The ability to orchestrate and automate a network is becoming a key issue for today’s IT leaders. With the use of SDN (software defined networking) it is now easier to implement centralized and automated responses to network threats.
Cross-connects are a critical component of GPON network orchestration and automation. They help manage traffic flow and provide a more reliable experience for data centers. These connections are also valuable in end-of-row scenarios.
Unlike an Internet-based connection, cross connects use high-speed cabling and can connect the service provider equipment and tenant equipment within the same building. This provides greater bandwidth and reduces latency. In addition, they allow for more secure data transfer and can prevent sensitive information from being compromised.
GPON is a network architecture that uses wavelength division multiplexing (WDM) to transmit information signals over optical fibers. It supports point-to-multipoint (P2MP) multicast transmission and can be configured to use Ethernet or ATM. The downstream GPON frames consist of a physical control block downstream (PCBd) and a GTC payload. Each frame has a fixed length of 125 milliseconds. AES128 algorithm is used to encrypt the data packets.
The downstream GPON frames perform operations based on the PCBd and the GTC payload. A GEM port ID is identified in the downstream packets. If the downstream port has no GEM port, the packet is forwarded as a broadcast.
The OLT sends the upstream Ethernet frames to the ONUs. The ONUs process the upstream frames and send the downstream data to different ONUs. Some of these ONUs may be unauthorized.
After the upstream and downstream traffic is sent to the ONUs, the data is encrypted with the new key. The data is then synchronized with the GTC Header. The downstream GEM port ID identifies the ONU that receives the downstream packet. When the ONU receives the downstream packet, it filters the data based on the GEM port ID.
A GPON trunking system can be set up to distribute traffic to a large number of ONUs. However, attenuation can occur in the GPON trunking system. Path loss can also occur in the GPON trunking system. Using cross-connects to divide the network to several ONUs is a cost-effective way to minimize path loss.
As a part of the GPON technology, a field trial was conducted by Deutsche Telekom in the region of Berlin. The trial focused on gaining practical experience with GPON technology and operational processes.
Downstream and upstream channels
For the orchestration and automation of a GPON network, it is important to understand the nature of downstream and upstream channels. The upstream channel is the source of traffic. This can be either an ONU or an ONT. An upstream frame is a burst of data sent over a GPON service port. Each upstream frame includes content carried by one or more T-CONT/TCONTs.
The downstream channel is the destination. Each downstream packet is identified by a GEM port ID. A GEM port ID is also used as a filter to detect data that is not significant for the GEM port. Downstream packets are then sent to the same ONU or ONT. It is possible for downstream packets to be received by an unauthorized ONU or ONT.
As a consequence, the upstream and downstream channels in a GPON network can have conflicting goals. In this case, it is vital to develop an ultra-flexible control model that allows operators to meet the needs of different tenants.
This can be achieved through the use of an optimal trade-off point algorithm. The algorithm enables efficient multiplexing of traffic on the network and guarantees strict delay bounds for real-time applications.
A novel scheduler is introduced to handle QoS differentiation simultaneously at both the ONU and the OLT levels. This provides operators with an efficient way to achieve true multi-tenancy.
The upstream and downstream channels in a Gigabit Passive Optical Network (GPON) can provide service to up to 64 end users. GPON supports P2MP multicast transmission. Upstream packets are transmitted in TDMA (time division multiple access) mode. These upstream frames include bandwidth allocation intervals.
The downstream and upstream channels in a GPON network are distributed over optical fiber. Each upstream frame has a fixed length of 125 ms. Each downstream frame contains payload and the GTC header. The GTC header is used for synchronization and forward error correction.
A DBA algorithm is also used to allocate upstream time slots. The algorithm is responsible for calculating bandwidth utilization and meeting SLA requirements. Higher accuracy may lead to better fairness and better bandwidth efficiency.
OpenSource Access Manager integration with ONAP for network orchestration
The Open Network Architecture Platform (ONAP) is an open source software platform for network orchestration and automation. ONAP enables operators to rapidly deploy new features and services. OnAP also offers operators full lifecycle management of physical and virtual network functions.
A key element of the ONAP architecture is the model driven runtime environment. This provides substantial analytics tools to support closed-loop automation. It is also a good platform for facilitating innovation.
In order for the ecosystem to develop and flourish, it is essential that the project has a vibrant developer community. This should be fostered through open collaboration with other industries, as well as Openstack. As more and more OSS solutions start to incorporate ONAP components, the ONAP code base will become more efficient, and the integration efforts will decrease.
Many of the existing OSS solutions are based on a standard architectural framework. However, as network functions continue to evolve, and the industry adopts technologies such as microservices, SDN, and cloud infrastructure, the need for updated network functions will become increasingly apparent.
There are several different types of OSS implementations, including EMS and NMS solutions. These provide basic resource level management models. However, they do not provide real-time or policy-driven software automation. Ansible and Red Hat Decision Manager are two examples of open-source implementations that provide a comprehensive network policy engine.
While the OpenSource Access Manager module is designed to be a core component, it should not be seen as a replacement for the current functionality provided by ONAP. Instead, the module should be integrated with the core platform, which includes a user interface and web services.
The goal of the Open Networking Automation Platform is to provide a complete system for policy-driven software automation. It is hosted by the Linux Foundation, and it is being developed as an open source software project.
With the rise of new business models and the emergence of IoT segments, there are many opportunities for ONAP to expand its reach beyond the current focus. As an example, a number of companies are already integrating ONAP with Kubernetes and cloud native functions.
SDN makes it easier to apply centralized and automatized responses to network threats
SDN is a software-based approach that allows network administrators to control the network by programming and controlling the data plane and the control layer. This gives greater flexibility to a network and makes it easier to automate configurations and manage resources.
While SDN provides many benefits, it also introduces new risks. These risks can arise from various attacks. However, a comprehensive understanding of the threats facing software-defined networks is necessary to recognize and avoid them.
The following are five common attacks:
DDoS attack detection: DDoS attack detection can be done by using a two-stage learning scheme. The first stage involves collecting traffic statistics and matching them with a library of known threats. Another method is to analyze the passing traffic to determine if there are anomalies or if there is any suspicious behavior.
Affliction and mitigation: If attackers succeed in capturing or causing uncontrolled traffic, it is possible for the user to quarantine the compromised device and potentially capture all traffic to the affected area. There are other techniques, such as botnet detection, which can be used to mitigate against these attacks.
Destabilization of infrastructure: Destabilization of the infrastructure raises a specter of “man in the middle” attacks. It is therefore important to prepare the IT environment before deploying SDN. In addition, it is important to understand that the control layer of SDN is accountable for the entire network.
ML-based Approaches: ML-based approaches can be useful for analyzing and mitigating network threats. ML can be used to identify anomalies. Moreover, it can be used to analyze and predict the behavior of a particular network segment.
DL-based Approaches: DL-based techniques can be useful for identifying the vulnerabilities of a specific network. Several DL algorithms have been developed for NID systems. They include EFS, AdaBoost, and PCA.
Adaptation of Approaches: Adaptation of approaches to SDN is a key step in the identification of network threats. Specifically, the adaption of existing attacks to this new paradigm is crucial.
SDN offers many advantages, including higher security, agility, and scalability. These features make it easier to deploy and scale any network.