At present TCP and SSL are the two transport mechanism defined by OpenFlow standard for Controller to Switch communication.
Wireless (Wi-Fi) may also be a candidate for Transport between switch and controller. In this scenario, both Switch and Controller need to implement 802.1x. Switch acts as 802.1x Supplicant and Controller as 802.1x Authenticator. Switches get Authenticated by Controller using an external Authentication server. WI-FI standard employs 802.1x protocol for Authentication and security key exchange which allows securing the trafiic between Switch and Controller. Thanks -ns murthy From: [email protected] [mailto:[email protected]] On Behalf Of Ed Wallig Sent: Saturday, September 21, 2013 1:18 AM To: [email protected] Subject: Re: [ovs-discuss] FW: 802.1x capabilities Sorry, I may actually be comparing apples to oranges; my reference is an 802.1x-capable hardware switch, for example an HP ProCurve 2600 2800 series. Admittedly I do not know a lot about the openvswitch project so I may not have a clear view of how all the pieces go together. When I was researching I did see on the web site that 802.1x was something that was being considered down the road. Thanks - Ed From: NS Srinivasa Murthy-B37840 [mailto:[email protected]] Sent: Friday, September 20, 2013 3:22 PM To: Ben Pfaff; Ed Wallig Cc: [email protected] Subject: RE: [ovs-discuss] FW: 802.1x capabilities If controller acts as the 802.1x acts as the authenticator, the switch will be the supplicant that gets authenticated. In that case , switch may need to implement the 802.1x supplicant. Thanks -ns murthy From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Ben Pfaff Sent: Friday, September 20, 2013 11:32 PM To: Ed Wallig Cc: [email protected]<mailto:[email protected]> Subject: Re: [ovs-discuss] FW: 802.1x capabilities I don't know a reason to implement this in Open vSwitch rather than in an OpenFlow controller. Do you? On Sep 5, 2013 12:00 PM, "Ed Wallig" <[email protected]<mailto:[email protected]>> wrote: Hi, First post and was wondering if there is a timeline / roadmap for the inclusion of an 802.1x authenticator role in openvswitch. Thanks - Ed _______________________________________________ discuss mailing list [email protected]<mailto:[email protected]> http://openvswitch.org/mailman/listinfo/discuss -- This message has been scanned for viruses and dangerous content by MailScanner<http://www.mailscanner.info/>, and is believed to be clean. -- This message has been scanned for viruses and dangerous content by MailScanner<http://www.mailscanner.info/>, and is believed to be clean.
_______________________________________________ discuss mailing list [email protected] http://openvswitch.org/mailman/listinfo/discuss
