Fridolin Siegmund, M.Sc.

The increasing demand for high-bandwidth, low-latency Internet access is driving the widespread adoption of cost-efficient Passive Optical Networks (PONs). However, the passive nature of PONs necessitate complex subscriber device management protocols, and their shared fiber architecture presents potential disruptions from device failures, misconfigurations, or malicious attacks. To maintain service quality and customer satisfaction, network operators require effective PON monitoring solutions. Yet, existing commercial hardware-based analyzers are prohibitively expensive, challenging to deploy in live networks, and unsuitable for nationwide deployments. This paper introduces PONAlyzer, a novel, open-source software-based PON analyzer and security dashboard, which we make available to the community. By leveraging existing Software Defined Neworking (SDN) interfaces of in-field PON-hardware, i.e. eliminating the need for additional analyzer equipment, PONAlyzer enables the capture and analysis of ONU Management and Control Interface (OMCI) messages, and supports OMCI message injection for advanced security testing and troubleshooting.

Cloud data center, backbone, and access networks constantly push the boundaries towards lower latencies, jitter, and scalable throughput. Evaluating data plane devices, i.e., switches, routers, and complex network functions, by developers and service operators under demanding settings is imperative to ensure service resilience in real-world deployments. Our proposed prototype, Instant P4STA, extends a packet timestamping framework for programmable hardware by combining a hardware packet generator with a uniform browser-based packet editor for dynamic packet generation. The user can specify the packet template bit-by-bit, utilizing the Python library Scapy with a vast variety of packet templates. This way, our prototype combines the best features of software and hardware-based packet generators. We demonstrate packet generation up to 3.2 Tbit/s on eight egress ports with up to four packet types in parallel. More packet generation throughput is possible with more egress ports, capped only by the number of physical ports in the programmable hardware.

Network softwarization is currently emerging in home and enterprise Internet access networks. Still, the advantages of programmable hardware nodes and virtualized network functions in the access network as resilience enablers should be researched more. Access networks are typically built in a two-layer tree topology with sparse redundancy and limited adaptability. To overcome this, this work investigates how softwarization with redundancy can achieve resilience improvements in such networks. We present an architecture and prototypical implementation of a fiber-based access network and subscriber termination, with a redundant and adaptive design throughout the whole path from subscribers to the Internet. By proactively migrating states and steering subscriber flows, we reached total average downtimes of around 156 milliseconds to restore Internet access after disruption in the case of one subscriber. In comparison, it takes hours to restore Internet access in case of an outage with zero redundancy. Our solution is cost-effective by exploiting the architectural advances of Software Defined Networking, allowing the use of virtualized network functions and hardware-based functions simultaneously.