Efficient routing for middlebox policy enforcement in software-defined networking

Network applications require traffic to sequence through multiple types of middleboxes to enhance network functions, e.g., providing security and guaranteeing performance. Sequenced-middlebox policy routing on top of regular layer 2/3 flow routing is challenging to be flexibly managed by network administrators. In addition, various types of middlebox resources concurrently obtained by numerous applications complicate network-resource management. Furthermore, middlebox failures can lead to a lack of security and the malfunction of entire network. In this paper, we formulate a mixed-integer linear programming problem to achieve a network load-balancing objective in the context of sequenced-middlebox policy routing. Our global routing approach manages network resources efficiently by simplifying candidate-path selections, balancing the entire network and using the simulated annealing algorithm. Moreover, in case of middlebox failures, we design a fast recovery mechanism by exploiting the remaining link and middlebox resources locally. To the best of our knowledge, this is the first work to handle failures in sequenced-middlebox scenarios using OpenFlow. Finally, we implement proposed routing approaches on Mininet testbed and evaluate experiments' scalability, assessing the effectiveness of the approaches. Results of the optimization on a test topology include an increase up to 26.4% of the throughput with respect to a sequenced shortest-path routing.