OpenFlow Reference Release What is OpenFlow? ----------------- OpenFlow is a flow-based switch specification designed to enable researchers to run experiments in live networks. OpenFlow is based on a simple Ethernet flow switch that exposes a standardized interface for adding and removing flow entries. An OpenFlow switch consists of three parts: (1) A "flow table" in which each flow entry is associated with an action telling the switch how to process the flow, (2) a "secure channel" connecting the switch to a remote process (a controller), allowing commands and packets to be sent between the controller and the switch, and (3) an OpenFlow protocol implementation, providing an open and standard way for a controller to talk to the switch. An OpenFlow switch can thus serve as a simple datapath element that forwards packets between ports according to flow actions defined by the controller using OpenFlow commands. Example actions are: - Forward this flow's packets to the given port(s) - Drop this flow's packets - Encapsulate and forward this flow's packets to the controller. The OpenFlow switch is defined in detail in the OpenFlow switch Specification [2]. What's here? ------------ This distribution includes two reference implementations of an OpenFlow switch. The first implementation, which is closely tied to Linux because it is partially implemented in the Linux kernel, has the following components: - A Linux kernel module that implements the flow table and OpenFlow protocol, in the datapath directory. - secchan, a program that implements the secure channel component of the reference switch. - dpctl, a tool for configuring the kernel module. The second implementation has the following components: - udatapath, which implements the same functionality as the Linux kernel module in userspace, at a cost in performance. - secchan, a program that implements the secure channel component of the reference switch (the same program used in the kernel-based implementation). This distribution includes some additional software as well: - controller, a simple program that connects to any number of OpenFlow switches, commanding them to act as regular MAC learning switches. - vlogconf, a utility that can adjust the logging levels of a running secchan or controller. - ofp-pki, a utility for creating and managing the public-key infrastructure for OpenFlow switches. - A patch to tcpdump that enables it to parse OpenFlow messages. For installation instructions, read INSTALL. Each userspace program is also accompanied by a manpage. Platform support ---------------- Other than the Linux kernel module and userspace switch implementation, the software in the OpenFlow distribution should compile under Unix-like environments such as Linux, FreeBSD, Mac OS X, and Solaris. Our primary test environment is Debian GNU/Linux. Please contact us with portability-related bug reports or patches. The Linux kernel module is, of course, Linux-specific, and the dpctl utility will not be useful without the kernel module. The testing of the kernel module has focused on Linux 2.6.26. Linux 2.6 releases from 2.6.15 onward and Linux 2.4 releases from 2.4.20 onward should also work. The userspace datapath implementation should be easy to port to Unix-like systems. The interface to network devices, in netdev.c, is the code most likely to need changes. So far, only Linux is supported. We welcome ports to other platforms. GCC is the expected compiler. Bugs/Shortcomings ----------------- - The flow table does not support the "normal processing" action. References ---------- [1] OpenFlow: Enabling Innovation in College Networks. Whitepaper. [2] OpenFlow Switch Specification. Contact ------- e-mail: info@openflowswitch.org www: http://openflowswitch.org/