Research And Implementation On Flow Rule Confclict Detection And Resolution Technology In Software Defined Networking

The applications and modules on the Software Defined Networking controller do not analyze the existing rules in the switch when issuing new flow rules,and lack of unified coordination when issuing new flow rules,causing network abnormal such as firewall rule failure.Aiming at the problem of Software Defined Networking flow rule conflict,this thesis studies the related technologies of rule conflict detection and resolution,analyzes and summarizes the existing rule conflict detection and processing technologies,and models the flow rule and classifies conflict type for rule conflict detection.In this paper,a rule conflict detection and resolution algorithm based on header space is proposed to solve network anomalies caused by rule conflicts.Compared with the existing rule conflict detection and resolution technology,the matching fields are converted into a header space sequence,and the header space intersection operation is used to reduce the classification time of the rule matching field relationship,thereby improving the performance of rule conflict detection and resolution.By modeling the flow rule,adding the flow table index and flow table transition instruction,and adding the processing logic of the multi-level flow table to the algorithm,it is solved that the existing algorithm only supports a single flow table,and the problem of false detection in the scenario of multi-level flow tables is solved.A rule conflict detection and resolution system based on header space is designed and implemented.The system includes four modules:rule conflict detection and processing,rule management,header space processing,and conflict data management.The system relies on a Software Defined Networking controller,which can intercept the rules issued by each application or module on the controller,detect whether there is a conflict between the newly issued rules and existing rules in real time,and automatically detect and handle the conflicts.The conflicts that are found are persisted to the database,providing query and statistics functions.Compared with the existing technology,the system has less influence on the north interface of the controller for issuing flow rules,lower time delay and higher throughput.