Construction of a user-friendly software-defined networking management using a graph-based abstraction layer

Northbound interface

The northbound interface of an SDN is an interface open to upper-layer applications via the controller, the goal of which is to enable applications to invoke the underlying network resources conveniently. Concerning the northbound interface of the SDN, the implemented functionality is identical to the connection between two software entities. That is, the northbound interface does not require any new protocols and communication between the application and control layers can be implemented by writing simple socket interface programming. Obviously, this is a lower-level, tedious, and time-consuming programming process that often requires complex refactoring by network administrators. Due to the lack of a standardized northbound interface, some controllers have proposed custom northbound interfaces specific to the controller (Latif et al., 2020; Halder, Barik & Mazumdar, 2017). Some controllers implement a northbound interface designed with a RESTful architectural style. For instance, controllers like Floodlight, ONOS, and Ryu utilize REST APIs to facilitate communication and management (Xu, Wang & Xu, 2019). However, developers still need to learn new APIs, data structures, and specific conventions of the controllers whenever they want to support a new controller or have new application requirements. Moreover, these interfaces may become verbose when used frequently and in large quantities. There are also specific requirements that need to be better supported (Ryu lacks REST API for obtaining host information).

In this article, we only aim to verify the feasibility of the graph-based abstraction layer and do not intend to replace the northbound interfaces of existing controllers. The northbound interface and the graph-based abstraction layer are in a parallel relationship, enriching the upper-layer applications invoke.

Graph-based abstraction layer

The programming logic for communication between the control plane and the application plane is called the graph-based abstraction layer. The layer is designed directly to serve the needs of applications, so its design needs to be closely aligned with business requirements and have diverse features. How can network administrators control the resource state of the entire network in a software-programmed way and schedule it consistently? This abstraction requires a rethinking of the network architecture and management model. Many abstract and strategy frameworks have been proposed to simplify network programming for different types of applications (Halder, Barik & Mazumdar, 2017) proposed a graph-based SDN flow conflict detection method. Any abstraction involves converting one representation to another. One challenge in creating effective abstractions is ensuring that they accommodate reasonable network distribution, provide convenient data representation, remain accessible for a wide range of network applications, and support core operations such as addition, deletion, modification, and querying. By addressing these challenges, abstractions enable users to express their goals at a higher level, thereby simplifying network management.

In the SeaNet (Zhou, Gray & Mclaughlin, 2021) system, recursive algorithms are used to read network records, extract semantic information, and store it in a knowledge base. Expert knowledge and network management rules can also be formalized as knowledge graphs. Through SPARQL automatic inference and network management API, SeaNet enables researchers to develop semantic intelligent applications on their own SDN. An autonomous network management system is implemented using the abstract approach of knowledge graphs. However, this abstract approach relies heavily on expert intervention during knowledge updates.

Ravel (Wang et al., 2016) implements the entire SDN network control infrastructure using a standard SQL database. The network abstraction is represented by user-defined SQL views, which are represented by SQL queries that can be dynamically added. Application developers can request views based on database tables for different applications. However, retrieving information that needs to be collected from many tables will lead to severe delays. Its advantage is at the cost of performance.

Wu et al. (2020) proposed a method to import Network Markup Language (NML) models into a scalable graph database (Neo4j) and use semantic modelling technology in graph databases to enhance the state of SDN networks. This enables SDN controllers to provide developer-friendly primitives, simplifying the design of SDN control applications. However, the most easily understandable representation of the network is in fact a structured graph.

GOX (Bannour, Dumbrava & Danduran-Lembezat, 2022a) is a proof-of-concept controller that implements the SDN architecture in a graph database. Gavel (Barakat, Koll & Fu, 2017, 2019) is the first controller to use a graph database to generate data representations for an SDN. Gavel significantly reduces programming complexity, improves efficiency, and scales well across large networks. However, they are controllers and do not use graph models to achieve compatibility and joint management with existing controllers.

In summary, to make the existing controller and applications more compatible, efficient, and scalable, we propose a novel abstraction method, that places an additional abstract layer on the controller framework. The abstraction layer builds a real time network in the form of a graph and then interacts with applications in real-time in the form of graph mapping. Our goal is to simplify application development and create new opportunities for both management and automation.

Methodology

Modern network structures are dynamic, large-scale, cross-correlated, and constantly emerging with various needs and technologies. To manage and maintain such networks, it is necessary to understand network elements (such as servers, switches, virtual machines, and network functions) and their associative interrelationships (such as querying, analyzing, and modifying the flow of dynamic data between the different elements). So, how can such a complex network situation be abstracted in a straightforward, natural, and precise way? Common data structures such as arrays, stacks, linked lists, and tree structures are all exceptional types of graph structures. Graphs are high-dimensional, and the higher dimensions are downwardly compatible and represent lower dimensions, while the reverse is not as easy. That means, expressing high-dimensional relationships using low-dimensional relational data structures is a quite significant challenge. Analysis has found that networks are naturally graphical structures, and their abstraction as graphs does not require the re-implementation of complex data structures and algorithms, it is very visual. It is intuitive to access the data of nodes in the network and also avoids creating new dependencies between different structures. Therefore, abstracting the network as a graph and using existing graph modules (graph algorithms) and graph databases to interact with network applications, allows this graph abstraction to be used as the basic interface from the control plane to the application. Naturally, all types of network management will be carried out efficiently and easily.

System architecture

We already know the system architecture of SDN from the previous introduction. How do we implement the idea of the “Methodology” section based on the SDN architecture by taking advantage of the features of SDN without making any physical changes? We present how to model physical and virtual resources in a graph $G=(N,E)$ where N(Nodes) is a set of physical and virtual resources and E(Edges) is their relationship. Edges and nodes provide different types of resources and services. We can define graph for nodes $G(N)$ as follows:

(1) $$G\left(N\right)=G_p\left(n\right)\bigcup G_v\left(m\right)N\ge n$$where n is the number of physical nodes, m is the number of virtual nodes, p is a set of physical resource mappings, and $\mathrm{\forall }$ is a set of virtual resources. $G_p\left(n\right)$ is a graph for representing physical nodes and physical networks mappings for the given node n, whereas $G_v\left(m\right)$ is a graph for representing virtual nodes and virtual networks. So, $G(N)$ is a union of both graphs $G_p\left(n\right)$ and $G_v\left(m\right)$.

On the structure of the physical infrastructure (physical servers, physical switches, physical routers, and other physical devices) comprise, we introduce a virtualization logical abstraction layer with a one-to-one mapping based on the network topology (graph-based abstraction layer is $G\left(N\right)=G_p\left(n\right)\bigcup G_v\left(m\right)N=n$) using the graph model. The operation of physical infrastructure enables the logical network to be instantiated in the form of a graph. The instantiated graph network can decouple from the physical network, thereby allowing for the virtualization and arbitrary combination of multiple logical networks. This enables network slicing to take place (graph-based abstraction layer is $G\left(N\right)=G_p\left(n\right)\bigcup G_v\left(m\right)N\ge n,m\in \mathrm{\forall }$).

The graph-based abstraction layer as shown in Fig. 2.

Applications operating at the application plane can seamlessly integrate with established third-party modules without the need to continually create fundamental functionalities. The graph-based abstraction layer is mapped with a graph structure, which can naturally call on existing graph modules (the graph module is shown in Fig. 1). The application plane satisfies the needs of different businesses and network innovations through querying, calculating, analyzing, and dynamically adjusting. Finally, it guides data forwarding in the physical plane based on business requirements.

Implementation method

The following part will address the process of abstracting the physical network into a graph-based abstraction layer, preserving all network element information and network information flows. We treated the entire physical network as a graph, which is a set of nodes and edges. Next, we solved how to abstractly map the nodes, edges, and their attributes to the physical network, as shown in Eq. (1). The graph mapping of the graph-based abstraction layer to the data plane and network slice is shown in Fig. 2. Considering scalability and generality, we saved attribute data as a dictionary so that users can easily add any necessary data. The graph-based abstraction layer is simplified to include the following components:

Nodes: also known as vertices. They contain network elements (servers, switches, network functions, and virtual machines) and are associated with a unique identifier of a network device already maintained by the controller.

Attributes of nodes: attributes associated with each node, each expressed as a key-value pair. Each node has multiple attribute fields. Attributes are optional and can be dynamically added, deleted, or modified. The name and category are considered special attributes.

To simplify the experimental model, we assumed that the attributes of a host included name, category, DPID number, PORT number, IP address, and MAC address. The attributes of a switch included name, category, source DPID number, destination DPID number, source PORT number, and destination PORT number. Figure 3 is a simple network model of our implementation method, and it includes node (switch and host), edge (edge and its direction), and attributes of node and edge.

Figure 3 was created using code to implement the demo of our graph-based abstraction layer, while also explaining what events and attributes are. The Ryu controller manages and controls network behavior by responding to events through defined event handler functions. When the controller detects a new switch connection in the network and the switch completes the handshake (i.e., completes the initial OpenFlow protocol communication), the EventSwitchEnter event is triggered. The graph abstraction layer adds a switch node in this event function. Attributes of the switch node include name, dpid, ports, and links. Below, we demonstrate this with an example code, which is labeled as Code 2 (Eq. (2)) for reference:

(2) $$\begin{array}{rl}& \mathtt{S}\mathtt{w}\mathtt{i}\mathtt{t}\mathtt{c}\mathtt{h}\mathtt{G}\mathtt{r}\mathtt{a}\mathtt{p}\mathtt{h}\mathtt{=}\mathtt{n}\mathtt{x}\mathtt{.}\mathtt{D}\mathtt{i}\mathtt{G}\mathtt{r}\mathtt{a}\mathtt{p}\mathtt{h}\mathtt{(}\mathtt{)}\\ & \mathtt{S}\mathtt{w}\mathtt{i}\mathtt{t}\mathtt{c}\mathtt{h}\mathtt{e}\mathtt{G}\mathtt{r}\mathtt{a}\mathtt{p}\mathtt{h}\mathtt{.}\mathtt{a}\mathtt{d}{\mathtt{d}}_{\mathtt{-}}\mathtt{n}\mathtt{o}\mathtt{d}\mathtt{e}\mathtt{(}\mathtt{n}\mathtt{a}\mathtt{m}\mathtt{e}\mathtt{,}\mathtt{d}\mathtt{p}\mathtt{i}\mathtt{d}\mathtt{=}\mathtt{d}\mathtt{p}\mathtt{i}\mathtt{d}\mathtt{,}\mathtt{p}\mathtt{o}\mathtt{r}\mathtt{t}\mathtt{s}\mathtt{=}\mathtt{p}\mathtt{o}\mathtt{r}\mathtt{t}\mathtt{s}\mathtt{,}\mathtt{l}\mathtt{i}\mathtt{n}\mathtt{k}\mathtt{s}\mathtt{=}\{\}\end{array}$$When updating switch attributes:

$$\mathtt{S}\mathtt{w}\mathtt{i}\mathtt{t}\mathtt{c}\mathtt{h}\mathtt{e}\mathtt{G}\mathtt{r}\mathtt{a}\mathtt{p}\mathtt{h}\mathtt{.}\mathtt{n}\mathtt{o}\mathtt{d}\mathtt{e}\mathtt{s}\mathtt{[}\mathtt{n}\mathtt{a}\mathtt{m}\mathtt{e}\mathtt{]}{\mathtt{[}}^{\mathrm{\prime }}\mathtt{l}\mathtt{i}\mathtt{n}\mathtt{k}{\mathtt{s}}^{\mathrm{\prime }}\mathtt{]}\mathtt{.}\mathtt{u}\mathtt{p}\mathtt{d}\mathtt{a}\mathtt{t}\mathtt{e}\mathtt{(}\mathtt{v}\mathtt{a}\mathtt{l}\mathtt{u}\mathtt{e}\mathtt{)}$$

When we needed to add other nodes, such as adding a host. Here, mac, ip, and port are the attributes of the host, we simultaneously updated the attributes:

$$\begin{array}{rl}& \mathtt{H}\mathtt{o}\mathtt{s}\mathtt{t}\mathtt{G}\mathtt{r}\mathtt{a}\mathtt{p}\mathtt{h}\mathtt{=}\mathtt{n}\mathtt{x}\mathtt{.}\mathtt{D}\mathtt{i}\mathtt{G}\mathtt{r}\mathtt{a}\mathtt{p}\mathtt{h}\mathtt{(}\mathtt{)}\\ & \mathtt{H}\mathtt{o}\mathtt{s}\mathtt{t}\mathtt{G}\mathtt{r}\mathtt{a}\mathtt{p}\mathtt{h}\mathtt{.}\mathtt{a}\mathtt{d}{\mathtt{d}}_{\mathtt{-}}\mathtt{n}\mathtt{o}\mathtt{d}\mathtt{e}\mathtt{(}\mathtt{n}\mathtt{a}\mathtt{m}\mathtt{e}\mathtt{,}\mathtt{d}\mathtt{p}\mathtt{i}\mathtt{d}\mathtt{=}\mathtt{H}\mathtt{p}\mathtt{o}\mathtt{r}\mathtt{t}\mathtt{.}\mathtt{d}\mathtt{p}\mathtt{i}\mathtt{d}\mathtt{,}\mathtt{p}\mathtt{o}\mathtt{r}\mathtt{t}\mathtt{=}\mathtt{H}\mathtt{p}\mathtt{o}\mathtt{r}\mathtt{t}\mathtt{.}\mathtt{p}\mathtt{o}\mathtt{r}{\mathtt{t}}_{\mathtt{-}}\mathtt{n}\mathtt{o}\mathtt{,}\\ & \mathtt{i}\mathtt{p}\mathtt{=}\mathtt{h}\mathtt{o}\mathtt{s}\mathtt{t}\mathtt{.}\mathtt{i}\mathtt{p}\mathtt{v}\mathtt{4}\mathtt{,}\mathtt{m}\mathtt{a}\mathtt{c}\mathtt{=}\mathtt{h}\mathtt{o}\mathtt{s}\mathtt{t}\mathtt{.}\mathtt{m}\mathtt{a}\mathtt{c}\mathtt{)}\end{array}$$When querying host attributes:

$$\mathtt{H}\mathtt{o}\mathtt{s}\mathtt{t}\mathtt{=}\mathtt{n}\mathtt{x}\mathtt{.}\mathtt{g}\mathtt{e}{\mathtt{t}}_{\mathtt{-}}\mathtt{n}\mathtt{o}\mathtt{d}{\mathtt{e}}_{\mathtt{-}}\mathtt{a}\mathtt{t}\mathtt{t}\mathtt{r}\mathtt{i}\mathtt{b}\mathtt{u}\mathtt{t}\mathtt{e}\mathtt{s}\mathtt{(}\mathtt{H}\mathtt{o}\mathtt{s}\mathtt{t}\mathtt{G}\mathtt{r}\mathtt{a}\mathtt{p}\mathtt{h}\mathtt{,}\mathrm{\prime }\mathtt{d}\mathtt{p}\mathtt{i}\mathtt{d}\mathrm{\prime }\mathtt{)}$$

Add an edge between two switches, and update attributes such as latency, bandwidth, and throughput at the same time:

$$\begin{array}{rl}& \mathtt{S}\mathtt{w}\mathtt{i}\mathtt{t}\mathtt{c}\mathtt{h}\mathtt{G}\mathtt{r}\mathtt{a}\mathtt{p}\mathtt{h}\mathtt{.}\mathtt{a}\mathtt{d}{\mathtt{d}}_{\mathtt{-}}\mathtt{e}\mathtt{d}\mathtt{g}\mathtt{e}\mathtt{(}\mathtt{s}\mathtt{r}\mathtt{c}\mathtt{,}\mathtt{d}\mathtt{s}\mathtt{t}\mathtt{,}\mathtt{d}\mathtt{e}\mathtt{l}\mathtt{a}\mathtt{y}\mathtt{=}\mathtt{l}\mathtt{i}\mathtt{n}{\mathtt{k}}_{\mathtt{-}}\mathtt{d}\mathtt{e}\mathtt{l}\mathtt{a}\mathtt{y}\mathtt{,}\\ & \mathtt{l}\mathtt{o}\mathtt{s}\mathtt{s}\mathtt{=}\mathtt{p}\mathtt{a}\mathtt{c}\mathtt{k}\mathtt{e}{\mathtt{t}}_{\mathtt{-}}\mathtt{l}\mathtt{o}\mathtt{s}\mathtt{s}\mathtt{,}\mathtt{t}\mathtt{h}\mathtt{r}\mathtt{o}\mathtt{u}\mathtt{g}\mathtt{h}\mathtt{p}\mathtt{u}\mathtt{t}\mathtt{=}\mathtt{l}\mathtt{i}\mathtt{n}{\mathtt{k}}_{\mathtt{-}}\mathtt{t}\mathtt{h}\mathtt{r}\mathtt{o}\mathtt{u}\mathtt{g}\mathtt{h}\mathtt{p}\mathtt{u}\mathtt{t}\mathtt{,}\\ & \mathtt{c}\mathtt{u}\mathtt{r}{\mathtt{r}}_{\mathtt{-}}\mathtt{s}\mathtt{p}\mathtt{e}\mathtt{e}\mathtt{d}\mathtt{=}\mathtt{C}\mathtt{u}\mathtt{r}\mathtt{r}\mathtt{S}\mathtt{p}\mathtt{e}\mathtt{e}\mathtt{d}\mathtt{)}\end{array}$$

When you want to expand the graph-based abstraction layer, you can merge them together. This could be a merger of switch and switch, a merger of switch and host, or a merger of the graph-based abstraction layer and another graph-based abstraction layer, as well as the merger of the graph-based abstraction layer with network slicing. An example of the code implementation is shown below and is labeled as Code 3 (Eq. (3)).

(3) $$\mathtt{G}\mathtt{r}\mathtt{a}\mathtt{p}\mathtt{h}\mathtt{=}\mathtt{n}\mathtt{x}\mathtt{.}\mathtt{u}\mathtt{n}\mathtt{i}\mathtt{o}\mathtt{n}\mathtt{(}\mathtt{S}\mathtt{w}\mathtt{i}\mathtt{t}\mathtt{c}\mathtt{h}\mathtt{e}\mathtt{G}\mathtt{r}\mathtt{a}\mathtt{p}\mathtt{h}\mathtt{,}\mathtt{H}\mathtt{o}\mathtt{s}\mathtt{t}\mathtt{G}\mathtt{r}\mathtt{a}\mathtt{p}\mathtt{h}\mathtt{)}$$

Edges: Usually called relationships, each edge connects a pair of nodes. There are two types of edges: one represents physical connections between network elements: “Link”, and the other represents application connections between network slices and the graph-based abstraction layer: “Member”.

Attributes of edges: Each attribute is expressed as a key-value pair. Multiple attribute fields can be stored. Attributes can be dynamically added, deleted, or modified. Name and category are considered special attributes. The attributes of an edge include delay, loss, throughput, bandwidth, and current rate. The connection between switches also includes the correspondence between DPID and PORT. Attributes are optional and can be dynamically added, deleted, or modified. The source code is shown in Fig. 4, and the attributes of the edges are updated.

Direction of edges: To simplify the experimental model, our edges have direction. For example: h1 $\to$ s1 and s1 $\to$ h1.

Network slices: In the graph model, the definition of network slices occurs after the graph abstraction object is created, and the objects contained in each slice can be dynamically adjusted. Distinct slicing patterns (application) can be defined for nodes and edges individually.

Graph update: The data of the graph, nodes, edges, and their attributes can be added, deleted, or modified dynamically. We updated the graph information (creation, modification, deletion, execution of algorithms, and data retrieval in the graph) by listening to the corresponding events. The source code in Fig. 4 shows how to add edge attributes.

Flow Setup: We modified the traditional flow setup to significantly reduce the traffic on the control channel. This improved flow setup was implemented in our subsequent experiments and is illustrated in Fig. 5 (with the path 0 $\to$ 1 $\to$ 2 $\to$ 3). When the ingress switch receives a packet, it attempts to match the packet against its flow table using the specified match field. If no match is found, the switch encapsulates the packet header in a “PacketIn” message and forwards it to the controller (Xu, Wang & Xu, 2019). The controller, leveraging the global view of the network topology, responds by generating multiple flow rules. These flow rules are then installed on all switches along the path using a “FlowMod” message. By installing the flow rules directly on the switches, the need for frequent communication between switches and the controller is reduced, thereby enhancing overall network performance.

Network slice

The activation of the network slice occurs after the graph-based abstraction layer has been created. Because the graph abstraction is virtualized, various forms of logic can naturally be provided. This virtualized logic can be seen as the network slice. These virtual logics can meet different business requirements because the nodes in a virtual network can belong to a complex classification and belong to different applications. The network slice is shown in Fig. 2, from the high-level network functions in the abstract (such as Firewall) to the properties of nodes (such as PORT), we can dynamically adjust the nodes contained in each slice. Nodes and edges can be defined with their own application affiliations. It is, therefore, essential to classify and label these nodes and edges so that network operators and management systems can query and manage network elements at the appropriate level of abstraction.

The graph is a distributed structure that can be easily embedded in another graph or easily create a new node. The different classifications of nodes can be easily represented as instances of an application, and the application will be composed of nodes of the same type. The network application has a relationship “Member” with the node. This modular and hierarchical architecture allows network managers to customize the network and provide highly flexible virtual network services. Currently, in the application of network slice, except for the graph structure, other data structures cannot be so flexible.

Experimental environment

Our experiment used an Intel(R) i7-7500U CPU operating at 2.70 GHz and a 16 GRAM PC running Ubuntu 20.04 LTS. In our experiment, Mininet 20 was used to build the underlying network, Ryu was used as the controller, NetworkX21 was used for the graph-based abstraction layer, and the Neo4j database was used for data persistence. The controller Ryu, simulation tool Mininet, and graph database Neo4j all have strong authenticity and can be applied in real-word scenarios without modifying the code.

To simulate the traffic of real networks, a more comprehensive evaluation of system efficiency and scalability was provided. In “Network Topology Verification”, “Graph Module Verification”, and “Data Persistence”, we evaluated the system using randomly generated traffic of varying sizes from random hosts. In “Network Slice Verification”, we evaluating with stable traffic generated by random hosts. Lastly, no traffic was involved in “Network Latency Discussion”. Specifically, the size range of random traffic is as follows:

Mouse flows = [‘100K’, ‘200K’, ‘300K’, …, ‘9000K’, ‘10000K’, ‘1000K’].

Elephant flows = [‘10M’, ‘20M’, ‘30M’, …, ‘800M’, ‘900M’, ‘1000M’].

Network topology verification

One of the characteristics of SDN is the ability to obtain a global network view. The global network view is important, as network administrators often need to use it to select and implement settings when writing network applications. The graph-based abstraction layer not only obtains the global network view but also presents it in a What You See Is What You Get (WYSIWYG) manner. The experiments in “Network Topology Verification”, Graph Module Verification, “Data Persistence”, and “Network Slice Verification” are based on this topology, as shown in Fig. 6A. We treat all network elements as nodes and the connections between them as edges in our model. The attributes of these nodes and edges are dynamically modified in real-time based on events occurring within the controller. This leads to a one-to-one correspondence between the attributes and the graph structure, allowing us to accurately represent the network topology.

Our graph-based abstraction layer is depicted using a drawing tool, as shown in Fig. 6B. This layer provides applications with the ability to access topological information, track changes in the topology, and load network statistics data efficiently. When new network elements arrive, we simply add a new node to the graph structure and establish the corresponding edges with its neighboring nodes. This process is triggered by specific events, such as “event.EventSwitchEnter” and “event.EventLinkAdd.” Similarly, when network elements are removed, the abstraction layer updates the graph by deleting nodes and edges, responding to events like “event.EventSwitchLeave” and “event.EventLinkDelete.” Furthermore, if there are changes in the attributes of network elements or links, the attribute values within the graph structure are updated accordingly. These updates are also event-driven, triggered by events such as “event.EventPortAdd” and “event.EventPortDelete”.

The graph-based abstraction layer is done using the NetworkX module. During the experiment, we tested the proposed scheme based on two different random traffic patterns, elephant flow and mouse flow, in order to make it more realistic. We provided programs that can generate random flow of elephants and mice at any time. We also tested the performance of linear, mesh, and data-centre topologies (Fattree topologies). We successfully demonstrated the network topology structure through experiments, which provides information needed by SDN applications, such as topology, network statistics, and real-time topology updates. The graph-based abstraction indeed reduces the extra understanding and relationship conversion costs, which allows a network manager to write SDN applications without requiring mastery of low-level details.

Graph module verification

NetworkX and Neo4j’s ALGO extension both offer a variety of well-performing built-in graph algorithms. To demonstrate the use of these graph modules, we implemented shortest path forwarding based on link latency by leveraging the built-in weight-based shortest path functions. We obtained real-time latency for each link through delay detection and updated this latency as the edge weights in the graph abstraction layer. The graphical abstraction layer provides a global view, where we could use it to query the shortest path between two nodes by invoking built-in functions from the graph module. Once the path was determined, we queried the input and output ports for each hop along the path (port information is an attribute of the switch nodes). With this port information, we know how to deploy flow tables to guide packet transmission (refer to Fig. 5 for flow setup methods). In this way, shortest path forwarding based on link latency is achieved. As shown in Fig. 6A, there are multiple shortest reachable paths from node h1 to h2, such as h1 $\to$ s1 $\to$ s2 $\to$ s3 $\to$ h2 and h1 $\to$ s1 $\to$ s6 $\to$ s3 $\to$ h2. After the call graph module completes its calculations, the path h1 $\to$ s1 $\to$ s6 $\to$ s3 $\to$ h2, which had the shortest delay, was selected.

Based on other algorithms in the graph module, we could also perform a K-shortest path based on traffic flow; multi-path can be used for dynamic load balancing and can also be used as a backup path for fault recovery. A network loop detection feature is available in the graph module to provide early notice of network loops. When a loop is detected, the minimal spanning tree of the graph can be used to choose a transmission path. We could also perform maximum flow detection, domain affiliation detection, and node importance judgment (PageRank algorithm).

Through experiments, we found that the graph-based abstraction layer has the following advantages when interacting with third-party modules:

• Simplicity: All data and attribute queries and modifications in the graph-based abstraction layer are intuitive and directly map network devices (Digital Twins), as shown in Code 2 (Eq. (2)).

• Flexibility: The graph-based abstraction layer is fully compatible with the Ryu architecture and third-party modules, as illustrated in Fig. 1, making it seem like an integral part of the system. This ensures great flexibility, allowing us to directly invoke built-in functions from the third-party module NetworkX to calculate the shortest path:

  $$\mathtt{p}\mathtt{a}\mathtt{t}\mathtt{h}\mathtt{=}\mathtt{n}\mathtt{x}\mathtt{.}\mathtt{s}\mathtt{h}\mathtt{o}\mathtt{r}\mathtt{t}\mathtt{e}\mathtt{s}{\mathtt{t}}_{\mathtt{-}}\mathtt{p}\mathtt{a}\mathtt{t}\mathtt{h}\mathtt{(}\mathtt{s}\mathtt{e}\mathtt{l}\mathtt{f}\mathtt{.}\mathtt{G}\mathtt{r}\mathtt{a}\mathtt{p}\mathtt{h}\mathtt{,}\mathtt{s}\mathtt{o}\mathtt{u}\mathtt{r}\mathtt{c}\mathtt{e}\mathtt{,}\mathtt{t}\mathtt{a}\mathtt{r}\mathtt{g}\mathtt{e}\mathtt{t}\mathtt{,}\mathtt{w}\mathtt{e}\mathtt{i}\mathtt{g}\mathtt{h}\mathtt{t}\mathtt{=}\mathtt{d}\mathtt{e}\mathtt{l}\mathtt{a}\mathtt{y}\mathtt{)}$$

• Scalability: The graph itself is distributed. A node can be added to the graph, a graph can be added to another graph, and it can be infinitely extended. Similarly, deleting and updating sub-graphs is very convenient. Distributed processing can also be performed simultaneously. This shows that the graph-based abstraction layer is scalable, as shown in Code 3 (Eq. (3)).

Data persistence

The graph-based abstraction layer manages the real-time state of the network, while data persistence in Neo4j accounts for its historical state. We chose the Neo4j graph database over a traditional relational database because it offers enhanced capabilities for storage, computation, and rapid relationship queries, which significantly enrich the abstraction layer. This choice allowed us to efficiently store and manage the corresponding network elements and their status within Neo4j as the graph-based abstraction layer is established. As illustrated in Fig. 6C, Neo4j effectively represents the relationships among network elements. The primary purpose of maintaining historical data is to enable network queries based on past time snapshots or intervals, facilitating an understanding of how network elements and status information have evolved over time. For instance, in scenarios such as network troubleshooting and service quality management, querying these time snapshots allows us to analyze the paths associated with network faults and observe their evolution.

In an SDN environment, we ran data persistence as a network application in the controller, which is essentially the same as other applications, such as access control and load balancing. It is a very special and important application. We use this method for data persistence, with time nodes as the initial nodes. The attributes to be recorded for each time node include timestamp, date, storage frequency, and note. “Time-to” and “time-from” relationships are used as edges between time nodes. “backup” is used as an edge between time nodes and network topology nodes. For how to import graphs from NetworkX to Neo4j or, in other words, how to use Neo4j like NetworkX, refer to this link: https://github.com/jbaktir/networkx-neo4j.

Graph abstraction and graph databases are used to store data from the network. We can observe, predict, and learn using virtual networks in the past, present, and future. Then, interaction between the physical and virtual network, and the scenarios related to the network will be verified. This is an area that requires further research in the future.

Network slice verification

In the architecture of this article, the graph abstraction was virtualized, and elements in the network can belong to a complex hierarchical classification. Here, we used access control to verify the feasibility of network slicing. Access control is also a commonly used controller application that determines which device is allowed to access and which is not. When implementing access control, the links that control the device’s access also control the access request, and we used different flow table rules to restrict access from specific hosts or network interfaces.

In the design of the access control module, we stored the access control list (ACL) in the Neo4j. The ACL can be viewed as a whole network slice, with each row of the ACL being a node in the slice plane. The content of the node is stored as key-value pairs. The design quantifies access control into three steps: identifying a match, obtaining permission, and distributing the flow table.

1. Identify match: The program obtains host information from the abstract layer. Based on the source IP, destination IP, destination PORT, and other information, the program performs a record query in Neo4j to check if access permission exists. The list of permissions is shown in Table 1.

2. Access control: After the system program and the database have been matched up, it can be concluded whether the device has permission to access the resources it wants to access, and the permissions include Yes, No, and Exception (return exception information). If the permission is granted, a flow table is output to the SDN switch to allow the requested data from this device to be forwarded; if the permission is not granted, a flow table is output to the SDN switch to disallow (drop) the forwarding of the requested data for this device; if the permission is abnormal, the flow table is output to the SDN switch, and no processing is performed. The data distributed are shown in Fig. 7.

3. Distribute flow table: After the module is running, it will actively distribute the corresponding flow table rules according to the access permissions in the database. When the access permissions change in the database records, the flow table rules will be updated again. The system assigns a higher priority to ensure new flow table entries supersede previous ones within the validity period. When the flow table items expire, they are automatically removed. The terminal must re-acquire authorization to reaccess the resource server. We take advantage of the global nature of the topology to directly distribute the flow tables that need to be updated.

Due to the fact that access control involves frequent queries, we stored the ACL in Neo4j and verified the data persistence during network slice verification. The essence of access control is to implement the function of a packet-filtering firewall. With the flexibility of the SDN and the efficiency of the graph database queries, the final access control mechanism also has flexibility and high efficiency.

Although we have easily implemented the function of controlling access through network function virtualization, when various network functions are intertwined, network demand becomes more complex and dynamic. Further research is required for the functional verification of network slicing, which will be challenging. However, no matter which method is used, the way of managing network applications will change.

Network latency discussion

Experiment 1: Shortest path performance for various topology types in the graph-based abstraction layer.

The reason for the existence of the network is for traffic forwarding, and the main objective of traffic forwarding is to carry out the management of traffic forwarding paths. We experiment on the selection of the shortest path in different topological networks to verify the availability of the graph-based abstraction layer. In order to better compare the experiment, we carefully selected three topologies that are very classic and can meet our special comparison requirements: linear, mesh, and fat-tree topology. We assume the following:

1. All topologies K = 2, 8, 14, 20, …, 512 with a step size of 6. In linear and mesh topologies, K denotes the number of switches. In the fat-tree topology, K refers to the number of core layer switches. Given that the fat-tree topology consists of three layers of switches, we selected even numbers to meet the structural requirements of the topology.

2. In all topologies, we seek the shortest path from the first node to the last node. For example, for linear topology, when K = 512, we seek the shortest path between node h1 to h512.

3. According to the implementation method of the graph abstraction layer, the edges of the topology must be bidirectional (have direction).

Linear topology is the simplest topology that can be complex; when K = 512, there are 1,024 nodes and 2,046 edges, and querying the shortest path took 922.4414 μs, indicating a high query efficiency. According to the results in Fig. 8. the linear topology shows that the number of network hops increases synchronously as K increases. Its shortest path delay is also steadily increasing, indicating that there is a positive correlation between the delay of the shortest path and the number of hops.

The mesh topology is a complex topological structure where each switch node is connected to all other switches, meaning that each switch can be directly connected. When K = 512, it has the same number of 1,024 nodes as linear topology but has 262,656 edges. From the results in Fig. 9, it can be seen that although each node has 1,023 paths to reach the destination, the number of hops in a mesh topology network consistently remains at 1 regardless of how K increases. The average computation time is 151.6231 μs, indicating that the shortest path can always be found quickly. Its shortest path delay has a slight but insignificant increase as the network scale increases. The results indicate that the number of edges in the topology has a negligible impact on the shortest path latency, and the experimental results support our intuitive understanding.

Fat-tree topology has extensive applications in high-performance networks, data centers, enterprise networks, and campus networks. We need its complexity, as the network parameters increase exponentially with the growth of K, making it more complex than real-world network environments. When K = 512, there are a total of 4,608 nodes and 1,056,768 edges. According to the results in Fig. 8, the fat tree topology has a fixed network hop count of 6 as K increases, and querying the shortest path took 167.1951 μs. Its shortest path delay increases slightly with the increase of the network scale, but not significantly. This suggests that the increase in the number of nodes and edges does not significantly impact the delay of the shortest path when the number of hops is fixed. The shortest delay of the 1-hop mesh network and the 6-hop fat tree network is almost the same, indicating that the impact of network hops on the delay is negligible.

The graph-based abstraction layer has advantages in relationship lookup for professional details. Traditional relational database queries become increasingly difficult beyond the third level, and the difficulty coefficient starts to increase geometrically. Through program development, we have empirically examined these hypotheses, demonstrating the advantage of graph-based abstract approaches in the task of relationships lookup. This advantage becomes more pronounced when dealing with complex and highly connected data. They can directly store and traverse relationships between nodes, avoiding the multiple JOIN operations in traditional relational databases, thereby potentially increasing efficiency.

Experiment 2: Shortest path performance for various topology types in Neo4j.

The abstract representation of graphs not only facilitates network understanding but also simplifies the formation of logical business combinations. However, this raises important questions: with the current trend towards integrating storage and computing in graph databases, is the graph abstraction layer becoming redundant? Given that all systems require data persistence, could a graph database itself serve as a replacement for the graph-based abstraction layer? In other words, why not incorporate the concept of a graph-based abstraction layer directly within the graph database? To address these questions, we conducted experiments to verify the necessity of maintaining a separate graph abstraction layer.

According to the statistics in Fig. 9, the linear topology shows a concurrent increase in the number of network hops as K increases. The shortest path latency also increases proportionally. This indicates that the number of hops completely determines the latency, and when K = 512, the shortest path query time is 17,603.67 ms.

Mesh topology increases as K increases. Its shortest path is unchanged with the increase in network scale. This shows that the number of edges in the topology does not affect the shortest path’s latency. When K = 512, the shortest path query time is 185.28 ms.

Fat tree topology as K increases. Its shortest path barely changes with the increase in network size. This shows that the increase in the number of nodes and edges, with a fixed number of hops, has no effect on the latency of the shortest path. When K = 512, the shortest path query time is 310.44 ms.

After comparing Figs. 8 and 9, we found that the latency of the graph-based abstraction layer is significantly smaller than that of Neo4j. We averaged the shortest path computation time for different topologies ranging from K = 1 to 512 in our experiments and found that the average computation time for Neo4j (3,183,508.6 ms) is 9,121.81 times greater than that of the graph-based abstraction layer (348.9996 μs). The graph-based abstraction layer is computed in memory, which is naturally faster than querying data stored in a database. The abstraction layer acts as a cache between the CPU and the database. In practical network management, we need to frequently access the current state in memory, which also highlights the necessity of the graph abstraction layer. Historical data is stored in the graph database Neo4j, and it is not appropriate to completely replace the graph-based abstraction layer with the graph database.

Overload analysis

In this experiment, we measured the overhead of graph-based abstraction layer, mainly referring to CPU utilization and memory usage. We confirmed in our experiment that the graph-based abstraction layer indeed consumes minimal system resources. For the CPU utilization of the graph abstraction layer, we tested the overhead with and without the graph abstraction layer. Figure 10 shows that the average CPU utilization increased from 6.22% to 7.99% over 120 s, without introducing significant CPU utilization. It was also found that there was a spike in utilization only at the initial loading phase, while at other times the increase in utilization might be due to computational overhead caused by updates to nodes and attributes.

We also measured memory usage, and Fig. 11 shows that the memory usage grows very gradually under different traffic sizes and network structures. From K = 2 to 512, it can be observed that the linear topology shows no growth, the mesh topology grows by 0.9%, and the fat-tree topology grows by 4.5%. This indicates that the size and variation of traffic in the network do not affect memory usage. On the other hand, we can also see that memory growth is only related to the number of network nodes and edges. When K is fixed, memory is allocated directly based on the number of nodes and edges. Subsequent changes in traffic only alter edge attribute values without affecting memory. However, the addition or removal of nodes, edges, and attributes may slightly influence memory usage.