主权项 |
1. A method comprising:
establishing, between an OpenFlow network controller and an OpenFlow network device attempting to become part of an OpenFlow network that the OpenFlow network controller controls, a networking connection; after establishing the networking connection between the OpenFlow network controller and the OpenFlow network device,
ignoring, by the OpenFlow network controller, OpenFlow messages received from the OpenFlow network device until the OpenFlow network controller has finished attempting to authenticate the OpenFlow network device, and such that the OpenFlow network device is not permitted to become part of the OpenFlow network until authentication has been successfully completed;attempting to authenticate the OpenFlow network device, by the OpenFlow network controller; andwhere authentication of the OpenFlow network device is successful, sending a message to the OpenFlow network device to indicate that the authentication was successful and permitting the OpenFlow network device to perform OpenFlow messaging, by the OpenFlow network controller, wherein attempting to authenticate the OpenFlow network device comprises:
sending a first authentication message from the OpenFlow network controller to the OpenFlow network device, the first authentication message specifying a first hash algorithm;where the OpenFlow network controller receives a first authentication response from the OpenFlow network device sent by the OpenFlow network device in reply to the first authentication message, the first authentication response specifying a second hash algorithm, and where the first hash algorithm and the second hash algorithm are identical,
sending a second authentication message from the OpenFlow network controller to the OpenFlow network device, the second authentication message specifying a challenge value;where the OpenFlow network controller receives a second authentication response from the OpenFlow network device sent by the OpenFlow network device in reply to the second authentication message, the second authentication response specifying a challenge response,
where the challenge response is correct, determining by the OpenFlow network controller that the authentication of the OpenFlow network device is successful. |