UCF STIG Viewer Logo

Physical devices hosting an SDN controller must be connected to two switches for high-availability.


Finding ID Version Rule ID IA Controls Severity
V-73099 NET-SDN-014 SV-87751r1_rule Low
SDN relies heavily on control messages between a controller and the forwarding devices for network convergence. The controller uses node and link state discovery information to calculate and determine optimum pathing within the SDN network infrastructure based on application, business, and security policies. Operating in the proactive flow instantiation mode, the SDN controller populates forwarding tables to the SDN-aware forwarding devices. At times, the SDN controller must function in reactive flow instantiation mode; that is, when a forwarding device receives a packet for a flow not found in its forwarding table, it must send it to the controller to receive forwarding instructions. With total dependence on the SDN controller for determining forwarding decisions and path optimization within the SDN infrastructure for both proactive and reactive flow modes of operation, having a single point of failure is not acceptable. Hence, it is imperative that all physical devices hosting an SDN controller are connected to two switches using NIC teaming to guarantee network high availability.
SDN Using NV Security Technical Implementation Guide 2017-03-01


Check Text ( C-73233r1_chk )
Review the network topology as well as the physical connection between the physical device hosting an SDN controller and the switches.

The device must have NIC teaming enabled and must be dual homed, with each upstream link connected to a different switch.

If the physical device hosting an SDN controller is not connected to two switches using NIC teaming, this is a finding.
Fix Text (F-79545r1_fix)
Enable NIC teaming on the device hosting an SDN controller in either Link Aggregation Control Protocol (LACP) or switch-independent mode.

Connect each interface to a different access switch.