SDN used for policy enforcement in a federated military network.

Abstract

This thesis looks at how Software-Defined Networking can be used to provide policy enforcement in a federated military network. SDN is a concept in computer networking where the control plane is decoupled from network forwarding devices, and placed in a centralized location. The methodology used in this work includes a literature study, a discussion and the design, implementation and validation of a test bed utilizing the OpenDaylight SDN controller. We have found that SDN can be used for policy enforcement in federated networks, and shown this through programmatically re-assigning a network tunnel to a new path in an automatic fashion using the OpenFlow protocol. Together with the implementation, we have also described through design how groups of tunnels can be moved in the same fashion, while avoiding packet loss.