Ch 03 --- the OpenFlow protocols
-
Upload
yoram-orzach -
Category
Internet
-
view
84 -
download
4
Transcript of Ch 03 --- the OpenFlow protocols
NDI Communications - Engineering & Training
Software Defined Networking (SDN)
Chapter 3 – OpenFlow Protocols
Page 2
Chapter Content
Operation
Messages
Packet Structure
Switch Protocol
Features
Page 3
Controller
OpenFlow Usage
OpenFlow Switch
OpenFlow Switch
OpenFlow Switch
Alice’s code
Decision?
OpenFlowProtocol
Alice’s Rule
Alice’s Rule Alice’s Rule
Page 4
Controller
Communication in OpenFlow Network
Flow Table:
Match Field Action
empty empty
Host 1MAC address
08-00-20-3A-00-4F
OpenFlow Switch
Src: 08-00-20-3A-00-4F
Dst: 08-00-2A-0B-FE-FD
21
Packet-in: unmatched frame with MAC 08-00-2A-0B-FE-FD
Packet-out: flood on all ports except ingress port
Host 2MAC address
08-00-2A-0B-FE-FD
MAC table:
MAC address Ingress port
08-00-20-3A-00-4F 1
Page 5
Communication in OpenFlow Network
Flow Table:
Match Field Action
Src: 08-00-2A-0B-FE-FDDst: 08-00-20-3A-00-4F
Forward on port 1
Src: 08-00-20-3A-00-4FDst: 08-00-2A-0B-FE-FD
Forward on port 2
Host 1MAC address
08-00-20-3A-00-4F
OpenFlow Switch
Controller
21
Packet-in: unmatched frame with MAC 08-00-20-3A-00-4F
Packet-out: forward on port 1
MAC table:
MAC address Ingress port
08-00-20-3A-00-4F 1
08-00-2A-0B-FE-FD 2
Host 2MAC address
08-00-2A-0B-FE-FD
Match Action
Src: 08-00-2A-0B-FE-FDDst: 08-00-20-3A-00-4F
Forward on port 1
Match Action
Src: 08-00-20-3A-00-4FDst: 08-00-2A-0B-FE-FD
Forward on port 2 Src: 08-00-2A-0B-FE-FD
Dst: 08-00-20-3A-00-4F
Flow-mod messages:
Page 6
Chapter Content
Operation
Messages
Packet Structure
Switch Protocol
Features
Page 7
Controller/Switch Messages
The OpenFlow switch protocol supports three message types:
controller-to-switch, asynchronous, and symmetric, each with
multiple sub-types.
Controller-to-switch messages are initiated by the controller and
used to directly manage or inspect the state of the switch.
Asynchronous messages are initiated by the switch and used to
update the controller of network events and changes to the switch
state.
Symmetric messages are initiated by either the switch or the
controller and sent without solicitation.
Page 8
Controller to Switch Messages
Controller to switch messages are initiated by the controller and may or may not require a
response from the switch.
Features: The controller may request the identity and the basic capabilities of a switch by sending a
features request
Configuration: The controller is able to set and query configuration parameters in the switch.
Modify-State: Modify-State messages are sent by the controller to manage state on the switches.
Read-State: Read-State messages are used by the controller to collect various information from the
switch, such as current configuration, statistics and capabilities.
Packet-out: These are used by the controller to send packets out of a specified port on the switch, and
to forward packets received via Packet-in messages.
Barrier: Barrier request/reply messages are used by the controller to ensure message dependencies have
been met or to receive notifications for completed operations.
Role-Request: Role-Request messages are used by the controller to set the role of its OpenFlow channel,
or query that role.
Asynchronous-Configuration: The Asynchronous-Configuration messages are used by the controller to set
an additional filter on the asynchronous messages that it wants to receive on its OpenFlow channel, or to
query that filter.
Page 9
Asynchronous Messages
Messages initiated by the switch, and sent to the controller:
Packet-in: Transfer the control of a packet to the controller.
Flow-Removed: Inform the controller about the removal of a flow
entry from a flow table.
Port-status: Inform the controller of a change on a port.
Error: The switch is able to notify controllers of problems using
error messages.
Page 10
Symmetric Messages
Symmetric messages are sent without solicitation, in either
direction.
Hello: Hello messages are exchanged between the switch and
controller upon connection startup.
Echo: Echo request/reply messages can be sent from either the
switch or the controller, and must return an echo reply.
Experimenter: Experimenter messages provide a standard way for
OpenFlow switches to offer additional functionality within the
OpenFlow message type space.
Page 11
OpenFlow Channel Connections
The OpenFlow channel is used to exchange OpenFlow message
between an OpenFlow switch and an OpenFlow controller.
A typical OpenFlow controller manages multiple OpenFlow
channels, each one to a different OpenFlow switch.
An OpenFlow switch may have one OpenFlow channel to a single
controller, or multiple channels for reliability, each to a
different controller.
The OpenFlow channel is usually instantiated as a single network
connection between the switch and the controller, using TLS or
plain TCP.
Page 12
Chapter Content
Operation
Messages
Packet Structure
Switch Protocol
Features
12
Page 13
Packet Example – Features Request/Reply
Message sent by the controller on session establishment
Message sent back from the switch to the controller
Page 14
Packet Example – Packet In / packet Out
Page 15
Packet Example – Port Statistics
Page 16
Packet Example – Port Modification
Page 17
Security
The switch and controller may communicate through a TLS
connection.
The TLS connection is initiated by the switch on startup to the
controller, which is listening either on a user-specified TCP port
or on the default TCP port 6653 .
The switch and controller mutually authenticate by exchanging
certificates signed by a site-specific private key.
The switch and controller may optionally communicate using plain
TCP.
Page 18
Multiple Controllers
The switch may establish communication with a single controller,
or may establish communication with multiple controllers.
Having multiple controllers improves reliability, as the switch
can continue to operate in OpenFlow mode if one controller or
controller connection fails.
The hand-over between controllers is entirely managed by the
controllers themselves, which enables fast recovery from failure
and also controller load balancing.
The controllers coordinate the management of the switch
amongst themselves via mechanisms outside the scope of the
present specification
Page 19
Summary
Yoram Orzach
Thank You!!!
Coming soon LIVE on our NEW e-Learning portal