Research On Key Techniques Of Fault Tolerance In Software-Defined Networking

As a new type of Internet architecture,Software-Defined Networking(SDN)decouples network control and data forwarding functions to realize flexible network control and intelligent management,which can meet the constantly emerging dynamic service requirements.Currently,SDN is widely used in network application scenarios such as cloud computing,5G,and the Internet of Things,becoming one of the most promising technologies in the field of new network architecture.However,with the continuous expansion of SDN deployment scale and application scenarios,centralized control and programmable features significantly increase the security threats and failure risks of network,such as unauthorized controller access,and link interruption.On the one hand,considering the current programming technologies and open network ecosystems,zero vulnerabilities and backdoors cannot be guaranteed in the development of SDN hardware and software.Malicious attacks based on known or unknown vulnerabilities and backdoors lead to serious security threats to SDN networks.On the other hand,with the rapid expansion of network scale and explosive growth of traffic,various components in SDN are prone to random failure caused by malicious traffic attacks or physical damage,severely affecting the normal service of SDN networks.Aiming at the above problems,the existing fault tolerance schemes are mainly analyzed and studied from the aspects of controller master and slave redundancy,switch dynamic mapping,link proactive recovery,etc.However,there are some problems such as limited fault tolerance and high network resource overhead.For instance,Byzantine fault tolerance architectures are challenging to defend against coordinated attacks based on unknown vulnerabilities and backdoors due to its homogeneous redundancy,and proactive recovery scheme of fault links lead to excessive overhead of system resource.Therefore,aiming to enhance the fault tolerance of SDN,this thesis centers on the network architectures of control plane and data plane,focusing on the analysis of critical faults faced by controllers,switches,and links.Firstly,control plane is the core of SDN,where the different deployment locations and vulnerabilities threat of controllers seriously affect the load balancing of controllers and network communication delay,specifically manifesting as controller fault and multi-controller placement fault.Secondly,data plane is the foundation of SDN,problems such as malicious rule tampering and physical damage can lead to frequent switch migration or traffic transmission interruption,specifically manifesting as switch remapping fault and link fault.Then,based on the existing work,this thesis optimizes and designs of above fault tolerance schemes to meet the reliability and security requirements of SDN.The main research contributions of this thesis are as follows:1.Aiming at the problem of controller fault caused by vulnerability attacks and physical damage in control plane,a security architecture based on heterogeneous multi-controllers is designed.Firstly,by deploying multiple heterogeneous controllers to expand the dynamic heterogeneous of control plane.At the same time,the attack surface and security model of heterogeneous multi-controller architecture are modeled.Secondly,the vulnerability topology graph is constructed based on the vulnerability in controllers,a new heterogeneity quantization algorithm of controller set is designed by considering high-order vulnerability.Finally,considering the historical confidence and minimum sleep time of controllers,an adaptive scheduling algorithm of multi-controllers is proposed.Theoretical analysis and simulation results prove that the proposed architecture is safe and effective,and compared with similar schemes,the proposed scheduling algorithm can increase the minimum sleep time of controller by about 26.39% and reduce the average failure probability of the system by about 4.5%.2.Aiming at the problem of connection failure between different domains and controller overload in controller placement,a multi-controllers placement scheme based on network domain division is proposed.Firstly,considering the delay model between controller and switch,the multicontrollers reliability placement problem in SDN is modeled.Secondly,the scheme improves the Louvain algorithm to partition the SDN network,and introduces the NSGA-II algorithm to calculate the locations of local controllers in each domain,aiming to minimize the number of local controllers and the number of hops from switches to local controllers.Finally,an adaptive granularity global search algorithm is designed to optimize the placement location of global controller.Simulation results based on different network topologies show that the proposed scheme can effectively increase the connection reliability between different domains,and reduce the load of the global controller by 23.74% on average.3.Aiming at the problem of frequent switch migration and hierarchical controller chain failure in data plane switch remapping,an adaptive switch migration scheme for overloaded controller is proposed.Firstly,this scheme models the load model of controller,and selects the migration local controller for overloaded controllers with different functions and locations.Then,it proposes the calculation method for switch migration costs,and selects different migration switches based on cross-domain traffic.Finally,the AHP-FCE comprehensive evaluation model is introduced to calculate the target controller by considering the migration distance,cross-domain traffic changes,load balancing rate,and remaining capacity of controllers.Simulation experiments show that the proposed migration scheme can effectively reduce the number of switch migrations,and the migration cost is reduced by about 7.58% on average compared with the existing work.4.Aiming at the problem of backup resource consumption and recovery time of fault link cannot be effectively balanced in data plane,a fast link fault recovery scheme based on link importance is proposed.By introducing the Markov state transfer process and pinning control to divide the different importance degrees of links in SDN,and develops different recovery strategies and optimization objective for different links.Specifically,this scheme installs the backup path of main links to switches in advance and minimize the Ternary Content Addressable Memory consumption(TCAM)consumption of switches.Meanwhile,the backup path of minor links is stored in controller,and the A-star algorithm is introduced to minimize the hop number and distance of backup path.Finally,reactive recovery is performed on edge links,and the bidirectional Dijkstra algorithm is used to reduce the calculation delay of backup path.Simulation results show that the proposed scheme can effectively balance the backup resource consumption and the fault recovery time,and reduce the recovery time by 28.7% on average.