Abstract
Software Defined Networking (SDN) provides a flexible and programmable infrastructure for future networks. SDN supports multi-domain networks where customers, called tenants, can share network resources on the large data centers. In the multi-tenant environment, tenants can share the network elements while keeping them isolated from each other. In this paper, we describe an isolated multi-tenant solution where the tenants can have control over their assigned network resources. The described approach provides isolation through VxLAN and configuration of flow tables in the OpenFlow switch. VxLAN tunnels are used to isolate packets transmitted by different tenants. Virtual Network Identifiers (VNIs) are assigned to the flow table for identification of the tenant.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Ahlgren, B., Dannewitz, C., Imbrenda, C., Kutscher, D., Ohlman, B.: A survey of information-centric networking. IEEE Commun. Mag. 50(7), 26–36 (2012)
S. Shin, P. Porras, V. Yegneswaran, M. Fong, G. Gu, M. Tyson, Fresco: modular composable security services for software-defined networks. In: Proceedings of Network and Distributed Security Symposium (2013)
Yu, M., Jose, L., Miao, R.: Software defined traffic measurement with opensketch. USENIX NSDI vol, 31 (2013)
Fayazbakhsh, S.K., Chiang, L., Sekar, V., Yu, M., Mogul, J.C.: Enforcing network-wide policies in the presence of dynamic middlebox actions using flowtags. In: USENIX NSDI, Seattle, WA, USA, pp. 1–13, 533–546 (2014)
Kapadia, S., Subagio, P.H., Yang, Y., Shah, N., Jain, V., Agrawal, A.: Implementation of virtual extensible local area network (VXLAN) in top-of-rack switches in a network environment, Google Patents, US Patent 9,565,105 (2017)
OpenFlow Switch Specification. http://goo.gl/1DYxw6. Accessed 14 Oct 2013
Ryu: An Operating System for Software Defined Network. http://osrg.github.com/ryu/
OpenDayLight. https://www.opendaylight.org/
POX: A Python-Based OpenFlow Controller. http://www.noxrepo.org/pox/about-pox/
Gude, N., et al.: NOX: towards an operating system for networks. ACM SIGCOMM CCR 38(3), 105–110 (2008)
Floodlight. http://floodlight.openflowhub.org/
Mahalingam, M., et al.: Virtual eXtensible Local Area Network (VXLAN): a framework for overlaying virtualized layer 2 networks over layer 3 networks. In: RFC7348 (2014). https://doi.org/10.17487/RFC7348
Chowdhury, N., Boutaba, R.: A survey of network virtualization. In: Elsevier Computer Networks (2010)
European Telecommunications Standards Institute, Network Functions Virtualisation (2012). http://portal.etsi.org/NFV/NFVWhitePaper.pdf
OpenStack. https://www.openstack.org/
Acknowledgment
This project has received funding from the European Unions H2020 research and innovation program under grant agreement H2020-MCSA-ITN- 2016-SECRET 722424
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Irum, S., Luedke, P., Warnke, K., Schulte, G. (2019). Multi-tenant Isolation in Software Defined Networks. In: Sucasas, V., Mantas, G., Althunibat, S. (eds) Broadband Communications, Networks, and Systems. BROADNETS 2018. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 263. Springer, Cham. https://doi.org/10.1007/978-3-030-05195-2_36
Download citation
DOI: https://doi.org/10.1007/978-3-030-05195-2_36
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-05194-5
Online ISBN: 978-3-030-05195-2
eBook Packages: Computer ScienceComputer Science (R0)