All Favorites

DPI in Controller Networks – Jason Edelman’s Blog

Jason Edelman comments on his blog:

What about load balancers and firewalls in these networks?   With OpenFlow, the network can be turned into a giant network security device (lightweight FW) and  load balancer  since you would be predefining what to do with all traffic.   Maybe the OpenFlow action is drop for turning a switch into a basic Firewall —  exactly what Goldman said they were 6 months ago.   Maybe the action is to do an L3 re-write, punt to the “load balancer” application that is running on top of the controller, and see which real server IP to forward the traffic to.   In both of these examples, very few to no packets are sent to the controller and policy is distributed and enforced, largely based on Layer 3-4 information, throughout the edges of the network.

Great look at the future of packet inspection in OpenFlow networks.

Read more:   DPI in Controller Networks – Jason Edelman’s Blog

About the author

Tom Hollingsworth

Tom Hollingsworth is a networking professional, blogger, and speaker on advanced technology topics. He is also an organizer for networking and wireless for Tech Field Day.  His blog can be found at

Leave a Comment