http://soict.hust.edu.vn/~sonnh/student/thesis2012.

htm
s 1.
Xy dng gii php thit k mng quang th chu li (WDM metrocore optical networks)
S sinh vin: 4 (dnh cho cc bn mun tham gia ti Ngh nh th vi
Nht Bn)
-

Tm hiu v ci t m phng cc gii php nh tuyn IP-over-WDM

Tm hiu v ci t m phng cc gii php nh tuyn chu li cho mng

WDM
-

Tm hiu v ci t cc giao thc nh tuyn chu li trn mng din rng

Xy dng cng c thit k mng chu li trn giao din bn s

s 2.
-

Tm hiu v trin khai PlannetLab trn mng din rng

Tm hiu PlanetLab trong xy dng lab o trn mng

Trin khai th nghim trn mng Internet hoc mng gio dc (gia mt s
trng i hc ti H Ni)
Pht trin, th nghim v nh gi mt s ng dng th nghim (Ipv6,
security, streaming)
s 3.
ha mng

Tm hiu v m phng mt s gii php cp pht ti nguyn trong o

Tm hiu tng quan v cng ngh v bi ton cp pht ti nguyn o ha

mng.
La chn cng c v m phng thnh cng cho mt s mng vt l v cc yu
cu mng o tng ng.
-

Ci t v chy th thnh cng cc gii thut la chn

s 4.
lu lung

Xy dng ng dng pht hin bt thng trn mng da trn phn tch

Tm hiu gii php pht hin bt thng theo m hnh cn bng

Xy dng ng dng bt v phn tch gi tin

Xy dng v th nghim pht hin bt thng (offline hoc online)

 s 5.
nh gi hiu nng cc giao thc nh tuyn trong mng cm bin
khng dy WSN
-

Tm hiu mng WSN v cc giao thc nh tuyn

Xy dng mt giao thc nh tuyn ty bin n gin (t pht trin) trn

Omnet++
-

nh gi hiu nng (theo cc tham s QoS, nng lung)

s 6.
Xy dng cc ng dng LBS trn open source GIS (back-end service
+ android)
-

Tm hiu OpenStreetMap hoc cc gi phn mm OpenGIS

Xy dng ng dng gim st i tung trn bn (web-based v mobile

application)
-

S sinh vin: 2

s 7.
Tm hiu openflow v ng dng trong iu khin lu lng mng kh
trnh (Software Defined Networks)
-

Tm hiu mng kh trnh da trn Openflow

Xy dng ng dng v trin khai th nghim (mt phn) ng dng kim sot
lu lng cho m hnh mng campus
s 8.

Tm hiu router mm v trin khai th nghim Quagga-MPLS

Tm hiu cc giao thc nh tuyn v chuyn mch nhn

Tm hiu gi phn mm quagga

Trin khai, th nghim cc chc nng c bn ca MPLS-VPN v MPLS-TE

trn h thng mng th nghim

Tm hiu cng ngh o ha

Ngy nay, nhiu nn tng o ho mi xut hin, trong c c gii php phn mm
v phn cng, o ho t chip x l cho n h tng cng ngh thng tin (IT) ang
c pht trin mnh m vi k vng vo nhng li ch cng ngh ny s mang li.
Gii thiu
Ngy nay, nhiu nn tng o ho mi xut hin, trong c c gii php phn mm
v phn cng, o ho t chip x l cho n h tng cng ngh thng tin (IT) ang
c pht trin mnh m vi k vng vo nhng li ch cng ngh ny s mang li.
o ha cho php gip nhiu t chc c th chia s cc ti nguyn IT theo cch tn t
chi ph, lm cho c s h tng IT tr nn linh ng v bo m cung cp t ng
vi nhng nhu cu thit yu.
Tng hiu qu s dng cc my ch l mt l do ch yu gii thch ti sao cng
ngh o ha c c sc hp dn trong mi trng doanh nghip. Gim chi ph
song vn m bo c c mt trung tm d liu hiu qu, linh hot, tit kim nng
lng v nhng nhu cu v khng gian l mt yu t tch cc khc m cng ngh o
ha mang li.
Cng ngh o ho khng trc tip tng cng vn an ton ca cc h thng IT,
nhng n c th cho php t chc qun l cc h thng mt cch hiu qu hn. N
to nhiu thun li trong vic cu hnh v qun l hnh vi ngi dng bng cch
tng hiu sut my ch, qun l h thng v x l ti trng cng vic mt cch hp
l.
Mt l do quan trng na m cng ngh o ha thu ht c cc t chc, c bit l
cc doanh nghip l kh nng gim nhu cu v ti nguyn cho nhng ng dng v
tng s tn dng ti nguyn. Trong cc lnh vc phn phi ng dng v my khch,
cc chuyn gia IT s tit kim c chi ph qun tr khi vic bo tr - h tr cho cc
ng dng v mi trng my khch c tp trung v d dng qun l.
Cng ngh o ho c tnh n khi c nhu cu hp nht phn cng. Tnh trng
phn cng li thi, trn trung tm d liu qu ti, tn in nng l mt s vn
in hnh tn ti trong cc thit b vt l. cc thit b o ho khng tn ti nhng
hin tng ny. T kha cnh , cng ngh o ho cng s c ng dng v pht
trin nhanh chng.
K thut o ho khng cn xa l vi thc t k t khi hng VMware (M) gii
thiu sn phm VMware Workstation u tin vo nm 1999. Sn phm ban u
c thit k h tr pht trin v kim tra phn mm, n tr nn ph bin nh
kh nng to ra nhng my tnh o chy ng thi nhiu h iu hnh khc nhau
trn cng mt my tnh thc.
My o l g?
tng chnh pha sau cng ngh o ha my ch l t mt my thc n l c th
to ra nhiu my o c lp. Mi my o nh vy u c mt thit lp thnh cc h
thng ring l: h iu hnh ring v cc ng dng ring.
V mt nguyn l, my tnh o hay my o (Virtual Machine - VM) l bn sao ca
nn tng phn cng. Thnh phn VMM (Virtual Machine Monitor) vi chc nng
gim st my o chy trc tip trn phn cng thc cho php to ra nhiu my o v
mi my o lm vic vi h iu hnh ring. tng xut pht ca my o l nhm
to mi trng lm vic cho nhiu ngi dng chia s ti nguyn ca h thng
my tnh ln (MF).

Nguyn l lm vic ca my o trn my tnh c nhn (PC) cng ging nh my o

trn MF: mt mi trng phn mm bao gm h iu hnh v cc ng dng hon
ton chy bn trong n. My o cho php ngi dng chy mt h iu hnh no
bn trong mt h iu hnh khc trn cng h thng PC, chng hn nh chy Linux
trong my o trn PC chy Windows 2000. Trong my o, ngi dng c th thc
hin hu ht giao tc nh vi PC tht. c bit, mt my o c th c "ng gi"
trong mt tp v c th chuyn t PC ny sang PC khc m khng cn quan tm
n s tng thch phn cng. Cc my o l nhng thc th chy trn my thc,
cch ly vi h thng "ch cha chng.
Mt vn t ra l yu cu my o m phng chnh xc my thc. My thc c
cc ti nguyn phn cng nh b nh, thanh ghi... v cc tp lnh tc ng trc tip
n ti nguyn phn cng ny (nh thay i thanh ghi, c...) thuc nhm lnh "nhy
cm" (v c nh hng n tt c tin trnh ang lm vic, bao gm c VMM). H
iu hnh chy trc tip trn my thc c php thc thi cc lnh "nhy cm" ny.
h thng my tnh ln (MF), VMM chy trn phn cng my thc theo ch u
tin, cn my o lm vic ch gii hn. Khi my o c yu cu cc lnh thng
thng, VMM s chuyn tip chng n b x l thc thi trc tip, cn cc lnh
c bit "nhy cm" s b chn li. VMM s thc thi lnh vi b x l trn my
thc hoc m phng kt qu ri tr v cho my o. y l c ch nhm cch ly my
o vi my thc m bo an ton cho h thng.
Cc b x l ca h thng MF c thit k h tr c ch o ho v cho php "by"
cc lnh nhy cm chuyn cho VMM x l, nhng cc b x l dnh cho PC
(x86) li khng c kh nng ny.
Khi to mt my o, trc tin phi bt u bng vic to cng o. C th to mt
cng o vi kch thc c nh hay linh ng. Mc nh dung lng ca l 16
GByte, nhng c th thit lp li kch thc ny vo bt c lc no khi cn. Nn s
dng ty chn thch hp nht cho my ch o c th trin khai thun tin.
Tip theo cn nhp tn cho my o m chng ta mun to ra. Tn phi c m t
ph hp vi mc ch s dng. Cng phi chn loi b tng hp (adapter) mng
my o s dng kt ni mng...
M phng nhng thnh phn thc
V mt l thuyt, nhn h iu hnh (Operating System - OS) lm vic lp 0 (ring
0) vi chc nng cao nht v l cp truy cp su nht. B x l x86 truyn thng
khng th chy OS o lp 0 v cn phi chy phn mm qun l cc my o
(hypervisor).
Kin trc x86 cn c 3 lp na vi chc nng gim dn. m bo tnh n nh,
cc OS hin nay gii hn ng dng lm vic lp chc nng thp nht - lp 3 (y
l l do m Windows XP c n nh cao hn so vi DOS - h iu hnh cho
php cc ng dng lm vic lp 0). V vy, gii php hin nhin l OS ca my o
c phn b 2 lp cn li.
Vn l c mt s m lnh x86 ch lm vic lp 0. lm vic cc lp cao
hn, OS phi c vit li hay bin dch li trnh cc lnh ny. Gii php nh
vy ph bin trong th gii Linux (IBM dng k thut tng t chy Linux trn
MF), nhng n yu cu phi c m ngun OS v phi c lp trnh vin am hiu h
iu hnh.

 chy OS nguyn bn ngoi lp 0, hypervisor phi by cc lnh b cm v m

phng chng. y l gii php ca VMware v mi trng m phng DOS ca
Windows XP. Vn l s m phng s dng nhiu ngun lc tnh ton v lm
gim hiu sut hot ng ca h thng.
gii quyt vn ny, Intel a ra kin trc VT (tn m trc y l
Vanderpool v Silverdale), cn AMD (hng sn xut chip ln th hai th gii) cng
c kin trc Pacifica tng ng, b sung lp u tin bn di lp 0. Cn lu
rng, cng ngh chip Pacifica ca AMD cho php PC v my ch to ra nhng h
thng o ring r vi cc phn mm khc nhau. Hai kin trc VT v Pacifica a
thm cc m lnh mi ch lm vic lp mi ny ("lp 1") dnh cho hypervisor.
Vi cch , OS chy trn my o khng cn phi iu chnh v nh hng hiu
sut ca vic m phng cng gim. Tuy vy, vn hiu sut cha c gii quyt
trit : mi OS u coi n c ton quyn truy cp ti nguyn h thng nh b nh
v ng truyn d liu (bus I/O), trong khi hypervisor phi phn b truy cp
nhng ti nguyn thc m bo cc chng trnh v d liu khng b ln ln
gia cc OS. Hin thi vic o ho cc ti nguyn h thng v thit b I/O c
tnh n v c kh nng cc phin bn VT v Pacifica trong tng lai s cho php
OS o lm vic trc tip vi phn cng.
Tnh a dng ca o ho
o ha em n cho ngi dng s tin li l c th chy nhiu OS ng thi trn
cng PC, nhng kh nng ca o ho cn hn th v hin thi n bc sang
phm vi ln hn: my ch v h thng mng. y l khung cnh m o ho c th
pht huy y sc mnh ca mnh.
o ho my ch khng phi l vn mi, nhng n tht s c quan tm ch
trong vng 2 nm tr li y. ngha quan trng ca vic o ho my ch l n cho
php khai thc trit ngun lc ca cc my ch (chng thng hot ng khng
ht thi gian, cha vn hnh lin tc vi hiu sut 100%), t chc linh hot h
thng my ch (c bit l cc trung tm d liu), tit kim thi gian v chi ph u
t cng nh qun tr.
C nhiu cng ty ln ang tham gia vo lnh vc o ho v a ra nhiu gii php
mi, bao gm: o ho my ch, o ho h iu hnh, o ho mng, o ho lu tr v
o ho ng dng, trong 2 cch u l ph bin nht - tng ng c gi l o
ho cng v o ho mm.
o ho my ch to nhiu my o trn mt my ch thc. Mi my o chy OS
ring v c cp pht ring s xung nhp CPU, dung lng lu tr v bng thng
mng. Cc ti nguyn ca my ch c th c cp pht ng mt cch linh hot
ty theo nhu cu ca tng my o. Gii php ny cho php hp nht cc h thng
my ch cng knh. Cng ty Microsoft cng cung cp giy php o cho gii
php o ho cng: Windows Server 2003 R2 bn 1 my ch n, cho php ci trn
1 my thc thm 4 my o.
o ho h iu hnh s dng bn sao ca mt OS to cc my ch o ngay trn
OS . Nh vy, nu OS "ch l Linux th cch o ho ny s cho php to thm
nhiu bn Linux lm vic trn cng my. Cch ny c u im l ch cn 1 giy
php OS, nhng c im hn ch l khng th chy c nhiu OS khc nhau trn
cng mt my ch.
Bo mt v o ha

Cng ngh o ha trong mt s t chc tr thnh mt phn khng nh ca c s

h tng IT. Cc mi trng o ha s dn tr thnh ph bin hn nh nhng gii
php hot ng mang tnh lin tc v khc phc kh khn ny sinh, in hnh l
trong lnh vc ti chnh. iu ny hon ton thch ng v mt s gii php nh vy
nm trong mi trng bn trc tip v d b coi nh trong qu trnh m bo an ton
IT v nng cp c s h tng ca n.
Khi trin khai cng ngh o ho, cn phi p dng nhng gii php bo v ph hp
i ph vi cc nguy c mt an ton tim n, c th l:
- Nu my ch b thao tng bi khng tt th s ko theo hu qu xu i vi
cc my o cu hnh trn n v cc my ngi dng lin quan.
- c quyn ti thiu l mt k thut bo v cn c xem xt p dng. N lm
gim giao din b tn cng v nn c s dng trong c mi trng o ho v mi
trng vt l.
- Ci t v nng cp phn mm chng virus trn cc my tnh o v my ch. Cn
nh rng, cc my tnh o cng c th b ly nhim phn mm c hi ging nh
cc my thc.
- Xem xt mc cn thit s dng mt m bo v thng tin khi truyn i. Cch
m bo an ton tt nht l m ho thng tin nhy cm lu chuyn gia my ch,
cc my o v cc my ngi dng.
- Khng s dng my ch duyt Internet v rt d dn n nhng vn nghim
trng v tn tht dch v.
- C nh h iu hnh ch v dng ngay hoc v hiu ha cc dch v khng cn
thit. Nn duy tr h iu hnh nh gn bo m vng giao din b tn cng
mc ti thiu.
- My ch cn c bo v khi cc my o trn khng trc tuyn th ngi
dng khng c thm quyn s khng th can thip c vo tp lin quan.
- Thc hin kim tra bn ghi s kin hot ng ni chung v s kin bo mt ni
ring trn c my ch v my o. Khng nn b qua kim tra trong cc mi trng
my o. Cc bn ghi nh vy cn c lu tr an ton phc v cho vic thm
nh v sau.
- Bo m card giao din mng c chuyn dng ha cho mi my o. iu ny
c th lm gim cc vn chia s ti nguyn, p ng lu lng theo yu cu v
cc my o c cch ly tt hn.
- Phn dnh ring (partition) to ranh gii a cng c th c s dng cch ly
v bo m cho mi my o hot ng trn partition chuyn dng ca n. Nu mt
my o vt ra ngoi cc gii hn thng thng th cc partition chuyn dng s
hn ch s nh hng trn cc my o khc.
Vic bo mt cho cng ngh o ha cn c xem xt v gii quyt thu o trn c
s hiu bit ng n cc kha cnh o ho. Cng ngh mi m ny t ra nhiu
thch thc cho ngnh IT v c bit l lnh vc an ton thng tin.
Th trng Cng ngh o ho
Theo trung tm d liu quc t IDC, u t trong cng ngh o ha s t n 15 t
USD trong nm 2009. 40% cc OS mi s c trin khai trn cc my tnh o tnh
n nm 2010.

C 83% trung tm d liu ti Trung Quc v 73% n hin cha dng cng
ngh ny. Tuy vy, cc nh cung cp dch v v phn mm o ha chu s sm
t c doanh s 1,35 t USD trong 2 nm 2009-2010.
Theo hng nghin cu ton cu Springboard, th trng o ha chu ang tng
trng 42% mi nm. Ti nhng quc gia pht trin nh Singapore, c khong 40%
doanh nghip trang b k thut ny. Ph ch tch Springboard l Michael Barnes
nhn nh rng: o ha ang tr thnh mt tnh nng bt buc v s t chc trin
khai cp my ch s tng nhanh trong nm 2008.
Mt na s gim c thng tin tham gia kho st ca Springboard cho bit, h s
ng dng o ha trong vng 18 thng n 2 nm na. Tuy nhin, h cng lo ngi
cng ngh ny vn cha hon ho, s phi i mt vi nhng thch thc v qun l
v bo mt. C th khi nhng ngi c trch nhim hiu r hn v tc dng ca o
ha, th h s bit cch khai thc n thnh cng trong mi trng cng ngh thng
tin ca t chc mnh. Mt iu r rng l nh o ha, cc t chc s khng phi lm
vic trong nhng mi trng c qu nhiu my mc xung quanh.
Theo hng nghin cu th trng Gartner, o ha cng k thut vi x l a li, in
ton cc b, in ton din rng v mng x hi o s l 5 cng ngh lm thay i
hon ton ngnh cng nghip IT t nay n nm 2012.
Va qua ti Vit Nam, cc cng ty ln nh Microsoft, IBM, HP, Intel... qung b
v cc sn phm, dch v, gii php o ha vi nhng cam kt rng cng ngh l
s pht trin cho tng lai, n gip cc t chc nng cao hiu qu IT vi chi ph
thp nht. Tuy nhin, phn ln cc chuyn gia IT nc ta vn cn t hiu bit v lnh
vc ny.
Hng Microsoft a ra b ba sn phm Windows Server (WS) 2008, SQL Server
2008, Visual Studio (VS) 2008, c thit k cung cp mt nn tng hiu qu
nhm o ha cng vic. Tch hp tnh nng Windows Virtualization cng vi
System Center Virtual Machine Manager, WS 2008 c hy vng tr thnh mt ngun
lc mi trong th trng o ha vn ang thuc v VMWare.
V phn cng, Intel gii thiu 2 sn phm vi x l Pentium 4 - 672 v 662 li n,
dnh cho cc my tnh bn c tch hp cc cng ngh o ha, cho php chy
nhiu h iu hnh trn mt my tnh. Cn IBM a ra cc dng my tnh nh my
ch System X mi h tr cc gii php o ha i km vi cc cng c o lng o
ha... Cng ty HP cng c 2 sn phm lu tr o mi l t a EVA 4400 v thit
b lu tr MSA 2000, c thit k c bit cho cc t chc c va Vit Nam.
D cng ngh o ha thm nhp vo nc ta hn mt nm v hin c khch
hng s dng, nhng theo nh gi chung ca cc tp on IT ni trn th lnh vc
ny ti Vit Nam vn ang mc s khai.
L do khin o ha cha tm c ch ng ti Vit Nam c th l do cc t chc
cha nhn thc c s cn thit tit kim chi ph cho h tng thit b, nhn lc,
din tch s dng, in nng.... Mt khc, nhng ngi c trch nhim c tm l
mun b tin mua my mc, thit b, phng tin thc hn l u t cho cc ti sn
v hnh.
Tuy vy, nhng ngi v ang s dng cng ngh o ho u khng thy s
khc bit ln khi thao tc trn cc my o so vi cc my thc. Hn na, vic qun
l, bo mt v bo ton ng dng c kha cnh d hn. Nu b hng hc, ch cn sao
li my o trc mt thi im no l c th hon tr nguyn trng mt cch

nhanh chng, v cng c th sao ln mt my tnh thc khc m khng ph thuc

vo phn cng ca n.
Mt s chuyn gia IT nc ngoi nhn nh, Vit Nam hin thi rt pht trin v
ang trong qu trnh xy dng c s h tng IT. Chc chn, sau Vit Nam s phi
ch trng vo vic bo dng nhng g c c. Nu ngay by gi nhng ngi c
trch nhim khng u t vo o ha th Vit Nam s phi chu chi ph bo dng
rt cao, hay ri vo tnh trng lm xong ri sa nu khng u t cng ngh o ha
bt kp s pht trin ca th gii.
Theo : ThS. Nguyn Hu Ngh

SDN - cng ngh mng Tng lai v m bo an ton d liu

Mng SDN da trn c ch tch bch vic kim sot lung thng tin nh tuyn vi
lung thng tin d liu v kim sot s lng thnh phn mng ring cho php
lung cc gi d liu i qua mng c kim sot theo mt cch thc c lp trnh.
Cc tiu chun mng my tnh v ang tri qua mt giai on pht trin vt bc
trong sut 2 thp k gn y. S phc tp trong vic tch hp cc gii php bo mt
cho cc lung d liu khi cn chuyn i cng nng trong h thng Network, phc
v cho cc mc ch khc nhau trong h thng; Cc quyt nh x l nh th no
i vi tng lung lu lng hin ti ang c thc hin trn cc thit b ring bit
nh switch/router l mt vi vn tn ti trong cc h thng mng. Cng
ngh SDN - Software defined Networking (Mng nh ngha bng phn mm) ra
i nh mt gii php cho h thng Network hin nay, ng thi n cng t ra
nhng thch thc trong vic m bo an ninh v an ton d liu trong thi gian ti.
Cng ngh mng nh ngha bng phn mm (SDN) da trn cc tiu chun m u
tin gip m rng h tng c s, phn mm iu khin v cc lp ng dng vi mt
mt bng iu khin duy nht, cho php cc doanh nghip v cc nh cung cp
dch v in ton m my n gin v ti a ha tnh linh hot t trung tm d liu
ti cc mng li chi nhnh.
1. Tng quan v SDN
Hu ht cc mng thng thng u theo kin trc phn cp, c xy dng vi cc
tng ca thit b chuyn mch Ethernet, c sp xp theo cu trc cy. Thit k
ny thc s hiu qu khi m hnh tnh ton khch ch chim u th, nhng kin
trc c nh nh vy khng thch hp vi yu cu tnh ton a dng, nng ng v
nhu cu lu tr d liu ti cc trung tm d liu ca doanh nghip, trng hc v
trong mi trng ca cc nh cung cp dch v. Mt s xu hng tnh ton quan
trng dn ti yu cu ngy cng tng cho mt m hnh mng mi bao gm: S thay
i m hnh lu lng; Hng ti ngi dng CNTT; S pht trin ca cc dch v
in ton m my; D liu ln yu cu nhiu bng thng hn.
Mng nh ngha bng phn mm (SDN) c da trn c ch tch bch vic kim
sot mt lung mng vi lung d liu. SDN tch ring vic nh tuyn v chuyn
cc lung d liu, v chuyn kim sot lung sang thnh phn mng ring c tn
gi l thit b kim sot lung (Flow controller). iu ny cho php lung cc gi
d liu i qua mng c kim sot theo mt cch thc c lp trnh.
SDN cng bao gm kh nng o ha cc ngun lc mng. Ngun lc mng o ha
c bit n nh mt ngn mng (network slice). Mt ngn c th m rng
nhiu thnh phn mng bao gm ng trc mng, b nh tuyn v cc host. Kh
nng kim sot nhiu lung d liu s to ra s linh hot v ngun ln hn trong tay
ngi s dng.
Kin trc ca SDN
Kin trc SDN bao gm: Lp ng dng (Application Layer), lp iu khin
(Control Layer) v lp h tng c s (Infrastructure Layer).
Lp ng dng cung cp cc giao din c kh nng lp trnh m; Phn mm Virtual
Cloud Networks cho php cc nh cung cp dch v in ton m my cung cp

cc dch v m my cng cng t ng v c kh nng m cho cc doanh nghip.

S dng phn mm ny, cc t chc, doanh nghip c th to ra mt m my o
c lp, thng qua h tng c s m my cng cng t phc v, gip h s kim
sot hon ton cho cc dch v v cc ng dng mi cho ngi s dng.
Cng ti lp ng dng, phn mm ng dng mi Sentinel Security t ng kim
sot truy cp v bo m phng chng xm nhp cho cc mng trong khun kh
ca t chc, doanh nghip vi phn cng chuyn i OpenFlow thng qua b iu
khin. C th gim bt s phc tp v chi ph ca cc thit b phn cng chuyn
dng, ng thi c c s m bo kh nng m rng cn thit cho cc ng dng
mi.
Lp iu khin cung cp cch nhn tp trung v s t ng cu hnh mng ca tt c
cc thit b trong h tng c s. B iu khin cho php cc nh qun tr mng thit
lp chng trnh mt cch d dng, linh hot v m rng mi trng mng ca h
cho cc ng dng t ng cm ng n. N cng cung cp cc giao din chng
trnh ng dng (APls) cho cc nh pht trin bn th ba ty chnh tch hp cc
ng dng.
Lp h tng c s cung cp vic truy cp c kh nng lp trnh m thng qua
OpenFlow, mt giao thc mng gip t ng cu hnh phn cng. Chc nng SDN
mi trong lp h tng c s cho php ngi qun tr n gin cu hnh mng, mang
n mt giao din linh hot v kh nng lp trnh theo tiu chun.
Li ch ca mng SDN da trn giao thc OpenFlow
Mng SDN da trn OpenFlow cho php gii quyt cc vn lin quan ti bng
thng, s thay i lin tc ca cc ng dng, chuyn i mng cho ph hp vi cc
yu cu lm vic v gim ng k phc tp ca hot ng iu hnh v qun l
mng. Cc li ch c th t c thng qua kin trc mng SDN da trn
OpenFlow bao gm:
Tp trung ha vic iu khin trong mi trng mng ca nhiu nh cung cp
Phn mm iu khin SDN c th kim sot thit b mng h tr OpenFlow t bt
k nh cung cp no, bao gm chuyn mch, nh tuyn v chuyn mch o. Thay
v phi qun l tng nhm thit b t cc nh cung cp ring l, nh qun l c th
s dng ng b cc thit b v cc cng c qun l da trn SDN nhanh chng
trin khai, cu hnh v cp nht cc thit b trong ton b mng.
Gim phc tp thng qua t ng ha Mng SDN da trn giao thc OpenFlow
cung cp cc cng c gip t ng ha v qun l mng mt cch linh hot. iu
ny h tr nh qun l c th pht trin cc cng c gip thc hin cc tc v qun
l mt cch t ng ha.
Tc i mi cao hn
S dng mng SDN lm tng kh nng i mi trong cng vic, bng cch cho
php nh vn hnh mng c th thc s lp trnh theo thi gian thc p ng
nhng yu cu cng vic c bit v nhu cu pht sinh ca ngi s dng, bng
cch o ha v tru tng ha c s h tng mng t cc dch v mng.
Tng cng tin cy v an ninh mng
SDN cho php cc nh qun l t nh ngha cc cu hnh cp cao (high-level
configuration) v chnh sch trong mng, iu ny c chuyn xung c s h
tng thng qua OpenFlow. Kin trc mng SDN da trn OpenFlow loi b nhu cu

phi cu hnh li cho tng thit b mng n mi khi mt thit b u cui c s

thay i. iu ny lm gim thiu kh nng pht sinh li trong mng do xung t
cu hnh hoc chnh sch.
B iu khin mng SDN cung cp kh nng hin th y v kim sot qua
mng. iu ny m bo rng vic kim sot truy cp, lu lng, cht lng dch
v, an ninh v cc chnh sch khc c thc thi nht qun trn cc c s h tng
mng ca cc t chc. Bi vy, s gim chi ph hot ng, kh nng cu hnh linh
hot, t gp li, thc thi chnh sch v cu hnh thng nht.
Tri nghim ngi dng tt hn
Bng cch tp trung ha iu khin mng v m bo thng tin trng thi sn sng
cho cc ng dng cp cao hn, c s h tng mng SDN c th thch ng tt hn
vi nhu cu a dng ca ngi dng. Vi mng SDN da trn OpenFlow, cc ng
dng video c th t nhn din bng thng cho php trong mng theo thi gian thc
v t ng iu chnh phn gii video cho ph hp.
2. m bo an ton h iu hnh mng
Cc nguy c i vi bo mt h thng
K tn cng c th ly c cc thng tin v h iu hnh v ng dng (thng tin
ny l rt quan trng thc hin mt cuc tn cng tp trung), ngi dng, cc
nhm, cc tp dng chung, thng tin DNS thng qua cc t chuyn giao min v
cc dch v ang chy nh SNMP, finger, SMTP, telnet. rules, sunrpc, NELBIOS.
Cc mng Internet b cu hnh sai c th to iu kin cho vic truy nhp tri php.
Phn mm cha c v l hng bo mt hoc gi li cc cu hnh ngm nh
khng cn thit, c th gy ra cc im yu bo mt; tnh nng ghi nht k, gim st
v pht hin truy nhp khng chnh ng ti cp mng v h ch to ra l hng
ngoi mun.
Mt s im yu d b tn cng trong h thng:
Khng gian tro i (swap space): Hu ht cc h thng u dnh khong vi trm
Mbyte cho khng gian tro i nhm phc v cc yu cu n t my khch. Khng
gian ny c dng cho nhng tc v kh, thi gian tn ti ngn, v vy khng gian
tro i hu nh lin tc c truy xut thng tin. Mt cuc tn cng DoS s bng
cch no c th lm y khng gian tro i ny, dn ti h thng ngng phc
v.
ng truyn (bandwidth): Khi lu lng trn ng truyn qu ln, mng s gim
tc hoc ngng phc v. Hu ht cc cuc tn cng DoS u nhm vo vic lm
tc nghn ng truyn, cc bng thng tin ct li (kernel tables). Cc bng thng
tin ny c th b lm trn trong mt cuc tn cng, gy ra nhng h hng nghim
trng trong h thng.
nh v b nh nhn (Kernel memory allocation) cng l im rt d b tn cng.
Nhn h thng c mt gii hn bn nhn, nu h thng t n gii hn ny, n
s khng th chim thm b nh na v s phi khi ng li. B nh nhn khng
ch c dng cho RAM, CPU, mn hnh m n cn c s dng cho cc tc v
thng thng.
Tiu th ti nguyn h thng: Mt cuc tn cng DoS c th chim dng rt nhiu
dung lng b nh trong, lp y khong trng trn a cng, lm qu ti a. Do
c th gy ra cc hng hc nghim trng cho h thng.
B tn cng m s m t tp tin

i vi h iu hnh Unix cc m s m t tp tin (file descriptors) l cc s

nguyn khng m, m h thng dng theo di cc tp tin, thay v dng cc tn
tp tin c th. Nu mt m s m t tp tin c m c/ghi bi mt tin trnh u
tin, k tn cng c th ghi ra tp tin khi n ang c sa i, do c th sa i
mt tp tin h thng quan trng v ginh c quyn truy nhp gc.
B tn cng h v bc
H v bc UNIX rt mnh v cung cp cho ngi dng nhiu tin li. Mt trong
cc tnh nng chnh ca mi trng h v bc UNIX l kh nng lp trnh cc lnh
v n nh cc tu chn c th cai qun cch hot ng ca h v bc. Tuy nhin, i
km vi nng lc ny l nguy c b tn cng cng rt ln.
Xo nht k (xo cc di vt ng nhp)
Tn cng bng virus, nguy c h thng b tn cng v ph hoi qua vic nhim virus
v cc on m chng trnh c ni dung xu. Vi phc tp v nguy him ngy
cng cao, s a dng ca vic ly nhim virus, vic c mt h thng b ph v bi
virus my tnh l iu hon ton c th. Vic xm nhp ph hoi c th thng qua
nhng cch sau: Qu trnh trao i File gia cc my tnh; Trao i d liu trong h
thng, hoc cc thit b cm thm, a mm, USB; Qu trnh trao i th in t.
Virus my tnh hoc cc on m chng trnh c th nm n trong ni dung ca
th in t hoc n trong cc tp nh km, qua pht tn trong h thng trong
qu trnh trao i th v vic truy cp Internet. y l kiu ly nhim ph bin nht
v nguy him nht bi s a dng, cp nht mi ca virus my tnh.
Cc nguy c i vi an ton d liu
Nu b tn cng, d liu c th b sa i mt cch bt hp php hoc b nh cp.
Hacker c th dng nhng cng c hack c sn trn mng hoc cc Trojan xm
nhp vo h thng, ly cp mt khu admin c ton quyn sa i, lm hng d
liu quan trng.
3. Kt lun
Xu hng ca ngi s dng ngy nay nh: a chung tnh di ng, o ha my
ch, yu cu p ng mt cch nhanh chng vi iu kin cng vic lun thay i
t ra ngy cng nhiu yu cu i vi h thng mng. Kin trc mng thng
thng nhiu khi khng p ng kp. Mng iu khin bng phn mm (SDN)
cung cp mt kin trc mng mi, nng ng, c kh nng thay i mng xng
sng truyn thng sang mt nn tng c kh nng cung cp dch v phong ph hn.
Tng lai ca mng s da nhiu hn na vo cc phn mm. Vic ny s gip y
nhanh tc i mi cho h thng mng nh n tng xy ra trong lnh vc my
tnh v lu tr. SDN ha hn s bin i mng c nh hin nay thnh nn tng da
trn lp trnh vi kh nng phn b ngun lc mt cch nng ng, tr nn linh hot
hn, quy m h tr cc trung tm d liu khng l vi s o ha cn thit cho
mt mi trng in ton m my t ng ha cao, nng ng, v an ton.
S hu nhiu li th v tim nng cng nghip hp dn, mng SDN ang trn
ng tr thnh mt chun mi cho mng trong tng lai. Tuy nhin, song song
vi n l vn m bo an ton v chng mt mt d liu trn h iu hnh mng.
l vn mang tnh thi s, t ra nhiu thch thc cho chuyn gia an ninh
mng trong thi gian ti.
CN. Nghim Xun Dng - Hc vin An ninh Nhn dn

SDN l tng lai ca cng ngh mng?

T cui nm 2011, gii cng ngh bt u nhc n khi nim SDN (mng iu
khin bng phn mm), mt trong cc nh hng tin phong cho nhng nm ti...
Liu SDN c l tng lai ca cng ngh mng? y cng l mt ch nng ti
Hi ngh cp cao dnh cho bo gii v cc nh phn tch khu vc chu Thi
Bnh Dng (Netevents APAC Press Summit) va din ra t ngy 25-26/4/2012 ti
Hong Kong, do Netevents ch tr.
SDN l g?
SDN hay mng iu khin bng phn mm (Software Defined Networking) c
da trn c ch khai ph tch bch vic kim sot mt lung mng vi lung d
liu. SDN da trn giao thc lung m (Open Flow) v l kt qu nghin cu ca
i hc Stanford v California, Berkeley. SDN tch nh tuyn v chuyn cc lung
d liu ring r v chuyn kim sot lung sang thnh phn mng ring c tn gi l
thit b kim sot lung (Flow Controller). iu ny cho php lung cc gi d liu
i qua mng c kim sot theo lp trnh.
tng ca cc nh pht trin khi a ra OpenFlow rt n gin. N m phng
mt phn cc gii php o ha hin nay trong cc h thng nh VMware, Citrix
hay m rng kin trc Stacking trn cc thit b mng nh HP IRF Stacking, Cisco
VSS mt quy m rng hn khng ch trong mt khi thit b c stacking hin
ti m ton b h thng Giao thc Open Flow gm c: b kim sot lung, thit
b lung m v bng lung - v mt kt ni an ninh gia b kim sot v tng i.
SDN bao gm kh nng o ha cc ngun lc mng. Cc ngun lc mng c o
ha c bit n nh l mt ngn mng (network slice). Mt ngn c th m
rng nhiu thnh phn mng bao gm ng trc mng, b nh tuyn v cc host.
Kh nng kim sot nhiu lung lu lng mt cch lp trnh s to ra s linh hot
v ngun ln hn trong tay ngi s dng.
SDN l tng lai ca cng ngh mng?
Cu hi t ra l liu SDN c phi l tng lai ca cng ngh mng, v liu cc nh
kinh doanh cc sn phm mng s th no, liu cc trung tm d liu (DC) s phi
i mt vi nhng thch thc mi?
Theo cc chuyn gia phn tch c mt ti s kin ca Netevents, vn ny rt phc
tp, trong s phi i mt vi cc nguy c tim tng, c bit l nhng rc ri
vi vic c qu nhiu server, c th l my ch thc. Chng cng c qu nhiu cc
giao thc mng v cc tng ng dng. Chng cn phi c tc x l tt hn v
nhng iu ny khng h t tn km.
Hin ti, cc h tng mng truyn thng ang s dng khc nhiu cc kin trc phi
tp trung vi cc d liu v iu khin trn cng mt phn cng. OpenFlow c
cp n nh mt gii php tim nng t ng ha cu hnh, nng cp kh

nng p ng ca h thng mng, gim thiu chi ph qun tr. Tuy nhin, mt vn
cng cn bn ti l, liu cng ngh ny c th thc hin ng khng, khi m
th trng DC cn tr tr.
Theo thng k ca Gartner, mi nm, lng thit b Switch/Router c cung cp
cho th trng mng ca DC c tnh vo khong 6 t USD. Trong khi , cc thit
b c bn c gi tr vo khong 13 t USD trn th trng ca cc nh cung cp
dch v.
Trong tnh th ny, liu SDN s nh hnh tng lai cho h thng mng nh th
no? Liu giao thc ngun m c sc bt, hay vn chu lp v trc mt giao
thc no khc?
Bruce Bateman - phn tch vin thuc Networking APJ, Dell Force10 ca Dell,
nhn nh rng, vic chuyn i sang h thng mng mi ny s l tin trnh dn
dn, ging nh o ha.
o ha bt u t u nhng nm 1990. Tuy nhin, n nay, chng ta mi o ha
c khong 50%. Vic o ha h thng mng cng s tng t nh vy. Khi chng
ta bt u nhn thy nhng thay i u tin, chng ta s bt u thy mi ngi
tin hnh cc th nghim v ban u, nhiu giao thc OpenFlow SDN s ch dnh
cho cc chuyn gia chy th nghim. Tuy nhin, sau s c nhng thay i. Vi
cc gii php ton trnh (end-to-end) 10 gig, nhu cu phi thay i s tng ln. Tuy
nhin qu trnh ny cn phi c thi gian.
Mark Pearson: "Vi OpenFlow, nh qun l c th c mt phng thc n gin
hn iu khin h tng mng".
Bc i ca HP
OpenFlow l chun cng ngh mi c xy dng pht trin cc h thng ng
dng mng o ha. Bt u t d Ethane ca H Standford, HP l mt trong nhng
thnh vin quan trng ca d n ny. V l l do khin HP c c hi tip cn
cng ngh ny sm nht.
HP l hng cung cp sn phm v gii php Network ng h tch cc nht cho
chun ny vi vic ng ra t chc rt nhiu cc s kin lin quan n cng ngh
ny cng nh hu ht cc thit b ang c dng nghin cu trong ton h
thng OpenFlow ca ONF l ca HP Networking, hin ti cc thit b h tr
OpenFlow ca HP gm c: E8200/E5400 (Modular Switch), E6600/E6200, E3500.
L mt phn ca vic ng dng network flexibility, HP hi t khi nim v mng
SDN vi h thng dch v mng o ha ca h, l mt phn ca kin trc HP
FlexNetwork.
C th thy s linh hot khi tch hp cc thnh phn vo h thng OpenFlow bt k
thit b l Switch hay Router. Vic thay i h thng mng theo hng o ha h

thng mng t c h thng IaaS tr nn n gin hn rt nhiu vi vic lun

chuyn cc thit b h tr OpenFlow t h thng mng c qun l bi OpenFlow
Controller ny sang h thng mng qun l bi OpenFlow khc nhm mc ch ti
cu trc nhanh h thng mng cho cc nhu cu thay i v ng dng mt cch linh
hot.
Ngoi ra, mt thit b tng thch vi OpenFlow c th c qun l bi nhiu
Controller cng lc thng qua FlowVisor gip thit b c kh nng m nhim
nhiu chc nng trong h thng ng thi. V d: va ng vai tr AccessSwitch
c qun l bi Controller A (nm trong phn vng mng A), va ng vai tr
Server Switch c qun l bi Controller B (nm trong phn vng mng B) T
kh nng cho php o ha h thng Network hin ti thnh cc phn vng mng
khc nhau m nhn cc chc nng khc nhau.
Mark Pearson - Gim c k thut, mng DC thuc HP - cho bit, SDN, hay
OpenFlow, ha hn mang n kh nng loi b c nhng b tc trong tnh linh
hot ca cng ngh mng v m ng cho cc tin b cng ngh mi, nh m
CNTT c th iu khin ha hp cc dch v mng v t ng iu chnh mng da
trn cc chnh sch tm cao hn l cc cu hnh thit b mng tm thp.
"Mong mun t ng ha v iu khin linh hot trn cc ti nguyn mng khng
phi l mi. Tuy nhin, vi cc cng ngh o ha mi v mt h sinh thi
OpenFlow mi ni, nh qun l h tng mng c th c mt phng thc n gin
hn iu khin h tng mng vn phc tp ca n v".