標題: 基於P4-Switch 的深度封包檢測 及流量動態服務品質保證
Traffic Classification for Dynamic QoS Control Based on P4-Switch
作者: 張芸甄
林寶樹
Chang, Yun-Chen
Lin, Bao-Shuh
網路工程研究所
關鍵字: 軟體定義網路;服務品質;深度封包檢測;流量辨識;nDPI;Libprotoident;P4交換機;ONOS;SDN;QoS;DPI;Traffic Classification;nDPI;Libprotoident;P4 Switch;ONOS
公開日期: 2017
摘要: 傳統網路由於缺乏對於整體網路資源的掌握,所以難以針對多媒體應用程式(如: 視訊串流),提供QoS(Quality of Service,服務品質) 保證的服務。SDN(Software Defined Network,軟體定義網路) 提供了一個新的網路架構,利用多種協定(如:Openflow), 將控制層從傳輸層中分離出來以實現集中控制與管理工作。另外,隨著日益增加的網 絡應用數量,在網絡上的流量種類與流量日益增多,如果不做好資源分配將會造成使 用者感受下降,因此需要流量辨識功能針對特殊應用來妥善分配頻寬。然而流量辨識 傳統的方法已經開始乏力,過去單單基於IP、端口的工具很難識別這類應用的流量, 為了要能辨識應用層服務,需要具備DPI(Deep Packet Inspection,深度封包檢測)功 能,用來檢測封包的類型。因此,在本論文中,我們提出了在SDN 上,運用P4 語言 (Programming protocol-independent packet processors,協議獨立數據包處理程式) 其自 由的解析及匹配的能力,實做nDPI、Libprotoident 深度封包檢測的行為,使其在資料 層(交換器) 即得知封包類型,進而限制頻寬以達到QoS 的效果。以往使用SDN 技術 欲得知封包類型需要額外的DPI 伺服器輔助,將封包傳送到伺服器做辨識,再將辨識 結果傳送到控制器做對應設置,煩瑣的傳輸增加了封包辨識的時間,P4 能直接檢測封 包的內容,並且擁有自由化的解析和匹配能力,使其能直接在資料層(交換器) 得知封 包類型。
Traditional networks do not have global view to the overall network resources, so it is difficult to provide QoS (Quality of Service) for multimedia applications such as video streaming. SDN (Software Defined Network) provides an innovative architecture that uses a variety of protocols (e.g: Openflow) to separate the control plane from the data plane for centralized management among networks. In addition, with the increasing number of network applications, there are many new types of traffic and network traffics on the network. If we do not allocate resource well, the users will feel terrible. Due to that, traffic classification is needed for focusing on particular application to guarantee its bandwidth. The traditional methods face the challenge of identifying the traffic of such applications, which increase the difficulty of QoS control and security protect. In order to identify the application layer of packets, DPI (Deep Packet Inspection) function was appeared. Therefore, in this paper, we propose the usage of P4 language (Programming protocol-independent packet processors)[1] with its free parsing and matching ability, so that we can get application type of packet in the data plane and then limit the bandwidth to achieve the effect of QoS. Our detection behavior refer to two open-source DPI tools, nDPI[2] and Libprotoident[3]. In recent study, the use of SDN technology to know the packet type requires additional DPI engine support no matter in which party. The packet sent to the engine to do identification, and then transfer the results to the controller to make the corresponding rules. These transmission actions increased identification delay time of packet. P4-switch have a free parsing and table matching ability to make it possibly examine the contents of the packet. Due to these properties, it can get application type of packet directly in the data plane.
URI: http://etd.lib.nctu.edu.tw/cdrfb3/record/nctu/#GT070456537
http://hdl.handle.net/11536/141635
Appears in Collections:Thesis