BACKGROUND IMAGE: iSTOCK/GETTY IMAGES
Over time, numerous paths to SDN implementation will emerge, but one of the most explored strategies so far decouples...
the control plane of a physical network and places management in a centralized controller. That controller uses OpenFlow as a southbound protocol to direct specific flows between nodes on the network, allowing for granular network programmability.
While OpenFlow efficiently manages flows and determines how packets are forwarded between individual source and destination pairs, it does not provide the configuration and management functions necessary to allocate ports or assign IP addresses. That's where OpenFlow configuration protocols come in.
In a traditional network, vendors use proprietary configuration and management methods. Some depend on SNMP to configure products and monitor devices. Others use command lines to configure each device on the network.
But one of the potential benefits of SDN is to move away from programming individual switches on the network. SDN controllers instead give engineers a holistic view of every component on the network and then offer the ability to set policy and manage traffic across the complicated matrix of devices.
In that scenario, OpenFlow defines packet flow operation, but it doesn't specify switch configuration databases or a management protocol. OpenFlow configuration protocols, however, establish the relationship between controllers and switches, enabling a standard configuration and management method for switches. Using the same management configuration, network managers can select switches from any vendor, choose the best device for each network location and set the parameters for communication between controllers and switches.
Currently there is work underway on two configuration and management protocols for OpenFlow switches: OpenFlow Management and Configuration Protocol (OF-Config) and Open vSwitch Database Management Protocol.
OpenFlow Management and Configuration Protocol version 1.1 (OF-Config), which was released in March, is being developed under the Open Networking Foundation and was designed to apply to all OpenFlow implementations and on both physical and virtual switches.
The OF-Config protocol addresses the following components of controller-switch management:
- OpenFlow configuration point: The OF-Config point issues OF-Config commands.
- OpenFlow capable switch: A physical or virtual switching device contains a number of ports and queues.
- OpenFlow logical switch: A logical switch within the OpenFlow capable switch allocates a subset of the ports and queues that make up an OpenFlow capable switch.
The OF-Config Point can be located in the same server or workstation as an OpenFlow controller or within traditional network management products. Either way, configuration points can manage multiple OpenFlow-capable virtual or physical switches. A configuration point may manage multiple OpenFlow capable switches, and a capable switch may be managed by more than one configuration point.
The configuration point also communicates with OpenFlow logical switches that live within the OpenFlow capable switch. Specifically the control point supplies each logical Switch with the IP addresses and port numbers of the OpenFlow controllers that will control individual packet flows through the switch. It also specifies whether TCP or TLS will be used to communicate between the switch and controller, and it configures certificates for communications between switches and controllers. Each OpenFlow logical switch operates independently of the other logical switches within the same OpenFlow capable switch.
A configuration point can discover the resources allocated to a logical switch, configure tunnels, set port parameters, turn ports off and on, and retrieve switch status. It receives error codes from a switch if a configuration operation fails and it can roll back the operation in the event of a partial failure.
Implementing OF-Config in a switch requires modifying the switch's internal configuration database and implementing the Netconf Protocol (RFC 6241) to communicate between configuration points and switches. Netconf uses XML encoding for configuration data and protocol messages.
Configuration data is sent to, and retrieved from, switches using remote procedure calls. Netconf can send or retrieve full and partial configuration descriptions and can convey asynchronous notifications from the switch.
Netconf is extensible, so it will continue to support OF-Config as future capabilities are added. Configuration points can retrieve switch configuration capabilities, so a configuration point upgraded to a later OF-Config version can continue to support a switch that has not yet been upgraded.
The OF-Config 1.1.1 specification contains UML diagrams, XML examples and the full XML schema defining configuration capabilities.
OVSDB Protocol basics: Managing the Open vSwitch
The Open vSwitch Database Management Protocol (OVSDB) is a component of the open source Open vSwitch that was designed specifically to manage Open vSwitch implementations.
More on SDN protocols and standards
SDN northbound APIs: Do they need standards?
If ONF fees block engineers from joining, how open is OpenFlow?
An Open vSwitch implementation consists of a database server and a switch daemon. A control cluster contains managers and controllers that use the OVSDB Protocol to supply configuration information to the switch database server. Controllers use OpenFlow to specify details of packet flows through the switch. Each manager and controller can direct multiple switches, and each switch may receive directives from multiple managers and controllers.
You can use the ovs-vsctl command included in Open vSwitch releases to generate OSVSDB operations. Options on the command line indicate which OVSDB operation to perform. Sequences of ovs-vsctl commands are typically issued from within scripts or network management products.
Using the OVSDB Protocol, managers can specify the number of individual virtual bridges within an Open vSwitch implementation and create, configure and delete ports and tunnels from a bridge. A manager can also create, configure and delete queues.
Open vSwitch documentation contains configuration database details, and the OVSDB Internet draft specifies the protocol's JSON-RPC operations.
OVSDB Protocol documentation has long been available as part of the Open vSwitch documentation. To make the documentation easier to access and understand, VMware Inc. employees have published an Internet draft that defines the OVSDB Protocol.
Open vSwitch already implements the OVSDB Protocol, but other switch vendors would need to modify their switch’s configuration database and implement JSON and JSON-RPC in order to adopt OVSDB.
Will one OpenFlow configuration protocol take hold?
In the past, no OpenFlow configuration protocol was adopted as a standard. However, ultimately, pressure from operators of very large networks operating public or private clouds may force vendors to adopt a single standard.
About the author
David B. Jacobs of The Jacobs Group has more than twenty years of networking industry experience. He has managed leading-edge software development projects and consulted to Fortune 500 companies as well as software startups.