Abstract
Software-defined Networking (SDN) is a new network architecture that separates the control plane from the data plane in a computer network environment. SDN uses OpenFlow protocol in the control plane to achieve a more flexible operation, monitoring and networking management system. Although SDN offers various advantages over a traditional network, one of the challenges facing the use of this technology is the limited amount of knowledge on implementing various aspects of a network in a SDN, as well as the increasing number of platforms that may be used in the implementation. This paper addresses some of this concern by describing the implementation and functionality of firewalls in SDN environment. The paper uses a software firewall application based on OpenFlow protocol, built on top of Ryu controller. It shows some of the firewall functionalities in SDN without the need for hardware. Using the Mininet network emulator on virtual machine, the experiments conducted in the research describe how the purpose of a firewall set-up can be at different layers of the OSI model. The paper also discusses the efficiency of a SDN firewall by describing the latency and throughput of the emulated networks.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
European Commission, Consultation on Future Network Technologies research and Innovation in HORIZON2020 (European Commission, Brussels, 2012)
P. Goransson, C. Black, Software Defined Networks: A Comprehensive Approach (Morgan Kaufman, Waltham, 2014)
Arthur D Little, Bell Labs, Reshaping the future with NFV and SDN (Arthur D Little, 2015)
ONF, Software defined networking: the new norm for networks. 13 April 2012. [Online]. Available: https://www.opennetworking.org/images/stories/downloads/sdn-resources/white-papers/wp-sdn-newnorm.pdf. [Accessed 4 Jan 2017]
S. Azodolmolky, Software Defined Networking with OpenFlow (Packt Publishing Ltd, Birmingham, 2013)
Stanford University, Clean slate design for the internet. May 2006. [Online]. Available: http://www.cleanslate.stanford.edu/research_project_ethane.php. [Accessed 9 Jan 2017]
M. Casado, M. J. Freedman, J. Pettit, J. Luo, N. McKeown, S. Shenker, Ethane: Taking Control of the Enterprise, in SIGCOMM’07 (Kyoto, 2007)
N. McKeown, T. Anderson, H. Balakrishnan, G. Parulkar, L. Peterson, OpenFlow: enabling innovation in campus networks. SIGCOMM Comput. Commun. Rev. 38(2), 69–74 (2008)
N. Feamster, J. Rexford, E. Zegura, The road to SDN—an intellectual history of programmable networks. SIGCOMM Comput. Commun. Rev. 44(2), 87–98 (2014)
G. Dasmalc, UnderstandingSDNTechV1.pdf. December 2014. [Online]. Available: https://www.sdxcentral.com/wpcontent/uploads/2014/12/UnderstandingSDNTechV1.pdf. [Accessed 11 Jan 2017]
S. Morzhov, I. Alekseev, M. Nikitinskiy, Firewall Application for Floodlight SDN controller, in 2016 International Siberian Conference on Control and Communications (Moscow, 2016)
Karunsubramanian.com, Firewall classification and architecture, Karunsubramanian.com, [Online]. Available: http://www.karunsubramanian.com/security/firewall-classifications-and-architectures/. [Accessed 16 Jan 2017]
T. Javid, T. Riaz, A. Rasheed, A layer2 firewall for software defined network, in Conference on Information Assurance and Cyber Security (CIACS) (Rawalpindi, 2014)
M. Suh, S. H. Park, B. Lee, S. Yang, Building firewall over the software-defined network controller, in 16th International Conference on Advanced Communication Technology (Phoenix Park, 2014)
Ryu, Ryu SDN Framework. [Online]. Available: https://osrg.github.io/ryu/. [Accessed 16 Dec 2016]
Open Networking Foundation, openflow-switch-v1.3.4.pdf, 27 March 2014. [Online]. Available: https://www.opennetworking.org/images/stories/downloads/sdn-resources/onf-specifications/openflow/openflow-switch-v1.3.4.pdf. [Accessed 10 Jan 2017]
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Adedayo, A.O., Twala, B. (2018). Testing the Functionality of Firewall in Software-Defined Networking. In: Dash, S., Naidu, P., Bayindir, R., Das, S. (eds) Artificial Intelligence and Evolutionary Computations in Engineering Systems. Advances in Intelligent Systems and Computing, vol 668. Springer, Singapore. https://doi.org/10.1007/978-981-10-7868-2_1
Download citation
DOI: https://doi.org/10.1007/978-981-10-7868-2_1
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-10-7867-5
Online ISBN: 978-981-10-7868-2
eBook Packages: EngineeringEngineering (R0)