没有合适的资源?快使用搜索试试~ 我知道了~
首页OpenFlow Switch规范1.5.1:软件定义网络的基石
"OpenFlow Switch v1.5.1 是Open Networking Foundation (ONF)发布的一个版本号为0x06的OpenFlow协议规范。该文档详细阐述了OpenFlow逻辑交换机的需求,以及如何通过远程OpenFlow控制器管理OpenFlow交换机的协议。此版本发布于2015年3月26日,编号为ONFTS-025。"
OpenFlow是一种网络协议,它定义了如何在软件定义网络(SDN)环境中控制网络设备,如交换机。OpenFlow交换机是SDN架构的关键组件,它负责执行由远程OpenFlow控制器发出的指令,实现对网络流量的精细化控制。
OpenFlow Switch Specification v1.5.1包含以下关键知识点:
1. **协议版本**:v1.5.1对应的协议版本号是0x06,这表明了交换机支持的OpenFlow通信协议的特定版本,每个版本可能会有新的特性和改进。
2. **逻辑开关**:OpenFlow逻辑开关是一种虚拟化的网络设备,它可以被控制器编程以执行各种网络策略,如流表项的添加、修改或删除,从而实现数据包的转发决策。
3. **控制器通信**:OpenFlow交换机与控制器之间的通信基于OpenFlow协议,允许控制器远程管理和配置交换机,实现网络的动态配置、故障检测、性能优化和安全策略实施。
4. **流表**:流表是OpenFlow交换机的核心组件,存储了匹配条件和相应的处理动作。当数据包到达交换机时,会根据流表进行匹配,并执行对应的动作,如转发、丢弃或修改包头等。
5. **协议组件**:规范涵盖了OpenFlow交换机的组件,包括端口管理、流表管理、统计信息收集、错误处理和安全机制等。
6. **功能扩展**:v1.5.1可能引入了对新功能的支持,比如更复杂的流表匹配条件、更大的流表大小或者更丰富的动作集,以满足不断增长的网络需求。
7. **版权声明**:文档明确指出,ONF提供的此规范没有任何明示或暗示的保证,包括但不限于适销性、非侵权、针对特定目的的适用性等。ONF不承担任何由于使用此规范或其实施而产生的间接、偶然、特殊或后果性的损害责任。
OpenFlow Switch Specification v1.5.1是SDN领域的重要参考文献,对于理解OpenFlow交换机的工作原理和实现,以及如何利用OpenFlow进行网络编程具有重要意义。无论是网络设备制造商、网络管理员还是研究者,都需要深入理解这一规范,以便更好地利用SDN技术构建灵活、可编程的网络环境。
OpenFlow Switch Specification Version 1.5.1
4.3 Physical Ports
The OpenFlow physical ports are switch defined ports that correspond to a hardware interface of the
switch. For example, on an Ethernet switch, physical ports map one-to-one to the Ethernet interfaces.
In some deployments, the OpenFlow switch may be virtualised over the switch hardware. In those cases,
an OpenFlow physical port may represent a virtual slice of the corresponding hardware interface of the
switch.
4.4 Logical Ports
The OpenFlow logical ports are switch defined ports that don’t correspond directly to a hardware
interface of the switch. Logical ports are higher level abstractions that may be defined in the switch
using non-OpenFlow methods (e.g. link aggregation groups, tunnels, loopback interfaces).
Logical ports may include packet encapsulation and may map to various physical ports. The processing
done by the logical port is implementation dependent and must be transparent to OpenFlow processing,
and those ports must interact with OpenFlow processing like OpenFlow physical ports.
The only differences between physical ports and logical ports is that a packet associated with a logical
port may have an extra pipeline field called Tunnel-ID associated with it (see 7.2.3.9) and when a packet
received on a logical port is sent to the controller, both its logical port and its underlying physical port
are reported to the controller (see 7.4.1).
4.5 Reserved Ports
The OpenFlow reserved ports are defined by this specification. They specify generic forwarding
actions such as sending to the controller, flooding, or forwarding using non-OpenFlow methods, such
as “normal” switch processing.
A switch is not required to support all reserved ports, just those marked “Required” below.
• Required: ALL: Represents all ports the switch can use for forwarding a specific packet. Can
be used only as an output port. In that case a copy of the packet starts egress processing on all
standard ports, excluding the packet ingress port and ports that are configured OFPPC_NO_FWD.
• Required: CONTROLLER: Represents the control channel with the OpenFlow controllers. Can
be used as an ingress port or as an output port. When used as an output port, encapsulates the
packet in a packet-in message and sends it using the OpenFlow switch protocol (see 7.4.1). When
used as an ingress port, this identifies a packet originating from the controller.
• Required: TABLE: Represents the start of the OpenFlow pipeline (see 5.1). This port is only
valid in an output action in the list of actions of a packet-out message (see 7.3.6), and submits the
packet to the first flow table so that the packet can be processed through the regular OpenFlow
pipeline.
• Required: IN PORT: Represents the packet ingress port. Can be used only as an output port,
sends the packet out through its ingress port.
16 © 2015; The Open Networking Foundation
OpenFIow
Switch
Specification
Version
1.5.1
4.3
Physical
Ports
The
OpenFlow
physical
ports
are
switch
defined
ports
that
correspond
to
a
hardware
interface
of
the
switch.
For
example,
on an
Ethernet
switch,
physical
ports
map
one—to-one
t0
the
Ethernet
interfaces.
In
some
deployments,
the
OpenFlow
switch
may
be
virtualised
over
the
switch
hardware.
In
those
cases,
an
OpenFlow
physical
port
may
represent
a
virtual
slice
of
the
corresponding
hardware
interface
of
the
switch.
4.4
Logical
Ports
The
OpenFlow
logical
ports
are
switch
defined
ports
that
don’t
correspond
directly
to
a
hardware
interface
of
the
switch.
Logical
ports
are
higher
level
abstractions
that
may
be
defined
in
the
switch
using
non—OpenFlow
methods
(e.g.
link
aggregation
groups,
tunnels,
loopback
interfaces).
Logical
ports
may
include
packet
encapsulation
and
may
map
to
various
physical
ports.
The
processing
done
by
the
logical
port
is
implementation
dependent
and
must
be
transparent
to
OpenFlow
processing,
and
those
ports
must
interact
with
OpenFlow
processing
like
OpenFlow
physical
ports.
The
only
differences
between
physical
ports
and
logical
ports
is
that
a
packet
associated
with
a
logical
port
may
have
an
extra
pipeline
field
called
Tunnel-ID
associated
with
it
(see
and
when
a
packet
received
on
a
logical
port
is
sent
to
the
controller,
both
its
logical
port
and
its
underlying
physical
port
are
reported
to
the
controller
(see
7.4.1l.
4.5
Reserved
Ports
The
OpenFlow
reserved
ports
are
defined
by
this
specification.
They
specify
generic
forwarding
actions
such
as
sending
to
the
controller,
flooding,
or
forwarding
using
non-OpenFlow
methods,
such
as
“normal”
switch
processing.
A
switch
is
not
required
to
support
all
reserved
ports,
just
those
marked
“Required”
below.
.
Required:
ALL:
Represents
all
ports
the
switch
can
use
for
forwarding
a
specific
packet.
Can
be
used
only
as
an
output
port.
In
that
case
a
copy
of
the
packet
starts
egress
processing
on
all
standard
ports,
excluding
the
packet
ingress
port
and
ports
that
are
configured
0FPPC_N0_FWD.
.
Required:
CONTROLLER:
Represents
the
control
channel
with
the
OpenFlow
controllers.
Can
be
used
as
an
ingress
port
or
as
an
output
port.
When
used
as
an
output
port,
encapsulates
the
packet
in
a
packet-in
message
and
sends
it
using
the
OpenFlow
switch
protocol
(see
-.
When
used
as
an
ingress
port,
this
identifies
a
packet
originating
from
the
controller.
.
Required:
TABLE:
Represents
the
start
of
the
OpenFlow
pipeline
(see
.D.
This
port
is
only
valid
in
an
output
action
in
the
list
of
actions
of
a
packet-out
message
(see
-l,
and
submits
the
packet
to
the
first
flow
table
so
that
the
packet
can
be
processed
through
the
regular
OpenFlow
pipeline.
.
Required:
IN_PORT:
Represents
the
packet
ingress
port.
Can
be
used
only
as
an
output
port,
sends
the
packet
out
through
its
ingress
port.
16
©
2015;
The
Open
Networking
Foundation
OpenFlow Switch Specification Version 1.5.1
• Required: ANY: Special value used in some OpenFlow requests when no port is specified (i.e. port
is wildcarded). Some OpenFlow requests contain a reference to a specific port that the request
only applies to. Using ANY as the port number in these requests allows that request instance to
apply to any and all ports. Can neither be used as an ingress port nor as an output port.
• Required: UNSET: Special value to specify that the output port has not been set in the
Action-Set. Only used when trying to match the output port in the action set using the
OXM_OF_ACTSET_OUTPUT match field (see 7.2.3.7). Can neither be used as an ingress port nor
as an output port.
• Optional: LOCAL: Represents the switch’s local networking stack and its management stack.
Can be used as an ingress port or as an output port. The local port enables remote entities to
interact with the switch and its network services via the OpenFlow network, rather than via a
separate control network. With an appropriate set of flow entries, it can be used to implement an
in-band controller connection (this is outside the scope of this specification).
• Optional: NORMAL: Represents forwarding using the traditional non-OpenFlow pipeline of the
switch (see 5.1). Can be used only as an output port and processes the packet using the normal
pipeline. In general will bridge or route the packet, however the actual result is implementation
dependent. If the switch cannot forward packets from the OpenFlow pipeline to the normal
pipeline, it must indicate that it does not support this action.
• Optional: FLOOD: Represents flooding using the traditional non-OpenFlow pipeline of the switch
(see 5.1). Can be used only as an output port, actual result is implementation dependent. In
general will send the packet out all standard ports, but not to the ingress port, nor ports that are
in OFPPS_BLOCKED state. The switch may also use the packet VLAN ID or other criteria to select
which ports to use for flooding.
OpenFlow-only switches do not support the NORMAL port and FLOOD port, while OpenFlow-hybrid
switches may support them (see 5.1). Forwarding packets to the FLOOD port depends on the switch
implementation and configuration, while forwarding using a group of type all enables the controller to
more flexibly implement flooding (see 5.10.1).
4.6 Port changes
A switch configuration, for example using the OpenFlow Configuration Protocol, may add or remove
ports from the OpenFlow switch at any time. The switch may change the port state based on the
underlying port mechanism, for example if the link is going down (see 7.2.1). The controller or a
switch configuration may change the port configuration (see 7.2.1). Any such changes to port state or
configuration must be communicated to the OpenFlow controller (see 7.4.3).
Port addition, modification or removal never changes the content of the flow tables, in particular flow
entries referencing those ports are not modified or removed (flow entries may reference ports via the
match or actions). Packets forwarded to non-existent ports are just dropped (see 5.6). Similarly, Port
addition, modification and removal never changes the content of the group table, however the behaviour
of some groups may change through liveness checking (see 6.7).
If a port is deleted and its port number is later reused for a different physical or logical port, any
remaining flow entries or group entries still referencing that port number may be effectively re-targeted
17 © 2015; The Open Networking Foundation
OpenFlow
Switch
Specification
Version
1.5.1
.
Required:
ANY:
Special
value
used
in
some
OpenFlow
requests
when
no
port
is
specified
(i.e.
port
is
wildcarded).
Some
OpenFlow
requests
contain
a
reference
to
a
specific
port
that
the
request
only
applies
to.
Using
ANY
as
the
port
number
in
these
requests
allows
that
request
instance
to
apply
to
any
and
all
ports.
Can
neither
be
used
as
an
ingress
port
nor
as
an
output
port.
.
Required:
UNSET:
Special
value
to
specify
that
the
output
port
has
not
been
set
in
the
Action-Set.
Only
used
when
trying
to
match
the
output
port
in
the
action
set
using
the
OXM_OF_ACTSET_OUTPUT
match
field
(see
-
Can
neither
be
used
as
an
ingress
port
nor
as
an
output
port.
.
Optional:
LOCAL:
Represents
the
switch’s
local
networking
stack
and
its
management
stack.
Can
be
used
as
an
ingress
port
or
as
an
output
port.
The
local
port
enables
remote
entities
to
interact
with
the
switch
and
its
network
services
via
the
OpenFlow
network,
rather
than
via
a
separate
control
network.
With
an
appropriate
set
of
flow
entries,
it
can
be
used
to
implement
an
in—band
controller
connection
(this
is
outside
the
scope
of
this
specification).
.
Optional:
NORMAL:
Represents
forwarding
using
the
traditional
non—OpenFlow
pipeline
of
the
switch
(see
I.
Can
be
used
only
as
an
output
port
and
processes
the
packet
using
the
normal
pipeline.
In
general
will
bridge
or
route
the
packet,
however
the
actual
result
is
implementation
dependent.
If
the
switch
cannot
forward
packets
from
the
OpenFlow
pipeline
to
the
normal
pipeline,
it
must
indicate
that
it
does
not
support
this
action.
.
Optional:
FLOOD:
Represents
flooding
using
the
traditional
non-OpenFlow
pipeline
of
the
switch
(see
I.
Can
be
used
only
as
an
output
port,
actual
result
is
implementation
dependent.
In
general
will
send
the
packet
out
all
standard
ports,
but
not
to
the
ingress
port,
nor
ports
that
are
in
OFPPS_BLOCKED
state.
The
switch
may
also
use
the
packet
VLAN
ID
or
other
criteria
to
select
which
ports
to
use
for
flooding.
OpenFlow-only
switches
do
not
support
the
NORMAL
port
and
FLOOD
port,
while
OpenFlow-hybrid
switches
may
support
them
(see
I.
Forwarding
packets
to
the
FLOOD
port
depends
on
the
switch
implementation
and
configuration,
while
forwarding
using
a
group
of
type
all
enables
the
controller
to
more
flexibly
implement
flooding
(see
5.10.1’.
4.6
Port
changes
A
switch
configuration,
for
example
using
the
OpenFlow
Configuration
Protocol,
may
add
or
remove
ports
from
the
OpenFlow
switch
at
any
time.
The
switch
may
change
the
port
state
based
on
the
underlying
port
mechanism,
for
example
if
the
link
is
going
down
(see
-.
The
controller
or
a
switch
configuration
may
change
the
port
configuration
(see
-.
Any
such
changes
to
port
state
or
configuration
must
be
communicated
to
the
OpenFlow
controller
(see
7.4.3’.
Port
addition,
modification
or removal
never
changes
the
content
of
the
flow
tables,
in
particular
flow
entries
referencing
those
ports
are
not
modified
or
removed
(flow
entries
may
reference
ports
via
the
match
or
actions).
Packets
forwarded
to
non-existent
ports
are
just
dropped
(see
I.
Similarly,
Port
addition,
modification
and
removal
never
changes
the
content
of
the
group
table,
however
the
behaviour
of
some
groups
may
change
through
liveness
checking
(see
I.
If
a
port
is
deleted
and
its
port
number
is
later
reused
for
a
different
physical
or
logical
port,
any
remaining
flow
entries
or
group
entries
still
referencing
that
port
number
may
be
effectively
re—targeted
17
©
2015;
The
Open
Networking
Foundation
OpenFlow Switch Specification Version 1.5.1
to the new port, possibly with undesirable results. Therefore, when a port is deleted it is left to the
controller to clean up any flow entries or group entries referencing that port, if needed.
4.7 Port recirculation
Logical ports can optionally be used to insert a network service or complex processing in the OpenFlow
switch (see 4.4). Most often, packets sent to logical ports never return to the same OpenFlow switch,
they are either consumed by the logical port or eventually sent over a physical port. In other cases,
packets sent to a logical port are recirculated back to the OpenFlow switch after the logical port
processing.
Packet recirculation via logical ports is optional, and OpenFlow supports multiple types of port re-
circulation. The simplest recirculation is when a packet sent on a logical port returns back into the
switch via the same logical port. This could be used for a loopback or unidirectional packet processing.
Recirculation can also happen between a port pair, in which a packet sent on a logical port returns back
into the switch via the other logical port of the pair. This could be used to represent tunnel endpoints or
bidirectional packet processing. A port property describes the recirculation relationship between ports
(see 7.2.1.2).
A switch should protect itself from packet infinite loops when using port recirculation. This mechanism
is implementation-specific and outside the scope of this specification. For example, the switch could
attach an internal recirculation count to each packet, which is incremented for each recirculation, and the
switch drops packets for which the counter is above a switch-defined threshold. Controllers are strongly
encouraged to avoid generating combinations of flow entries that may yield recirculation loops.
Because of the wide range of possible processing, very little can be assumed about the packets recircu-
lated back into the switch. Recirculated packets go back to the first flow table of the pipeline (see 5.1)
and can be identified by their new input port. The packet headers may have changed, so the match
fields are not guaranteed to be the same. The logical port may do packet fragmentation and reassembly,
so the packets may not match one to one and may have different sizes.
The Tunnel-ID field and some other pipeline fields associated with the packet may optionally be
preserved through the recirculation and available for matching when returning to the switch, the
pipeline fields that are preserved are indicated via the port match field property (see 7.2.1.2). If a
pipeline field is present in both the OFPPDPT_PIPELINE_OUTPUT property of the output port and the
OFPPDPT_PIPELINE_INPUT property of the return port, then this pipeline field is preserved with the
packet (its value must remain the same).
5 OpenFlow Tables
This section describes the components of flow tables and group tables, along with the mechanics of
matching and action handling.
18 © 2015; The Open Networking Foundation
OpenFlow
Switch
Specification
Version
1.5.1
to
the
new
port,
possibly
with
undesirable
results.
Therefore,
when
a
port
is
deleted
it
is
left
to
the
controller
to
clean
up
any
fiow
entries
or
group
entries
referencing
that
port,
if
needed.
4.7
Port
recirculation
Logical
ports
can
optionally
be
used
to
insert
a
network
service
or
complex
processing
in
the
OpenFlow
switch
(see
I.
Most
often,
packets
sent
to
logical
ports
never
return
to
the
same
OpenFlow
switch,
they
are
either
consumed
by
the
logical
port
or
eventually
sent
over
a
physical
port.
In
other
cases,
packets
sent
to
a
logical
port
are
recirculated
back
to
the
OpenFlow
switch
after
the
logical
port
processing.
Packet
recirculation
via
logical
ports
is
optional,
and
OpenFlow
supports
multiple
types
of
port
re-
circulation.
The
simplest
recirculation
is
when
a
packet
sent
on
a
logical
port
returns
back
into
the
switch
via
the
same
logical
port.
This
could
be
used
for
a
loopback
or
unidirectional
packet
processing.
Recirculation
can
also
happen
between
a
port
pair,
in
which
a
packet
sent
on
a
logical
port
returns
back
into
the
switch
via
the
other
logical
port
of
the
pair.
This
could
be
used
to
represent
tunnel
endpoints
or
bidirectional
packet
processing.
A
port
property
describes
the
recirculation
relationship
between
ports
(see-.
A
switch
should
protect
itself
from
packet
infinite
loops
when
using
port
recirculation.
This
mechanism
is
implementation—specific
and
outside
the
scope
of
this
specification.
For
example,
the
switch
could
attach
an
internal
recirculation
count
to
each
packet,
which
is
incremented
for
each
recirculation,
and
the
switch
drops
packets
for
which
the
counter
is
above
a
switch-defined
threshold.
Controllers
are
strongly
encouraged
to
avoid
generating
combinations
of
flow
entries
that
may
yield
recirculation
loops.
Because
of
the
wide
range
of
possible
processing,
very
little
can
be
assumed
about
the
packets
recircu-
lated
back
into
the
switch.
Recirculated
packets
go
back
to
the
first
fiow
table
of
the
pipeline
(see
and
can
be
identified
by
their
new
input
port.
The
packet
headers
may
have
changed,
so
the
match
fields
are
not
guaranteed
to
be
the
same.
The
logical
port
may
do
packet
fragmentation
and
reassembly,
so
the
packets
may
not
match
one
to
one
and
may
have
different
sizes.
The
Tunnel-ID
field
and
some
other
pipeline
fields
associated
with
the
packet
may
optionally
be
preserved
through
the
recirculation
and
available
for
matching
when
returning
to
the
switch,
the
pipeline
fields
that
are
preserved
are
indicated
via
the
port
match
field
property
(see
-.
If
a
pipeline
field
is
present
in
both
the
0FPPDPT_PIPELINE_0UTPUT
property
of
the
output
port
and
the
0FPPDPT_PIPELINE_INPUT
property
of
the
return
port,
then
this
pipeline
field
is
preserved
with
the
packet
(its
value
must
remain
the
same).
5
OpenFlow
Tables
This
section
describes
the
components
of
flow
tables
and
group
tables,
along
with
the
mechanics
of
matching
and
action
handling.
18
©
2015;
The
Open
Networking
Foundation
OpenFlow Switch Specification Version 1.5.1
Ingress
Port
Packet +
pipeline fields
(ingress port,
metadata...)
Flow
Table
0
Flow
Table
1
Flow
Table
n
Execute
Action
Set
Action
Set
Action
Set = {}
Ingress processing
Set
Ingress
Port
Group
Table
Packet +
pipeline fields
(output port,
metadata...)
Flow
Table
e
Flow
Table
e+1
Flow
Table
e+m
Execute
Action
Set
Action
Set
Action
Set =
{output}
Egress processing
Set
Output
Port
Output
Port
Packet
In
Packet
Out
e = first egress table-id
Figure 2: Packet flow through the processing pipeline.
5.1 Pipeline Processing
OpenFlow-compliant switches come in two types: OpenFlow-only, and OpenFlow-hybrid. OpenFlow-
only switches support only OpenFlow operation, in those switches all packets are processed by the
OpenFlow pipeline, and can not be processed otherwise.
OpenFlow-hybrid switches support both OpenFlow operation and normal Ethernet switching opera-
tion, i.e. traditional L2 Ethernet switching, VLAN isolation, L3 routing (IPv4 routing, IPv6 routing...),
ACL and QoS processing. Those switches should provide a classification mechanism outside of Open-
Flow that routes traffic to either the OpenFlow pipeline or the normal pipeline. For example, a switch
may use the VLAN tag or input port of the packet to decide whether to process the packet using one
pipeline or the other, or it may direct all packets to the OpenFlow pipeline. This classification mech-
anism is outside the scope of this specification. An OpenFlow-hybrid switch may also allow a packet
to go from the OpenFlow pipeline to the normal pipeline through the NORMAL and FLOOD reserved
ports (see 4.5).
The OpenFlow pipeline of every OpenFlow Logical Switch contains one or more flow tables, each flow
table containing multiple flow entries. The OpenFlow pipeline processing defines how packets interact
with those flow tables (see Figure 2). An OpenFlow switch is required to have at least one ingress flow
table, and can optionally have more flow tables. An OpenFlow switch with only a single flow table is
valid, in this case pipeline processing is greatly simplified.
The flow tables of an OpenFlow switch are numbered in the order they can be traversed by packets,
19 © 2015; The Open Networking Foundation
OpenFlow
Switch
Specification
Version
1.5.1
Packet
Ingress
processing
Packefi
Set
pipeline
fields
lngress
(ingress
port,
In
ress
Port
Flow Flow
metadata...)
Flow
Execute
Sort
>
Table Table
—>---—>
Table
Action
>
ACtiO“
0
1
Action
n
Set
Set={}
Set
In
Group
Table
V
V
Egress
processing
Packet+
Packet
Set
pipeline
fields
Output
(output
port,
0'“
Port
Flow Flow
metadata...)
Flow
Execute
—)
Table Table
—>-
- -
—>
Table
Action
>
Action
e
e+1
Action
e+m
Set
Set
=
Set
{output}
Output
Port
V
V
e
=
first
egress
table-id
Figure
2:
Packet
flow
through
the
processing
pipeline.
5.1
Pipeline
Processing
OpenFlow-compliant
switches
come
in
two
types:
OpenFlow-only,
and
OpenFlow-hybrid.
OpenFlow-
only
switches
support
only
OpenFlow
operation,
in
those
switches
all
packets
are
processed
by
the
OpenFlow
pipeline,
and
can
not
be
processed
otherwise.
OpenFlow-hybrid
switches
support
both
OpenFlow
operation
and
normal
Ethernet
switching
opera-
tion,
i.e.
traditional
L2
Ethernet
switching,
VLAN
isolation,
L3
routing
(IPv4
routing,
IPv6
routing...),
AOL
and
QoS
processing.
Those
switches
should
provide
a
classification
mechanism
outside
of
Open-
Flow
that
routes
traffic
to
either
the
OpenFlow
pipeline
or
the
normal
pipeline.
For
example,
a
switch
may
use
the
VLAN
tag
or
input
port
of
the
packet
to
decide
whether
to
process
the
packet
using
one
pipeline
or
the
other,
or
it
may
direct
all
packets
to
the
OpenFlow
pipeline.
This
classification
mech-
anism
is
outside
the
scope
of
this
specification.
An
OpenFlow-hybrid
switch
may
also
allow
a
packet
to
go
from
the
OpenFlow
pipeline
to
the
normal
pipeline
through
the
NORMAL
and
FLOOD
reserved
ports
(see
I.
The
OpenFlow
pipeline
of
every
OpenFlow
Logical
Switch
contains
one
or
more
fiow
tables,
each
flow
table
containing
multiple
fiow
entries.
The
OpenFlow
pipeline
processing
defines
how
packets
interact
with
those
fiow
tables
(see
Figure
'.
An
OpenFlow
switch
is
required
to
have
at
least
one
ingress
flow
table,
and
can
optionally
have
more
flow
tables.
An
OpenFlow
switch
with
only
a
single
flow
table
is
valid,
in
this
case
pipeline
processing
is
greatly
simplified.
The
flow
tables
of
an
OpenFlow
switch
are
numbered
in
the
order
they
can
be
traversed
by
packets,
19
©
2015;
The
Open
Networking
Foundation
OpenFlow Switch Specification Version 1.5.1
starting at 0. Pipeline processing happens in two stages, ingress processing and egress processing. The
separation of the two stages is indicated by the first egress table (see 7.3.2), all tables with a number
lower than the first egress table must be used as ingress tables, and no table with a number higher than
or equal to the first egress table can be used as an ingress table.
Pipeline processing always starts with ingress processing at the first flow table: the packet must be
first matched against flow entries of flow table 0 (see Figure 3). Other ingress flow tables may be
used depending on the outcome of the match in the first table. If the outcome of ingress processing is
to forward the packet to an output port, the OpenFlow switch may perform egress processing in the
context of that output port. Egress processing is optional, a switch may not support any egress tables
or may not be configured to use them. If no valid egress table is configured as the first egress table (see
7.3.2), the packet must be processed by the output port, and in most cases the packet is forwarded out
of the switch. If a valid egress table is configured as the first egress table (see 7.3.2), the packet must
be matched against flow entries of that flow table, and other egress flow tables may be used depending
on the outcome of the match in that flow table.
When processed by a flow table, the packet is matched against the flow entries of the flow table to
select a flow entry (see 5.3). If a flow entry is found, the instruction set included in that flow entry is
executed. These instructions may explicitly direct the packet to another flow table (using the Goto-
Table Instruction, see 5.5), where the same process is repeated again. A flow entry can only direct a
packet to a flow table number which is greater than its own flow table number, in other words pipeline
processing can only go forward and not backward. Obviously, the flow entries of the last table of a
pipeline stage can not include the Goto-Table instruction. If the matching flow entry does not direct
packets to another flow table, the current stage of pipeline processing stops at this table, the packet is
processed with its associated action set and usually forwarded (see 5.6).
If a packet does not match a flow entry in a flow table, this is a table miss. The behavior on a table miss
depends on the table configuration (see 5.4). The instructions included in the table-miss flow entry in
the flow table can flexibly specify how to process unmatched packets, useful options include dropping
them, passing them to another table or sending them to the controllers over the control channel via
packet-in messages (see 6.1.2).
There are few cases where a packet is not fully processed by a flow entry and pipeline processing stops
without processing the packet’s action set or directing it to another table. If no table-miss flow entry
is present, the packet is dropped (see 5.4). If an invalid TTL is found, the packet may be sent to the
controller (see 5.8).
The OpenFlow pipeline and various OpenFlow operations process packets of a specific type in con-
formance with the specifications defined for that packet type, unless the present specification or the
OpenFlow configuration specify otherwise. For example, the Ethernet header definition used by Open-
Flow must conform to IEEE specifications, and the TCP/IP header definition used by OpenFlow must
conform to RFC specifications. Additionally, packet reordering in an OpenFlow switch must conform
to the requirements of IEEE specifications, provided that the packets are processed by the same flow
entries, group buckets and meter bands.
20 © 2015; The Open Networking Foundation
OpenFIow
Switch
Specification
Version
1.5.1
starting
at
0.
Pipeline
processing
happens
in
two
stages,
ingress
processing
and
egress
processing.
The
separation
of
the
two
stages
is
indicated
by
the
first
egress
table
(see
-,
all
tables
with
a
number
lower
than
the
first
egress
table
must
be
used
as
ingress
tables,
and
no
table
with
a
number
higher
than
or
equal
to
the
first
egress
table
can
be
used
as
an
ingress
table.
Pipeline
processing
always
starts
with
ingress
processing
at
the
first
flow
table:
the
packet
must
be
first
matched
against
flow
entries
of
flow
table
0
(see
Figure
'.
Other
ingress
fiow
tables
may
be
used
depending
on
the
outcome
of
the
match
in
the
first
table.
If
the
outcome
of
ingress
processing
is
to
forward
the
packet
to
an
output
port,
the
OpenFlow
switch
may
perform
egress
processing
in
the
context
of
that
output
port.
Egress
processing
is
optional,
a
switch
may
not
support
any
egress
tables
or
may
not
be
configured
to
use
them.
If
no
valid
egress
table
is
configured
as
the
first
egress
table
(see
-,
the
packet
must
be
processed
by
the
output
port,
and
in
most
cases
the
packet
is
forwarded
out
of
the
switch.
If
a
valid
egress
table
is
configured
as
the
first
egress
table
(see
-,
the
packet
must
be
matched
against
flow
entries
of
that
flow
table,
and
other
egress
fiow
tables
may
be
used
depending
on
the
outcome
of
the
match
in
that
flow
table.
When
processed
by
a
flow
table,
the
packet
is
matched
against
the
flow
entries
of
the
flow
table
to
select
a
flow
entry
(see
I.
If
a
flow
entry
is
found,
the
instruction
set
included
in
that
flow
entry
is
executed.
These
instructions
may
explicitly
direct
the
packet
to
another
fiow
table
(using
the
Goto-
Table
Instruction,
see
I,
where
the
same
process
is
repeated
again.
A
flow
entry
can
only
direct
a
packet
to
a
flow
table
number
which
is
greater
than
its
own
fiow
table
number,
in
other
words
pipeline
processing
can
only
go
forward
and
not
backward.
Obviously,
the
flow
entries
of
the
last
table
of
a
pipeline
stage
can
not
include
the
Goto-Table
instruction.
If
the
matching
fiow
entry
does
not
direct
packets
to
another
fiow
table,
the
current
stage
of
pipeline
processing
stops
at
this
table,
the
packet
is
processed
with
its
associated
action
set
and
usually
forwarded
(see
I.
If
a
packet
does
not
match
a
flow
entry
in
a
flow
table,
this
is
a
table
miss.
The
behavior
on
a
table
miss
depends
on
the
table
configuration
(see
I.
The
instructions
included
in
the
table-miss
fiow
entry
in
the
flow
table
can
fiexibly
specify
how
to
process
unmatched
packets,
useful
options
include
dropping
them,
passing
them
to
another
table
or
sending
them
to
the
controllers
over
the
control
channel
via
packet—in
messages
(see
-.
There
are
few
cases
where
a
packet
is
not
fully
processed
by
a
flow
entry
and
pipeline
processing
stops
without
processing
the
packet’s
action
set
or
directing
it
to
another
table.
If
no
table—miss
fiow
entry
is
present,
the
packet
is
dropped
(see
.D.
If
an
invalid
TTL
is
found,
the
packet
may
be
sent
to
the
controller
(see
I.
The
OpenFlow
pipeline
and
various
OpenFlow
operations
process
packets
of
a
specific
type
in
con-
formance
with
the
specifications
defined
for
that
packet
type,
unless
the
present
specification
or
the
OpenFlow
configuration
specify
otherwise.
For
example,
the
Ethernet
header
definition
used
by
Open-
Flow
must
conform
to
IEEE
specifications,
and
the
TCP
/
1P
header
definition
used
by
OpenFlow
must
conform
to
RFC
specifications.
Additionally,
packet
reordering
in
an
OpenFlow
switch
must
conform
to
the
requirements
of
IEEE
specifications,
provided
that
the
packets
are
processed
by
the
same
fiow
entries,
group
buckets
and
meter
bands.
20
©
2015;
The
Open
Networking
Foundation
剩余282页未读,继续阅读
2023-12-22 上传
2023-06-12 上传
2023-03-16 上传
2023-04-30 上传
2023-03-08 上传
2023-05-30 上传
aidong20181008
- 粉丝: 0
- 资源: 10
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
最新资源
- 新型智能电加热器:触摸感应与自动温控技术
- 社区物流信息管理系统的毕业设计实现
- VB门诊管理系统设计与实现(附论文与源代码)
- 剪叉式高空作业平台稳定性研究与创新设计
- DAMA CDGA考试必备:真题模拟及章节重点解析
- TaskExplorer:全新升级的系统监控与任务管理工具
- 新型碎纸机进纸间隙调整技术解析
- 有腿移动机器人动作教学与技术存储介质的研究
- 基于遗传算法优化的RBF神经网络分析工具
- Visual Basic入门教程完整版PDF下载
- 海洋岸滩保洁与垃圾清运服务招标文件公示
- 触摸屏测量仪器与粘度测定方法
- PSO多目标优化问题求解代码详解
- 有机硅组合物及差异剥离纸或膜技术分析
- Win10快速关机技巧:去除关机阻止功能
- 创新打印机设计:速释打印头与压纸辊安装拆卸便捷性
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功