Embodiments of the invention provide a user
access method, an SDN controller, a forwarding device and a user access
system, and relate to the field of communication. The problem that the traffic of online users forwarded by a vBNG (virtual
Broadband Network Gateway) occupies a lot of
processing resources of the vBNG in the prior art is solved under the premise of avoiding the influence on the
authentication process of users. The method comprises the following steps: an SDN (
Software Defined Network) controller acquires device registration information and acquires a first port and a second port according to the acquired device registration information; a forwarding device forwards a
user authentication message received from the second port via the first port and forwards a
user authentication message received from the first port via the second port according to a first traffic table sent by the SDN controller; the SDN controller acquires the
IP address of a user when determining that the user is online; and the forwarding device forwards a message of which the destination
IP address is the
IP address of the user via the second port and forwards a message of which the source IP address is the IP address of the user via a third port according to a second traffic table sent by the SDN controller. The user
access method, the SDN controller, the forwarding device and the user access
system are used for user access.