SDN Controller Architecture Spike And Application Development

Basic network support is what the campus network provided in the past. Nowadays, with the improvement of mobile Internet, the enrichment of network application and the expanding of network scale, the campus network is faced with the opportunities and challenges, including how to implement access control in a better way and how to simplify the management and improve the scalability of network. While the improvement of mobile Internet results in the fuzzy boundary of network, the enrichment of network application not only make it more difficult to guarantee the Qo S, but also make access control become more complicated. These are the challenges that access control is faced with. What’s more, management of network need to be simplified and the scalability of network need to be improved in order to deal with the expanding of network scale, the complexity of network device and the enrichment of network application.To simplify the management and improve the scalability of network, software-defined networking is applied. To implement access control in a better way, a flow-based access control method is applied.Software-defined networking partitions the network into infrastructure layer, control layer and application layer from the bottom up. Moreover, centralized administration is implemented through uniform interface which simplifies the management. In addition, SDN separates network into control plane and data plane, which bring programmability and scalability to network to adapt to the growing demand.The flow-based access control method implement network access control according to user identity, application type and permission level. This method is implemented by three step — controller architecture spike, system deployment and application development. To investigate the architecture of NOX, the event-driven mechanism of NOX and NOX component which is the base of the event-driven mechanism, are analyzed in detail. System deployment consists of two parts — OpenFlow switch deployment, system architecture description and deployment. To deploy the OpenFlow switch, the hardware structure of wireless router and OpenWrt system are studied. What’s more, OpenVSwitch package is added to OpenWrt system. OpenVSwitch support is added to hostapd which works as a wireless access point daemon. Application development works on database, portal server and NOX. To develop strategies and abstract user identity, application type and permission level from openflow flow table, database tables are carefully designed. In addition, the login status of users is managed by portal server. What’s more, NOX implements the control logic of the whole access control system, network access control module, etc.Finally, the system passes all test cases. This system is capable of carrying out access control according to the strategies developed by administrator in an environment like multi-user, multi-application, multi-permission.