A split architecture network is an alternate paradigm for network architecture. A split architecture network is composed of a number of nodes, such as routers or switches, like traditional network architecture. However, in this paradigm, the control plane functionality of the network can reside at a single central controller that can be in a single node of the network as illustrated in FIG. 1. This is in contrast to traditional network architecture where the control plane functionality resides on every node in the network. In a split architecture network, the network nodes are stripped of their control plane functionality and provide basic data plane functionality as ‘flow switches.’ A ‘domain,’ as used herein, is an area of a split architecture network where the flow switches are under the control of a single controller.
An example of a split architecture network is an OpenFlow based split architecture network. In an OpenFlow split architecture network, a controller and the flow switches in the data plane communicate using an OpenFlow Protocol. The OpenFlow protocol provides message infrastructure for the controller to program the flow switches in the data plane with appropriate flows for packet forwarding and processing. The controller can also obtain complete network state information for the network by querying each of the network nodes. This single logical OpenFlow controller can be implemented as a set or cluster of controllers responsible for a single domain of switches.
However, a wide range of network threats and situations can lead the split architecture network to fail or provide a defective service, impeding its normal operation. In addition to network security, the split architecture should ensure network-wide data confidentiality, authentication and integrity, and should be aimed at providing enhanced network security and availability, not only during normal operation but, also under different attacks, such as routing attacks or Denial of Service (DoS) attacks. Furthermore, new vector attacks and effects of existing threats have to be minimized. Also, even a minor information leakage (via device compromise, for example) could greatly compromise security.
It is desired to implement methods and procedures that non-disruptively connect two data ports using communications paths between multiple devices in split architecture networks in a manner that is very secure against outside attackers.