||With a rapid growth of the Infrastructure as a Service (IaaS) market, it becomes more important for IaaS services to provide the work environment with high reliability and availability. Therefore, how to maintain the network connections after live Virtual Machine (VM) migration is going to be a big issue. In this research, we propose a new mechanism to keep clients’ TCP sessions across live migration over Wide Area Networks (WANs), called Handover. After the VM’s IP address changed after live migration, Handover inserts an OUTPUT rule in the nat table of iptables to redirect the client’s outgoing packets to the new IP address of the VM. In addition, we apply a fake three-way handshake mechanism to prevent the redirected traffic from being blocked by the NAT router. The experimental results demonstrate that Handover is effective in varied network environments, and the overhead of this changeover process is about only 0.165 seconds. Handover can be utilized in most of Unix-based systems. Furthermore, it may be integrated into a Distributed Denial of Service (DDoS) Defense System. By deploying the remaining parts of the DDoS defense system with Handover, we believe it could serve as a useful method to guard against DDoS attacks.|
|| K. F. C. Clark, S. Hand, J.G. Hansen, E. Jul, C. Limpach, I. Pratt, A. Warfield, "Live migration of virtual machines," NSDI′05 Proceedings of the 2nd conference on Symposium on Networked Systems Design & Implementation, vol. 2, pp.273-286, May 2005.|
 P. D. F. Travostino, L. Gommans, C. Jog, C. de Laat, J. Mambretti, I. Monga, B. van Oudenaarde, S. Raghunath, P.Y. Wang, "Seamless live migration of virtual machines over the MAN/WAN," Future Generation Computer Systems, vol. 22, pp.901-907, Oct 2006.
 VirtualBox Teleporting [Online]. Available: https://blogs.oracle.com/vreality/entry/teleporting
 VMware vMotion [Online]. Available: http://www.vmware.com/products/vsphere/features/vmotion
 KVM migration [Online]. Available: http://www.linux-kvm.org/page/Migration
 Performing VM migration under Xen [Online]. Available: http://wiki.xen.org/wiki/Migration
 E. K. R. Bradford, A. Feldmann, H. Scioberg, "Live wide-area migration of virtual machines including local persistent state," Proceedings of the 3rd International Conference on Virtual Execution Environments, pp.169-179, June 2007.
 O. I. Samuel A. Ajila, "Efficient live wide area VM migration with IP address change using type II hypervisor," IEEE 14th International Conference on Information Reuse & Integration, pp.372 - 379, 14-16 Aug 2013.
 Wikipedia. Live Migration [Online]. Available: https://en.wikipedia.org/wiki/Live_migration.
 Wikipedia. Denial-of-service attack [Online]. Available: https://en.wikipedia.org/wiki/Denial-of-service_attack
 Libvirt [Online]. Available: https://libvirt.org
 Wikipedia. Netfilter [Online]. Available: https://en.wikipedia.org/wiki/Netfilter
 Die.net. iptables [Online]. Available: http://linux.die.net/man/8/iptables
 NFQUEUE target [Online]. Available: http://security.maruhn.com/iptables-tutorial/x9983.html
 VPN Gate [Online]. Available: http://www.vpngate.net