Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Look up keyword
Like this
3Activity
0 of .
Results for:
No results containing your search query
P. 1
An Internet Software VLAN Switch Developed in Erlang

An Internet Software VLAN Switch Developed in Erlang

Ratings: (0)|Views: 67|Likes:
Published by api-3771339

More info:

Published by: api-3771339 on Oct 19, 2008
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

03/29/2015

pdf

text

original

SERVAL: an Internet softwareVLAN switch developed in Erlang\u2217
Alejandro Garc\u00b4\u0131a Castro, Francisco Javier Mor\u00b4
an R\u00b4
ua
Igalia Software Engineering
Gutenberg, 34B 2o, Pol\u00b4\u0131gono de A Grela \u2013 15008 A Corunha
e-mail:{acastro,jmoran}@igalia.com
Juan Jos\u00b4e S\u00b4
anchez Penas
University of Corunha, Computer Science Department
Campus de Elvinha \u2013 15071 A Corunha
e-mail: juanjo@dc.\ufb01.udc.es
Abstract
There are situations in which it is very interest-
ing to connect a machine to a di\ufb00erentLocal Area
Networkfrom the one its network card is actually
connected to. Some network applications require
our local host to be virtually connected to a remote
Local Area Network. This article describes a pro-
posal to develop a software system that emulates
the operation of a switch, allowing to createVirtual
Local Area Networksover the Internet, that com-

pletes the current similar solutions. We have cre- ated a prototype developed withErlang/OTP using a client/server architecture and we are working on the integration with the Operating Systems using virtual network interfaces.Erlang is very suitable to face the main issues of this system: performance, communications and fault tolerance. We have ac- complished performance and functional tests to as- sess the suitability of the designed system using the prototype. The paper will explain the current re- sults of the research and describe future work.

1 Introduction
SERVALis a research and development project

whose aim is to assess the feasibility of a system for creatingVirtual Local Area Networks (VLANs) using a software server. The main goal of this soft- ware is to provide a way to set upVLANs between

\u2217Partially supported by Xunta de Galicia - PGID-
ITSIN0313E

computers, no matter their location or the con- nection they use to access the network. For this purpose, we have designed a system that emulates the operation of a hardware switch. The Operat- ing System in the client does not have a regular network interface, but a special program that, act- ing as a virtual interface, communicates with the

SERVALserver. The clients can connect toVLANs

de\ufb01ned inside the server, which works as a software switch forwarding the messages between the clients in the sameVirtual Local Area Network (VLAN ).

Nowadays the solutions available to link twoLo-
cal Area Networks(LANs) do not provide some fea-

tures that would be desirable in some cases. The main technologies for connecting remoteLANs cur- rently are:Virtual Private Networks (VPNs) and

VLANs. The applications we have in mind as inter-

esting examples to be implemented on top of this technologies range from mobility solutions to \ufb01le sharing.

The main issues of this project that we have to
face are:
\u2022Client/server architecture: we have to support

this kind of architecture because the connec- tion from local rangeIP addresses is a require- ment, and thereforeP2P solutions would not satisfy our needs.

\u2022Performance: the emulation would have no

sense if we do not have suitable latency and throughput. The system should be able to overcome stress situations. Scalability is also an important feature.

1
\u2022Operating System integration: the interfaces

to our switch in the client side must be vir- tual network interfaces. User space applica- tions would use these interfaces as the regu- lar ones. Our target Operating Systems are

GNU/Linuxand Microsoft Windows.
\u2022Communications security: this kind of systems
should assure their communications, because
the tra\ufb03c goes through an unsafe medium.

We have designed a system following these re- quirements: a client/server architecture aimed to solve the main risks we have detected. We have decided to useErlang/OTP [1] as the development environment because its features \ufb01t very well with the project goals.

In this research we want to face and measure the main risks we can see to develop a system like the one we describe. The paper will explain the current results of the research and describe future work.

In Section 2, the current alternative solutions for connecting remoteLANs are described, and their advantages and disadvantages discussed; the moti- vations for the project are also presented. In Sec- tion 3, the main goals and system requirements for the research and development project are ex- plained. After that, Section 4 introduces the sys- tem architecture, leaving for Section 5 the details related with the use ofErlang inside the system. Current status of the project, including some per- formance tests, is presented in Section 6, before concluding in Section 7.

2 State of the art and motiva-
tion

Nowadays technology brings us some options to connect remoteLANs, but these applications do not provide us features that are very interesting in some environments.

We could useVirtual Private Networks (VPNs)
to create a virtual connection between remote
LANscommunicating over possible untrusted net-

works. With this technology we can communicate remote networks emulating neighbor networks with a router in the middle. But using this kind of tech- nology we can not transmit non-routed tra\ufb03c be- tween the network (therefore, local area protocols

cannot be used). Besides, we need to con\ufb01gure a router to send out the packages. An example of this kind of software isFreeS/Wan [2], which imple- mentsIPSec [3], an standard protocol for encrypt- ingIP tra\ufb03c between two networks connected by twoIPSec gateways.

Another option would be the use ofVirtual Lo-
cal Area Networks(VLANs) connecting Local Area
Networksthat are physically separated, enabling

non-routed tra\ufb03c between networks (and therefore local area protocols).Virtual Local Area Networks are normally implemented using the 802.1Q [4] pro- tocol, which sends layer two tra\ufb03c withVirtual Lo-

cal Area Networkinformation to de\ufb01ne Local Area
Networksusing ports of di\ufb00erent switches. The fact

of being able to communicate any kind of tra\ufb03c between the networks, would simplify some reg- ular tasks when we share resources and will also enable the use of applications that communicate with each other using protocols like Rendezvous or

SMB. The main limitation of this kind of solutions

is that, nowadays, we can only deploy a system like that if we have control over all the physical switches placed between the host and the network we want to connect it to; besides, all the intermediate ma- chines should have that feature implemented. We cannot forget that a telecommunications company, even controlling all the hardware of the network, can not touch the con\ufb01guration of their machines dynamically in a safe way, because any mistake would spoil all the tra\ufb03c of the network. We also have to remark that changing the con\ufb01guration of the machine is not simple, and a trained technical assistance would be needed.

The system we propose in this paper can emulate
thisVLANs behavior using a scalable, distributed,
TCP/IPserver that acts as a software switch. The
clients would run programs that simulate logical
network cards connected to the software switch.
We have taken some features of bothVPN and
VLANsystems to de\ufb01ne the main goals of the

project. The security ofVPNs is a very im- portant feature, because communications are per- formed through an unsafe medium. Authentication and authorization are a important issues that needs to be solved properly. Hardware switches are de- signed to handle a great \ufb02ow of packages, therefore the system has to be ready to manage heavy stress conditions. The performance is another main issue we have to face and speci\ufb01cally the system scala-

2

bility. We should consider a group of thousands of clients that de\ufb01ne a group ofVLANs trying to send their discovery messages through the switch, the la- tency has to be correctly handled. In any case, the use of this kind of systems must be well designed because the amount of tra\ufb03c that the local proto- cols produce can be very large.

Some of the standards and well-known technolo-
gies we are using or considering for the project are:
\u2022Local Area Networktechnologies:Ethernet,

Token Ring, etc. We also should review sys- tems to manage this kind of tra\ufb03c, congestion management.

\u2022Virtual Local Area Networktechnologies:
802.1Q [4], 802.1D [5] and current hardware
that supports it.
\u2022TCP/IPtransport protocols: UDPand TCP.
We want to do research about which one
should be more appropriate.
\u2022Application level protocols and their encryp-
tion systems:SSL andTSL [6].
\u2022Network interface emulation, both for
GNU/Linuxand Microsoft Windows.
We have discussed and proposed some applica-
tions of theSERVAL technology together withR,
Cable e Telecomunicaci\u00b4
ons de Galicia, S.A., to

learn more about possible use cases and increase the knowledge about the system requirements. The idea was to \ufb01nd out some applications in which the advantages of the technology would make them spe- cially interesting for our project:

\u2022Virtual corporativeLANs among several phys-

ical networks in a company, with a simple and \ufb02exible con\ufb01guration. Enterprises could de- \ufb01ne communications between their headquar- ters easily, they could even work from home, using their personal Internet connection, but accessing the network and resources of the company. This is very interesting for mobil- ity: if a worker is in a di\ufb00erent place than the rest of the company, he can still connect to the network and develop his tasks or access to a document that he has in his account.

\u2022File sharing: users could easily create a pri-

vate network between them to transmit infor- mation. They just have to use standard local area network protocols and they could share resources and services.

\u2022Games through Internet that could only be

used before in aLAN environment. This is an interesting product for a telecommunications provider company like, because the easiest way to play in a network is using machine and soft- ware discovery protocols that only work in a

LAN. The tool to manage the connections to

theVLANs can be an easy interface that al- lows a regular user to connect to this networks and play network games the same way he/she is used to do in local environments. The enter- tainment industry is nowadays an important part of the telecommunication business.

3 Projectgoals

The main goal of this research is to assess the fea- sibility of the use of the current technologies for building a software system able to create and con- trolVLANs. We have agreed some functional re- quirements that the developed system should ful\ufb01ll:

\u2022Client/server architecture: the basic architec-

ture of the system should have these two lay- ers. We need this kind of architectural design because of the current Internet connectivity, there are a lot of conditions where the clients are in a network with localIP address range. In these cases we need this kind of architecture to assure the connection between the hosts, be- causeP2P technologies would not adapt cor- rectly to our needs. The \ufb02exibility and control that the server application provide us seems to be an interesting feature for the system. Anyway, we have also considered thepeer-to-

peer(P2P) architecture, there are some condi-

tions where theP2P could be a good solution. Therefore, our main goal is the client/server architecture but we will consider the way to adapt the system to aP2P deployment.

\u2022GNU/Linuxand Microsoft Windowslink layer
integration: it is an important point for the
system usability. Due to these requirements
3

Activity (3)

You've already reviewed this. Edit your review.
1 thousand reads
1 hundred reads
rosten liked this

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->