Skip to main content
USENIX
  • Conferences
  • Students
Sign in
  • Overview
  • Technical Sessions
  • Poster Session

connect with us


  •  Twitter
  •  Facebook
  •  LinkedIn
  •  Google+
  •  YouTube

twitter

Tweets by @usenix

usenix conference policies

  • Event Code of Conduct
  • Conference Network Policy
  • Statement on Environmental Responsibility Policy

You are here

Home » Extending SDN to Handle Dynamic Middlebox Actions via FlowTags
Tweet

connect with us

Extending SDN to Handle Dynamic Middlebox Actions via FlowTags

Authors: 

Seyed Kaveh Fayazbakhsh, Carnegie Mellon University; Luis Chiang, Deutsche Telekom Labs; Vyas Sekar, Carnegie Mellon University; Minlan Yu, University of Southern California; Jeffrey C. Mogul, Google

Abstract: 

Software-defined networking (SDN) seeks to simplify and enhance network management by decoupling the management logic from its implementation. Our overarching vision is to integrate advanced data plane functions or middleboxes (e.g., firewalls, NATs, proxies, intrusion detection and prevention systems, and application-level gateways) into the SDN fold. This integration, however, is challenging on two fronts: (1) it is difficult to ensure that “service-chaining” policies are implemented correctly, and (2) middleboxes hinder management functions such as performance debugging.

The root cause of this problem is that as packets traverse the network, they are altered by dynamic and opaque middlebox actions; for instance, proxies terminate TCP sessions, while NATs and load balancers rewrite headers. Thus, the promise of SDN to systematically enforce and verify network-wide policies does not directly extend to networks with middlebox functions.

Seyed Kaveh Fayazbakhsh, Carnegie Mellon University

Luis Chiang, Deutsche Telekom Labs

Vyas Sekar, Carnegie Mellon University

Minlan Yu, University of Southern California

Jeffrey C. Mogul, Google

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

Fayazbakhsh PDF
  • Log in or    Register to post comments

© USENIX

  • Privacy Policy
  • Contact Us