A Parallel Processing and Synthesis Structure for Improving Access Security and Efficiency in SDN Environment

• Published in: Chinese Journal of Electronics Vol. 25; no. 5; pp. 817 - 823
• Main Authors: Zhang, Peng, Chen, Xiangning, Ge, Yun, Jin, Lin
• Format: Journal Article
• Language: English
• Published: Published by the IET on behalf of the CIE 01.09.2016
• Subjects: Access network; access security; blocking attack; computer network security; control plane; data plane; Flow table; forwarding process; Parallel; parallel processing; parallel tables; retractable management model; routing process; SDN; SDN environment; Security and efficiency; Software‐defined networking; Synthesis; 传统网络; 合成; 安全防卫; 并行处理; 控制平面; 环境; 结构; Software-defined networking; Access network; Synthesis; Flow table; Parallel; Security and efficiency
• ISSN: 1022-4653; 2075-5597
• DOI: 10.1049/cje.2016.06.004

After studying the routing and forwarding process of network stream and the implementation of SDN, we propose a retractable management model for flow table. A structure with parallel tables and synthesis processing is proposed according to the feature of SDN and traditional network. The parallel tables share the same storage resources. Thanks to the separation of data plane and control plane, control plane owns more computing resources than traditional device. It evaluates the role of nodes and the action of network flows, makes adjustment according to the historical and current information and streamlines flow tables by consolidating and simplifying old flow entries. Through simulation, it is proved that the realized method can defend offensive traffic while ensuring the safety of accessing and forwarding, especially existing blocking attack.