At present TCP and SSL are the two transport mechanism defined by OpenFlow standard for Controller to Switch communication.
Wireless (Wi-Fi) may also be a candidate for Transport between switch and controller. In this scenario, both Switch and Controller need to implement 802.1x. Switch acts as 802.1x Supplicant and Controller as 802.1x Authenticator. Switches get Authenticated by Controller using an external Authentication server. WI-FI standard employs 802.1x protocol for Authentication and security key exchange which allows securing the trafiic between Switch and Controller. Thanks -ns murthy From: discuss-boun...@openvswitch.org [mailto:discuss-boun...@openvswitch.org] On Behalf Of Ed Wallig Sent: Saturday, September 21, 2013 1:18 AM To: discuss@openvswitch.org Subject: Re: [ovs-discuss] FW: 802.1x capabilities Sorry, I may actually be comparing apples to oranges; my reference is an 802.1x-capable hardware switch, for example an HP ProCurve 2600 2800 series. Admittedly I do not know a lot about the openvswitch project so I may not have a clear view of how all the pieces go together. When I was researching I did see on the web site that 802.1x was something that was being considered down the road. Thanks - Ed From: NS Srinivasa Murthy-B37840 [mailto:b37...@freescale.com] Sent: Friday, September 20, 2013 3:22 PM To: Ben Pfaff; Ed Wallig Cc: discuss@openvswitch.org Subject: RE: [ovs-discuss] FW: 802.1x capabilities If controller acts as the 802.1x acts as the authenticator, the switch will be the supplicant that gets authenticated. In that case , switch may need to implement the 802.1x supplicant. Thanks -ns murthy From: discuss-boun...@openvswitch.org<mailto:discuss-boun...@openvswitch.org> [mailto:discuss-boun...@openvswitch.org] On Behalf Of Ben Pfaff Sent: Friday, September 20, 2013 11:32 PM To: Ed Wallig Cc: discuss@openvswitch.org<mailto:discuss@openvswitch.org> Subject: Re: [ovs-discuss] FW: 802.1x capabilities I don't know a reason to implement this in Open vSwitch rather than in an OpenFlow controller. Do you? On Sep 5, 2013 12:00 PM, "Ed Wallig" <ewal...@aerocontractors.com<mailto:ewal...@aerocontractors.com>> wrote: Hi, First post and was wondering if there is a timeline / roadmap for the inclusion of an 802.1x authenticator role in openvswitch. Thanks - Ed _______________________________________________ discuss mailing list discuss@openvswitch.org<mailto:discuss@openvswitch.org> http://openvswitch.org/mailman/listinfo/discuss -- This message has been scanned for viruses and dangerous content by MailScanner<http://www.mailscanner.info/>, and is believed to be clean. -- This message has been scanned for viruses and dangerous content by MailScanner<http://www.mailscanner.info/>, and is believed to be clean.
_______________________________________________ discuss mailing list discuss@openvswitch.org http://openvswitch.org/mailman/listinfo/discuss
