| With the continuous progress of computer network technology and computer hardware technology,the Internet industry has been booming.Cloud computing has become an important Internet technology support.In cloud computing scenarios,how to provide users with better network security services through the network security service function chain(NS-SFC)has also become a research hotspot.In the current research results,there are many related studies on static service function chain deployment for known service requests set,and less research on fast response to dynamically-arrived requests by reducing the deployment time of network function instances;and the lack of a Research on an effective engineering technology capable of integrating method over multiple network function management platforms.In view of the above problems,this thesis conducts research and discussion in the following two aspects:On the one hand,this thesis puts forward the study of theoretical algorithms.There are two main orchestration algorithms used in the current service function chain orchestration system: one is to solve quickly,using a low-complexity and simpler algorithm,which makes the performance of the final deployment relatively poor,but the response speed is fast;The other is to ensure that the utility function of the service function chain is optimal after deployment.The overall optimization problem is modeled and solved,or complex algorithms such as deep learning are used,but the response time to dynamic arrival requests is long.Therefore,this thesis proposes some dynamic function deployment algorithms based on the characteristics of container-carried network functions that can be deployed quickly.Based on the idea of modeling the integer programming optimization problem,by decomposing the overall problem into independent sub-problems,a reasonably limitation over the size of the optimization problem,as well as the characteristics of rapid container deployment are used to achieve low service request response time.At the same time,the performance advantage of the optimization algorithm over the simple algorithm is retained to a certain extent.After simulation experiment verification,compared with the above two algorithms,some dynamic function deployment algorithms have certain comprehensive performance advantages and is certainly practically valuable.On the other hand,engineering research is also our concern.In the context of the great development of virtualization technology,there have been multiple bearing methods for network functions.Different network function management platforms have their own advantages and disadvantages when facing different application scenarios.Therefore,the flexible use of various network function management platforms to implement the network security service function chain is the preferred network security solution.This thesis uses a hierarchically designed service function chain orchestration system to abstractly integrate the basic services provided by different network function management platforms,and combines software-defined network technology with a rationally designed underlying network logical structure to achieve the ability of orchestrating SFCs supporting multiple platforms,scalability and compatibility.The orchestration and deployment of service function chains with scalability and compatibility provide a realistic reference for the orchestration of network security service function chains. |
PDF Full Text Request