In software-defined networking (SDN), the control plane is separated from the data plane. For scalability and robustness reasons, the logically centralized control plane is implemented by physically distributing different controllers throughout the network. The determination of the number and location of the SDN controllers is known as the controller placement problem (CPP). For given maximum switch-controller (SC) and controller-controller (CC) delays in the regular (failure-free) state, we aim to find a CPP solution that maximizes the control plane robustness against a given number of malicious node attacks. We describe an ILP-based method aiming to enumerate all CPP solutions that guarantee the existence of a data plane path from every switch to any controller if all other controller nodes are shut down (worst-case scenario). Then, for different malicious node attacks, based on node centrality metrics and corresponding to different attacker’s strategies, we evaluate the previous solutions to determine the ones that maximize the network robustness, considering the SDN control plane operating with or without split-brain. In the computational results, we compare the robustness and the average SC and CC delays of the best CPP solutions. Since a control plane with split-brain requires more controllers, the average SC and CC delays in the regular state of its CPP solutions are significantly better, on average. Concerning robustness, split-brain does not always provide the best robust CPP solutions due to its feature of requiring a minimum number of connected controllers (which must be over half of the total number of them) to be operational.
This is a preview of subscription content, access via your institution.
Buy single article
Instant access to the full article PDF.
Tax calculation will be finalised during checkout.
Subscribe to journal
Immediate online access to all issues from 2019. Subscription will auto renew annually.
Tax calculation will be finalised during checkout.
Rak J, Hutchison D, Calle E, Gomes T, Gunkel M, Smith P, Tapolcai J, Verbrugge S, Wosinska L (2016)RECODIS: Resilient communication services protecting end-user applications from disaster-based failures, in ICTON, , We.D1.4
Furdek M, Wosinska L, Goscien R, Manousakis K, Aibin M, Walkowiak K, Ristov S, Marzo J (2016) An overview of security challenges in communication networks, in RNDM, pp 43–50
Heller B, Sherwood R, McKeown N (2012) The controller placement problem. ACM HotSDN, New York, pp 7–12
Fonseca P, Bennesby R, Mota E, Passito A (2012) A replication component for resilient OpenFlow-based networking. NOMS 2012, Maui, pp 933–939
Vizarreta P, Mas Machuca C, Kellerer W (2016) Controller placement strategies for a resilient SDN control plane. In: RNDM, vol 2016. Halmstad, Sweden, pp 253–259
Perrot N, Reynaud T (2016) Optimal placement of controllers in a resilient SDN architecture. In: DRCN, vol 2016. France, Paris, pp 145–151
Santos D, de Sousa A, Mas Machuca C (2018) Robust SDN controller placement to malicious node attacks. DRCN 2018. France, Paris
ONOS project. https://onosproject.org/. Accessed June 2018
OpenDayLight project. https://www.opendaylight.org/. Accessed June 2018
Sakic E, Kellerer W (2018) Response time and availability study of RAFT consensus in distributed SDN control plane. IEEE Trans Netw Serv Manag 15(1):304–318
Muqaddas AS, Giaccone P, Bianco A, Maier G (2017) Inter-controller traffic to support consistency in ONOS clusters. IEEE Trans Netw Serv Manag 14(4):1018–1031
Jiménez Y, Cervelló-Pastor C, García AJ (2014) On the controller placement for designing a distributed SDN control layer. IFIP networking conference 2014, Trondheim, Norway
Hock D, Hartmann M, Gebert S, Jarschel M, Zinner T, Tran-Gia P (2013) Pareto-optimal resilient controller placement in SDN-based core networks. ITC 2013, Shanghai, China
Rueda DF, Calle E, Marzo JL (2017) Improving the robustness to targeted attacks in software defined networks (SDN). DRCN 2017, Munich, Germany, pp 78–85
Rueda DF, Calle E, Marzo JL (2017) Robustness comparison of 15 real telecommunication networks: structural and centrality measurements. J Netw Syst Manag 25(2):269–289
Nencioni G, Helvik BE, Heegaard PE (2017) Including failure correlation in availability modeling of a software-defined backbone network. IEEE Trans Netw Serv Manag 14(4):1032–1045
This article is based upon work from COST Action CA15127 (“Resilient communication services protecting end user applications from disaster-based failures—RECODIS”) supported by COST (European Cooperation in Science and Technology). The work was also supported by FCT (“Fundação para a Ciência e Tecnologia”), Portugal, under the projects ResNeD—CENTRO-01-0145-FEDER-029312 and UID/EEA/50008/2019. This work was conducted while Dorabella Santos was with Instituto de Telecomunicações, Aveiro, Portugal, supported by the FCT postdoc grant SFRH/BPD/111503/2015.
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
About this article
Cite this article
Santos, D., de Sousa, A. & Mas Machuca, C. The controller placement problem for robust SDNs against malicious node attacks considering the control plane with and without split-brain. Ann. Telecommun. 74, 575–591 (2019). https://doi.org/10.1007/s12243-019-00725-7
- Controller placement problem
- Malicious node attacks
- Integer linear programming
- Node centrality