Performance Evaluation of Stateful Firewall-Enabled SDN with Flow-Based Scheduling for Distributed Controllers

Senthil P.; Balasubramanian Prabhu Kavin; S. R. Srividhya; Ramachandran V.; Kavitha C.; Wen-Cheng Lai

doi:10.3390/electronics11193000

Electronics (Sep 2022)

Performance Evaluation of Stateful Firewall-Enabled SDN with Flow-Based Scheduling for Distributed Controllers

Senthil P.,
Balasubramanian Prabhu Kavin,
S. R. Srividhya,
Ramachandran V.,
Kavitha C.,
Wen-Cheng Lai

Affiliations

Senthil P.: Department of Computer Science and Engineering, Karpagam College of Engineering, Myleripalayam Village, Othakkal Mandapam 641032, Tamil Nadu, India
Balasubramanian Prabhu Kavin: Department of Data Science and Business Systems, College of Engineering and Technology, SRM Institute of Science and Technology, SRM Nagar, Chengalpattu District, Kattankulathur 603203, Tamil Nadu, India
S. R. Srividhya: Department of Computer Science and Engineering, Sathyabama Institute of Science and Technology, Chennai 600119, Tamil Nadu, India
Ramachandran V.: Department of Computer Science and Engineering, Gokaraju Rangaraju Institute of Engineering and Technology, Hyderabad 500090, Telangana, India
Kavitha C.: Department of Computer Science and Engineering, Sathyabama Institute of Science and Technology, Chennai 600119, Tamil Nadu, India
Wen-Cheng Lai: Bachelor Program in Industrial Projects, National Yunlin University of Science and Technology, Douliu 640301, Taiwan

DOI: https://doi.org/10.3390/electronics11193000
Journal volume & issue: Vol. 11, no. 19
p. 3000

Abstract

Read online

Software-defined networking (SDN) is a network approach achieved by decoupling of the control and data planes. The control plane is logically centralized and the data plane is distributed across the network elements. The real-time network is in need of the incorporation of distributed controllers to maintain distributed state information of the traffic flows. Software-based solutions aid distributed SDN controllers to handle fluctuating network traffic and the controller’s configurations are dynamically programmed in real time. In this study, SDN controllers were programmed with a stateful firewall application to provide firewall functionalities without the support of committed hardware. A stateful firewall filtered traffic based on the complete context of incoming packets; it continuously evaluated the entire context of traffic flows, looking for network entry rather than specific traffic flows. In addition, a flow-based scheduling module was implemented in the distributed controllers to improve network scalability. A network cluster was configured with three distributed controllers and we experimented with three independent network topologies. The performance of the proposed network model was evaluated by measuring and analyzing metrics such as network throughput (kbps), delay (ms) and network overhead (pkt/ms) for various combinations of controllers and topologies. The results of the analysis were determined using the mininet emulator. The findings of the performance evaluation indicate that the distributed SDN controllers performs better than a centralized controller. When comparing distributed SDN with two controllers and distributed SDN with three controllers the overall network throughput is increased by 64%, the delay is decreased by 43% and network overhead is reduced by 39%.

Published in Electronics

ISSN: 2079-9292 (Online)
Publisher: MDPI AG
Country of publisher: Switzerland
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering: Electronics
Website: http://www.mdpi.com/journal/electronics

About the journal

Abstract

Keywords