| 摘要: | 在過去的十年間,軟體定義網路 (Software-Defined Networking, SDN) 的發展對於網路技術的發展開創了了一個新的局面,讓網路架構能夠具備更高的彈性和可調整性,為資訊服務導向的網路系統帶來了許多益處。而軟體定義交換 (Software-Defined eXchanges, SDX) 的概念也逐漸成形,其定義是藉由可程式化調整的策略,讓資訊、處理資訊的方法、以及何時何地進行處理的過程能夠有更好的可適性、更高的可靠度和更佳的執行效率。對於廣域網路而言,SDX概念能讓傳統網路設備接合SDN設計來實現過去傳統網路協定難以達成的運作情境。特別是在混和型軟體定義網路 (Hybrid SDN) 的環境中,需要設計能兼容傳統網路與SDN設備控制框架時,會是一個合適的方式。本計畫將專注於研究導入SDX概念的網際網路交換中心節點 (Internet eXchange Point, IXP) 可能面臨到的路由安全以及管理問題,並運用SDX的概念,設計與實作在大型網路架構下的路由交換機制,包括探討Hybrid SDN環境中控制層的SDN及non-SDN設備之BGP路由交換安全性、分散式情境下讓路由可信的依據能被證明的方法、以及SDX中路由的管理監控能力。實作過程中亦會藉由台灣高品質學術研究網路100G骨幹中網狀VPLS/VPN節點所建立的實驗網路仿真環境進行開發設計,並與其他學研網測試平台界接進行互聯驗證。 ;In the last decade, techniques of Software-Defined Networking (SDN) have grown up and brought about a new situation to computer network. It allows greater flexibility and adjustment in building network, bringing more benefits to information and network service-oriented systems. Nevertheless, the concept of Software-Defined eXchanges (SDX) also started taking shape recently. The principle of SDX aims to provide better adaptation, reliability, and performance by defining detail policies regarding to where, when, and how to process the data in advance. For network architecture, SDX may provide possibility that makes legacy network devices to achieve innovative operation scenarios with SDN designs. It is an applicable option to build an integrated, coexisted network system with both SDN and legacy infrastructure, especially for Hybrid SDN scenario. This research focuses on the study of SDX-based Internet eXchange Point (IXP), investigating the issues in network management and security. In addition, the research also tries using SDX concepts to design and develop multi-domain exchange mechanism in large-scale network. The expected approach includes the secure protection for routing exchanges in control plane, the mechanisms for proofing advertised route can be trusted, and monitoring and management capabilities in SDX scenario. The corresponding practice is planned to deploy on an emulated environment conducted by mesh VPLS/VPN nodes in TWAREN 100G backbone, and stitch it with other NREN testbeds for processing proof-of-concept evaluation collaboratively. |
