EdgeVPN: Self-organizing layer-2 virtual edge networks

The advent of virtualization and cloud computing has fundamentally changed how distributed applications and services are deployed and managed. With the proliferation of IoT and mobile devices, virtualized systems akin to those offered by cloud providers are increasingly needed geographically near the network’s edge to perform processing tasks in proximity to the data sources and sinks. Latency-sensitive, bandwidth-intensive applications can be decomposed into workflows that leverage resources at the edge — a model referred to as fog computing. Not only is performance important, but a trustworthy network is fundamental to guaranteeing privacy and integrity at the network layer. This paper describes Bounded Flood, a novel technique that enables virtual private Ethernet networks that span edge and cloud resources — including those constrained by NAT and firewall middleboxes. Bounded Flood builds upon a scalable structured peer-to-peer overlay, and is novel in how it integrates overlay tunnels with SDN software switches to create a virtual network with dynamic membership — supporting unmodified Ethernet/IP stacks to facilitate the deployment of edge applications. Bounded Flood has been implemented as the core of the EdgeVPN open-source virtual private network software system for edge computing. Experiments with the software demonstrate its functionality and scalability — one of which includes Kubernetes with Flannel across Raspberry Pi 4 edge devices behind different NATs.

Recommended citation: K. Subratie, S. Aditya, R. Figueiredo, “EdgeVPN: Self-organizing layer-2 virtual edge networks.” Future generations computer systems (FGCS). Future Generation Computer Systems, Volume 140, March 2023, Pages 104-116, https://doi.org/10.1016/j.future.2022.10.007 https://doi.org/10.1016/j.future.2022.10.007