Implementation of a Virtual Switch Monitor System Using OpenFlow on Cloud

Chao-Tung Yang, Jung-Chun Liu, Wei-Sheng Chen, Fang-Yie Leu, and William Cheng-Chung ChuDepartment of Computer Science, Tunghai University, Taichung City, 40704 Taiwan ROC

Email: ctyang@thu.edu.tw, jcliu@thu.edu.tw, adam.cws@gmail.com, leufy@thu.edu.tw, cchu@thu.edu.tw

Abstract—As a next generation networking protocol, theOpenFlow mechanism speeds up network performance byseparating the control plane from the data plane. It can beimplemented for QoS functions: users in need of networkresources or with higher priorities defined by the system areallocated with adequate resources. In addition to the communi-cation protocol, another two elements are needed to implementa complete OpenFlow system: the switch, either physical orvirtual, which supports OpenFlow, and the controller, whichsends setting packets of flows to control the switch flow table.With OpenFlow, users are not restricted to functions providedby the specific switch or router, such as RIP, OSPF, EGProuting protocols, firewalls, QoS, Anti-Virus, and NAT, sinceit provides a standard Application Programming Interface tolet users have the freedom to define their wanted functionsinstead of predefined functions bundled in the manufacturer’sproprietary operating system. The main goal of this paperis to create an OpenFlow switch monitoring system, whichoversees all hosts and traffic pass through switches underthe controller, and provides a simple web page by which thenetwork administrator can modify the priority of each flowand manage the whole network with great ease.

Keywords-OpenFlow; Software Defined Network; CloudComputing; Open vSwitch;

I. INTRODUCTION

At the early days of the Internet, users used dial-up accessvia modems to interchange messages by instant messagingor transfer files with other users, and might have to pay dial-up Internet access fees to the Internet service provider (ISP)according to service contracts. The data transfer speed ofdial-up modems at that time was normally from 14.4kbps to52.2bps. Since then the Internet has blossomed, and manyusers started creating their own home page profiles, andsharing files and images such as MIDI, GIF, and JPEG files.At the beginning of the Internet, Bulletin Board System(BBS) was also very popular, since with the low transferspeed, the fastest way to send information is through texting.With xDSL technologies for modems, such as ADSL andVDSL, the network speed began to advance to the Mb level.For example, the highest data transmission speed in Taiwanis currently more than 100Mbps. Besides, network servicecompanies continue to develop architecture to provide userswith innovative services; as a result, the cloud era arrives.

With the continuous development of the cloud technology[1], [2], daily life of people is gradually drawn to cloudservices, which offer people with a very convenient livingstyle. Many cloud vendors have vigorously developed, such

as Google, Amazon, Microsoft, Yahoo, and Apple, providingvarious cloud services, such as messaging (MSN), videocalls (skype, Google+ Hangout), file sharing (Dropbox,Google drive) and many other services. Instead of usingstand-alone computers with installed software, people canuse browsers to access applications, edit and store files inthe cloud with great ease.

Nowadays, people use services through the cloud in ev-eryday life, such as to exchange messages, transmit photos,or chat to others via VoIP software. All these services usecloud services and compete for limited networking resourcesprovided by the cloud service vendors, sometime even clogthe network due to inflexibility and lack of Quality ofService (QoS) mechanisms of the network design. To solvethis problem at networking, it is better to try to shift someloads handled at the core layer to the access layer or thedistributed layer. In this paper, we focus on the cloud servicevendor network and use OpenFlow as the access layerswitch for QoS mechanisms [3]. We aim to reduce the loadat switches on the core layer, dispose of network trafficfrom the access layer, and achieve QoS in the proposedimplementation.

The rest of this work is organized as follows. In section2, we introduce the adopted techniques and backgroundknowledge. Section 3 describes system architecture and keyalgorithms used in the paper. Section 4 shows experimentalresults for the proposed system. Section 5 provides conclu-sions and future work.

II. BACKGROUND AND RELATED WORKA. Virtual LAN

The Virtual Local Area Network (Virtual LAN or VLAN),supported by the networking standard IEEE 802.1Q, pro-vides data separation and security between network trafficover Ethernet. The VLAN tagging is used to share a physicalinterface for multiple VLANs, and keep messages secure.

There are three types of VLANs:• Port-Based VLANs: Also called Static VLANs. Each

physical interface accesses only one VLAN specifiedby the user at the configuration file.

• MAC-Based VLANs: When a user connects to a switchinterface, the switch sends the mac of the connecteduser to a VLAN Management Policy Server (VMPS),then the network administrator can assign a VLAN tothe user.

• Protocol-Based VLANs: For a network running mul-tiple protocols, such as Novell IPX, AppleTalk, andTCP/IP, protocol-based VLANs can be used to separateeach kind of protocols to each VLAN.

VLANs can keep the network cleaner, since separatingVLANs also separates broadcast domains; thus, collisionevents can be minimized.

B. OpenFlow

OpenFlow, a Layer 2 protocol released on February 28,2011, can be used to separate the data plane from the controlplane for better network performance. OpenFlow gives aremote controller permission to modify actions of networkdevices, just like normal routers and switches usually do.But when vast amount of throughput is processed by anormal router or switch, the CPU loading will increase,because the switch needs to decide the packet path for eachpacket. The increase in the CPU loading will slow downpacket processing and may crash CPU if its loading is full.OpenFlow allows the path of packets be determined bysoftware running on PCs or routers to enable more complextraffic management than before. The network administratorcan manage network better via it than using access controllists (ACLs) or routing protocols [4]–[7]. The OpenFlowcontroller uses a secure channel to communicate with Open-Flow switches and send messages defined by the OpenFlowprotocol.

C. OpenvSwitch

OpenvSwitch, a multilayer virtual switch licensed un-der the open source Apache 2.0 license, aims to supportimmense network automation via programmatic extension,while still in support of standard management interfacesand protocols (e.g. NetFlow, sFlow, SPAN, RSPAN, CLI,LACP, and 802.1ag) [8]. Besides, it aims to enable distri-bution across multiple physical servers similar to VMware’svNetwork distributed vswitch or Cisco’s Nexus 1000V. Asshown in Figure 1, OpenvSwitch is split into many parts.

D. Software Defined Network

Until recent years, the network technology has beensteadily growing, but since Software Defined Network(SDN) published in 2011, it has been changing fast. Thecore technology of SDN is OpenFlow that can run onnormal operating systems, allowing users to change networkarchitecture and control network flows as well. BecauseOpenFlow separates network intelligence, i.e., the controlplane from real data transmission, i.e., the data plane, deci-sions such as how to stream data on the network, or wherepackets should go, are no longer directly specified by arouter or a switch, but controlled by the data center operatorsor network managers. In simple terms, SDN shifts morepermissions of network control from device vendors to users,letting users directly manage the system characteristics and

Figure 1. OpenvSwitch Architecture

functions. This approach saves money, and at the same time,provides more flexibility to satisfy business needs [9]–[13].

The concept of SDN was proposed in March 2011 bythe Open Network Foundation, and ever since the idea hastransformed into commercial product. OpenFlow enablesresearchers to continue work at occasions when manufac-turers do not want to release their own source codes orprovide the details of products. By adding OpenFlow to theEthernet switch, router or wireless access point, a standardApplication programming interface (API) is created andready for use. SDN has following advantages:

• Any developer can program the device, providing theflexibility of network usage, operation, and sales mod-els.

• Users can obtain desired functions faster than before,without the need to wait equipment suppliers to add thewanted features into product lines.

• SDN realizes virtualization of the network, combiningnetworking, computing and storing resources into one,thus enabling control of the whole IT environment.

With SDN, the network operating system can be run atany personal computer or any kind of server, without theneed to modify kernels or system nodules. The switch is stillresponsible for actual packet-switching jobs. But OpenFlowprotocol will be run between the switch and controller. Whenthe switch gets a packet without an action record, it willsend the packet to the controller, which decides what actionshould be done with this packet and sends an action messageback to the switch; and after getting the message, the switchcan act by itself.

E. Cloud Computing

Cloud computing is a computing approach based on theInternet. In this way, resources can be shared by the requiredhardware and software available to computers and otherdevices. While being without direct control of computing

resources, users no longer need to understand the ”cloud”in the details of the infrastructure, or to possess the necessaryprofessional knowledge. Cloud computing describes a newInternet-based services to increase IT use and deliverymodels. Usually involving the Internet is easy to providedynamic and virtual extension of the resource. The cloud isnetwork, and Internet a metaphor. Cloud computing includesthe following levels of service: Infrastructure as a Service(IaaS), Platform as a Service (PaaS), and Software as aService (SaaS).

• IaaS: Users can follow the required level of computingand network equipment and other resources to askthe service provider for subscription service, and mayrequire changes to settings; and service provider cal-culates cost according to usage of the CPU, memory,disk space, and network.

• PaaS: For development of services, vendors who rent acomputer, which has all the necessary hardware andsoftware developing environment, or provide appli-cation developers to market; in accordance with theamount of traffic and the use of resources, developerfees are charged.

• SaaS: Software stored in the data center provides usersnetwork access services; the type of charge is either perperiod or pay-per-order.

F. Virtualization

The virtualization technology provides a single host withmore powerful hardware performance. The goal of vir-tualization is to centralize administrative tasks while im-prove scalability and overall hardware-resource utilization.In practical terms, virtualization offers the capability torun applications, operating systems, or system services ina logically distinct environment that is independent of anyspecific physical computing system. By virtualization, it isalso able to achieve live migration of virtual machines (VMs)to ensure uninterrupted service and save energy [14], [15].

G. Related Work

In recent years, advance of the technology in the perfor-mance improvement management process makes it possibleto use the VM computing platform. Many studies haveimplemented the virtual network environment to reduce sys-tem cost. However, since data transmissions between servernodes often occur in the parallel and distributed computingsystems, high demand of the network may cause significantloss of performance over the system. Bianco et al. focused onthe OpenFlow data plane performance, and how OpenFlowprotocol enables flow isolation and resource slicing. Theyused linux based PCs to implement the OpenFlow switch,measured and compared packet forwarding throughputs ofthe OpenFlow switch, layer-2 Ethernet switch, and layer-3IP router. [16]. They concluded that good performance isachieved in the OpenFlow switch; but with packet sizes of

64-bytes and 128-bytes, the performance of the OpenFlowswitch is slightly worse, while with the packet size largerthan 128-bytes the performance of it is as good as thehardware layer-2 switch. Two flow tables are managed inthe software based OpenFlow switch: the linear table thatexploits wildcards in the packet header fields to matchpackets to flows, and the exact match table that exploitsa hashing function. The hash table of OpenFlow was alsosuggested to improve performance.

Pisa et al. evaluated the effect of different virtual networkmigration models of Xen and OpenFlow virtualization plat-forms. They demonstrated that data and control plane sepa-ration is the key to decrease packet losses during migration.For the Xen standard migration, the number of lost packetsrises linearly with the packet rate; Xen with plane separationincurs a downtime only during the control plane migration;OpenFlow has no downtime, since its migration mechanismmoves the data traffic to a new path without migrating thecontrol plane. [17]

Hayoung et al. proposed a flow-based hybrid methodto improve performance in NOX and wireless OpenFlowswitch networks. To prevent access point failure, when thetransmission of a wireless OpenFlow switch fails, one ofneighboring wireless OpenFlow switches retransmits the lostframe. [18]

Some researchers also applied OpenFlow to academicnetworks. Rostami et al. designed a prototype OpenFlow-enabled network using gigabit Ethernet switches. They useda ATCA switch platform to build it, but finally found outthe bottleneck lies in the OpenFlow switch: it can forwardthe packets at the line rate if the incoming traffic hits theentries already installed in the flow table; however, it needsto consult the controller for forwarding packets if the inputtraffic is unknown to the flow table. [19]

Ferkouss et al. used OpenFlow at a 100 Gigabit networkwith TCAM and OpenFlow 1.1, which introduces pipelineprocessing of the flow tables. They showed that good perfor-mance can be achieved by adopting Recursive Flow Classifi-cation that uses SRAM and TCAM to enhance classificationperformance for the Openflow 1.1 switch. [20] For scalablevideo streaming, Egilmez et al. used OpenFlow to do QoSrouting to improve the video stream quality. They showedthat dynamic rerouting of QoS flows significant improvesoverall PSNR of the video under network congestion. [21]

Rotsos et al. use OFLOPS to evaluate different OpenFlowswitch implementations. They observed that the perfor-mance of OpenFlow switch depends on applied actions andfirmware, and exact OpenFlow command completion can bedetected only through the data plane. [22]

III. SYSTEM IMPLEMENTATION

A. System Architecture

The hierarchical three-layer model, a network designmodel first proposed by Cisco, divides networks into three

layers: the core layer, distributed layer, and access layer, asshown in Figure 2. In general, network flows will aggregateto the core layer, after some actions being performed onflows by the firewall, QoS, VoIP, and monitoring functionsin the smart distribution layer. When the aggregated networkflow through the core layer becomes too massive, evenpowerful devices cannot handle it with ease. To solve thisproblem at networking, we try to shift jobs handled at thecore layer to the access layer and the distributed layer in oursystem implementation.

Figure 2. Network Layers

The proposed system uses OpenvSwitch as the accesslayer switch and three Netgear GSM7352S2 switches as thedistributed switches.

OpenFlow protocol is adopted to monitor network flows,and to show network flows on the administrating console sothat the network administrator can manage the OpenFlowswitches to perform some actions, such as to drop packets,to forward packets to the port specified by the administrator,or to change headers of packets.

B. OpenFlow Testbed

In this subsection the implemented OpenFlow testbedis described. We used three Netgear GSM7352 switchesand one SMC 8524T Gigabit switch. The Netgear switchesfirmware was replaced by Indigo Open Source firmware,which is developed to support high rates for high port countsto run OpenFlow. The SMC switch was used to emulate thetraditional network as a normal Layer 2 switch.

As shown in Figure 3, all PC 2, 3, and 4 have a dual portNIC, with each port connected to one SMC switch and threeNetgear switches in the Type 2 mode. The testbed networkcan perform two types of experiments. Type 1 is the VMmode in which three Netgear switches are connected to eachNIC on PC 2, 3, and 4. This mode is used to create VMs totest OpenvSwitch functions and emulate data centers locatedat different places. Type 2 is the traffic mode which is usedto test the OpenFlow functions of each Netgear switch andfind its transmission efficiency.

Figure 3. Network Type 2

C. Network Configuration

First, we uploaded a firmware that supports OpenFlow tothose three GSM3752S2 switches. Then we used the serialconsole to access the switch that supports OpenFlow, andtyped commands to set the ip switches and the controller,as shown in Figure 4.

Figure 4. GSM 7352S2 configurations

After setting above information to the switch, we can usethe OpenFlow protocol to control the switch, such as usingadd-flow or del-flow to perform adding or deleting actionson the flow.

D. OpenvSwitch Configuration

Because OpenvSwitch is still not the official option ofKVM yet, it needs to be manually installed. Type thosecommands shown in Figure 5 onto an Ubuntu linux systemto install OpenvSwitch.

Figure 5. OpenvSwitch installation

To check installation of OpenvSwitch, after installingOpenvSwitch, we setup the controller ip to the OpenvSwitchto manage and configure it, as shown in Figure 6.

The components of OpenvSwitch are depicted in Figure 7.There are two processes running in the system user space.

Figure 6. Installation check of OpenvSwitch and controller ip setup

The ovs-vswitchd process communicates with the OpenFlowcontroller and ovsdb. The ovs-server is near ovsdb; it storesall OpenvSwitch setting, and notifies datapath in the kernelspace if need. We also used user space tools to setupOpenvSwitch: (1) ovs-vsctl sets commands to the ovsdb tolet users create bridges and specify bridge port mapping; (2)ovs-dpctl is a tool to manage datapath. The status of mostflow information is shown through netlink, but the flow canalso be operated in datapath; (3) ovs-ofctl is the managementtool of OpenvSwitch. To change its setting, ovs-vswitchdprocess is used; (4) ovs-appctl is a management tool of ovs-vswitchd. To control it or dump information, Process ID(PID) of ovs-vswitchd is used.

Figure 7. Relation of OpenvSwitch tools

E. Virtual Machine Configuration

To emulate user experiences in real situations, we exe-cuted some VMs at physical machines to simulate actionsof normal users, such as to browse through websites, useskype to talk with friends, and download files of small orlarge size. The following is our VM configuration file in thelibvirt XML format.

[l a n g u a g e =XML,b a s i c s t y l e =\ f o o t n o t e s i z e ,c a p t i o n ={QEMU x86\ 64 VM XML u s i n g l i b v i r t } ,l a b e l = s e t t i n g : qemu x64

]

QEmu−f e d o r a−i686 c7a5fdbd−cdaf −9455−926a−d65c16db1809 2192002192002

hvm

/ u s r / b i n / qemu−system−x86 64

< t a r g e t dev = ’ hdc ’/>

< t a r g e t dev = ’ hda ’/>

< i n t e r f a c e t y p e = ’ network ’>

F. System Configuration

After configuring the entire environment, we could usethe browser to visit several pages, like Floodlight OpenFlowcontroller and Indigo Open source OpenFlow firmware’sweb page On the floodlight web page, some tabs are foundat the top. The Switch tab shows how much OpenFlowswitches are connected to this controller; and after clickingthe switch path id, more detailed information of this switchis given, such as the total number of ports, the link statusof each port, and the transmitted and received packets andbytes. The Host tab shows all hosts which have ever beenconnected to switches; even just for ARP requests, thefloodlight controller will record them and show them on theHost tab. The Topology tab uses Scalable Vector Graphics(SVG) to draw the whole network topology into a graph.It will connect the host and switches with lines to showwhich switch can reach to which host. The Dashboard tabcombines the Switch tab and the Host tab, directly showingthese two tabs at the same page to provide users with thesystem overview.

The Indigo open source OpenFlow firmware web pageprovides features for users to view and modify some vari-ables, such as to set the MAC and IP address, and specifythe OpenFlow controller IP and port. One can move to the

monitor tab and click on the flow table option to find howmany flows set to this switch or click on detail to see thewhole flow rules.

IV. EXPERIMENTAL RESULTS

A. Experimental Environment

The proposed system used OpenvSwitch as the accesslayer switch and three Netgear GSM7352 switches as dy-namic Layer 3 switches; besides, sFlow was used to samplepackets and monitor the network.

Model DELL OptiPlex 745CPU Intel Core 2 6400 2.13GhzMemory DDR2 667MHz 512MB x 2Disk 160GBHypervisor KVM 1:84+dfsg-0ubuntu16+1.0+noroms+0ubuntu14.3Virtual Switch OpenvSwitch 1.4.0-1Ubuntu1.3Linux Ubuntu 12.04 amd64 server editionKernel 3.2.0-23-genericHardware Switch Netgear GSM7352S2 x 3

Table IHARDWARE SPECIFICATION

Table I lists the experimental environment. We used fourDell OptiPlex 745 computers, one for the controller, three forthe VM hosts and OpenvSwitch. Each Dell OptiPlex 745 hasspecifications of Intel Core 2 6400, 1GB of RAM, 160GB ofhard disk. All Dell OptiPlex 745 computers were installedwith Ubuntu 12.04 amd64 server version as the operatingsystem. The hypervisor was KVM, and the virtual switchwas OpenvSwitch. OpenvSwitch was built with sFlow, sowe could set up the environment to acquire flow data. Inthis work, we used pmacct to collect data from the sFlowagent, and also wrote a shell script to show how many hostsare present in the network to let the network administratorset OpenFlow to OpenFlow switches (OpenvSwitch andGSM7352S2).

Figure 8. Experimental Environment

Figure 8 shows the experimental environment, whichconsists of three LANs and one backbone with an OpenFlow

controller. Each LAN has a VM host that is installed withOpenvSwitch to support OpenFlow to simulate a cloudcomputing environment using VMs. There is a personalcomputer only installed with a normal operating system,such as Windows XP, Linux, and Mac OS, to simulate anetwork without OpenFlow.

We used the flag at OpenFlow packets to control thefunction we wanted to use when deploying the flow targets.Before setting the flag, we needed to use match functions tomatch which flow we want to set the flag. The match fieldis shown in Table II.

Ingress portMetadataEthernet SourceEthernet DestinationEthernet TypeVLAN idPriorityMPLS LabelMPLS Traffic classIPv4 SourceIPv4 DestinationIPv4 protocol or ARP opcodeIPv4 ToS bitsTCP / UDP / SCTP Source Port or ICMP TypeTCP / UDP / SCTP Destination Port or ICMP Code

Table IIOPENFLOW MATCH FIELD

To implement the QoS function, we designed a webcontrol interface (refer to Figure 9) to control the switch bysetting the priority flag in OpenFlow packets. This webpageis user-friendly that it can hide MAC without IP as shown inFigure 10. This function can reduce complexity for users tooperate the system in ease. To set priorities to the network,users can just click on the wanted IP or MAC to evoke a textbox at the left screen. The value 32768 (the lowest priority)is the default value to set network flows of the switch. Thenclick the text box to enter the wanted priority value (smallernumbers mean higher priorities) (refer to Figure 11), andclick send to set priority to the switch (refer to Figure 12).There will be animations of flows as shown at the left side ofthe Switch DP ID box. The experimental results are shownin the next subsection.

B. Experimental Results and Discussion

First, iperf was used to create TCP and UDP data streamsand measure throughput of the network. It has a parameternamed stdin to let users specify the contents of packets.In this work, the parameter stdin is used to set the packetsize, so performance of the system can be measured withvaried packet sizes. The experimental results are reported inTable III and plotted in Figure 13.

We observe that the height of the green bar representingthroughput on the switch is lower than others when the

Figure 9. Web control interface

Figure 10. Web control, hide MAC without IP

packet size is 64-byte, 96-byte, or 128-byte. But when thepacket size is larger than 256-byte, throughputs for thethree settings of switches are similar. Besides, throughputsincrease as the packet size increases. The reason is thatheaders of packets need to be processed in all three settings.Smaller packet size implies more headers are present andthat will bring down the performance. The pros and cons ofthe protocol design are clearly revealed here.

After experimenting switches with different protocols,the next experiment focuses on QoS policies to limit thebandwidth of large network flows. Figure 14 depicts these9 hosts used in this experiment. IP prefixed with 10.0.x.x isused for networks with VMs.

In Figure 15 we set Host 1 with a priority of 19999, whichwill limit the bandwidth to 200 Mbps.

In Figure 16 we set Host 1 with a priority of 5000, whichwill increase the limit of bandwidth to 550 Mbps.

Figure 11. Web control, set priority

Figure 12. Web control, set flows to switch

Figure 17 and Figure 18 also has a priority of 5000 and19999, respectively, but set on a different host, i.e., Host 2.

After setting priority, we investigated its influence onnetwork traffic. Figure 19 and Figure 20 show the results.Host 1 sets priority from 19999 to 5000, and the throughputincreases from 200Mbps to 1Gbps. Host 2 reverses the aboveprocess, so the network bandwidth decreases from 1Gbps to200Mbps.

After above QoS experiments, we tried to apply theQoS setting to a more realistic scenario, in which a userwas downloading a large file with the HTTP protocol thatoccupied most of the network traffic, nearly 900M bps;but if then another user wanted to use FTP to downloada massive file to install machines, which might be kept in alow speed for a long time. The OpenFlow switch can matchpackets with ports, which can be realized in the protocol,since different protocols usually use fixed and different ports.

Packets sizes (bytes) 64 96 128 256 512 1024 1500normal bridge 389 618 645 815 901 930 952OpenFlow 412 630 648 820 904 933 959switch 268 420 589 813 902 935 955

Table IIIUSING IPERF WITH DIFFERENT PROBE METHOD

Figure 13. Experimental Result

When the switch matches a packet with a specified port, itwill send the packet in a queue. Three queues were used. Thedefault queue was set at full speed (1000 Mbps); FTP queue,550 Mbps; and HTTP queue, 100 Mbps. Our experiment hadtwo settings. In the first setting, we used the default queuefor all packets, and started the HTTP protocol to downloadwith the full speed. After 5 minutes, we started FTP todownload and monitored the network speed. The wholeexperiment lasted for 20 minutes. In the second setting, weperformed the experiment like the first setting for the first10 minutes, and after 10 minutes we applied the QoS policyto investigate its effect.

We observe that for the traditional network in Figure 21,the FTP speed (about 100M bps) is always lower than theHTTP, which is much higher, about 830M bps. But whenwe enabled the QoS policy after 10 minutes, as shown inFigure 22, the HTTP traffic is decreased to 200M bps andthe FTP traffic is increased to 550M bps.

As a monitoring system, our system also provides warningfunctions. The network administrator can set an upper boundfor each port. When a port with traffic reaches the upperbound, our system will recognize the port and all hostsunder it, as shown in Figure 23. The system can alsosend a warning message by email to notify the networkadministrator to check the network as shown in Figure 24.

V. CONCLUSIONS AND FUTURE WORK

In this paper, we implement a virtual switch monitoringsystem using OpenFlow in cloud computing environments.We measure network speeds of the normal bridge, Open-Flow, and normal switch, and find that speed of the switch

Figure 14. Web Setting 1

Figure 15. Web Setting: Host 1 Priority to 19999

is much lower than the other two for packets with a smallpacket size. But for packets with larger packet sizes (morethan 256-bytes), these three methods show similar behaviorand the throughput increases when the packet size grows.Advantage of performance of the OpenFlow switch is notshown very clear here because the IP and MAC used in thetests are the same. Its performance should be more obviousif it is applied in a more complex environment with variousIPs and MACs. After comparison of different protocols, wetest features of OpenFlow such as setting the flag to executeQoS. In the traditional network, firewall and QoS are usuallyput at the backbone, which usually has large amount ofnetwork traffic. If we want to process the massive networktraffic by the firewall or QoS functions, hardware of thefirewall or QoS needs to be very powerful and a lot of moneyshould be spent on these devices. But with the OpenFlow-

Figure 16. Web Setting: Host 1 Priority to 5000

Figure 17. Web Setting: Host 2 Priority to 5000

enabled switch, we can alleviate and process network flowsat the frontend, where network traffic is generated. By usingOpenFlow to separate the data plane from the control plane,we can singly control the policy to act OpenFlow-enabledswitch as the firewall or QoS device, and spend muchless money on hardware. To manage the entire networkenvironment, we also have developed a web interface con-sisting of OpenFlow controller, OpenFlow-enabled switch,and a user interface. The experimental results show that wesucceed in controlling the network traffic and alleviating thenetwork utilization from the source side. Compared withthe traditional network, OpenFlow shows that it does notdecrease the network speed. IT should try to move QoS orfirewall services from the backbone to the frontend switch tolessen pressures on devices and the server. In the future, wewill continue to develop this system by adding more featuresto it, such as features that allow users to set or change QoS

Figure 18. Web Setting: Host 2 Priority to 19999

Figure 19. QoS Result 1

or firewall policies.

ACKNOWLEDGMENT

This work was sponsored by the U-Care ICT IntegrationPlatform for the Elderly, No. 103GREEnS004-2, Aug. 2014,Tunghai University. This work was supported in part by theMinistry of Science and Technology, Taiwan ROC, undergrant numbers MOST 103-2221-E-029-021.

REFERENCES

[1] Xin Li, Zhuzhong Qian, Ilsun You, and Sanglu Lu. Towardscost efficient mobile service and information managementin ubiquitous environment with cloud resource scheduling.International Journal of Information Management, 34(3):319– 328, 2014.

[2] Feilong Tang, Ilsun You, Can Tang, and Minyi Guo. An effi-cient classification approach for large-scale mobile ubiquitouscomputing. Information Sciences, 232(0):419 – 436, 2013.

[3] Meral Shirazipour, Wolfgang John, James Kempf, HowardGreen, and Mallik Tatipamula. Realizing packet-opticalintegration with sdn and openflow 1.1 extensions. In ICC,pages 6633–6637, 2012.

[4] Thomas A. Limoncelli. Openflow: a radical new idea innetworking. Commun. ACM, 55(8):42–47, 2012.

Figure 20. QoS Result 2

Figure 21. Network traffic without QoS policy

[5] Manel Bourguiba, Kamel Haddadou, Inès El Korbi, andGuy Pujolle. Improving network i/o virtualization for cloudcomputing. IEEE Trans. Parallel Distrib. Syst., 25(3):673–681, 2014.

[6] Raj Jain and Subharthi Paul. Network virtualization andsoftware defined networking for cloud computing: a survey.IEEE Communications Magazine, 51(11):24–31, 2013.

[7] Juan Felipe Botero and Xavier Hesselbach. Greener net-working in a network virtualization environment. ComputerNetworks, 57(9):2021–2039, 2013.

[8] Yan Pu, Yilong Deng, and Akihiro Nakao. Cloud rack:Enhanced virtual topology migration approach with openvswitch. In ICOIN, pages 160–164, 2011.

[9] Adrian Lara, Anisha Kolasani, and Byrav Ramamurthy. Net-work innovation using openflow: A survey. IEEE Communi-cations Surveys and Tutorials, 16(1):493–512, 2014.

[10] Ameen Banjar, Pakawat Pupatwibul, and Robin Braun. Daim:a mechanism to distribute control functions within openflowswitches. JNW, 9(1):1–9, 2014.

[11] Sachin Sharma, Dimitri Staessens, Didier Colle, Mario Pick-avet, and Piet Demeester. Openflow: Meeting carrier-grade re-covery requirements. Computer Communications, 36(6):656–665, 2013.

Figure 22. Network with QoS policy after 10 minutes

Figure 23. Warning system and administrator email setting

[12] Stefano Salsano, Nicola Blefari-Melazzi, Andrea Detti, Gi-acomo Morabito, and Luca Veltri. Information centric net-working over sdn and openflow: Architectural aspects andexperiments on the ofelia testbed. Computer Networks,57(16):3207–3221, 2013.

[13] Sung-Su Kim, Joon-Myung Kang, Sin-Seok Seo, and JamesWon-Ki Hong. A cognitive model-based approach for auto-nomic fault management in openflow networks. Int. Journalof Network Management, 23(6):383–401, 2013.

[14] Lizhe Wang, Dan Chen, Jiaqi Zhao, and Jie Tao. Re-

Figure 24. Warning system sends email to network administrator

source management of distributed virtual machines. IJAHUC,10(2):96–111, 2012.

[15] Jie Tao, Karl Fürlinger, Lizhe Wang, and Holger Marten. Aperformance study of virtual machines on multicore architec-tures. In PDP, pages 89–96, 2012.

[16] A. Bianco, R. Birke, L. Giraudo, and M. Palacin. Openflowswitching: Data plane performance. In Communications(ICC), 2010 IEEE International Conference on, pages 1 –5,may 2010.

[17] PedroS. Pisa, NataliaC. Fernandes, HugoE.T. Carvalho,MarceloD.D. Moreira, MiguelEliasM. Campista, LusHen-riqueM.K. Costa, and OttoCarlosM.B. Duarte. Openflowand xen-based virtual network migration. In Ana Pont,Guy Pujolle, and S.V. Raghavan, editors, Communications:Wireless in Developing Countries and Networks of the Fu-ture, volume 327 of IFIP Advances in Information andCommunication Technology, pages 170–181. Springer BerlinHeidelberg, 2010.

[18] Hayoung Oh, Junjie Lee, and Chongkwon Kim. A flow-based hybrid mechanism to improve performance in nox andwireless openflow switch networks. In Vehicular TechnologyConference (VTC Fall), 2011 IEEE, pages 1 –4, sept. 2011.

[19] A. Rostami, T. Jungel, A. Koepsel, H. Woesner, andA. Wolisz. Oran: Openflow routers for academic networks.In High Performance Switching and Routing (HPSR), 2012IEEE 13th International Conference on, pages 216 –222, june2012.

[20] O.E. Ferkouss, I. Snaiki, O. Mounaouar, H. Dahmouni,R. Ben Ali, Y. Lemieux, and C. Omar. A 100gig networkprocessor platform for openflow. In Network and ServiceManagement (CNSM), 2011 7th International Conference on,pages 1 –4, oct. 2011.

[21] H.E. Egilmez, B. Gorkemli, A.M. Tekalp, and S. Civanlar.Scalable video streaming over openflow networks: An opti-mization framework for qos routing. In Image Processing(ICIP), 2011 18th IEEE International Conference on, pages2241 –2244, sept. 2011.

[22] Charalampos Rotsos, Nadi Sarrar, Steve Uhlig, Rob Sher-wood, and AndrewW. Moore. Oflops: An open framework foropenflow switch evaluation. In Nina Taft and Fabio Ricciato,editors, Passive and Active Measurement, volume 7192 ofLecture Notes in Computer Science, pages 85–95. SpringerBerlin Heidelberg, 2012.