Design And Implementation Of Virtual Machine Network Acess Control System Based On Software-defined Networking

This paper first introduces the user access control technology based on physical network equipment in the traditional datacenter network,and then analyzes the researches on the access control technology in SDN network.The SDN network architecturetechnology,such as OpenFlow protocol,supports data plane virtual switch of Open FlowProtocoland SDN control planecore component controller.It also introducesand heavily analyzes the data plane implementation in a typical SDN system including virtual switch usingOpenvSwitchand control plane implementation using Ryu controller.Secondly,this paper analyzes the problems and limitations of the network access control technology used in the traditional network to control the virtual machine undervirtualized environment.The SDN technology of OpenFlow protocol is proposed to realize the virtual machine network under virtualized environment.A custom virtual machine user network access control protocol based on SDN network is designed to implement access control on the access network operation by the virtual machine user.In this paper,a detailed design analysis of the working principle and implementation method of the custom access control protocol is carried out.The authentication server module and client module in the custom access control protocol are designed and implemented,and the authentication process of the virtual machine user access control in the network is described in detail.Message monitoring,message processingand information authenticationin authentication server module are designed and implemented in detail.User authentication information obtaining,special message sending andreceiving process,as well as authorized message sending and confirmation in authentication client modulearealso designed and implemented.Finally,this paper tests the implementation of user access control protocol in thecustom virtual machine.Using Ryu controller,OpenvSwitchand two virtual hosts to build different experimental platforms to test the performance of authentication server module and client module in the custom protocol,as well as the access control of virtual machine users in different network conditions.The experimental results show that the authentication module developed on the Ryu controller can work normally to achieve the goal of network access control for virtual machine users andmanage to implement a fine-grained authentication control process for virtual machine access.