5. CSED702Y: Software Defined Networking
• SDN physically separates Control & Data Planes (not logically).
• SDN merges the
into a single
Plane. (also uses
• An SDN-Controller
holds the entire
as Graph on which
calculations can be
SDN in Data Center
Fanout of 20 = 10,000 switches
$5k vendor switch = $50M
$1k commodity switch = $10M
Savings in 10 data centers = $400M
More flexible control
Tailor network for services
Quickly improve and innovate
12. Open-Source SDN Controllers
Open-Source SDN Controllers are also called as Open SDN.
& others …….
13. Commercial SDN Controllers
Some of the famous SDN Controllers offered by vendors are;
• NEC ProgrammableFlow Controller released … 2013
• HP VAN SDN Controller (SDN Controller with several internal apps)
• Brocade SDN Controller (current version 2.3.0 based on OpenDaylight)
• Pica8 (offers variety of SDN products & solutions)
• Inocybe (offers OpenDaylight based SDN Controller)
• Cisco Application Policy Infrastructure Controller
• Nauge Networks Virtualize Services Controller
• VMware NSX Controller
& others ….
14. CSED702Y: Software Defined Networking
What is OpenFlow?
• A communication protocol that gives access to the Forwarding-Plane of the network
switch or router.
OpenFlow is similar to an x86 instruction set for the network.
Separation of Control-Plane & Data-Plane
o The data path of an OpenFlow switch consists of a Flow Table & an action
associated with each flow entry.
o The control path consists of a controller which programs flow entry in the flow
OpenFlow is based on an Ethernet switch with an internal flow table & a
standardized interface to add & remove flow entries.
Managed & developed by ONF (Open Networking Foundation) since its version 1.2
15. How OpenFlow Works?
OpenFlow Switch OpenFlow Switch
Mr. X's Code
Mr. X's Rule Mr. X's Rule
Mr. X's Rule
OpenFlow offloads control intelligence to a remote software!
Match L1: Tunnel ID, Switch Port
L2: MAC Addr, VLAN ID,
L3: IPv4/IPv6 fields, ARP
L4: TCP, UDP
Action • Output to zero or more
• Header rewriting
• Send to controller
16. CSED702Y: Software Defined Networking
General Purpose PC / Server
Data Path, H/W
Control Path OpenFlow
App App App
18. OpenFlow Vendor Switches
Some of the famous OpenFlow Switches offered by vendors are;
• NEC released OpenFlow 1.3 Switch… 2013
• HP released OpenFlow 1.3 Data Center Switch … 2013
• Centec Network released Open SDN Switch with OpenFlow1.3 support (implemented
on Open vSwitch) … 2013
• Brocade OpenFlow 1.3 Switch … 2014 (MLX & CLX Series)
• Are you aware of any Open-Source OpenFlow Switch?
• What is meant by HYBRID OpenFlow Switch?
• Do you know that some vendors also promote Open-Source products & even
19. CSED702Y: Software Defined Networking
Two types of Packet Forwarding offered by OpenFlow.
• Reactive Flow Insertion
When a non-matched packet reaches to OpenFlow switch, it is sent to the
controller, based on the info in packet header, an appropriate flow will be inserted.
Always need to query the path from controller during packet arrival Slow
Can reflect the current traffic status
• Proactive Flow Insertion
Flow can be inserted proactively by the controller to switches before packet arrives
No need to communicate during packet arrival Fast packet forwarding
Cannot reflect the current traffic status
What is the difference between Operational & Configuration Flows? 19
20. Proactive vs. Reactive Forwarding
• Reactive: Seeks Controller guidance every time a packet arrives
• Proactive: Forwarding rules are stored in Switch before packet arrival
22. CSED702Y: Software Defined Networking
• OpenFlow control messages rely on TCP protocol
• Controllers listen on TCP port 6633/6653 to setup connection with switch
6633/6653 became the official IANA port since 18th July 2013
• OpenFlow Message Structure includes following fields:
Version: Indicates the version of OpenFlow which this message belongs
Type: Indicates what type of message is present and how to interpret the payload
Message Length: Indicates where this message will be end, starting from the first
byte of header
Transaction ID (xid): A unique value used to match requests to response
Bit Offset 0 ~ 7 8 ~ 15 16 ~ 23 24 ~ 31
0 ~ 31 Version Type Message Length
32 ~ 63 Transaction ID
64 ~ ? Payload
OpenFlow Message Structure
23. CSED702Y: Software Defined Networking
OpenFlow Protocol Messages
• OpenFlow protocol supports three message types;
Controller to Switch
Initiated by the controller & used to directly manage or inspect the state of the switch.
Specify, modify or delete flow definitions
Request information on switch capabilities
Retrieve information like counters from the switch
Send a packet back to a switch for processing after a new flow is created
Initiated by the switch & used to update the controller of network events & changes to
the switch state.
Send the controller a packet that does not match an existing flow
Inform the controller that a flow has been removed because its time to live parameter
or inactivity timer has expired
Inform the controller of a change in port status or that an error occurred on the switch
24. CSED702Y: Software Defined Networking
OpenFlow Protocol Messages
Initiated by either the switch or the controller & sent without solicitation.
Hello messages exchanged between controller & switch on startup
Echo messages used to determine the latency of the controller-to-switch connection &
to verify that the controller-to-switch connection is still operative
25. CSED702Y: Software Defined Networking
Category Message Type Description
Hello (SM) C S
following a TCP handshake, the controller sends its version number to the
Hello (SM) S C the switch replies with its supported version number.
Features Request (CSM) C S the controller asks to see which ports are available.
Set Config (CSM) C S in this case, the controller asks the switch to send flow expirations.
Features Reply (CSM) S C
the switch replies with a list of ports, port speeds, and supported tables
Port Status (AM) S C
enables the switch to inform that controller of changes to port speeds or
Packet-In (AM) S C
a packet was received and it didn't match any entry in the switch's flow
table, causing the packet to be sent to the controller.
Packet-Out (CSM) C S Instructs a switch to send a packet out to one or more switch ports.
Flow-Mod (CSM) C S instructs a switch to add a particular flow to its flow table.
Flow-Expired (CSM) S C a flow timed out after a period of inactivity.
C: OpenFlow Controller
S: OpenFlow Switch
AM: Asynchronous Message CSM: Control/Switch Message
SM: Symmetric Message
27. CSED702Y: Software Defined Networking
• Purpose is to construct an entire network view.
• Method is to use the Link Layer Discovery Protocol (LLDP)
IDX SRC DST SRC PORT DST PORT
153 sw. A sw. B p2 p1
… … … … …
357 sw. B sw. A P1 p2
28. CSED702Y: Software Defined Networking
1. Forward packet to port(s)
2. Encapsulate and forward to controller
3. Drop packet
4. Send to normal processing pipeline
5. Modify Fields
Flow Entry Match Field Counters
n … … …
Match Fields of OpenFlow
Match Field= L1~L4 header information
30. CSED702Y: Software Defined Networking
• Useful to manage complicated processing
For example, Table 1 for VLAN processing, Table 2 for Multicast Group processing
…Packet In Group
… Packet Out
31. CSED702Y: Software Defined Networking
Match Field Counters Action
Group ID Counters Action BucketsGroup Type
Dst IP= 18.104.22.168
100 all Port1 : output
Port3 : output
Port5 : output
• A Group Table consists of
• The ability for a flow entry to
point to a group enables
OpenFlow to represent
additional methods of
• There are four group types.
• A switch is supposed to
support two compulsory group
types (other two group types
are optional to support).
32. CSED702Y: Software Defined Networking
Type of Group Table
Group Type=All Group ID Group Type Counter Action Buckets
100 All 999 Port2, Port3, Port4
MAC dst Ether
Src IP Dst IP Proto
* * 00:FF:.. * * * * * * * Port 6
Port 1 * * 0800 * 224… 224… 4 4566 6633
33. CSED702Y: Software Defined Networking
• A meter table consists of meter entries which define per-flow meters.
• Meter Table enable OpenFlow to implement QoS operations including rate-limiting,
• A meter measures the rate of packets assigned to it & enables controlling the rate of
• Meters are attached directly to flow entries.
Meter ID Band Type Rate Counter Argument
1000 kbps 1000 xxx
MAC dst Ether
Src IP Dst IP Proto
Port 1 * * * 1.2.2 * * * * N/A Port 7
Port 1 00:FF… * 0800 1.2.3 11.1… * * *