It’s a Match! Near-Optimal and Incremental Middlebox Deployment

It’s a Match! Near-Optimal and Incremental Middlebox Deployment

Abstract

The virtualization and softwarization of modern computer networks offers new opportunities for the simplified management and flexible placement of middleboxes as e.g. firewalls and proxies. This paper initiates the study of algorithmically exploiting the flexibilities present in virtualized and software-defined networks. Particularly, we are interested in the initial as well as the incremental deployment of middleboxes. We present a deterministic O(log(min{n, κ})) approximation algorithm for n-node computer networks, where κ is the middlebox capacity. The algorithm is based on optimizing over a submodular function which can be computed efficiently using a fast augmenting path approach. The derived approximation bound is optimal: the underlying problem is computationally hard to approximate within sublogarithmic factors, unless P = NP holds. We additionally present an exact algorithm based on integer programming, and complement our formal analysis with simulations. In particular, we consider the number of used middleboxes and highlight the benefits of the approximation algorithm in incremental deployments. Our approach also finds interesting applications, e.g., in the context of incremental deployment of software-defined networks.

Grafik Top
Authors
  • Lukovszki, Tamás
  • Rost, Matthias
  • Schmid, Stefan
Grafik Top
Supplemental Material
Shortfacts
Category
Journal Paper
Divisions
Communication Technologies
Subjects
Informatik Allgemeines
Journal or Publication Title
ACM SIGCOMM Computer Communication Review
ISSN
0146-4833
Date
January 2016
Export
Grafik Top