The Study Of Data Center Routing Strategy And Security Certificate Based On SDN

In recent years, network technology develops vigorously, especially multimedia and cloud computing technology. The larger the scale of the network becomes, the higher the users" demand for network performance will be. Traditional Internet system structure fails to meet current demand. SDN architecture is a revolutionary change against traditional distributed network. It provides a new solution for the application innovation of network. Besides its open programmable architecture promises more transparent network and more flexible definition, which will solve some basic problems that exist in traditional network and will meet the needs of network development. All in all, it directs the development of network in a new era.Data center plays an important supporting role in Internet infrastructure.All kinds of problems about the network will appear in data center. The QoS of network is key to the operation efficiency of the data center network. Over the past twenty years, researchers have already found out a variety of QoS architecture. However, due to various reasons, these architectures are rarely used. As a brand-new network exchange protocol, OpenFlow provides a flexible flow definition model and is a concrete instance of SDN network architecture. Through OpenFlow. one can get the global dynamics of real-time network and supervise end-to-end network behavior. Therefore. QoS mechanism deployed on any OpenFlow will support end to end QoS.The centralized intelligent control model offered by SDN frees data center network from such problems as complex deployment, inflexibility and highly privatization. So network deployment will become more simple, flexible and easier to operate. However every coin has two sides. Open centralized management puts SDN network in a situation where security problems occur, even more severe ones. Therefore it is necessary to analyze security problems concerning SDN.Based on the above analysis, firstly, this thesis tries to research the routing strategy of data center network. Then this thesis proposes a kind of QoS routing strategy based on SDN. This strategy is realized by the combination of routing control and congestion dispatch. Routing control includes topology discovery module, flow monitoring module and routing calculation module. Topology discovery module aims at acquiring link information and node information of switches. Flow monitoring module is for monitoring the flow information of the network and the statistical information of switch ports. Routing calculation module, based on global topological structure and traffic statistics, employs ant colony algorithm to realize multipath routing. When network traffic reaches a set threshold, the link is considered to be congested. We use large flow detection algorithm to detect each port and use multi-level feedback queue scheduling algorithm to schedule the feedbacks detected. Thus the routing strategy combining routing control and congestion dispatching is realized. This thesis uses Mininet simulation experiment platform and makes comparison with the default routing algorithm in SDN Controller SDN to verify the effectiveness and feasibility of routing strategy proposed by this thesis.At last, this thesis also analyzes the security problems within SDN architecture. By analyzing the communication ways between controllers and network equipment, device security certification scheme based on SDN has been proposed. In order to prevent illegal device to have access to the network and to ensure the validity of network cell equipment that connects the controller and to ensure the authenticity of the parameters of collected network cell equipment, this thesis uses aggregate signature authentication protocol to do safety certification on all the switches of the connection controller.