
alterations etc., it certainly enhances network security inherently.
However, the separation of planes opens up new challenges like
denial of service (DoS) attack, saturation attack, man-in-the
middle attack and so on.
Many of the issues of controller availability, controller-switch
communication delay and scalability can be solved separately by
distributed controllers, out-of-band communication links and
parallelization respectively. Control-data plane intelligence
trade-off has the potential to solve all of these. It increases
controller availability, reduces latency for traffic engineering &
decision making, and improves controller scalability. Moreover,
control-data plane intelligence trade-off enables the control-data
plane communication to be more secure. This will tremendously
offload the processing load on the controller. We present how to
realize control-data plane intelligence tradeoff extending
OpenFlow.