Fast Invalid TCP Flow Removal Scheme for Improving SDN Scalability

Abstract

Software-defined networking (SDN) has been considered as a breakthrough progress for the next-generation LAN/WAN technologies. It enables fine-grained flow control that can make networks more customizable and flexible. However, the transition of traditional networking model to SDN architectures poses scalability issues due to the possible flow entry explosion in SDN switches. Typically, flow entries are removed from flow tables in three ways, either at the request of the controller, via the switch flow expiry mechanism, or via the optional switch eviction mechanism. No matter which one the network administrator choose, the invalid flow entries still keep on flow table for a while, thus unsalable due to available space of flow table are exhausted for future requests of continuous flow. In this paper, we propose to address this issue by detecting the disconnect signaling of connection-oriented protocols such as Transmission Control Protocol (TCP) for SDN framework. In particular, we propose to add a specific SDN ruleset with a transparent layer in between the controller and switch, referred to as a TCP FIN detector. TCP FIN detector inspects the FIN bit field from incoming and outgoings traffic; therefore once the transport-layer disconnection can be immediate recognized and no longer rely on timeout. Results of a series of simulations show that our proposed scheme outperforms timeout solutions for significant reduction of both the flow table occupancy and control signal costs.