[1]费 宁,刘春秋.基于 OpenDaylight 防火墙的研究与实现[J].计算机技术与发展,2019,29(06):112-115.[doi:10. 3969 / j. issn. 1673-629X. 2019. 06. 023]
 FEI Ning,LIU Chun-qiu.Research and Implementation of Firewall Based on OpenDaylight[J].,2019,29(06):112-115.[doi:10. 3969 / j. issn. 1673-629X. 2019. 06. 023]
点击复制

基于 OpenDaylight 防火墙的研究与实现()
分享到:

《计算机技术与发展》[ISSN:1006-6977/CN:61-1281/TN]

卷:
29
期数:
2019年06期
页码:
112-115
栏目:
安全与防范
出版日期:
2019-06-10

文章信息/Info

Title:
Research and Implementation of Firewall Based on OpenDaylight
文章编号:
1673-629X(2019)06-0112-04
作者:
费 宁刘春秋
南京邮电大学 计算机学院 软件学院,江苏 南京 210003
Author(s):
FEI NingLIU Chun-qiu
School of Computer Science &Technology,School of Software,Nanjing University of Posts &Telecommunications,Nanjing 210003,China
关键词:
软件定义网络OpenDaylight防火墙FireClientMaven
Keywords:
SDNOpenDaylightfirewallFireClientMaven
分类号:
TP393.1
DOI:
10. 3969 / j. issn. 1673-629X. 2019. 06. 023
摘要:
随着网络规模的持续发展,传统的分布式网络已经不能满足网络配置和管理的要求,软件定义网络作为一种全新的网络架构给网络安全研究提供了新的方向。 该架构将数据转发层和控制层相分离,并且在控制层之上开放了应用程序编程接口。 在深入分析软件定义网络的系统原理和架构设计的基础上,提出了基于 OpenDaylight 平台的软件定义网络防火墙的实现方案 FireClient,并借助软件项目管理和依赖分析工具 Maven 和数据建模语言 Yang,开发了上层应用调用模块。FireClient 允许用户灵活修改策略,其在不同场景中的实际测试结果表明,使用基于软件定义网络的防火墙可以更为灵活的布置策略和快速实施。 相比传统网络的配置和部署,软件定义网络使得第三方的快速应用开发成为可能,从而极大地推动了网络新业务的部署和拓展。
Abstract:
With the continuous growth of network scale,the traditional distributed network can no longer meet the requirements of network configuration and management. As an evolutionary network framework,software defined networking (SDN) provides a new direction for network security research. This new framework separates the data forwarding plane from the control plane and also provides application programming interfaces on top of the control plane. Based on the in-depth analysis of the system principle and architecture design of SDN,we propose the implementation scheme FireClient of SDN firewall based on OpenDaylight platform,and with the help of Maven,a software project management and dependency analysis tool,and Yang,a data modeling language,we develop the upper application call module. The users can modify policies flexibly with FireClient,and its test in different scenarios shows that the use of firewalls based on SDN can arrange policies flexibly and implement quickly. Compared with the traditional network configuration and deployment,SDN makes it possible for the rapid application development of the third party,thus greatly promoting the deployment and expansion of new network services.

相似文献/References:

[1]郭文刚. 基于SDN的大型企业网络研究[J].计算机技术与发展,2014,24(08):179.
 GUO Wen-gang. Research on Large Enterprise Network Based on SDN[J].,2014,24(06):179.
[2]孔祥彬,沈苏彬,李 莉.一种基于 SDN 网络的 QoS 路由选择方案[J].计算机技术与发展,2018,28(02):102.[doi:10.3969/j.issn.1673-629X.2018.02.023]
 KONG Xiangbin,SHEN Subin,LI Li.A QoS Routing Scheme Based on Software-defined Networking[J].,2018,28(06):102.[doi:10.3969/j.issn.1673-629X.2018.02.023]
[3]季一木,谈海宇,孙延鹏,等. 基于Openflow的Flash P2P流媒体传输协议研究[J].计算机技术与发展,2015,25(11):82.
 JI Yi-mu,TAN Hai-yu,SUN Yan-peng,et al. Research on Flash P2P Streaming Media Transmission Protocol Based on Openflow[J].,2015,25(06):82.
[4]王莉. 面向QoE驱动的软件定义网络业务流控制模型[J].计算机技术与发展,2015,25(11):125.
 WANG Li. Model of Software Defined Network Service-flow Control to QoE-driven[J].,2015,25(06):125.
[5]孙茂鑫,钱红燕. SDN网络环境下的MPTCP的移动切换机制[J].计算机技术与发展,2016,26(06):11.
 SUN Mao-xin,QIAN Hong-yan. Mobile Handover Mechanism Based on MPTCP in SDN Environment[J].,2016,26(06):11.
[6]孙杰,李莉,沈苏彬. 一种基于QoS和动态负载均衡的路由策略[J].计算机技术与发展,2016,26(11):188.
 SUN Jie,LI Li,SHEN Su-bin. A Routing Strategy Based on QoS and Dynamic Load Balancing[J].,2016,26(06):188.
[7]朱向阳,陈兵. 软件定义网络中可扩展的流表项处理机制[J].计算机技术与发展,2016,26(12):12.
 ZHU Xiang-yang,CHEN Bing. Scalable Flow Table Entries Processing Mechanism in Software-defined Networks[J].,2016,26(06):12.
[8]孙冬冬,杨龙祥. 基于软件定义的未来网络节能算法[J].计算机技术与发展,2017,27(03):70.
 SUN Dong-dong,YANG Long-xiang. Future Network Energy Saving Algorithm Based on Software Definition[J].,2017,27(06):70.
[9]侯 文,陈 佳,王洪超.SDN 控制平面功能模块化研究[J].计算机技术与发展,2017,27(12):23.[doi:10.3969/ j. issn.1673-629X.2017.12.006]
 HOU Wen,CHEN Jia,WANG Hong-chao.Research on Modular and Functional SDN Control Plane[J].,2017,27(06):23.[doi:10.3969/ j. issn.1673-629X.2017.12.006]
[10]张 雪,高德云.一种优化的基于软件定义车联网的路由方法[J].计算机技术与发展,2018,28(01):37.[doi:10.3969/ j. issn.1673-629X.2018.01.008]
 ZHANG Xue,GAO De-yun.An Optimized Routing Protocol Based on Software DefinedVehicular Ad-hoc Network[J].,2018,28(06):37.[doi:10.3969/ j. issn.1673-629X.2018.01.008]

更新日期/Last Update: 2019-06-10