Browse Definitions :
Definition

OpenFlow

What is OpenFlow?

OpenFlow, an open source standard supported by many vendors, is the first software defined networking (SDN) control protocol. It separates the control plane (decision-making) from the forwarding plane (packet routing).

OpenFlow is currently in version 1.5 of the specification. It is maintained by the Open Network Foundation.

OpenFlow is a network control protocol. Network traffic does not go through the OpenFlow protocol. Instead, OpenFlow sends the control signals that tell the network switches how to route the network traffic.

SDN diagram.
SDN architecture enabled by OpenFlow separates the network into three distinguishable layers, connected via northbound and southbound APIs.

In traditional network design, each switch would contain a routing table that it used to decide how to route each packet. This routing table is largely static; it would be updated by the administrator individually on each router.

In OpenFlow, an SDN controller is the control plane. The SDN controller contains the logic and does the decision-making for how the network traffic should flow between the switches. The SDN controller establishes a connection to each switch to pass messages. This connection uses Transmission Control Protocol (TCP) and is often encrypted with Transport Layer Security (TLS). It uses port 6653 with earlier versions using 6633.

The controller sends commands to the OpenFlow switches, which handle the network data. The OpenFlow commands change the switch's flow routing table. The flow table is the OpenFlow equivalent of the routing and MAC address forwarding tables. It contains all the instructions for how the switch will handle network traffic.

The flow table contains many rows of flow entries which tell the switch how to handle each packet. The flow entries can use each OSI layer of a packet, including MAC address match, IP address match, protocol match or port match. These rules can be multilevel and combined to create complex rules. This level of flexibility allows each OpenFlow switch to act as a basic firewall as well. Switches can forward packets that do not match any rules to the SDN controller for the controller to inspect and create a new flow rule for it.

Flow tables can be delivered proactively or reactively. In proactive delivery the controller sends the flow table to all switches. In reactive mode the controller only sends new flow entries when requested by the switch. This can help to reduce the amount of data stored on each switch and improve performance.

The OpenFlow SDN controller can communicate with higher-level applications. These higher-level applications contain the business logic and can be configured more easily by a technician. This is then put on a northbound interface API to the controller. The controller then makes the flow rules.

Traditional networks vs. SDN diagram.
Software-defined networks differ significantly from traditional networks.

What are the advantages of OpenFlow?

OpenFlow is an open source SDN technology. It is supported by many vendors and providers. Some switches can use either OpenFlow rules or its own internal ones. It can be used in an entirely virtualized network environment to control virtual switches in cloud computing.

The SDN nature of OpenFlow allows for quick response to changes and failures. It is also highly flexible and can manage highly complex rules.

To illustrate the use of OpenFlow, imagine a campus area network (CAN) with many buildings, switches and two internet connections. For normal operation, the network traffic flows through the closest connections to get to its destination. If a link connecting two buildings goes down, the switches can report the connection status to the controller, which then sends new flow rules out to the affected switches with a new forwarding path. If an internet connection goes down it can also route any internet-bound traffic over the good link. A large CAN with many different types of devices could also quickly become full of unwanted traffic, but it would be expensive to put a firewall between each building or even each floor within a building. The flow rules could be set to drop unwanted traffic such as broadcast requests or Apple Bonjour so they don't go out to the entire network and quickly overwhelm it.

Explore the story of SDN, including control planes, OpenFlow protocol and disaggregation. Learn what SDN data center controllers do in a network and about 10 important components of SDN controllers. Check out 12 common network protocols and their functions.

This was last updated in November 2023

Continue Reading About OpenFlow

Networking
  • firewall as a service (FWaaS)

    Firewall as a service (FWaaS), also known as a cloud firewall, is a service that provides cloud-based network traffic analysis ...

  • private 5G

    Private 5G is a wireless network technology that delivers 5G cellular connectivity for private network use cases.

  • NFVi (network functions virtualization infrastructure)

    NFVi (network functions virtualization infrastructure) encompasses all of the networking hardware and software needed to support ...

Security
  • virus (computer virus)

    A computer virus is a type of malware that attaches itself to a program or file. A virus can replicate and spread across an ...

  • Certified Information Security Manager (CISM)

    Certified Information Security Manager (CISM) is an advanced certification that indicates that an individual possesses the ...

  • cryptography

    Cryptography is a method of protecting information and communications using codes, so that only those for whom the information is...

CIO
  • B2B (business to business)

    B2B (business-to-business) is a type of commerce involving the exchange of products, services or information between businesses, ...

  • return on investment (ROI)

    Return on investment (ROI) is a crucial financial metric investors and businesses use to evaluate an investment's efficiency or ...

  • big data as a service (BDaaS)

    Big data as a service (BDaS) is the delivery of data platforms and tools by a cloud provider to help organizations process, ...

HRSoftware
  • talent acquisition

    Talent acquisition is the strategic process an organization uses to identify, recruit and hire the people it needs to achieve its...

  • human capital management (HCM)

    Human capital management (HCM) is a comprehensive set of practices and tools used for recruiting, managing and developing ...

  • Betterworks

    Betterworks is performance management software that helps workforces and organizations to improve manager effectiveness and ...

Customer Experience
  • martech (marketing technology)

    Martech (marketing technology) refers to the integration of software tools, platforms, and applications designed to streamline ...

  • transactional marketing

    Transactional marketing is a business strategy that focuses on single, point-of-sale transactions.

  • customer profiling

    Customer profiling is the detailed and systematic process of constructing a clear portrait of a company's ideal customer by ...

Close