摘要: 本文在分析了传统网络和基于OpenFlow协议的SDN网络中的访问控制技术的基础上，设计出了一种基于SDN网络的自定义虚拟机用户入网控制协议，来实现对虚拟机用户的接入网络的操作进行访问控制。本文对自定义访问控制协议的工作原理和实现方法进行了详细的设计分析。针对自定义访问控制协议中的认证服务器模块和客户端模块进行了设计与实现，并详细描述了网络中虚拟机用户入网访问控制的认证过程。对认证服务器模块中的消息监听模块，消息处理模块和信息认证模块进行了详细的设计与实现，对认证客户端模块中的获取用户认证信息模块，特殊报文的发送和接收处理模块，认证信息的发送与确认模块进行了设计和实现。

Abstract: Through analyzing the traditional network and the SDN network access control technology based on OpenFlow protocol, a custom virtual machine users’ access control protocol based on the SDN network is designed, to realize the control of virtual machine user’s operation of accessing a network. In this paper, the working principle and implementation method of the custom access control protocol are designed and analyzed in detail. A custom access control protocol’s authentication server module and client module are designed and implemented, and the authentication process of virtual machine user access control in network is described in detail. Message listener module, message processing module and information certification module of the authentication server module, as well as user authentication information acquiring module in the client authentication module, special message sending and receiving process module, authentication information sending and acknowledging module are designed and implemented.