P22. Consider again the SDN OpenFlow network shown in Figure 4.30 . Suppose we want switch s2 to function as a firewall. Specify the flow table in s2 that implements the following firewall behaviors (specify a different flow table for each of the four firewalling behaviors below) for delivery of datagrams destined to h3 and h4. You do not need to specify the forwarding behavior in s2 that forwards traffic to other routers.

 Only traffic arriving from hosts h1 and h6 should be delivered to hosts h3 or h4 (i.e., that arriving traffic from hosts h2 and h5 is blocked).

 Only TCP traffic is allowed to be delivered to hosts h3 or h4 (i.e., that UDP traffic is blocked).

 Only traffic destined to h3 is to be delivered (i.e., all traffic to h4 is blocked).

 Only UDP traffic from h1 and destined to h3 is to be delivered. All other traffic is blocked.

Transcribed Image Text:

**Figure 4.30: OpenFlow Network Diagram** This diagram illustrates an OpenFlow match-plus-action network consisting of three packet switches, six hosts, and an OpenFlow controller. Each host is connected to a specific switch, and each connection includes a designated port number. - **Switches:** - **S1** is centrally positioned and connected to: - Host h1 (IP: 10.1.0.1) via port 3 - Host h2 (IP: 10.1.0.2) via port 4 - S2 via port 1 - S3 via port 2 - **S2** is connected to: - Host h3 (IP: 10.2.0.3) via port 3 - Host h4 (IP: 10.2.0.4) via port 4 - S1 via port 1 - **S3** is connected to: - Host h5 (IP: 10.3.0.5) via port 2 - Host h6 (IP: 10.3.0.6) via port 1 - S1 via port 3 - **OpenFlow Controller:** Located at the top and connected to each switch by a dashed line, indicating its role in managing the network traffic by directing how packets are processed and communicated between switches and hosts. This setup demonstrates how the OpenFlow protocol manages the flow of data across diverse network architectures, using a centralized controller for enhanced flexibility and control.