Domain Isolation in a Multi-Tenant Software-Defined Network

Loading...
Thumbnail Image
Journal Title
Journal ISSN
Volume Title
Sähkötekniikan korkeakoulu | Master's thesis
Date
2015-05-11
Department
Major/Subject
Networking Technology
Mcode
S3029
Degree programme
TLT - Master’s Programme in Communications Engineering
Language
en
Pages
97+10
Series
Abstract
Software-Defined Networking (SDN) has evolved as a new networking paradigm to solve many of current obstacles and limitations in communication networks. The SDN technology is going to be implemented in multi-tenant environments like data centers where several customers, which are called “tenants”, share network resources. In fact, the integration of SDN allows tenants in a shared network to have higher levels of control over available resources. While this approach has several advantages, the isolation between the tenants of a shared network becomes a vital factor which has not been discussed clearly so far. This thesis discusses multi-tenancy and explains current isolation approaches in a multi-tenant SDN. For increasing isolation between tenants, this thesis proposes a scalable solution that provides traffic isolation, address space isolation, control isolation and performance isolation. In the new system architecture, tenants are not limited to their own networks and they are able to make interaction with each other and external resources. Indeed, while tenants are isolated from each other, they are allowed to access special services offered by other tenants or external services outside of a shared network. The evaluation of the prototype proves that the new architecture provides a high level of isolation in a multi-tenant SDN and it is scalable enough to be implemented in large networks with millions of tenants.
Description
Supervisor
Manner, Jukka
Thesis advisor
Slavov, Kristian
Keywords
traffic isolation, multi-tenancy, SDN, domain, packet rewriting, monitoring
Other note
Citation