TY - GEN
T1 - Orange
T2 - 11th ACM/IEEE Symposium on Architectures for Networking and Communications Systems, ANCS 2015
AU - Schiff, Liron
AU - Afek, Yehuda
AU - Bremler-Barr, Anat
N1 - Publisher Copyright:
© 2015 IEEE.
PY - 2015/5/18
Y1 - 2015/5/18
N2 - Configuring range based packet classification rules in network switches is crucial to all network core functionalities, such as firewalls and routing. However, OpenFlow, the leading management protocol for SDN switches, lacks the interface to configure range rules directly and only provides mask based rules, named flow entries. In this work we present, ORange, the first solution to multi dimensional range classification in OpenFlow. Our solution is based on paradigms used in state of the art non-OpenFlow classifiers and is designed in a modular fashion allowing future extensions and improvements. We consider switch space utilization as well as atomic updates functionality, and in the network context we provide flow consistency even if flows change their entrance point to the network during policy updates, a property we name cross-entrance consistency. Our scheme achieves remarkable results and is easy to deploy.
AB - Configuring range based packet classification rules in network switches is crucial to all network core functionalities, such as firewalls and routing. However, OpenFlow, the leading management protocol for SDN switches, lacks the interface to configure range rules directly and only provides mask based rules, named flow entries. In this work we present, ORange, the first solution to multi dimensional range classification in OpenFlow. Our solution is based on paradigms used in state of the art non-OpenFlow classifiers and is designed in a modular fashion allowing future extensions and improvements. We consider switch space utilization as well as atomic updates functionality, and in the network context we provide flow consistency even if flows change their entrance point to the network during policy updates, a property we name cross-entrance consistency. Our scheme achieves remarkable results and is easy to deploy.
KW - Consistency
KW - Packet Classification
KW - Software Defines Networks
UR - http://www.scopus.com/inward/record.url?scp=84936123306&partnerID=8YFLogxK
U2 - 10.1109/ANCS.2015.7110121
DO - 10.1109/ANCS.2015.7110121
M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???
AN - SCOPUS:84936123306
T3 - ANCS 2015 - 11th 2015 ACM/IEEE Symposium on Architectures for Networking and Communications Systems
SP - 63
EP - 73
BT - ANCS 2015 - 11th 2015 ACM/IEEE Symposium on Architectures for Networking and Communications Systems
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 7 May 2015 through 8 May 2015
ER -