Escolar Documentos
Profissional Documentos
Cultura Documentos
On
CONTENTS
S.No. 1. 2. 3. 4. 5. INTRODUCTION IP HOUR GLASS THE CONCEPT OF SOFTROUTER THE ARCHITECTURE OF TRADITIONAL ROUTER THE ARCHITECTURE OF SOFTROUTER 5.1 THE SOFTROUTER: DISAGGREGATION BASED APPROACH 5.2 THE SOFTROUTER: SERVERS BASED APPROACH 6. 7. 8. 9. 10. THE BENFITS OF SOFTROUTER SECURITY ISSUES: SOFTROUTER vs TRADITIONAL ROUTERS SOFTROUTER AS AN EXTENSIBLE PLATFORM CONCLUSION REFERENCES Page No. 3 4 5 5 6 8 9 9 10 11 12 14
WhitePaper/NGN/01/2010
Page2
Traditional IP networks are constructed using routers that operate relatively autonomously. The high complexity is present at many points all over the network. This has many undesirable consequences. First, the multiple points of control significantly increase operational complexity (e.g., misconfiguration). Second, in certain circumstances, uncoordinated actions of these autonomous routers can lead to sub-optimal performance (e.g., poor recovery time) at best and network instability in the worst case. Finally, the introduction of new features may require upgrades to a large number of routers, which is both complex and error-prone. This has led to drive the data networking towards modularization and standardization. Therefore, the need arises for redesigning the current router systems so that the present
WhitePaper/NGN/01/2010
Page3
routers are not only able to handle the complexity in converged IP networks but are also able to deliver the secured delivery of the data through the network. The concept of Soft Router is a trend in this direction.
2. IP HOUR GLASS
Historically, the Internet Architecture has been modeled as Hourglass - Everything over IP and IP over everything IP Hour Glass is so called as: IP provides end-to-end datagram delivery service to protocols/applications IP can use any link - layer technology that delivers packets
Emerging applications are driving more functions to IP, expanding the waist of the hour glass. The Router vendors are incorporating all new IP functions into routers.
WhitePaper/NGN/01/2010
Page4
Complexity in the IP networks is a problem that is spreading throughout the network. Achieving network-wide objectives such as traffic engineering requires complex translation of global objectives to configuration information in numerous individual routers.
Since, the IP hourglass is increasingly getting out of shape with more complex features and protocols, the current model of routers with integrated control and forwarding may not be able to survive. Soft Router advocates disaggregating the control and forwarding plane of a router. It removes the tight coupling between the two, and allows each to have new degrees of freedom to scale and innovate. At the same time, it improves the performance and stability of the Next Generation network which is primarily based on IP networks.
WhitePaper/NGN/01/2010
Page5
Proprietary API
The CE is essentially a general purpose computing element such a s a server. It connects to the network like an end host, except that it is typically multi-homed to the network via multiple FEs so that it is not disconnected from the network when a single link fails. A CE runs the control logic on behalf of FEs and hence controls them. In principal any control logic typically found on a traditional router can be migrated to CEs, including routing protocols such as OSPF, BGP, and Mobile IP etc. A network element (NE) or a router is formed using logical grouping between the FEs and the respective CEs. The flexibility of the Soft Router architecture over conventional routers with collocated and tightly integrated control and forwarding functions results in a number of benefits like increased reliability, increased scalability, increased security, ease of adding new functionality, and decreased cost. There are two approaches of separating the CE (Control Plane) from FE (Data Plane) to in SOFTROUTER o Disaggregation based approach o Servers based approach
Router
Feature Server
WhitePaper/NGN/01/2010
Page7
Encouraging software vendors to invest in developing carrier-class routing software to supply new entrants to the hardware market
Allowing each component to focus on its innovative curve Hardware: Highest speeds/density at lower cost Software : New features & easier manageability
Standard Protocol
Forwarding Element
Figure 2: Soft Router: Disaggregation Model This approach is similar to softswitch-based disaggregation of class 5 switches.
WhitePaper/NGN/01/2010
Page8
Standard Protocol
Transport Plane
c. Network-based VPN support and IPv6 deployment. This centralization of the complex functions can be easily done in SoftRouter. Also the new features can be introduced faster and in a less expensive way resulting from open interfaces & incremental deployment. (3) Increased scalability: The control plane servers can be implemented on regular computer servers, and thus can be easily scaled up using well-established server scaling techniques. An important example of the need for server scaling in routers is the performance requirements of the Mobile IP protocol in third generation wireless data networks where scalability on the order of millions of users (Mobile IP sessions) is necessary. (4) Increased reliability: The reduced software in a forwarding element means it is easier to make it robust. On the control plane server side, sophisticated reliability enhancing mechanisms such as automatic fail-over and overload control can be incorporated. (5) Increased control plane security: Fewer management points means it is easier to provide a strong defense around them, thus making the overall network more secure.
WhitePaper/NGN/01/2010
Page10
a separate signaling network 7 (SS7) network helped significantly improve the security of the telephone network infrastructure. Some of the security concerns in Traditional router vs SoftRouters are as follows: Open source control software vs closed router OS Specialized OS as in traditional routers is not widely as tested and secured as open source in SoftRouters e.g.Linux Multiple Control Blades vs one/two control blades Overload due to malicious traffic can be distributed across a large number of control blades in the SoftRouter server Sophisticated statistical analysis can also be performed on the multiblade SoftRouter servers for intrusion detection A separate firewall protecting control blades vs None Fewer control plane servers in the SoftRouter make it easier to secure using dedicated firewalls Separate signaling network vs Shared signaling network SoftRouter architecture allows for the possibility of a separate signaling network connecting the control servers similar to the SS7 network
WhitePaper/NGN/01/2010
Page11
1. Reprogrammable service cards: Packet applications are loaded on demand onto reprogrammable service cards. Reprogrammability allows system functions to evolve as requirements change. 2. Service Chaining: This permits the multiple packet processing functions to be chained together in a customized manner to perform application specific functions on a packet stream. The chaining is configurable on demand through software control. Service chains implement application bundles. 3. A comprehensive service management framework: Each application chain is monitored for diagnostics and resource usage. The system supports a rich set of high availability mechanisms to ensure automatic recovery with minimal flow disruption upon system faults. SoftRouter provides a flexible way to configure how packet flows can traverse and get serviced by a sequence of service cards. The SoftRouter benefits from the ability to integrate a large number of commercial service cards. Its flexibility through open interfaces permit it to ride the technology curve which is especially critical in areas such a s wireless networks where packet functions ar changing rapidly and underlying technology improvement can often provide a very big performance jump. These factors allow the SoftRouter to be reconfigured and extended for multiple applications without significant redevelopment effort, making the SoftRouter approach well suited for application based networking as in NGN environment.
9. CONCLUSION
The separation of Control Plane from Forwarding Plane (i.e. Data Plane) in SoftRouter architecture has significant benefits in terms of increasing the security of the internet control infrastructure, mainly because of the following four reasons; A separate control plane shields the control plane from Delivery of Service(DoS) attacks on the data plane Fewer control servers than routers allows the cost effective deployment of hardware based special purpose firewalls Higher processing capacity of these control servers help in deploying more secure protocols and handle unexpected overload
WhitePaper/NGN/01/2010
Page12
And use of open source operating systems in these control servers has the potential to improve the security of the internet control platform. As security increasingly becomes a major concern, new architecture that addresses this vulnerability will play a key role in the migration toward a next generation network internet.
WhitePaper/NGN/01/2010
Page13
REFERENCES
2. Softrouter
Patent
EP1653687
WhitePaper/NGN/01/2010
Page14