BPFC-SDNs: A Blockchain-Based and Policy-Oriented Forwarding Control for the SDN Interdomain

Abstract

Policy-oriented forwarding control has been widely recognized in a software-defined network (SDN). However, in the multidomain SDN scenario, policy-oriented forwarding control confronts the challenges that the lack of a higher-level abstraction policy paradigm, cross-domain policy unknowability and policy conflict, a distributed and untrusted communication environment, and latency sensitivity. To tackle these challenges, this article proposes BPFC-SDNs, a blockchain-based and policy-oriented forwarding control for the SDN interdomain. As the basis of BPFC-SDNs, we define an attribute-based interdomain forwarding control policy paradigm and implement secure and trusted cross-domain information and policy sharing based on blockchain. The main idea of BPFC-SDNs is to achieve cross-domain dataflow forwarding control based on the global collaborative policy. Specifically, we propose a physically centralized and logically isolated architecture to ensure efficient and secure information exchange between the SDN and blockchain. Moreover, we design a combined on-chain and off-chain functional model to separate forwarding control from the blockchain, which enables forwarding control based on trusted data while avoiding the introduction of high latency and computational overhead of the blockchain. Finally, we implement a prototype for BPFC-SDNs, and the experimental results indicate that BPFC-SDNs can provide effective forwarding control for the SDN interdomain with acceptable latency and good scalability.