翻譯以原文和在同一文件中前

RajJain，Subharthi網(wǎng)絡(luò)虛擬化是云計(jì)算現(xiàn)在以及今后取得成功的關(guān)鍵。在本文中，解釋虛擬化用交付上的研究對(duì)SDN的適用性進(jìn)行討論。逛虛擬商場(chǎng)，網(wǎng)上獲得虛擬教育，進(jìn)行虛擬，當(dāng)然，我們的很多計(jì)算也是虛擬的。而每個(gè)虛擬機(jī)可以提供給不同的用戶，高速的鏈路和高性能的也可以這樣為多用戶：共享同一資源的多個(gè)用戶可能彼此之間并不信任，所以為用戶提供是的。聚合：如果某些資源太小，我們可以試著讓其組成一個(gè)較大的虛擬資源。以存今天的計(jì)算機(jī)已有非常復(fù)雜以及多層次的緩存機(jī)制。虛擬化很自然就成為了下一絡(luò)架構(gòu)要提供的許多功能的關(guān)鍵。網(wǎng)絡(luò)的虛擬化也不是一個(gè)新概念了，在基于X.25的電信網(wǎng)絡(luò)和其所有后續(xù)網(wǎng)絡(luò)的虛擬通道就允許多個(gè)用戶共個(gè)大的物理信道。虛擬局域網(wǎng)(VLANs)可以使一個(gè)公司中的不同部門(mén)在同一個(gè)物理的區(qū)域網(wǎng)絡(luò)中實(shí)現(xiàn)。而虛擬網(wǎng)絡(luò)( s)則能使部門(mén)和員工在公共網(wǎng)絡(luò)中享受與私有網(wǎng)絡(luò)相同級(jí)別的性。近所研究出來(lái)的標(biāo)準(zhǔn)與SDN便是本文的。是筆者對(duì)基于SDN的多云環(huán)境應(yīng)用交付的研究，最后將是我們的總結(jié)與結(jié)論。組件已有許多彼此相互競(jìng)爭(zhēng)的虛擬化標(biāo)準(zhǔn)，許多研究人員還在研究的標(biāo)準(zhǔn)。復(fù)雜了。我們都知道IP地址不僅是定位碼，它還是系統(tǒng)識(shí)別碼，所以當(dāng)一個(gè)系統(tǒng)移動(dòng)IEEE802地址都只是系統(tǒng)識(shí)別碼（而非定位碼）所以在系統(tǒng)移動(dòng)時(shí)它并不改變。因此，當(dāng)使用三層路由器形成多個(gè)二層網(wǎng)絡(luò)的網(wǎng)絡(luò)連接時(shí)，常常需要?jiǎng)?chuàng)建整個(gè)網(wǎng)絡(luò)的虛擬二層網(wǎng)絡(luò)。以松散的角度來(lái)看，多個(gè)IP網(wǎng)絡(luò)一起組成了一個(gè)以太網(wǎng)。2.1所示，一種解決辦法是使用提供虛擬化處理器的管理程序根據(jù)虛擬機(jī)的數(shù)量來(lái)創(chuàng)建相應(yīng)數(shù)量的虛擬網(wǎng)卡（vNIC。這些虛擬網(wǎng)卡通過(guò)虛擬交換機(jī)我們使用p前綴代表physicalv前綴代表virtual來(lái)形容虛擬對(duì)象。2.12.1中展示了三種不同的方法。第(VEB)方法的優(yōu)點(diǎn)是透明而直接。但是它的競(jìng)爭(zhēng)對(duì)手，這樣會(huì)顯著提高軟件開(kāi)銷(xiāo)，返回給同一機(jī)器上的其他虛擬機(jī)。IEEE802.1Qbg標(biāo)準(zhǔn)制定使用VEBVEPA。2.22.2IEEE802.1BRvLANs會(huì)像圖2.3那樣會(huì)通過(guò)三層網(wǎng)絡(luò)多個(gè)不同的數(shù)據(jù)中心。2.3同一物理機(jī)內(nèi)屬于不同VLAN這次也有多種解決這個(gè)問(wèn)題的方法。VMware及其合作公司提倡使用虛擬可擴(kuò)展局中心的虛擬接口上。之前所提到的基于IP的介質(zhì)控制(MAC)在此處可以適用。也換機(jī)、三層路由器、應(yīng)用交付控制器等都低費(fèi)高效地組合在一起。歐洲電信標(biāo)準(zhǔn)軟件定義網(wǎng)絡(luò)是的網(wǎng)絡(luò)技術(shù)革新。整個(gè)網(wǎng)絡(luò)產(chǎn)業(yè)，包括網(wǎng)絡(luò)設(shè)備提供商、網(wǎng)絡(luò)標(biāo)準(zhǔn)化應(yīng)用程序接口當(dāng)然集中式的控制存在擴(kuò)展問(wèn)題，但分布式下也同樣存在。對(duì)于這兩種情況，我們顯的一個(gè)優(yōu)勢(shì)在于它狀態(tài)改變與策略改變速度要比完全分布式的控制系統(tǒng)快很多。另式的，數(shù)據(jù)平面仍完全是分布式的。在一個(gè)完全分布式的控制平面上實(shí)現(xiàn)規(guī)則的動(dòng)態(tài)變化就要復(fù)雜許多。序?qū)雍鸵粋€(gè)控制系統(tǒng)層。目前已經(jīng)出現(xiàn)了多種控制器，例如Floodlight、OpenDaylight3.1軟件定義網(wǎng)絡(luò)提供最主要的南向API是由開(kāi)放式網(wǎng)絡(luò)提出了OpenFlow協(xié)議。還有許多專有的（I2RS單網(wǎng)絡(luò)管理協(xié)議（SNMP網(wǎng)絡(luò)配置（Net-Conf轉(zhuǎn)發(fā)與控制分離元素（ S，（PCE（CDNI，有一般用途的南向控制API。南向API目前還未被標(biāo)準(zhǔn)化。每個(gè)控制器都可能擁有不同的編程接口。直到這些西向的API為相鄰域或在同一域中的不同控制器提供溝通。來(lái)進(jìn)行傳輸。流一般包含一個(gè)交換過(guò)程很長(zhǎng)的數(shù)據(jù)包流。在這種情況下，控制器對(duì)收端口進(jìn)行定義。圖3.2中顯示一個(gè)典型的流表?xiàng)l目。控制流表?xiàng)l目對(duì)匹配的數(shù)據(jù)網(wǎng)絡(luò)企業(yè)們對(duì)SDN表現(xiàn)出了極大的。SDN有望使網(wǎng)絡(luò)變得可編程、可輕松分今后的業(yè)務(wù)流程中。必須的是，NFV和SDN是高度互補(bǔ)的技術(shù)。它們不依賴于彼L3以及它上層的應(yīng)用流量。應(yīng)用流量管理會(huì)根據(jù)應(yīng)用程序的類別，應(yīng)用程序部署環(huán)境（應(yīng)用程序分區(qū)和、中介服務(wù)的安全與性能等，用戶和服務(wù) 求和請(qǐng)求都發(fā)送到不同的服務(wù)器組。用戶上下文的一個(gè)例子是移動(dòng)智能使用者與個(gè)人電腦用戶。網(wǎng)絡(luò)上下文的一個(gè)載以及其開(kāi)關(guān)狀態(tài)。此外，大多數(shù)服務(wù)都需要多個(gè)TCP段，該服務(wù)實(shí)際上需要經(jīng)性能增強(qiáng)（SSL裝載機(jī)，WAN優(yōu)化器）等部分來(lái)實(shí)現(xiàn)服務(wù)部署。這些分部都可以通過(guò)多個(gè)目的地（基于，分區(qū)）送達(dá)。因此，應(yīng)用服務(wù)提供商(ASP)需要在它們的私有現(xiàn)在大多數(shù)應(yīng)用程序（包括智能上的游戲）需要為全球的用戶服務(wù)并需要分布得計(jì)算和設(shè)施。但是，在一個(gè)非常動(dòng)態(tài)的多云環(huán)境下使用ASP路由策略是不可能務(wù)提供商可以適用OpenADN感知數(shù)據(jù)平面實(shí)體為提供應(yīng)用交付服務(wù)。6項(xiàng)創(chuàng)新合并在一起以實(shí)現(xiàn)這個(gè)目標(biāo)：OPENFlow,SDN,會(huì)話拼接，跨層通信，間接尋址，MPLSlike應(yīng)用程序流（APLS，應(yīng)用程序交換。4.1在OpenADN中，ASP控制器將其策略分發(fā)至控制平面的ISP4.1所示，OpenADNASPISP的控制器進(jìn)行通信，并給ISPISP控制器可以進(jìn)行相應(yīng)的控制平面編程。除了需要一個(gè)北向的API，OpenADN還需要擴(kuò)展一些南向API—OpenFlow?？梢栽谌蚧ヂ?lián)網(wǎng)的任何位置。當(dāng)然，為了達(dá)到最能，它們應(yīng)位于靠近沒(méi)有必要改變網(wǎng)絡(luò)，因?yàn)橹挥幸恍┻吘壴O(shè)備需要互聯(lián)網(wǎng)服務(wù)提供商采用這種方式的經(jīng)濟(jì)因素是在部署了少數(shù)應(yīng)用OpenADN的交IEEE和因特在這一方向上的發(fā)展是軟件定義網(wǎng)絡(luò)(SDN)，SDN的關(guān)鍵創(chuàng)新包括有數(shù)據(jù)與 /members/downloads/specifications/iov/sr-iov1_1_20Jan10.pdf,availableonlytomembers.IEEEStd.802.1Qbg-2012,“IEEEStandardforLocalandMetropolitanAreaNetworks—MediaAccessControl(MAC)BridgesandVirtualBridgedLocalAreaNetworks—Amendment21:EdgeVirtualBridging,”July5,2012,,p.R.Perlmanetal.,“RoutingBridges(RBridges):BaseProtocolSpecification,”IEEERFC6325,July2011,99pages,.M.Sridharanetal.,“NVGRE:NetworkVirtualizationUsingGenericRoutingEncapsulation,”IETFDraftdraftsridharan-virtualization-nvgre-03.txt,Aug.,pp.M.Mahalingametal.,“VXLAN:AFrameworkforOverlayingVirtualizedLayer2NetworksoverLayer3Networks,”IETFDraftdraft-mahalingam-dutt-dcops-vxlan-04.txt,May8,2013,22pages,.B.Davie,Ed.,J.Gross,“AStaessTransportTunnelingProtocolforNetworkVirtualization(STT),”IETFDraftdraft-davie-stt-03.txt,Mar.12,2013,19.IEEEStd802.1BR-2012,“IEEEStandardforLocalandMetropolitanAreaNetworks—VirtualBridgedLocalAreaNetworks—BridgePortExtension,”July16,2012,135pages,.T.Nartenetal.,“ProblemStatement:OverlaysforNetworkVirtualization,”IETFDraftdraft-ietf-nvo3-overlayproblem-statement-04,July31,2013,24pages,.ETSI,“NFVWhitepaper,”O(jiān)ct22,2012,FloodlightOpenFlowController, OpenNetworkingFoundation,“OpenFlowSwitchSpecification,V1.3.2,”Apr.25,2013,131pages,.Cisco’sOnetformKit S.PaulandR.Jain,“OpenADN:AppsonGlobalCloudsUsingOpenFlowandSoftwareDefinedNetworking,”1stInt’l.Wksp.ManagementandSecurityforCloudComputing,Dec.7,2012.CloudCloudNetworkingandNetworkVirtualizationandCloudComputing:ASurveyRajJainandSubharthiPaul,WashingtonThisworkwassupportedinpartbyagrantfromProgramandNSFCISEGrant#

rentandfuturesuccessofcloudcomputing.Inthisarticle,weexinkeyreasonsforvirtualiza-tionandbrieflyexinseveralofthenetworkingthathavebeendevelopedrecentlyies.Inparticular,weexinsoftwaredefinednetworking,whichisthekeytonetworkpro-bilitywithourownresearchonOpenADN—applicationdeliveryinamulti-cloudenviron-aspectsofourlife.Today,ourworkcesareallvirtualizationsistheInternetandvariousized.SeveralnewstandardsandThisarticleisasurveyofthese.Therearemanyreasonswhyweneedtovirtualizeresources.Thefivemostcommonreasonsare:Sharing:Whenaresourceistoobigforamulti-coreprocessors.Eachprocessorcanrunmultiplevirtualmachines(VMs),andeachmachinecanbeusedbyadifferentandlarge-capacitydisks.toprovideisolationamongusers.Usersabletomonitortheactivitiesorinterfereapplyevenifdifferentusersbelongtothesameorganizationsincedifferentdepart-

engineering)mayhavedatathatisconfi-dentialtothedepartment.Aggregation:Iftheresourceistoosmall,itispossibletoconstructalargevirtualbeusedtomakeuplargereliablestorage.Dynamics:Oftenresourcerequirementstoreallocatetheresourcequicklyisrequired.Thisiseasierwithvirtualresourcesthanwithphysicalresources.theeaseofmanagement.Virtualdevicesthroughstandard Virtualizationinanexpensivepartoftheoriginalcomputers,sovirtualmemoryconceptsweredevelopedinthe1970s.Studyandcomparisonofvariouspagewithvirtualdisks,virtualcompactdisk(CD)drives,leadingtocloudstoragetoday.Virtual-virtualizationofserversandcloudcomputing.Computernetworkingistheplumbingofcomputing,andlikeplumbinginallbeautifulbuildings,networkingisthekeytomanyoftheVirtualizationinnetworkingisalsonotanewconcept.VirtualchannelsinX.25-based municationnetworksandallsubsequentnet-worksallowmultipleuserstosharealargephysicalchannel.Virtuallocalareanetworks(VLANs)allowmultipledepartmentsofacom-panytoshareaphysicalLANwithisolation. 0163-6804/13/$25.00?2013 IEEECommunicationsMagazine?Novembercompaniesandemployeestousepublicnet-intheirprivatenetworks.lybycloudcomputing.Severalnewstandardshavebeendevelopedandarebeingdeveloped.Softwaredefinednetworking(SDN)alsohelpsinnetworkvirtualization.TheserecentstandardsandSDNarethetopicsofthisarticle.tion.SoftwaredefinednetworkingapplicationdeliveryusingSDNisdescribed.Finally,asummaryfollows.Networkfacecard(NIC)inthehost,whichisconnectedtoalayer2(L2)network(Ethernet,WiFi,etc.)interconnectedviaswitches(a.k.a.bridges)toformanL2network,whichisonesubnetinaes.Eachofthesenetworkcomponents—NIC,tualized.Therearemultiple,oftencompeting,standardsforvirtualizationofseveralofthesecomponents.Severalnewonesarebeingdevel-er,itsIPaddressmustchange,whichcompli-asystemmoves,itsL3identifierchanges.InspiteofallthedevelopmentsofIP,itissubnet(withinoneL2)thanbetweenusedinL2networks(bothEthernetandWiFi)aresystemidentifiers(notlocators)anddonot

AlthoughAlthoughdiscussionsofprovidingcomputingasautilityhavebeenaroundforquitesometime,therealphysicalimplementationofcloudcomputingcamewhenAmazonannouncedElasticComputing2(EC2)onAugust25,2006.The(unverified)folkloreisthatwhenAmazon’sCEOvisitedthecompa-nydatacenter,hewasamazedbythenumberofcomputers.Sincedatacen-ters,likemostothercomputingfacilities,aredesignedtoavoidcrasheswhenoverloaded,thenormalutilizationofsystemsislow.TheAmazonCEOthere-foreaskedtofigureoutawaytomanagethehardwareinaprogr mannerwhereallthemanagementcouldbedoneeasilyremoyusingappli-cationprogramminginterfaces(APIs).Thisallowedthemtorentouttheunusedcapacity;sobeganthecomputerrentalbusinesswenowcallcloudcomputing.Theconceptwasimmediaysuccessfulsinceitrelievedcus-tomersofalltheheadachesofmanagingequipmentthathastobecontinu-ouslyupdatedtokeepupwiththelatest .Sharinganunderutilizedresourceisgoodforcloudservicecustomersaswellasforthecloudserviceproviders.Sidebar1.GenesisofcloudviaL3routers,itisoftendesirabletocreateavirtualL2networkthatspanstheentirenetwork.Inaloosesense,severalIPnetworkstogetherappearasoneEthernetnetwork.VirtualizationofEachcomputersystemneedsatleastoneL2calNIC.However,ifwerunmultipleVMsonAsshowninFig.1,onewaytosolvethisprob-lemisforthe“hypervisor”softwarethatpro-manyvirtualNICs(vNICs)asthereareVMs.ThesevNICsareinterconnectedviaavirtualcalNIC(pNIC).MultiplepNICsareconnectedtionofusingp-prefixforphysicalandv-prefixareshownbysolidlines.IEEECommunicationsMagazine?November Thesecondrecentdevelopmentthatispartlyresponsibleforthegrowthofcloudcomputingandisfuelinganeedfornetworkinginnovationsissmartphoneapps.OnJune29,2007,Appleannouncedthe withtheassoci-atedappstore.Althoughtherewereseveralgenerationsofsmartphonesbeforethen,theappstorewasamarketinginnovationthatchangedthelandscapeforapplicationdevelopers.Today,allbusinessesincludingbanks,retailstores,andserviceprovidershavetheirownapps,andeachoftheseappsneedstoserveaglobalaudience.CloudcomputingprovidesaneasyThesecondrecentdevelopmentthatispartlyresponsibleforthegrowthofcloudcomputingandisfuelinganeedfornetworkinginnovationsissmartphoneapps.OnJune29,2007,Appleannouncedthe withtheassoci-atedappstore.Althoughtherewereseveralgenerationsofsmartphonesbeforethen,theappstorewasamarketinginnovationthatchangedthelandscapeforapplicationdevelopers.Today,allbusinessesincludingbanks,retailstores,andserviceprovidershavetheirownapps,andeachoftheseappsneedstoserveaglobalaudience.Cloudcomputingprovidesaneasywayfortheseapplicationserviceproviderstoobtaincomputingservicesworldwide.However,networkingfeaturesrequiredforapplicationpartition-ingovermultiplecloudsownedbymultiplecloudserviceprovidersarestilllacking.Hence,thereisaneedforvirtualizationoftheInternet,asdiscussedfurtherinthisarticle.Thefirstapproach,providingasoftwarevNICviahypervisor,istheoneproposedbyVMsoft-warevendors.ThisvirtualEthernetbridge(VEB)approachhasthevirtueofbeingtrans-outthatthereissignificantsoftwareoverhead,andvNICsmaynotbeeasilymanageablebyexternalnetworkmanagementsoftware.Also,vNICsmaynotprovideallthefeaturestoday’spNICsprovide.SopNICvendors(orpNICchipization(SR-IOV)onthe interconnect(PCI)bus[1].Theswitchvendors(orpSwitchchipvendors)haveyetanothersetofsolutionsthatprovidevirtualchannelsfornetportaggregator(VEPA),whichpassesthementsinter-VMcommunicationpoliciesandreflectssometrafficbacktootherVMsintheVEBandVEPA.VirtualizationofnumberofphysicalmachinesthatneedtobeconnectedonanL2networkistypicallymuchlargerthanthis.Therefore,severallayersof[3],showninFig.2,allowsformingavirtual

bridgewithalargenumberofportsusingportextendersthataresimplerelaysandmaybephysicalorvirtual(likeavSwitch).VirtualLANsinOneadditionalprobleminthecloudenviron-mentisthatmultipleVMsinasinglephysicalmachinemaybelongtodifferentsandthusneedtobeindifferentvirtualLANs(VLANs).Asdiscussedearlier,eachoftheseVLANsmaynetworks,asshowninFig.3.alpartnercompanieshaveproposedvirtualextensibleLANs(VXLANs)[4].Networkvirtu-alizationusinggenericroutingencapsulation(NVGRE)[5]andtheStaessTransportTun-neling(STT)protocol[6]aretwootherpropos-alsbeingconsideredintheNetworkVirtualizationoverL3(NVO3)workinggroupoftheInternetEngineeringTask VirtualizationMulti-SiteDataIfa hasmultipledatacenterslocatedquicklyandeasily.Thatis,itmaywantallitsspanningallthesedatacenters.Again,amedi-umaccesscontrol(MAC)overIPapproachliketheonesproposedearliermaybeused.Trans-tospanalargecampusnetwork,canalsobeusedforthis.NetworkFunctionStandardmulti-coreprocessorsarenowsofastthatitispossibletodesignnetworkingdevicesusingsoftwaremodulesthatrunonstandardprocessors.Bycombiningmanydifferentfunc-tionalmodules,anynetworkingdevice—L2andsoon—canbecomposedcosteffectivelyFunctionVirtualization(NFV)groupofthe tute(ETSI)isworkingondevelostandardstoenablethis[9].PortPortPortPortPort IEEECommunicationsMagazine?NovemberVLAN22VLAN34VLAN34VLAN74VLAN74VLAN98VLAN98VLAN22L3Softwaredefinednetworkingisthetions.Allcompo-industry,includingSoftwaredefinednetworkingisthetions.Allcompo-industry,includingserviceproviders,ingonorlookingforwardtovariousaspectsofSDN.SoftwareDefinedofthenetworkingindustry,includingnetworkThissectionprovidesanoverviewofSDN. Standardizationofapplicationprogramminginterfaces(APIs)EachoftheseinnovationsisexinedbrieflyNetworkingprotocolsareoftenarrangedinthreenes:data,control,andmanagement.Thedataneconsistsofallthemessagesthataregeneratedbytheusers.TotransporttheseusingL3routingprotocolssuchasOpenShort-estPathFirst(OSPF)orL2forwardingproto-ingequipment.Thisisdonevianetworkman-OneofthekeyinnovationsofSDNisthatthecontrolshouldbeseparatedfromthedatane.Thedataneconsistsofforwardingtheandimplementedinacontrollerthatpreparestheforwardingtable.Theswitchesimplementplified.ThisreducesthecomplexityandcostCentralizationoftheControlTheU.S.DepartmentofDefensefundedAdvancedResearchProjectAgency

(ARPAnet)researchintheearly1960stocounterthethreatthattheentirenationwidemunicationcenters,whichwerehighlycentralizedandownedbyasingleatthattime,weretobeattacked.ARPAnettributedarchitectureinwhichthecommunica-tioncontinuesandpacketsfindthepath(ifoneexists)evenifmanyoftherouters enon-operational.Boththedataandcontrolnesweretotallydistributed.Forexample,eachmationwiththeirneighborsandneighbors’neighbors,andsoon.ThisdistributedcontrolparadigmwasoneofthepillarsofInternetCentralization,whichwasconsideredabadthinguntilafewyearsago,isnowconsideredgood,andforgoodreason.Mostorganizationsandteamsarerunusingcentralizedcontrol.Ifanemployeefallssick,he/shesimplycallstheboss,andthebossmakesarrangementsfortheworktocontinueinhis/herabsence.Nowcon-istotallydistributed.Thesickemployee,sayJohn,willhavetocallallhisco-employeesandlthemthathe/sheissick.TheywilllotherabitoftimebeforeeveryonewillknowaboutJohn’ssickness,andtheneveryonewilldecideishowcurrentInternetcontrolprotocolswork.Ofcourse,centralizationhasscalingissuesbutsododistributedmethods.Forbothcases,weneedtodividethenetworkintosubsetsorareasthataresmallenoughtohaveacommoncontrolstrategy.Aclearadvantageofcentral-izedcontrolisthatthestatechangesorbeusedtotakeoverincaseoffailuresofthefullydistributed.IEEECommunicationsMagazine?November NorthboundSouthboundNorthboundSouthboundNetworkcontrollerOpeninacentralcon-trolchangesbyeffect,withasuit-ableAPI,onecanofpoliciesandchangethemdynamicallyasthesystemstatesorneedschange. Nowthatthecontrolneiscentralizedinaagertoimplementcontrolchangesbysimplychangingthecontrolprogram.Ineffect,withasuitableAPI,onecanimplementavarietyoftemstatesorneedschange.importantaspectoftheSDN.Aprogrblecontrolneineffectallowsthenetworktobetotallydistributedcontrolne.StandardizedAsshowninFig.4,SDNconsistsofacentral-izedcontrolnewithasouthboundAPIforandanorthboundAPIforcommunicationwithacontrolsystemlayer.Anumberofcontrollersarealreadyavailable.Floodlight[10]isoneexample.OpenDaylight[11]isa efforttodevelopanopensourcecontroller.AwhichisbeingstandardizedbytheOpenNet-workingFoundation.Anumberofproprietaryableforlegacyequipmentfromrespectiveven-dors.Somearguethatanumberofpreviously(XMPP),InterfacetotheRoutingSystem(I2RS),SoftwareDrivenNetworkingProtocol(SDNP),ActiveVirtualNetworkManagement

tion(S),PathComputationElementnection(CDNI),arealsopotentialsouthboundAPIs.However,giventhateachofthesewassouthboundcontrolAPI.NorthboundAPIshavenotbeenstandard-izedyet.Eachcontrollermayhaveadifferentprogramminginterface.UntilthisAPIisstan-dardized,developmentofnetworkapplicationsforSDNwillbelimited.Thereisalsoaneedforaneast-westAPIthatwillallowdifferentcon-trollersfromneighboringsorinthesametocommunicatewitheachother.Flow-BasedsizeshavegrownexponentiallyusingMoore’slaw,andsohavethefilesizes.Thepacketsize,thetraffictodayconsistsofasequenceofpack-etsratherthanasinglepacket.Forexample,aodoftime.Insuchcases,ifacontroldecisionismadeforthefirstpacketoftheflow,itcanbereusedforallsubsequentpackets.Thus,flow-basedcontrolsignificantlyreducesthetrafficbetweenthecontrollerandtheforwardingele-ment.Thecontrolinformationisrequestedbyaflowisreceivedandisusedforallsubsequentpacketsoftheflow.AflowcanbedefinedbyanymaskonthepacketheadersandtheinputcalflowtableentryisshowninFig.5.Thecon-troltableentryspecifieshowtohandlethe IEEECommunicationsMagazine?NovemberMatchMatchPacket+byteForwardtoportEncapsulateandforwardtocontrollerSendtonormalprocessingpipelineModifyfields and packetswiththematchingheader.Italsocon-aboutthematchingflows.estinSDN.SDNisexpectedtomakethenet-worksprogrbleandeasilypartitionablecloudcomputingwherethenetworkinfra-structureissharedbyanumberofcompetingentities.Also,givensimplifieddatane,theforwardingelementsareexpectedtobeverytionalexpenditureforserviceproviders,cloudserviceproviders,andenterprisedatacentersthatuselotsofswitchesandrouters.SDNislikeatsunamithatistakingoverotherpartsofthecomputingindustryaswell.Moreandmoredevicesarefollowingthesoft-waredefinedpathwithmostofthelogicimple-mentedinsoftwareoverstandardprocessors.definedrouters,andsoon.RegardlessofwhathappenstocurrentapproachestoSDN,itiscertainthatthenet-worksoftomorrowwillbemoreprogrblethantoday.Progrbilitywill eacom-alargenumberofdevicescanbeprogrammed(akaorchestrated)simultaneously.TheexactAPIsthatwill ecommonwillbedecidedbytransitionstrategiessincebillionsoflegacynetworkingdeviceswillneedtobeincludedinanyorchestration.ItmustbepointedoutthatNFVandSDNnotdependentoneachother.DeliveryUsingWhilecurrentSDN-basedeffortsaremostlyrestrictedtoL3andbelow(networktraffic),it

titioningandreplication,intermediaryserviceservercontexts(load,mobility,failures,etc.),andapplicationQoSrequirements.Thisisapplicationshas eincreasinglycomplexeveninsideasingleprivatedatacenter.multiplehosts.Also,theservicemaybeparti-titionhostedonadifferentgroupofservers.Aservicemaybepartitionedbasedon:Content:Forexample,evenforthesameservice(e.g. )accounting mendationrequestsandergroups.Context:Usercontext,networkcontext,ormessagestoberouteddifferently.Anexampleofusercontextisasmartphoneuservs.adesktopuser.Anexampleofnetworkcontextisthegeographicallocationoftheuserandthestateofthenetworklinks.Anmore,mostservicesrequiremultipleTCPseg-ments,whereaccessingtheserviceactuallyrequiresgoingthroughasequenceofmiddleIEEECommunicationsMagazine?November OpenADN(OpenADNFigure6.InOpenADN,ASPs’controllersconveytheirpoliciestoancontrollerinthecontroltransformation/translation(e.g.,transcoders,datacompression)andperformanceenhance-ment(e.g.,SSLoffloaders,WANoptimizers)mentscanbeservedbymultipledestinationstionserviceproviders(ASPs)thereforeimple-mentcomplexapplicationrouting(APR)mechanismsinsidetheirprivatedatacenters.ProblemMostapplicationsnow(includinggamesonsmartphones)needtoserveglobalaudiencesandneedserverslocatedallaroundtheworld.tiesusingcloudservicesfrommultiplecloudprovidersdistributedthroughouttheworld.However,theproblemofroutingusingASPs’policiesinaverydynamicmulti-cloudenviron-mentisnotpossiblesinceInternetservicepro-viders(ISPs)offernoservicetodynamicallyroutemessagestoadifferentserverusinganASP’spolicies.SolutionOurvisionistodesignanewsession-layerioncalledOpenApplicationDeliveryNetwork(OpenADN)[15]thatallowsASPstomentpoliciesandapplicationdeliverycon-straintsatthegranularityofapplicationmessagesandpackets.Itallowsthemtoachievealltheapplicationdeliveryservicestheyusetodayinprivatedatacentersintheglobalmulti-cloudenvironment.OpenADNisbasedonthestan-dardizeddatane,diversifiedcontrolnedesignframeworkproposedbySDN.UsingOpenADN-awaredataneentities,ISPs

innovations:OpenFlow,SDN,sessionsplicing,applicationlabelswitching).AsshowninFig.6,OpenADNallowsASPs’controllerstocommunicatewiththeISP’scon-trollerandprovidetheISPwiththeirserverpoliciesandserverstatessothattheISP’scon-ly.InadditiontorequiringanorthboundAPI,OpenADNalsorequiressomeextensionstothesouthboundAPI—OpenFlow.OpenADNtakesnetworkvirtualizationtotheextremeofmakingtheglobalInternetProxiescanbelocatedanywhereontheglobalInternet.Ofcourse,theyshouldbeoptimalperformance.trafficcanpassthroughOpenADNboxes,andOpenADNtrafficcanpassthroughlegacyboxes.NochangestothecoreInternetareneces-sarysinceonlysomeedgedevicesneedtobeOpenADN/SDN/OpenFlow-aware.TheIncrementaldeploymentcanstartwithjustaEconomicincentivesforfirstadoptersaretobefoundbyISPsthatdeployafewoftheseswitches,andthoseASPsthatuseOpenADNwillbenefitimmediayfromthetechnology.ISPskeepcompletecontrolovertheirnet-controlovertheirapplicationdata,whichmaybeandencrypted.ThekeymessagesofthisarticleCloudcomputingisaresultofadvancesinvirtualizationincomputing,storage,andNetworkingvirtualizationisstillinitsinfan-(IETF),andseveralarestillbeing3Oneofthekeyrecentdevelopmentsinthisdirectionissoftwaredefinednetworking.ofthecontrolanddatanes,centraliza-tionofcontrol,progrbility,andstan-dardsouthbound,northbound,andberofdevicestoeasilybeorchestrated5WeareworkingonOpenADN,whichisanetworkapplicationbasedonSDNthateryinamulti-cloudenvironment. IEEECommunicationsMagazine?NovemberPCI-SIG,“SingleRootI/OVirtualizationandSharing1.1Specification,”htt loads/specifications/iov/sr-iov1_1_20Jan10.pdf,availableonlytomembers.IEEEStd.802.1Qbg-2012,“IEEEStandardforLocalandMetropolitanAreaNetworks—MediaAccessControl(MAC)BridgesandVirtualBridgedLocalAreaNetworks—Amendment21:EdgeVirtualBridging,”July5,2012,load/802.1Qbg-2012.pdf,p.R.Perlmanetal.,“RoutingBridges(RBridges):BasePro-tocolSpecification,”IEE