Fuliang Li,Jiahai Yang,Changqing An,Jianping Wu,Xingwei Wang

DOI: https://doi.org/10.1002/nem.1884

2014-01-01

International Journal of Network Management

Abstract:Virtual local area networks (VLANs) are widely used in many enterprises, campuses, and data‐centre networks. Although VLANs can restrict broadcast domains and contain hosts in one network or separate networks, the management of VLANs is an ad hoc and error‐prone work. In this paper, we design and implement a centralized and semi‐automatic system for VLAN management (CSS‐VM). Based on the physical network topology and user group (examples are engineering, student cluster, and faculty cluster) information, CSS‐VM can decide the number of VLANs that each user group would be partitioned into. In addition, CSS‐VM can not only monitor the status of devices and links but can also calculate an optimal spanning tree for each affected VLAN after a link or device failure is detected, so that it does not need to enable the Spanning Tree Protocol on devices but still has the ability of converging from device or link failures and avoiding bridging loops. We have evaluated CSS‐VM on the topology and VLAN partition data of an operational enterprise network. Our results show that CSS‐VM can obviously keep the broadcast traffic cost reasonable, efficiently partition and configure VLANs, quickly converge from link and device failures, and intelligently make a balanced use of links. Copyright © 2014 John Wiley & Sons, Ltd.

Xiaoxi Wang

2014-01-01

Abstract:Rapid increase of campus network data in colleges leads to the continuous increase of server,which results in low use ratio of servers,complicated safety maintenance and data backup of the system and increase of administrative cost.Taking specific college campus network as an example,this paper discusses application of virtualization technology in campus network management based on analysis of current situation of campus network topology and application server.Based on that,it puts forward scheme of virtualized integration of existing servers.Application practice shows that campus network management with virtualization technology can increase use ratio of server resources,reduce data maintenance cost and improve management and operation level of campus network effectively.

Xiang Qun Wang,Zeng Hua Zhang,He Wang,Chun Long Li,Xiao Yan Sun,Wei Wang

DOI: https://doi.org/10.4028/www.scientific.net/amr.748.468

2013-01-01

Advanced Materials Research

Abstract:As the technology of intelligent substation is developed gradually, the significance of he Ethernet switch in the substation is obvious increasingly.Firstly, the learning and transmitting principle of Ethernet frame are introduced, then the network program of secondary system using the switch in the hierarchial structure is described. And then a detailed analysis of the VLAN, QoS, mirror and ring network is given, also the various technical application scheme are provided according to a variety of IED features and data flow characteristics. On the basis of the different business needs and different message types, the reasonable design of network topology and the flexible use of these switching technology , can support security, stability, reliable transmission of communication message in intelligent substation , therefore the whole substation becomes more strong.

Zou Xi,Gao Ming,Yining Wang,Chunming Wu

DOI: https://doi.org/10.1109/PAAP.2015.29

2015-01-01

Abstract:The emergence of network virtualization solves the problem of ossification. At the same time, it provides endless possibilities for the innovations of the network architecture. As a result, it has attracted the attention of the next generation Internet architecture. Therefore this paper based on the architecture of For CES to explore the implementation of the data plane virtualization and provide the framework for virtualization platform via the method. Meanwhile, in the premise of meeting the requirements which the virtual network packet has enough processing capacity. For the sake of solving the allocation of FE resource in virtual network (Forwarding Element, FE). To make the number of FE and the utilization of FE more reasonable. This paper puts forward a kind of FE resource allocation algorithm based on twice iteration subtraction. We use Click Modular Router as the data plane processing engine, then we give the virtual method to realize data plane and explain that supporting multiple virtual network and the virtualization of FE can provide more flexibility for processing data packets.

Yan Zhuang,Dan Xu,Kailong Zhang,Jingui Pan,Jiming Chen

DOI: https://doi.org/10.1109/iccs.2008.4737241

2008-01-01

Abstract:Collaborative virtual environment (CVE) is a multi-user virtual environment that supports distributed collaboration. The two main issues that CVE is facing are how to improve system scalability and quality of service. Combining Active routing and content-based publish/subscribe and taking bi-directional shared multicast tree as the communication structure of Interest Management, Active interest management (AIM) can effectively improve system scalability. However, due to the lack of network monitoring, it can only provide same services, and consequently cannot guarantee services and alleviate system workload when it gets saturated. In this paper, we propose a QoS-based Adaptive Access control (QAAC) approach which includes dynamic system delay maintenance, active router verification and host low start. By QAAC, we dynamically control the access of hosts based on network status to improve services and scalability in AIM. Finally, experiment results show that this approach can stabilize network traffic, reduce system load and provide better collaboration services.

黄勇,陈小平,潘雪增,陈红洲,蒋晓宁

DOI: https://doi.org/10.16208/j.issn1000-7024.2008.09.057

2008-01-01

Abstract:Under the WAN environment,large-scale VPN networks is effectively and safely managed by long-distance centralized mana-gement system based on SNMP.To solve the flaw of topology discovery,a method in which agent initiates registry to the server is pro-posed.After analysis of the SNMPv3 security features,the public key authentication mechanism is introduced and the procedure of key negotiation is discussed in detail.For poor reliability and real-time data transmission of UDP-based SNMP,a strategy of configuration based on XML is given,which is proved to be feasible and efficient by the result of experiment at last.

Zhifeng Zhao,Feng Hong,Rongpeng Li

DOI: https://doi.org/10.1109/ACCESS.2017.2762362

IF: 3.9

2017-01-01

IEEE Access

Abstract:Nowadays, cloud computing networks significantly benefit the deployment of new services and have become one infrastructure provider in the digital society. The virtual extensible local area network (VxLAN), which belongs to the network schemes to overlay Layer 2 over Layer 3, is one of the most popular methods to realize cloud computing networks. Though VxLAN partially overcomes the capacity limitation of its predecessor virtual local area network, it still faces several challenges like annoying signaling overhead during the multicast period and interrupted communication with a migrating virtual machine (VM). In this paper, we propose a new software defined network (SDN) based VxLAN network architecture. Based on this architecture, we address how we can deploy an intelligent center to enhance the multicast capability and facilitate the VM migration. Besides, we discuss the means to update the global information and guarantee the communication continuum. Finally, we use Mininet to emulate this SDN based VxLAN architecture and demonstrate effective load balancing results. In a word, this proposed architecture could provide a blueprint for future cloud computing networks.

Keqiang He,Yi Wang,Xiaofei Wang,Wei Meng,Bin Liu

DOI: https://doi.org/10.1109/iccnc.2012.6167478

2012-01-01

Abstract:The greening of the Internet has become an important research issue due to the huge energy consumption of the Internet. In this paper, we explore network-level power saving mechanisms in the context of virtual local area networks (VLANs) given their importance and prevalence in enterprise, campus and Data Center Networks (DCNs). After investigating the disadvantages of current VLAN design method, we propose the GreenVLAN approach, which aims at reducing the power usage in the next generation Energy-Efficient Ethernet. The proposed GreenVLAN approach is formulated as a nonlinear integer programming problem with the total energy consumption as the objective to be minimized. Besides, we develop a practical heuristic algorithm to solve the proposed model and the complexity of the algorithm is analyzed. Our experiments on both simulated topology and real-world campus network demonstrate that Green-VLAN could achieve considerable power saving (reduce the power consumption of Ethernet links by about 27%~53% for a typical VLAN configuration) compared with current VLAN practice.

Zhuotao Liu,Yuan Cao,Xuewu Zhang,Changping Zhu,Fan Zhang

DOI: https://doi.org/10.1109/tpds.2019.2893239

IF: 5.3

2019-01-01

IEEE Transactions on Parallel and Distributed Systems

Abstract:With the advent of software-defined networking, network configuration through programmable interfaces becomes practical, leading to various on-demand opportunities for network routing update in multi-tenant datacenters, where tenants have diverse requirements on network routings such as short latency, low path inflation, large bandwidth, high reliability, etc. Conventional solutions that rely on topology search coupled with an objective function to find desired routings have at least two shortcomings: ${\sf (i)}$(i) they run into scalability issues when handling consistent and frequent routing updates and ${\sf (ii)}$(ii) they restrict the flexibility and capability to satisfy various routing requirements. To address these issues, this paper proposes a novel search and optimization decoupled design, which not only saves considerable topology search costs via search result reuse, but also avoids possible sub-optimality in greedy routing search algorithms by making decisions based on the global view of all possible routings. We implement a prototype of our proposed system, OpReduce, and perform extensive evaluations to validate its design goals.

Yi Jie Tong,Wei Qi Yan,Jin Yu

DOI: https://doi.org/10.4018/ijdcf.2015010104

2015-01-01

International Journal of Digital Crime and Forensics

Abstract:With an increasing number of personal computers introduced in schools, enterprises and other large organizations, workloads of system administrators have been on the rise due to the issues related to energy costs, IT expenses, PC replacement expenditures, data storage capacity, and information security, etc. However, Application Virtualization (AV) has been proved as a successful cost-effective solution to solve these problems. In this paper, the analytics of a Virtual Desktop Infrastructure (VDI) system will be taken into consideration for a campus network. Our developed system will be introduced and justified. Furthermore, the rationality for these improvements will be introduced.

Zhidan Zhang,Xiaoqing Huang,Bjoern Keune,Yijia Cao,Yong Li

DOI: https://doi.org/10.1109/jsyst.2015.2428058

IF: 4.802

2015-01-01

IEEE Systems Journal

Abstract:IEC 61850, the standard for communication in substations, has resolved the interoperability between intelligent electronic devices (IEDs) from different vendors. Thus, the IEDs' uniform communication standard contributes to the realization of more sophisticated functionality in substation automation systems. However, there are still several issues unsolved for the simulation, planning, and extension of substation communication network (SCN). This paper proposes three kinds of mathematical models for typical data flow within substations according to IEC 61850, which are cyclic data, stochastic data, and burst data. Thereby, a quantitative analysis of data flow is carried out for a typical substation based on the proposed data models. The advantage of virtual local area network (VLAN) and impacts of system faults, as well as network topologies, on a VLAN-based network are evaluated and simulated by OPNET Modeler. The data flow models are beneficial for the acquisition of more convincing results to assess network performance. Thus, the simulation results for a sample substation can be used to support power utility personnel with the planning and construction process of SCN.

宫彦婷,常建国

DOI: https://doi.org/10.3969/j.issn.1003-8868.2009.03.017

2009-01-01

Abstract:Objective Broadcast storm caused by excessive datastream is dealt with by using VLAN (Virtual Local Area Network). Methods Through the VLAN, according to the location, roles and departments, network users or internet users, which application procedures and protocols are devided info groups. Results According to the hospital's network equipment and application situation, the local area network division of 16 VLAN is designed. Conclusion There are very good application prospects on improving the network manageability and providing better security.

Congjie Chen,Dan Li,Jun Li,Konglin Zhu

DOI: https://doi.org/10.1109/tcc.2016.2586047

IF: 5.697

2018-01-01

IEEE Transactions on Cloud Computing

Abstract:While large layer-2 networks are widely accepted as the network fabric for modern data centers and network virtualization is required to support multi-tenant cloud computing, existing network virtualization solutions are not specifically designed for layer-2 networks. In this paper, we design SVDC, a highly-scalable and low-overhead virtualization architecture for large layer-2 data center networks. By leveraging the emerging software defined networking (SDN) framework, SVDC decouples the global identifier of a virtual network from the identifier carried in the packet header. Hence, SVDC can scale to a great number of virtual networks with a very short tag in the packet header, which is never achieved by previous network virtualization solutions. SVDC enhances MAC-in-MAC encapsulation in a way that packets with overlapped MAC addresses are correctly forwarded even without in-packet global identifiers to differentiate the virtual networks they belong to. Besides, scalable and efficient layer-2 multicast and broadcast within virtual networks are also supported in SVDC. With extensive simulations and experiments, we show that SVDC is better than existing solutions in many aspects, particularly isolating virtual networks with high scalability and higher network goodput due to minimal packet header overhead.

Yuezhi Zhou,Yaoxue Zhang,Yinglian Xie

DOI: https://doi.org/10.1145/1162638.1162642

2006-01-01

Abstract:ABSTRACTThe rapid advances in hardware, software, and networks have made the management of enterprise network systems an increasingly challenging task. Due to the tight coupling between hardware, software, and data, every one of the hundreds or thousands of PCs that are connected in an enterprise environment has to be administered individually, leading to high Total Cost of Ownership (TCO). We argue that centralized management with distributed, diskless clients, yet centralized repositories of all software and data can reduce the management complexity with reduced software maintenance time, improved system availability, and enhanced security. We instantiate such paradigm with a diskless, thick client based system that supports heterogeneous OSes including Windows---the dominant commodity OS in the current market. The prototype requires no or minimum OS modification, nor application modification. Our initial deployment and experiment results demonstrate that our approach is a feasible and efficient solution for managing enterprise network systems.

Dan Li,Congjie Chen,Jun Li

2015-01-01

Abstract:This document describes SVDC, a highly-scalable and low-overhead virtualization architecture designed for large layer-2 data center networks. By leveraging the emerging software defined network framework, SVDC decouples the global identifier of a virtual network from the identifier carried in the packet header. Hence, SVDC can scale to a large scale of virtual networks with a very short tag in the packet header, which is never achieved by previous network virtualization solutions. SVDC enhances MAC-in-MAC encapsulation in a way that packets with overlapped MAC addresses are correctly forwarded even without in-packet global identifiers to differentiate the virtual networks they belong to. Besides, scalable and efficient layer-2 multicast and broadcast within virtual networks are also supported in SVDC. This document also introduces a basic framework to illustrate SVDC deployment.

Saampatii Vakharkar,Nitin Sakhare

DOI: https://doi.org/10.1007/978-981-16-1866-6_56

2021-07-23

Abstract:One of the sizzling regions of the networking systems is the VLAN technology. A VLAN permits network devices to be combined as virtual LANs in logical association rather than a physical association. In this paper, we have done critical analysis of VLAN. We have also seen the advantages of using VLAN as it helps to create multiple networks with one class of IP address, and by restricting inter-VLAN communication we can allow or deny the users from accessing a particular network. The basic need of implementing VLAN is the breaking of networks, and to better understand this, we have shown VLAN configuration on Cisco Packet Tracer. VLANs have various advantages, but in our study, we have found out that VLANs are used for many things which were not originally meant for it.

Di Li,Zhibang Yang,Siyang Yu,Mingxing Duan,Shenghong Yang

DOI: https://doi.org/10.3390/fi16090320

2024-09-05

Future Internet

Abstract:As information technology continues to evolve, cloud data centres have become increasingly prominent as the preferred infrastructure for data storage and processing. However, this shift has introduced a new array of security challenges, necessitating innovative approaches distinct from traditional network security architectures. In response, the Zero Trust Architecture (ZTA) has emerged as a promising solution, with micro-segmentation identified as a crucial component for enabling continuous auditing and stringent security controls. VxLAN technology is widely utilized in data centres for tenant isolation and virtual machine interconnection within tenant environments. Despite its prevalent use, limited research has focused on its application in micro-segmentation scenarios. To address this gap, we propose a method that leverages VLAN and VxLAN many-to-one mapping, requiring that all internal data centre traffic routes through the VxLAN gateway. This method can be implemented cost-effectively, without necessitating business modifications or causing service disruptions, thereby overcoming the challenges associated with micro-segmentation deployment. Importantly, this approach is based on standard public protocols, making it independent of specific product brands and enabling a network-centric framework that avoids software compatibility issues. To assess the effectiveness of our micro-segmentation approach, we provide a comprehensive evaluation that includes network aggregation and traffic visualization. Building on the implementation of micro-segmentation, we also introduce an enhanced asset behaviour algorithm. This algorithm constructs behavioural profiles based on the historical traffic of internal network assets, enabling the rapid identification of abnormal behaviours and facilitating timely defensive actions. Empirical results demonstrate that our algorithm is highly effective in detecting anomalous behaviour in intranet assets, making it a powerful tool for enhancing security in cloud data centres. In summary, the proposed approach offers a robust and efficient solution to the challenges of micro-segmentation in cloud data centres, contributing to the advancement of secure and reliable cloud infrastructure.

Saleem Karmoshi,Wang Shuo,Fekri Saleh,Jing Li,Ming Zhu

DOI: https://doi.org/10.1145/3318265.3318290

2019-01-01

Abstract:Cloud datacenters resource request development have altered resource allocation and management efficiency, presenting a pertinent research topic. Hence, we innovatively outline Virtual Physical Switch-Software Defined Network (VPS-SDN), an application-aware resource allocation method, an innovative model tenants portraying Virtual Datacenter (VDC) network requirements, plus network framework and uplink and downlink bandwidth. Contrasting hose abstraction, VPS-SDN engenders models resembling physical network, neither the TAG abstraction modeling the actual pattern of communication of applications. The VPS-SDN model leverage per-tenant network structure and bandwidth requirements concisely and flexibly depicting actual networks. VPS-SDN engenders a heuristic switch-centered Virtual Network (vNetwork) to Physical Network (pNetwork) mapping diagram, permitting tenants to run their applications using cloud networking to simulate an enterprise environment cloud datacenters, thereby promoting comparable outcomes. Simulation results show that our proposed scheme achieves high network utilization and enable the substrate network to satisfy much larger virtual networks.

Yanni Han,Zihou Wang,Hui Tang,Song Ci

DOI: https://doi.org/10.1109/glocomw.2012.6477684

2012-01-01

Abstract:As a long term solution to the gradual Internet ossification problem, virtual networks can guarantee on-demand requirements of diverse end user on a global level. Clearly it is a major challenge to achieve the automation and optimization of network management like virtual resources or QoS to ensure the personalized user satisfaction. In this article, we propose a novel cognitive management architecture to meet the future needs under a heterogeneous network environment. The architecture introduces a cognitive management cycle to the virtual network resources to ensure flexibility. We also focus on the efficient virtual network resource allocation and scheduling algorithms. Based on the complex network centrality analysis, we solve the virtual network resources allocation problem with consideration of the topology structure and statistical analysis. Finally we evaluate the efficiency and effectiveness of our algorithm on common benchmarks including the acceptance, revenue and cost.

Saleem Karmoshi,Wang Shuo,Fekri Saleh,Jing Li,Ming Zhu

DOI: https://doi.org/10.1145/3318265.3318290

2019-01-01

Abstract:Cloud datacenters resource request development have altered resource allocation and management efficiency, presenting a pertinent research topic. Hence, we innovatively outline Virtual Physical Switch-Software Defined Network (VPS-SDN), an application-aware resource allocation method, an innovative model tenants portraying Virtual Datacenter (VDC) network requirements, plus network framework and uplink and downlink bandwidth. Contrasting hose abstraction, VPS-SDN engenders models resembling physical network, neither the TAG abstraction modeling the actual pattern of communication of applications. The VPS-SDN model leverage per-tenant network structure and bandwidth requirements concisely and flexibly depicting actual networks. VPS-SDN engenders a heuristic switch-centered Virtual Network (vNetwork) to Physical Network (pNetwork) mapping diagram, permitting tenants to run their applications using cloud networking to simulate an enterprise environment cloud datacenters, thereby promoting comparable outcomes. Simulation results show that our proposed scheme achieves high network utilization and enable the substrate network to satisfy much larger virtual networks.