OpenFlow: Concept and Practice

Dukhyun Chang(dhchang@mmlab.snu.ac.kr)

1

Contents

• Software-Defined Networking (SDN)• Overview of OpenFlow• Experiment with OpenFlow

2/24

Software Defined Networking

“.. decoupling the network control and data planes, and putting the former under the control of software running in a (logically) central location”

from Verivue blog posing by Larry Peterson

3/24

ONF’s View of SDN

• Open Networking Foundation (ONF)’s View

4/24

ONF’s View of SDN

• The SDN architecture is– Directly programmable– Agile– Centrally managed– Programmatically configured– Open standards-based and vendor-neutral

5/24

OpenFlow Overview

• a communications protocol that gives access to the forwarding plane of a network switch or router over the network

6/24

OpenFlow (v1.0) Switch

• Flow table– packet lookup and forwarding

• Secure channel– the controller manages the switch over the

secure channel using the OpenFlow protocol

7/24

Flow Table

8/24

Flow Table

• Actions– required actions

• forward– all, controller, local, table, in_port

• drop

– optional actions• forward

– normal, flood

• enqueue• modify-field

9/24

Flow Table

• Counters– they are maintained per-table, per-flow, per-

port and per-queue

10/24

Matching

• Packet flow in an OpenFlow switch

11/24

Matching Examples

• Ethernet Switching

• IP Routing

• Application Firewall

SwitchPortSwitchPort

MACsrcMACsrc

MACdstMACdst

EthtypeEthtype

VLANID

VLANID

IPSrcIPSrc

IPDstIPDst

IPProtIPProt

TCPsportTCPsport

TCPdportTCPdport ActionAction

** ** 00:1F:.00:1F:. ** ** ** ** ** ** ** Fwd to port6Fwd to port6

SwitchPortSwitchPort

MACsrcMACsrc

MACdstMACdst

EthtypeEthtype

VLANID

VLANID

IPSrcIPSrc

IPDstIPDst

IPProtIPProt

TCPsportTCPsport

TCPdportTCPdport ActionAction

** ** ** ** ** ** 5.6.7.85.6.7.8 ** ** ** Fwd to port6Fwd to port6

SwitchPortSwitchPort

MACsrcMACsrc

MACdstMACdst

EthtypeEthtype

VLANID

VLANID

IPSrcIPSrc

IPDstIPDst

IPProtIPProt

TCPsportTCPsport

TCPdportTCPdport ActionAction

** ** ** ** ** ** ** ** ** 2222 dropdrop12/24

Mathcing Examples

• Flow Switching

• VLAN + App

• Port + Ethernet + IP

SwitchPortSwitchPort

MACsrcMACsrc

MACdstMACdst

EthtypeEthtype

VLANID

VLANID

IPSrcIPSrc

IPDstIPDst

IPProtIPProt

TCPsportTCPsport

TCPdportTCPdport ActionAction

port3port3 00:2E:..00:2E:.. 00:1F:.00:1F:. 08000800 vlan1vlan1 1.2.3.41.2.3.4 5.6.7.85.6.7.8 44 1726417264 8080 Fwd to port6Fwd to port6

SwitchPortSwitchPort

MACsrcMACsrc

MACdstMACdst

EthtypeEthtype

VLANID

VLANID

IPSrcIPSrc

IPDstIPDst

IPProtIPProt

TCPsportTCPsport

TCPdportTCPdport ActionAction

** ** ** ** vlan1vlan1 ** ** ** ** 8080 Fwd to port6Fwd to port6

SwitchPortSwitchPort

MACsrcMACsrc

MACdstMACdst

EthtypeEthtype

VLANID

VLANID

IPSrcIPSrc

IPDstIPDst

IPProtIPProt

TCPsportTCPsport

TCPdportTCPdport ActionAction

port3port3 00:2E:..00:2E:.. ** 08000800 ** ** 5.6.7.85.6.7.8 44 ** 2222 dropdrop13/24

Secure Channel

• Controller-to-Switch– features, configuration, modify-state, read-

state, send-packet, barrier

• Asynchronous– packet_in, flow-removed, port-status, error

• Symmetric– hello, echo, vendor

14/24

OpenFlow Controller

• The OpenFlow ecosystem has seen rise to numerous controllers in multiple languages (C, C++, Java, Python and Ruby for starters)– NOX, Beacon, Maestro, Floodlight, etc.

15/24

OpenFlow Switches

• NEC

• HP

• Pronto

16/24

Experiment with OpenFlow• Emulation tool

– Mininet‐HiFi• Mininet‐HiFi creates scalable (up to hundreds of nodes) software‐defined (e.g. OpenFlow) networks on a single PC

• Handigol, N., Heller, B., Jeyakumar, V., Lantz, B., and McKeown, N. Reproducible network, experiments using container-based emulation, 2012.

• http://mininet.org/• OpenFlow switch

– Open vSwitch• Multilayer virtual switch

• Controller– one of many OpenFlow controllers– NOX, floodlight, ..

17/24

Mininet: Sample Workflow

• creating a network

• interacting with a network

• using custom topology

18/24

Mininet: Custom Topologies

• Define using a simple Python API

19/24

Mininet: xTerm Display

- Host(Client and Server) Nodes’ terminal

h3

h4

h1

20/24

Mininet – Flow table list

Switches’ flow entry info.

- Normal switch on route (i.e. s16)1. output : forward to output port

- First and last switch on route (i.e. s18)1. mod_nw_src or mod_nw_dst : change IP header2. output : forward to output port

21/24

WireShark

22/24

Mininet: Connecting Controller

• Any OpenFlow controller can be used in mininet

• using a remote controller

• Example

23/24

References• https://www.opennetworking.org/• http://openflow.org• Materials at ONS 2011/2012

– http://opennetsummit.org/ – N. Mckeown, “Making SDNs Work” – B. Heller et al., “Tutorial 1: SDN for Engineers”

• IETF materials on SDN– http://www.ietf.org/proceedings/82/sdn.html

• Materials at Krnet 2012– Sangheon Pack, “Software-Defined Networking (SDN):

Concept, Control, and Applications”– Jeongkeun Lee, “Controller-based Networking and SDN

development”

24/24

25