| Software defined network(SDN)has brought great changes to the traditional network,and it has been widely concerned and valued by the whole world.It realizes the software of the network and it turns traditional distributed network to centralized control SDN network.The core idea of SDN network is to separate control functions from network devices.Through the central controller to achieve network programmability,so as to ensure the optimal use of resources and improve the efficiency of network management and control.As a new network architecture,SDN has broad application scenarios in the fields of security,Wan,data center,enterprise network and so on.However,the rapid development of the Internet has exceeded expectations.Single centralized controller has been unable to meet the needs of today's operators,Internet companies and users.Big data and cloud computing,virtual machine migration,virtual data center and other businesses all have more and more high requirements for network function virtualization.With the increasing scale of network and the increasing number of network interconnection devices for extensive switches flow requests and control plane expansion,the single centralized controller has been unable to meet the performance requirements of large-scale networks.This needs a single centralized controller to be extended to multiple controllers architecture.However,the distributed multiple controllers architecture is facing more and more serious challenges in the aspects of scalability,stability and security.Firstly,the communication between distributed SDN controllers is lack of security specification.And the access request of the switch is not balanced among the controller clusters.We propose a smart cooperative platform for load balancing and security on distributed SDN controllers,named SCPLBS.The collaborative platform is built on the control plane.Collaborative platform uses a data collection algorithm adapting to data fluctuation to collect the controllers' status and load information.According to the fluctuation of data collected in the data collection interval,the cooperative platform can adaptively adjust the time interval of data collection.SCPLBS stores the routing policy of each controller.According to the controllers load information collected,SCPLBS maintains the load balancing of the distributed controllers by migrating the control permission of the switch.At the same time,SCPLBS can avoid the network paralysis caused by failure of single controller.In this paper,we use the Floodlight controller and develop the cooperative platform based on restlet framework.Using Mininet to simulate the network topology,the experimental results show that the proposed scheme has good feasibility and effectiveness.Then aiming at secure communication for hierarchical multiple controllers architectures and the possible traffic attacks,we propose a hierarchical SDN multiple controller security communication and abnormal flow detection scheme.The security authentication between the intra domain controller and the global controller is carried out.And the weighted multiple domain routing algorithm is adopted.The routing of multiple domain boundary switches not only considers the number of hops between switches,but also considers the bandwidth and delay between links.At the same time,the network data is monitored by the parallel processing advantages of distributed system Hadoop and the generation of malicious traffic is monitored.Finally,experiments are carried out on the SDN network simulation environment to verify the correctness and effectiveness of the proposed scheme. |
PDF Full Text Request