Research On Failure Propagation Suppression Method Of Inter-Domain Routing System Based On Software-Defined Networking

The inter-domain routing system is the key infrastructure of the Internet,and maintaining the security of the inter-domain routing system is of great significance to ensuring the security of the Internet.The occurrence of security events such as disasters and attacks will cause some router nodes and links in the inter-domain routing system to fail,and even the failure will continue to propagate due to the mutual coupling relationship,which will cause cascading failures and seriously affect Internet security.Existing research attempts to solve the problem of failure propagation by adjusting protocol parameters,optimizing path selection,and adding alternative paths.However,due to the coupling of the control plane and the data plane of the BGP protocol and the lack of awareness of the link status,the failure propagation phenomenon cannot be effectively suppressed.In order to suppress failure propagation,the existing failure propagation mechanism must be destroyed.SDN naturally has the characteristics of separation of the control plane and the data plane,and can dynamically adjust the routing selection according to the real-time status of the link,which overcomes the inherent shortcomings of the BGP protocol.In addition,the software-defined inter-domain routing node(SDN＿AS)is distributed in the inter-domain routing system.Based on the SDN＿AS node’s processing method of load and UPDATE messages different from BGP,the failure propagation mechanism can be changed.In order to verify whether SDN＿AS can suppress the propagation of cascading failures,this paper establishes a cascading failure model of the interdomain routing system integrating SDN＿AS and AS.Based on this model,simulation experiments have theoretically verified the feasibility of using SDN＿AS nodes to suppress the failure propagation of the inter-domain routing system.Aiming at the problems of the existing SDN＿AS nodes lacking a mechanism for handling excessive messages when security incidents occur,and the lack of collaborative routing strategies among SDN＿AS nodes.In order to improve the ability of SDN＿AS node to change the failure propagation mechanism,the relevant strategies of SDN＿AS node to suppress failure propagation are studied.In order to solve the contradiction between the smaller number of SDN＿AS node deployments and the need for higher suppression effect,the research on the selection of distributed deployment locations of SDN＿AS nodes was launched.The main work and research results of this paper are as follows:1.A cascading failure model of the inter-domain routing system that integrates SDN＿AS and AS is constructed.Based on the different processing strategies of the SDN＿AS node before and after its adjacent edges reach the rated load,the suppression effect of SDN＿AS on the cascading failure of the inter-domain routing system is studied.The experimental results show that under the condition of removing 10% of the nodes.Only the top 0.15% nodes in degree order are used as SDN＿AS nodes.When the tolerance coefficient is set to 0.1,the network connectivity can reach more than 75%,which is 21.7% higher than the network without SDN＿AS nodes.Therefore,deploying SDN＿AS nodes in important locations can effectively improve network connectivity.2.A method to suppress the influence of UPDATE messages based on SDN is proposed.The existing research cannot identify invalid packets caused by security incidents,so that the problem of repeated updates of invalid routes cannot be suppressed.By analyzing the different effects of different types of messages arriving at the same node at different times,five UPDATE message preprocessing rules are proposed.Based on the above rules,the UPDATE message preprocessing mechanism is designed.Experimental results show that this mechanism can reduce the total number of messages by an average of 19% and a maximum of 34.9% by preprocessing the UPDATE message when a security incident occurs.Aiming at the problem of slow route retrieval in the existing routing update method using SDN,a hierarchical structure of routing information table oriented to multi-level search is designed.The experimental results show that compared with the existing methods,the routing update efficiency can be significantly improved.3.A routing method based on link status is proposed.Based on the low-level network state awareness capability of SDN,in a single SDN＿AS node network,based on the adjacent link state of the SDN＿AS node,the link congestion NEXT＿HOP node set is constructed,and a single node routing method based on the SDN＿AS adjacent link state is designed.Aiming at the problem of the lack of collaborative routing strategy in the existing research on the regional deployment of SDN＿AS nodes,the regional available link set is constructed by sharing the network state of multiple SDN＿AS nodes,and the regional node collaborative routing update method is designed according to the regional available link set.Experimental results show that whether it is singlenode deployment or multi-node collaborative deployment,routing can be dynamically selected based on the real-time status of the link to avoid new failed links.4.A distributed deployment method of SDN＿AS nodes based on the number of collaborative influence paths(DDMS-NCIP)is proposed.Based on the cascading failure model of the inter-domain routing system integrating SDN＿AS and AS,the SDN＿AS’s suppression mechanism on failure propagation is analyzed,and it is found that the number of influencing paths is the key factor that determines the effect of SDN＿AS nodes on the failure propagation suppression.Considering the crossover of the influence paths of different SDN＿AS nodes,in order to maximize the suppression effect of the distributed deployment of SDN＿AS nodes on cascading failures,a distributed deployment method of SDN＿AS nodes based on the number of cooperative influence paths is designed.In 50 random experiments,the probability that the DDMS-NCIP method is better than the degree-based node deployment method and the betweenness-based node deployment method in suppressing the effect of failure is 67.5% and 77%,respectively.