However, Active Network never gathered critical mass, mainly due to practical security and performance concerns. Starting in , the 4D project www. The ideas in the 4D project provided direct inspiration for later works such as NOX www. The working group is currently active and the latest proposed standard was published in June, With ForCES, the internal network device architecture is redefined as the control element is separated from the forwarding element, but the combined entity is still represented as a single network element to the outside world.
Ethane's focus was on using a centralized controller to manage policy and security in a network. A group of network operators, service providers, and vendors have recently created the Open Networking Foundation www. At the time of writing this, the latest specification of OpenFlow was version 1. However, since the widely implemented and deployed specification is OpenFlow 1.
The SDN switch for instance, an OpenFlow switch , the SDN controller, and the interfaces present on the controller for communication with forwarding devices, generally southbound interface OpenFlow and network applications interface northbound interface are the fundamental building blocks of an SDN deployment.
Switches in an SDN are often represented as basic forwarding hardware accessible via an open interface, as the control logic and algorithms are offloaded to a controller. Pure OpenFlow switches have no legacy features or on-board control, and completely rely on a controller for forwarding decisions.
Hybrid switches support OpenFlow in addition to traditional operation and protocols. Most commercial switches available today are hybrids. An OpenFlow switch consists of a flow table, which performs packet lookup and forwarding. Each flow table in the switch holds a set of flow entries that consists of:.
Header fields or match fields, with information found in packet header, ingress port, and metadata, used to match incoming packets. Counters, used to collect statistics for the particular flow, such as number of received packets, number of bytes, and duration of the flow.
A set of instructions or actions to be applied after a match that dictates how to handle matching packets. For instance, the action might be to forward a packet out to a specified port. The decoupled system in SDN and OpenFlow can be compared to an application program and an operating system in a computing platform. In SDN, the controller that is, network operating system provides a programmatic interface to the network, where applications can be written to perform control and management tasks, and offer new functionalities.
A layered view of this model is illustrated in the following figure. This view assumes that the control is centralized and applications are written as if the network is a single system. While this simplifies policy enforcement and management tasks, the bindings must be closely maintained between the control and the network forwarding elements.
Header fields match fields are shown in the following figure. The port field or ingress port numerically represents the incoming port of the switch and starts at 1. The length of this field is implementation dependent. The ingress port field is applicable to all packets. The source and destination MAC Ethernet addresses are applicable to all packets on enabled ports of the switch and their length is 48 bits.
The Ethernet type field is 16 bits wide and is applicable to all the packets on enabled ports. The special value of 0x05FF is used to match all the The size of this field is 12 bits that is, VLANs. These fields can be masked with a subnet mask. It specifies an 8 bit value and places ToS in the upper 6 bits.
Counters are maintained per table, per flow, per port and per queue. Counters wrap around with no overflow indicator.
The required set of counters is summarized in the following figure. The phrase byte in this figure and throughout this book refers to an 8 bit octet. Duration refers to the time the flow has been installed in the flow table of the switch. The receive errors field includes all explicitly specified errors, including frame, overrun, and CRC errors, plus any others.
Each flow entry is associated with zero or more actions that instruct the OpenFlow switch how to handle matching packets. If no forward actions are present, the packet is dropped. Action lists must be processed in the specified order. However, there is no guaranteed packet output ordering within an individual port. For instance, two packets which are generated and destined to a single output port as part of the action processing, may be arbitrarily re-ordered.
The Required Actions are:. Forward : OpenFlow switches must support forwarding the packet to physical ports and the following virtual ones:. ALL : Send the packet on to all interfaces, excluding the incoming port. Drop : This indicates that all the matching packets should be dropped. A flow entry with no specified action is considered as a Drop action.
Forward : A switch may optionally support the following virtual ports for forward action:. Enqueue : This forwards a packet through a queue attached to a port.
Forwarding behavior is dictated by the configuration of the queue and is used to provide the basic QoS support. Modify field : The optional recommended field modification actions are:. This action is only applicable to IPv4 packets. Upon a packet arrival at the OpenFlow switch, the packet header fields are extracted and matched against the matching fields' portion of the flow table entries.
This matching starts at the first flow table entry and continues through subsequent flow table entries. If a matching entry is found, the switch applies the appropriate set of instructions associated with the matched flow entry. For each packet that matches a flow entry, the associated counters for that entry are updated. If the flow table look-up procedure does not result on a match, the action taken by the switch will depend on the instructions defined at the table-miss flow entry.
The flow table must contain a table-miss entry in order to handle table misses. This particular entry specifies a set of actions to be performed when no match is found for an incoming packet.
These actions include dropping the packet, sending the packet out on all interfaces, or forwarding the packet to the controller over the secure OpenFlow channel.
Header fields used for the table lookup depend on the packet types as described below:. Rules specifying a port ingress port are matched against the physical port that received the packet. For IP packets with nonzero fragment offset or more fragments bit set, the transport ports are set to zero for the lookup. Optionally, for ARP packets Ethernet type equal to 0x , the lookup fields may also include the contained IP source and destination fields.
Packets are matched against flow entries based on prioritization. An entry that specifies an exact match that is no wildcards is always the highest priority. All wildcard entries have a priority associated with them. Higher priority entries must match before lower priority ones.
If multiple entries have the same priority, the switch is free to choose any ordering. Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website.
These cookies do not store any personal information. Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies.
It is mandatory to procure user consent prior to running these cookies on your website. AGILE Abstracting control from forwarding lets administrators dynamically adjust network-wide traffic flow to meet changing needs. This website uses cookies to improve your experience.
We'll assume you're ok with this, but you can opt-out if you wish. A real world OpenFlow capable network may consist of only OpenFlow switches or a mixture of OpenFlow switches and traditional switches and routers. The latter network type is called an overlay network. Some OpenFlow applications will require only partial deployment of OpenFlow switches whereas others require a network consisting of only OpenFlow switches. Most of the SDN network fabrics and applications we will discuss in this blog can be introduced as overlays, and multiple applications can be introduced in a staged fashion, with new ones building on the foundations laid by the previous applications.
Contact Info. USA Office:. Follow Us. Related Posts. Read More. This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Reject Read More. Close Privacy Overview This website uses cookies to improve your experience while you navigate through the website.
Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website.
0コメント