Exploring SDN Based Firewall and NAPT: A Comparative Analysis with Iptables and OVS in Mininet

In recent years, Software-Defined Networking (SDN) has emerged as a transformative paradigm for managing and controlling computer networks while offering enhanced flexibility and scalability compared to traditional networking models. SDN-driven network modules enhance business network efficiency, aid in experimental network studies, simplify network management and automation, and improve the reliability and speed of the internet in daily use. In this study, we implemented Open vSwitch (OVS) controller-based SDN networking modules in Mininet and assessed their performance, with particular emphasis on packet loss and jitter. Network Address Port Translation (NAPT) middleware, OVS controller-based firewalls, and a mix of both in a single middleware were implemented in networking modules and tested with different networking policies. A comparative analysis was conducted between iptables and OVS policies to understand their different effects on packet loss and jitter. The objective of this research was to investigate the performance differences between various SDN-based network module types-in this case, OVS-based modules. The results indicate that multiple OVS policies increase packet loss and jitter, whereas iptables exhibit better performance. This study also provides insights into the trade-offs between OVS and iptables in SDN middleware, highlighting the scope for optimization in future research.