IoT IP Overlay Network Security Performance Analysis with Open Source Infrastructure Deployment-Reference-Cited by-同舟云学术

IoT IP Overlay Network Security Performance Analysis with Open Source Infrastructure Deployment

Published:2024-08-26 Issue:3 Volume:4 Page:629-649
ISSN:2624-800X
Container-title:Journal of Cybersecurity and Privacy
language:en
Short-container-title:JCP

Author:

Gentile Antonio Francesco¹^ORCID,Macrì Davide¹^ORCID,Greco Emilio¹^ORCID,Fazio Peppino²³^ORCID

Affiliation:

1. Institute for High-Performance Computing and Networking (ICAR), National Research Council of Italy (CNR), Via P. Bucci, 8-9C, 87036 Rende, CS, Italy

2. Department of Molecular Sciences and Nanosystems, Ca’ Foscari University of Venice, Via Torino 155, 30170 Mestre, VE, Italy

3. Department of Telecommunications, VSB—Technical University of Ostrava, 17. Listopadu 2172/15, 708 00 Ostrava, Czech Republic

Abstract

Some of the most deployed infrastructures nowadays are Overlay Networks (ONs). They consist of hardware and software components designed to establish private and secure communication channels, typically over the Internet. ONs are among the most reliable technologies for achieving this objective and represent the next-generation solution for secure communication. In this paper, we analyze important network performance metrics (RTT, bandwidth) while varying the type of Overlay Network used for interconnecting traffic between two or more hosts (within the same data center, in different data centers in the same building, or over the Internet). These networks establish connections between KVM (Kernel-based Virtual Machine) instances rather than the typical Docker/LXC/Podman containers. The first analysis will assess network performance as it is, without any overlay channels. The second will establish various types of channels without encryption, and the final one will encapsulate overlay traffic via IPsec (Transport mode), where encrypted channels like VTI are not already available for use. The obtained performance is demonstrated through a comprehensive set of traffic-simulation campaigns.

Funder

European Union

National Recovery and Resilience Plan

PNRR project Tech4You

Publisher

MDPI AG

Link

https://www.mdpi.com/2624-800X/4/3/30/pdf

Reference33 articles.

1. Troia, S., Mazzara, M., Moreira Zorello, L.M., and Maier, G. (2021, January 7–10). Performance Evaluation of Overlay Networking for delay-sensitive services in SD-WAN. Proceedings of the 2021 IEEE International Mediterranean Conference on Communications and Networking (MeditCom), Athens, Greece.

2. Farinacci, E.A. (, January March). Generic Routing Encapsulation. Proceedings of the RFC 2784.

3. Lammle, T. (2020). Virtual Private Networks (VPNs), Wiley.

4. Zhang, L., Wang, Y., Liang, S., and Jin, R. (2022, January 22–23). Container network architecture and performance analysis of Macvlan and IPvlan. Proceedings of the 2022 International Conference on Education Innovation and Modern Management (EIMM 2022), Sanya, China.

5. Mao, H., Zhu, L., and Qin, H. (2012, January 21–23). A Comparative Research on SSL VPN and IPSec VPN. Proceedings of the 2012 8th International Conference on Wireless Communications, Networking and Mobile Computing, Shanghai, China.