CECS 572 Student Name Monday/Wednesday 5:00 PM Dr. Tracy Bradley Maples OpenFlow OpenFlow is the first open standard communications interface that enables Software Defined Networking (SDN) [6]. It was started as a way for researchers to run experimental protocols in the networks they use every day [4]. Now it is viewed as promising and practical approach to implement SDN and getting many interest from both academic and industry researchers [1][2]. It separates the control plane into a separate controller that gives high flexibility that offers ability to modify a part of network flow dynamically without affecting other network traffics and also gives flexible way manage virtual network and user mobility to meet today's network need [2]. Limitations of Current Networking Architecture With the emergence of the new technologies like server virtualization, mobile devices and content, and cloud services current networking technologies does not meet requirements of today's network needs. Traditional networking devices such as Ethernet switches and IP routers are built to provide reliable connection among hosts [5]. They run under discrete protocols sets that are vendor dependent and highly complex. If a network administrator need to make a policy changes, he or she have to access every routers and switches in network and make changes that could take days to months depends on network size. It is also lacks on scalability to meet needs of network grow due to additional complexity it creates to add network devices [6]. Many academic researchers, carriers, and enterprises put a lot of efforts build a highly scalable and flexible network that address today's network needs. OpenFlow-based Software Defined Network became the leading architecture that address issue of the traditional networking technologies. OpenFlow Architecture OpenFlow break up the control plane from the data plane of the traditional network device and connects them using open interface [2]. The control plane implemented in a controller in form of software program and the data plane implemented in a OpenFlow [2][3][5]. 1
The control plane and data plane communicate via open interface OpenFlow protocol [2]. The controller computes routing decisions and creates flow entries and pushes them to OpenFlow switches. The controller uses OpenFlow protocol to communicate with OpenFlow switches to add, delete, and update flow entries [3]. OpenFlow switch obtains flow entries from the controller and processes packet forwarding based on these rules [6]. OpenFlow places complexity of all routing and forwarding decision to the logically centralized controller [3]. Software running on the controller maintains a global network view that allows network administrators to control entire network form the controller that represents a single logical point [5][7]. It also gives network administrators ability to partition traffic into various different flow and change route of flow thus it gives administrators a way to control network traffic to meet their need. For example, network administrators in university can divide network traffic into research and production to give researchers ability test their project such as new routing protocols, address schemes, or security model [4]. When a packet arrives to the OpenFlow switch it extracts packet header information and then it looks up flow entries in the flow tables for a match. If the packet finds a match, switch processes necessary action that is linked to that flow entry and updates counter. If the packet does not find match, it forwards the packet to the controller to determine how the packet should be processed [2]. Another key feature of OpenFlow is its ability inspect different layers of packet headers and process packet on "arbitrary packet header fields in any combination of layers simultaneously [1]." It gives ability to prioritize certain type of traffic from a certain group of users to take a path that has the smallest latency or the greatest bandwidth. These can be useful for the ISPs or cloud service providers have tiered service to meet their customer's need [7]. OpenFlow Switch OpenFlow has two compliant types of switch called "OpenFlow-Only" and "OpenFlow- Hybrid" also known as OpenFlow-Enabled." OpenFlow-Only switches can process packet by OpenFlow operation only and OpenFlow-Hybrid switches can process both traditional switching and routing operation with OpenFlow operation by adding the Flow Table, OpenFlow protocol, and secure channel to the switches, access points, and routers [4][6]. The flow tables would be implemented on Ternary Content-Addressable Memory and OpenFlow secure channel and 2
OpenFlow protocol would be included on network device s operating system. They can handle both OpenFlow operation and traditional layer 2 Ethernet switching, layer 3 IPv4 and IPv6 routing, ACL, QoS and VLAN processing [4]. An OpenFlow switch comprised with a group table, flow tables, and OpenFlow channel. OpenFlow channel is a secure channel that enables communication between the controller and the switch using OpenFlow protocol. The controller uses OpenFlow protocol to add, update, and delete flow entries in the flow tables [5]. Flow tables stores flow entries that are constructed with three major components matching field, instruction, and counter [2]. When a packet comes into flow table, it checks matching field of flow entries to find match and performs instruction linked to that entry and update counter [4][6]. A flow table is made up of flow entries and each flow table entry contains following fields: match field, priority, counters, instructions, timeouts, and cookie [6]. Match fields are used to check incoming packet headers to find a match [2]. It consists 14 required fields, which includes 13 fields from layer 2 to 4 packet header and one ingress port number, and one optional metadata field. 14 required match fields are following: Ingress Port, Ethernet type, Ethernet source address, Ethernet destination address, IPv4 or IPv6 protocol number, IPv4 source address, IPv6 source address, IPv4 destination address, IPv6 destination address, TCP source port, UDP source port, TCP destination port, and UDP destination port [6]. OpenFlow Switch Specification version 1.3.1 has more optional matching fields and details can be found from specification [6]. Each flow entry has a instruction field to be processed when a packet finds match in the flow entry [2]. It sets packet to perform an action, passed to pipeline processing and/or make changes to packet [6]. Three basic actions are: (1) Forward packet to output port, (2) Drop packet, and (3) Encapsulate packet and forward it to the OpenFlow controller [4]. Counters fields maintains statistics for each flow table, port, and flow entry to collects data such as number of bytes, number of packet, and duration to help control flow of traffics [4][6]. OpenFlow Controller The OpenFlow controller is a key component of the OpenFlow network that represents network intelligence [7]. It runs SDN control software that gives network administrator configurations and status of entire network infrastructure. It also gives them ability to configure and modify all networking device either proactively or reactively giving network administrator 3
full control of the network [1]. A controller can be implemented on a PC with a simple applications to connect set of test computers for the experiments or high powered servers with sophisticated controller that can add, remove, and modify flows and monitor hundreds of thousands of flow on the ISP network or clouding service providers. When a controller communicates with a OpenFlow switch, it creates a Secure Socket Layer (SSL) connection with secure channel in the switch [5]. OpenFlow Protocol The OpenFlow protocol is the only standardized Software Defined Network protocol and key enabler for the SDN architecture [7]. There are three types of messages, controller-to-switch, asynchronous, and symmetric in the protocol. Each message type has many sub-types in them. Controller-to-switch messages are started by the controller and applied to inspect or manage the switch's state directly and it may or may not require a reply from the switch [6]. Asynchronous messages are started by the switch and utilized to update the controller with changes to the status of the switch or network events. The switches send it to indicate a changes in switch state, an arrival of packet, or error occurs [6]. Symmetric messages are started by either the controller or the switch to check link state or acknowledge link connection [6]. The OpenFlow protocol offers reliable message delivery and handling, but it only replies or guarantee message processing when it is required [6]. It grants the controller to directly manipulate the data plane of the network devices that process packet forwarding. The OpenFlow protocol have to be implemented on both the controller and network devices for them to communicate. It allows the network device to report status of the switch and traffic flow, and request routing decision when new type of flow entry is detected. The controller utilizes the OpenFlow protocol to add, update, and delete flow entry in the network device to set up routing path and control network traffics [4][7]. Although it is not expected to implement OpenFlow anytime soon, OpenFlow is promising new network architecture that can meet today's network requirement as mentioned earlier in this paper. It provides centralized control of the entire network from logically centralized controller that enables network administrators to quickly deploy network infrastructure and flexible way to manage traffic flows to provide better experience for users. It also provides higher network security and reliability then traditional network. 4
REFERENCES [1] El Ferkouss, Omar, Ilyas Snaiki, Omar Mounaouar, Hamza Dahmouni, Racha Ben Ali, Yves Lemieux, and Cherkaoui Omar. 2011. "A 100Gig Network Processor Platform for Openflow." Paris, France, International Federation for Information Processing,. [2] Jarschel, Michael, Simon Oechsner, Daniel Schlosser, Rastin Pries, Sebastian Goll, and Phuoc Tran-Gia. 2011. "Modeling and Performance Evaluation of an OpenFlow Architecture." San Francisco, California, ITCP,. [3] Kempf, James, Scott Whyte, Jonathan Ellithorpe, Peyman Kazemian, Mart Haitjema, Neda Beheshti, Stephen Stuart, and Howard Green. 2011. "OpenFlow MPLS and the Open Source Label Switched Router." San Francisco, California, ITCP,. [4] McKeown, Nick, Tom Anderson, Hari Balakrishnan, Guru Parulkar, Larry Peterson, Jennifer Rexford, Scott Shenker, and Jonathan Turner. 2008. "OpenFlow: Enabling Innovation in Campus Networks." SIGCOMM Comput.Commun.Rev. 38 (2): 69-74. [5] Naous, Jad, David Erickson, G. Adam Covington, Guido Appenzeller, and Nick McKeown. 2008. "Implementing an OpenFlow Switch on the NetFPGA Platform." San Jose, California, ACM,. [6] Open Networking Foundation, OpenFlow Switch Specification. Open Networking Foundation, https://www.opennetworking.org/images/stories/downloads/specification/ openflow-spec-v1.3.1.pdf, 2012. [7] Open Networking Foundation, Software-Defined Networking: The New Norm for Networks. Open Networking Foundation, https://www.opennetworking.org/images/stories/ downloads/white-papers/wp-sdn-newnorm.pdf, 2012. 5