Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A SDN firewall state detection method and system based on the OpenFlow protocol

An openflow protocol and state detection technology, applied in the Internet field, can solve the problems of unextracted application layer protocol state information, centralized control of controllers, etc.

Active Publication Date: 2017-09-22
WUHAN UNIV
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The firewall realizes the function of preventing active communication between the external network and the internal network through the cooperative work of two switches; however, this method does not reflect the centralized control of the controller, and does not extract the status information of the application layer protocol. Although the paper achieves a simple one-way connection between the internal network and the external network through clever design ideas, this design idea is not realized by extracting status information

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A SDN firewall state detection method and system based on the OpenFlow protocol
  • A SDN firewall state detection method and system based on the OpenFlow protocol
  • A SDN firewall state detection method and system based on the OpenFlow protocol

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0039] In order to facilitate those of ordinary skill in the art to understand and implement the present invention, the present invention will be described in further detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the implementation examples described here are only used to illustrate and explain the present invention, and are not intended to limit this invention.

[0040] The technical solution adopted by the method of the present invention is: a SDN firewall state detection method based on the OpenFlow protocol. Add a connection state table to the switch, and modify the format of the original OpenFlow flow table, add relevant state fields in it, modify the OpenFlow protocol at the same time, add a new message State_In, and keep the connection state table in the SDN controller and the OpenFlow switch consistent, so as to realize Deployment of the SDN firewall module.

[0041] please see figure 1 , the technical soluti...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present invention releases an SDN firewall state detection method and system based on the OpenFlow protocol, and records the state of the data stream and its change information by adding a state table and a state transition table in the OpenFlow switch. At the same time, a state transition table is also established and maintained in the SDN controller, so as to realize the synchronization of the data flow state between the controller and the switch. In addition, the present invention proposes a modification to the original OpenFlow flow table format, in which a relevant state field is added, and the OpenFlow protocol is also modified, and a new message State_In is added, so as to process the state operation messages before the controller and the switch, Keep the link state table in the controller and the switch consistent. The invention can effectively realize more fine-grained access control. At the same time, through the collaborative work of the Openflow switch and the SDN controller, the deployment of the state inspection firewall is completed, providing more secure and effective services for the SDN network.

Description

technical field [0001] The invention belongs to the technical field of the Internet, and mainly aims at the problem that an SDN firewall cannot perform state detection caused by the statelessness of the existing OpenFlow protocol, and proposes a state detection method and system for an SDN firewall based on the OpenFlow protocol. Background technique [0002] Software Defined Network (SDN) is a new innovative network architecture. Its core technology, OpenFlow, realizes flexible control of network traffic by separating the control plane of network equipment from the data plane. Provides a good platform for innovation. The control layer controls the flow table in the OpenFlow switch through the standard interface of the OpenFlow protocol, thereby realizing centralized control over the entire network. [0003] However, compared with traditional networks, SDN brings more convenience and control capabilities to network managers. As a brand-new network architecture, its firewall...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L12/26H04L29/06
Inventor 王鹃王江陈诗雅焦虹阳康强龙
Owner WUHAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com