OpenFlow explained

OpenFlow is a communications protocol that gives access to the forwarding plane of a network switch or router over the network.[1]

Description

OpenFlow enables network controllers to determine the path of network packets across a network of switches. The controllers are distinct from the switches. This separation of the control from the forwarding allows for more sophisticated traffic management than is feasible using access control lists (ACLs) and routing protocols. Also, OpenFlow allows switches from different vendors — often each with their own proprietary interfaces and scripting languages — to be managed remotely using a single, open protocol. The protocol's inventors consider OpenFlow an enabler of software-defined networking (SDN).

OpenFlow allows remote administration of a layer 3 switch's packet forwarding tables, by adding, modifying and removing packet matching rules and actions. This way, routing decisions can be made periodically or ad hoc by the controller and translated into rules and actions with a configurable lifespan, which are then deployed to a switch's flow table, leaving the actual forwarding of matched packets to the switch at wire speed for the duration of those rules. Packets which are unmatched by the switch can be forwarded to the controller. The controller can then decide to modify existing flow table rules on one or more switches or to deploy new rules, to prevent a structural flow of traffic between switch and controller. It could even decide to forward the traffic itself, provided that it has told the switch to forward entire packets instead of just their header.

The OpenFlow protocol is layered on top of the Transmission Control Protocol (TCP) and prescribes the use of Transport Layer Security (TLS). Controllers should listen on TCP port 6653 for switches that want to set up a connection. Earlier versions of the OpenFlow protocol unofficially used port 6633.[2] [3] Some network control plane implementations use the protocol to manage the network forwarding elements.[4] OpenFlow is mainly used between the switch and controller on a secure channel.[5]

History

The Open Networking Foundation (ONF), a user-led organization dedicated to promotion and adoption of software-defined networking (SDN),[6] manages the OpenFlow standard.[7] ONF defines OpenFlow as the first standard communications interface defined between the control and forwarding layers of an SDN architecture. OpenFlow allows direct access to and manipulation of the forwarding plane of network devices such as switches and routers, both physical and virtual (hypervisor-based). It is the absence of an open interface to the forwarding plane that has led to the characterization of today's networking devices as monolithic, closed, and mainframe-like. A protocol like OpenFlow is needed to move network control out of proprietary network switches and into control software that's open source and locally managed.[8]

A number of network switch and router vendors announced intent to support or are shipping supported switches for OpenFlow, including Alcatel-Lucent,[9] Big Switch Networks,[10] Brocade Communications,[11] and Radisys.[12]

Development

Version 1.1 of the OpenFlow protocol was released on 28 February 2011, and new development of the standard was managed by the ONF.[13] In December 2011, the ONF board approved OpenFlow version 1.2 and published it in February 2012.[14] The current version of OpenFlow is 1.5.1.[15] However, version 1.6 has been available since September 2016, but accessible only to ONF's members.

In May 2011, Marvell and Larch Networks announced the availability of an OpenFlow-enabled, fully featured switching solution based on Marvell's networking control stack and the Prestera family of packet processors.[16] [17]

Indiana University in May 2011 launched a SDN Interoperability Lab in conjunction with the ONF to test how well different vendors' software-defined networking and OpenFlow products work together.[18]

In June 2012, Infoblox released LINC, an open-source OpenFlow version 1.2 and 1.3 compliant software switch.[19]

In February 2012, Big Switch Networks released Project Floodlight, an Apache-licensed open-source software OpenFlow Controller,[20] and announced its OpenFlow-based SDN Suite in November of that year, which contains a commercial controller, and virtual switching and tap monitoring applications.[21]

In February 2012, HP said it is supporting the standard on 16 of its Ethernet switch products.[22]

In April 2012, Google's Urs Hölzle described how the company's internal network had been completely re-designed over the previous two years to run under OpenFlow with substantial efficiency improvement.[23]

In January 2013, NEC unveiled a virtual switch for Microsoft's Windows Server 2012 Hyper-V hypervisor, which is designed to bring OpenFlow-based software-defined networking and network virtualisation to those Microsoft environments.[24]

Security concerns

Notes and References

  1. OpenFlow: Enabling innovation in campus networks. Nick . McKeown. April 2008. 2009-11-02. ACM SIGCOMM Computer Communication Review. 38 . 2 . 69–74 . etal. 10.1145/1355734.1355746 . 1153326 .
  2. Web site: OpenFlow Switch Errata v1.0.2-rc1. Open Networking Foundation. 2013-10-04.
  3. Web site: Service Name and Transport Protocol Port Number Registry. IANA.
  4. Web site: Onix: A Distributed Control Platform for Large-scale Production Networks. Teemu . Koponen . et al. 2010-10-04. . 2010-10-01.
  5. OpenFlow: Enabling innovation in campus networks. Nick . McKeown. April 2008. 2009-11-02. ACM SIGCOMM Computer Communication Review. 38 . 2 . 69–74 . etal. 10.1145/1355734.1355746 . 1153326 .
  6. News: TR10: Software-Defined Networking . Kate . Greene . March–April 2009 . 7 October 2011 . .
  7. Web site: Open Networking Foundation: SDN Defined. Open Networking Foundation. 23 March 2013 .
  8. Web site: Software-Defined Networking (SDN): The New Norm for Networks. Open Networking Foundation.
  9. Web site: Howard . Solomon . . Alcatel Now Supports OpenFlow, OpenStack on Switches . 2013-12-11.
  10. Cade . Metz . . You Can't Have Google's Pluto Switch, But You Can Have This . 26 March 2013 .
  11. Web site: Brocade Leads OpenFlow Adoption to Accelerate Network Virtualization and Cloud Application Development . Pavel . Radda. 2011-03-22. 2011-11-29. Reuters. https://web.archive.org/web/20131104080457/http://www.reuters.com/article/2011/03/22/idUS38007+22-Mar-2011+MW20110322. dead. 2013-11-04.
  12. Web site: FlowEngine:Intelligent Flow Management . 20 Feb 2016 . . 11 February 2016 . https://web.archive.org/web/20160416234047/http://www.radisys.com/flowengine/solutions/intelligent-flow-management . 16 April 2016 . dead .
  13. Web site: Open Networking Foundation Press Release . 2011-03-20 . . dead . https://web.archive.org/web/20110326024026/http://www.opennetworkingfoundation.org/?p=7 . 2011-03-26 .
  14. Web site: OpenFlow v1.2 . .
  15. Web site: OpenFlow v1.5.1 . .
  16. Web site: Marvell Introduces OpenFlow-enabled Switches . . 28 June 2015 . 10 May 2011 .
  17. Web site: OpenFlow – Innovate in Your Network . . 28 June 2015 . 6 May 2011 .
  18. Web site: SDN Interoperability Lab - InCNTRE . . 5 June 2012 . https://web.archive.org/web/20120605130851/http://incntre.iu.edu/SDNlab . 5 June 2012 .
  19. Web site: Project Floodlight . www.openflowhub.org.
  20. Web site: Bernard . Cole . . Big Switch releases open source controller for OpenFlow . 2 February 2012 . 2012-02-02.
  21. Web site: Big Switch Emerges with Commercial SDN Portfolio. Sean Michael . Kerner. 2012-11-13. Enterprise Networking Planet.
  22. Web site: Neagle. Colin. HP takes giant first step into OpenFlow: HP is announcing its first effort to support OpenFlow standard on its Ethernet switches. Network World. 28 April 2013. 2 February 2012. dead. https://web.archive.org/web/20130513123028/http://www.networkworld.com/news/2012/020212-hp-openflow-255641.html?page=1. 13 May 2013.
  23. Levy . Steven . Steven Levy . Going With the Flow: Google's Secret Switch to the Next Wave of Networking . . 17 April 2012 . 2012-04-17 .
  24. Web site: Duffy. Jim. NEC rolls out OpenFlow for Microsoft Hyper-V: NEC virtual switch adds IPv6 support to SDN controller. Network World. 28 April 2013. 22 January 2013. dead. https://web.archive.org/web/20130403025856/http://www.networkworld.com/news/2013/012213-nec-openflow-266024.html. 3 April 2013.
  25. Web site: OpenFlow protocol has a switch authentication vulnerability. The Register.
  26. Web site: OpenFlow Vulnerability Assessment . . 23 June 2014 . https://web.archive.org/web/20160304065247/http://homes.soic.indiana.edu/ktbenton/research/openflow_vulnerability_assessment.pdf . 4 March 2016 . dead .
  27. Web site: OpenFlow security: Does OpenFlow secure software-defined networks? . .
  28. Book: Natarajan, Sriram . A Software defined Cloud-Gateway automation system using OpenFlow . 2013 IEEE 2nd International Conference on Cloud Networking (Cloud Net) . 219–226 . etal. IEEE Xplore. 10.1109/CloudNet.2013.6710582 . 978-1-4799-0568-3 . 2013 . 16248079 .