OpenFlow and the Floodlight OpenFlow Controller

Control Center

Main Floodlight Modules

In traditional networks, Spanning Tree or routing protocols often take on the task of topology management, such as ensuring freedom from loops. Due to the distributed algorithms of these protocols, however, a number of difficulties arise, such as a complex configuration, a limited number of hops, or long convergence times for changes in the underlying network infrastructure. Exploiting multiple paths between the start and destination of a data flow involves considerable effort and the use of other protocols.

In contrast, SDN controllers have a central view of all network components and can therefore greatly simplify topology management.

To let this happen, Floodlight implements a sophisticated mechanism for automatically detecting the topology of an OpenFlow network. Using a link-discovery module, the controller generates both LLDP and broadcast packets (referred to as BDDPs) and sends them to all neighboring switches on a regular basis. Assuming all switches consume LLDP messages and forward broadcast packets, Floodlight can identify active connections by receiving its own messages and computing the network topology.

Floodlight makes a distinction between direct links and broadcast links; a direct connection is always assumed if it receives its own LLDP packets. In this case, two Open Flow switches are directly connected under the control of the same Floodlight instance.

Based on the information of the link discovery mechanism, the topology service computes a topology map in the form of a directed graph. The maps contains all the relevant information about interconnectivity between switches, and they can be used by other applications, for example, for computing a spanning tree.

Loop-Free Islands

Another interesting and important concept is the combination of directly interconnected OpenFlow switches to groups known as OpenFlow islands. Islands can connect to other islands via broadcast links. With certain restrictions, Floodlight thus supports the combination of OpenFlow equipment with standard network components.

Because of the broadcast packets, it is important to avoid loops in connections with non-open flow switches. For this reason, any OpenFlow island can only have exactly one connection to non-OpenFlow equipment. Furthermore, OpenFlow and non-OpenFlow islands must not form a loop themselves. Figure 4 shows a potential topology that allows for OpenFlow and non-OpenFlow equipment.

Figure 4: Example of a permissible topology in Floodlight, with OpenFlow devices and standard equipment. OpenFlow islands can have exactly one connection to non-OpenFlow islands.

Packet Forwarding

Floodlight currently provides two modules for automatic packet forwarding between endpoints. A relatively simple Forwarding module mainly serves as an exemplary introduction to Floodlight. The Forwarding module handles each packet individually, which severely limits performance.

The complex Learning Switch module implements behavior similar to standard switches: The Learning Switch detects and learns about new devices based on their MAC addresses.

Because of Floodlight's global view, it also offers advanced functions. When Floodlight detects a new flow, the Learning Switch module identifies the input and the output switches, as well as all other switches on the shortest path between the start and endpoint. Once a path has been found, the module installs the appropriate OpenFlow rules for handling the new flows on all participating switches.

Compared to the simple Forwarding module, the performance of the Learning Switch module is several degrees of magnitude greater because, after you install the OpenFlow rules, packet forwarding is accomplished solely in the forwarding path of the switches and interaction with the controller is not necessary for each message.

One restriction applies to both modules: When OpenFlow coexists with standard equipment on the network, the algorithm identifies all OpenFlow islands and only forwards packets directly to the destination within the island. If the target is unknown, or located on a different island, the packets are flooded.

Even based on these modules, the advantages of SDN, OpenFlow, and Floodlight are clearly visible. Even relatively simple implementations offer significant advantages, and complex Spanning Tree Protocol configurations become unnecessary even for large meshed networks.

Additionally, multipath connections can be implemented within an OpenFlow island with very little effort. In the case of link failures, the controller can react immediately and intelligently to changes in the topology and redirect existing data flows. In an ideal case, this change is transparent and does not involve much delay. Long convergence times are thus a thing of the past.

Buy ADMIN Magazine

Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

comments powered by Disqus