Containerization of Network Simulator 3 Project with Support for External Devices and Network Security

Abstract

Network Simulation is an important aspect of computer and wireless networking. It is useful in the simulation of real computer networks. Over the years, the increasing usage of containerization technologies, such as Docker and Podman, has changed the way network simulations are being deployed and managed. The goal of this master's thesis is to design and implement a containerized NS-3 project within a Podman container environment that focuses on the interaction and network analysis between an external device and the containerized NS-3 project. The NS-3 simulator project aims to implement a simulated network containing multiple subnets, UDP traffic type, different NS-3 modules - tap-bridge, internet, P2P, CSMA, and how the different testing scenarios introduce collision in the network to observe their impact on the network functionality. In order to analyze network communication and performance, the following tools were used: ICMP ping, NetAnim to display the network nodes and the animation of the packet flows. Furthermore, this project delves into the details of implementation and challenges of the containerized network solution. Two variants of the network setup are proposed to achieve the integration of external physical devices into a simulated containerized network. The first variant is a setup of a container running the NS-3 simulated project that interacts with an external device that is setup on the host machine. The second variant is a setup of the NS-3 simulator running in a container that interacts directly with the external device in another container. The containerized NS-3 project is achieved by designing a simulated network with one subnet and another simulated network with multiple subnets. The containerized NS-3 project interacts with the external device using the UDP protocol. In the security section of this paper, we will focus on how security is implemented in the network devices of the simulator and the container security. We will discuss how specific nodes and specific ports can be used to communicate with the external device, which is achieved through traffic control management, implementation of firewall and packet filtering. The final result of this thesis project is a containerized network simulator that interacts with an external device with the implementation of security features.Network Simulation is an important aspect of computer and wireless networking. It is useful in the simulation of real computer networks. Over the years, the increasing usage of containerization technologies, such as Docker and Podman, has changed the way network simulations are being deployed and managed. The goal of this master's thesis is to design and implement a containerized NS-3 project within a Podman container environment that focuses on the interaction and network analysis between an external device and the containerized NS-3 project. The NS-3 simulator project aims to implement a simulated network containing multiple subnets, UDP traffic type, different NS-3 modules - tap-bridge, internet, P2P, CSMA, and how the different testing scenarios introduce collision in the network to observe their impact on the network functionality. In order to analyze network communication and performance, the following tools were used: ICMP ping, NetAnim to display the network nodes and the animation of the packet flows. Furthermore, this project delves into the details of implementation and challenges of the containerized network solution. Two variants of the network setup are proposed to achieve the integration of external physical devices into a simulated containerized network. The first variant is a setup of a container running the NS-3 simulated project that interacts with an external device that is setup on the host machine. The second variant is a setup of the NS-3 simulator running in a container that interacts directly with the external device in another container. The containerized NS-3 project is achieved by designing a simulated network with one subnet and another simulated network with multiple subnets. The containerized NS-3 project interacts with the external device using the UDP protocol. In the security section of this paper, we will focus on how security is implemented in the network devices of the simulator and the container security. We will discuss how specific nodes and specific ports can be used to communicate with the external device, which is achieved through traffic control management, implementation of firewall and packet filtering. The final result of this thesis project is a containerized network simulator that interacts with an external device with the implementation of security features.