Departmental Bulletin Paper マルチテナントデータセンタのためのOpenFlow検証手法

牛, 躍川

11pp.1 - 6 , 2016-03-24 , 法政大学大学院情報科学研究科
OpenFlow is the state of the art technology for efficient network operation. Since OpenFlow enables central management of entire network, it is expected to widely use in a multi-tenant data center with its flexible routing control. In multi-tenant data center, a same physical resources will be shared with multiple tenants. It is significantly important to validate the configuration of the network flow control to satisfy both reachability within a tenant network and isolation among networks of different tenants. However, each tenant assigns arbitrary IP addresses to its owned networks, then it may conflicts each other. VLAN (Virtual LAN) technology is used to solve these conflicts, but it has limitation where only up to 4094 VLAN-ID can be used. It is difficult to assign a different VLAN-ID for each enant's network segment. OpenFlow technology will be useful to dynamically assign and swap VLAN-IDs to keep the separation between tenants' network segments. In this paper, we propose a method for automatically verifying reachability within an OpenFlow virtual network using static analysis of flow table, and a method for automatically generating test cases to verify the correctness of the VLAN configuration. We also show examples of applying the proposed method in a typical data center network.

