OpenFlow Reference Release What is OpenFlow? ----------------- OpenFlow is a flow-based switch specification designed to enable researchers to run experiments in live networks. OpenFlow is based on a simple Ethernet flow switch that exposes a standardized interface for adding and removing flow entries. An OpenFlow Switch consists of three parts: (1) A "flow table" in which each flow entry is associated with an action telling the switch how to process the flow, (2) a "secure channel" connecting the switch to a remote process (a controller), allowing commands and packets to be sent between the controller and the switch, and (3) an OpenFlow protocol implementation, providing an open and standard way for a controller to talk to the switch. An OpenFlow Switch can thus serve as a simple datapath element that forwards packets between ports according to flow actions defined by the controller using OpenFlow commands. Example actions are: - Forward this flow's packets to the given port(s) - Drop this flow's packets - Encapsulate and forward this flow's packets to the controller. The OpenFlow Switch is defined in detail in the OpenFlow Switch Specification [2]. What's here? ------------ This distribution includes two different reference implementations of an OpenFlow switch. The first implementation, which is closely tied to Linux because it is partially implemented in the Linux kernel, has the following components: - A Linux kernel module that implements the flow table and OpenFlow protocol, in the datapath directory. - secchan, a program that implements the secure channel component of the reference switch. - dpctl, a tool for configuring the kernel module. The second implementation is a single userspace program, named "switch", that integrates all three parts of an OpenFlow switch. This distribution includes some additional software as well: - controller, a simple program that connects to any number of OpenFlow switches, commanding them to act as regular MAC learning switches. - vlogconf, a utility that can adjust the logging levels of a running secchan or controller. - ofp-pki, a utility for creating and managing the public-key infrastructure for OpenFlow switches. - A patch to tcpdump that enables it to parse OpenFlow messages. For installation instructions, read INSTALL. This distribution also includes manpages for each of its userspace programs, in the man/ directory. Platform support ---------------- Other than the Linux kernel module and userspace switch implementation, the software in the OpenFlow distribution should compile under Unix-like environments such as Linux, FreeBSD, Mac OS X, and Solaris. Our primary test environment is Debian GNU/Linux. Please contact us with portability-related bug reports or patches. The Linux kernel module is, of course, Linux-specific, and the secchan and dpctl utilities will not be as useful without the kernel module. The testing of the kernel module has focused on Linux 2.6.23. Linux 2.6 releases from 2.6.15 onward and Linux 2.4 releases from 2.4.20 onward should also work. The userspace switch implementation should be easy to port to Unix-like systems. The interface to network devices, in netdev.c, is the only code that should need to change. So far, only Linux is supported. We welcome ports to other platforms. GCC is the expected compiler. Bugs/Shortcomings ----------------- - The current flowtable does not support all statistics messages mentioned in the Type 0 OpenFlow spec. - The flowtable does not support the "normal processing" action. - Configure/build system does not support separate build directory for the datapath. ./configure must be run from the source root. - dpctl dump-flows may freeze when large numbers of flows are in the flow table. This has no effect on the datapath. References ---------- [1] OpenFlow: Enabling Innovation in College Networks. Whitepaper. [2] OpenFlow Switch Specification. Contact ------- e-mail: info@openflowswitch.org www: http://openflowswitch.org/