Join David Bombal for an in-depth discussion in this video Multiple OpenFlow tables, part of Practical Software-Defined Networking: 6 The OpenFlow Protocol.
- [Instructor] So the moral of the story is, a single flow table has limitations. Multiple flow tables, give you more flexibility, especially when you need to match on for instance, a large set of data, such as MAC addresses. However, you don't necessarily wanna use all the tables that are available to you. In a previous part of this course, I showed you how to use FlowMaker to add flows to different flow tables in a switch. And how to use the GoTo statement to forward traffic from one flow table to another.
The OpenFlow specification in this case 1.3.2 shows us that when traffic arrives it's gonna be processed by table zero and then a GoTo statement can be used to forward the traffic to another table. I've shown you that practically using FlowMaker, but just to summarize, the OpenFlow pipeline of every OpenFlow switch contains multiple flow tables. Each flow table contains multiple flow entries. The OpenFlow pipeline processing defines how packets interact with those flow tables.
An OpenFlow switch is required to have at least one flow table, but can optionally have more flow tables. An OpenFlow switch with only a single flow table is valid. In this case, the pipeline processing is greatly simplified. The flow tables of an OpenFlow switch are sequentially numbered, starting at zero. Pipeline processing always starts at the first table. The packet is first matched against flow entries of flow table zero. Other flow tables may be used depending on the outcome of the match in the first table.
So a GoTo statement could be used to forward traffic from table zero or table 100 or whichever table you have in the pipeline. When processed by a flow table, the packet is matched against the flow entries of the flow table to select a flow entry. If a flow entry is found, the instruction set included in that flow entry is executed. When processed by a flow table the packet is matched against the flow entries of the flow table to select a flow entry.
If a flow entry is found, the instruction set included in that flow entry is executed. These instructions may explicitly direct the packet to another flow table using the GoTo instruction where the same process is repeated again. A flow entry can only direct a packet to a flow table number which is greater than its own flow table number. In other words, pipeline processing can only go forward and not backward. Obviously, the flow entries of the last table of the pipeline can not include a GoTo instruction.
If the matching flow entry does not direct packets to another flow table, pipeline processing stops at this table. When pipeline processing stops, the packet is processed with its associated action set and is typically forwarded.
- OpenFlow theory
- OpenFlow messages
- Wireshark OpenFlow capture on Windows
- Benefits of multiple tables and TTPs
- Wireshark capture multipart request
- What happens when the SDN controller fails?