Domain Isolation in a Multi-tenant Software-Defined Network

Alireza Ranjbar, Markku Antikainen, Tuomas Aura

Research output: Chapter in Book/Report/Conference proceedingConference contributionScientificpeer-review

3 Citations (Scopus)

Abstract

Software-Defined Networking (SDN) has evolved as a new networking paradigm to solve many of current obstacles and limitations in communication networks. While initially intended mainly for single-domain networks, SDN technology is going to be deployed also to large cloud-based data centers where several customers, called tenants, share network resources. In a multi-tenant environment, the SDN technology allows the customers to have higher level of control over the available network resources. However, as the underlying network elements and control logic are shared between multiple tenants, the isolation between tenant domains becomes an important factor in the design of all multi-tenant solutions. In this paper, we propose a scalable system architecture based on OpenFlow and packet rewriting that provides isolation and controlled sharing between tenants while enabling them to have control over their assigned resources. The architecture addresses different facets of isolation in a multi-tenant network including traffic, address space, and control isolation. Our solution improves on previous ones by putting special emphasis on inter-tenant communication, e.g. on subcontractor relations in cloud services. The evaluation of the prototype indicates that our solution puts only a small performance overhead on forwarding in a shared network.

Original languageEnglish
Title of host publicationProceedings - 2015 IEEE/ACM 8th International Conference on Utility and Cloud Computing, UCC 2015
PublisherIEEE
Pages16-25
Number of pages10
ISBN (Print)9780769556970
DOIs
Publication statusPublished - 10 Mar 2016
MoE publication typeA4 Article in a conference publication
EventIEEE/ACM International Conference on Utility and Cloud Computing - Limassol, Cyprus
Duration: 7 Dec 201510 Dec 2015
Conference number: 8

Conference

ConferenceIEEE/ACM International Conference on Utility and Cloud Computing
Abbreviated titleUCC
CountryCyprus
CityLimassol
Period07/12/201510/12/2015

Keywords

  • Domain Isolation
  • Inter-Tenant Communication
  • Packet Rewriting
  • Policy
  • Software-Defined Networking

Fingerprint Dive into the research topics of 'Domain Isolation in a Multi-tenant Software-Defined Network'. Together they form a unique fingerprint.

  • Cite this

    Ranjbar, A., Antikainen, M., & Aura, T. (2016). Domain Isolation in a Multi-tenant Software-Defined Network. In Proceedings - 2015 IEEE/ACM 8th International Conference on Utility and Cloud Computing, UCC 2015 (pp. 16-25). [7431391] IEEE. https://doi.org/10.1109/UCC.2015.16