Hello, I was wondering about some things:
-While the packet-in event from a switch in response to unknown traffic isn't handled by the controller, the switch keeps sending packet-in events to the controller for every new packet from that traffic?
-If that is true, i believe i can seize the flowing of that traffic through the network by adding a rule to discard (no action) every packet from that specific traffic in every needed switch, is that correct? Thus solving the control (packet-in) flood. (at least partially)
-But i was wondering about the switch, and that if the attacker keep creating flows at high packet rate, even if i could stop packet-in events from going to the controller, it would still consume switching resources that could affect normal user (like searching the tables for the discard rule). Do you believe this is a real threat to other users? Is there some way to avoid it?
Thanks in advance. Yours faithfully, Victor T. _______________________________________________ openflow-discuss mailing list [email protected] https://mailman.stanford.edu/mailman/listinfo/openflow-discuss
