Abstract
SDN deployments rely on switches that come from various vendors and differ in terms of performance and available features. Understanding these differences and performance characteristics is essential for ensuring successful deployments. In this paper we measure, report, and explain the performance characteristics of flow table updates in three hardware OpenFlow switches. Our results can help controller developers to make their programs efficient. Further, we also highlight differences between the OpenFlow specification and its implementations, that if ignored, pose a serious threat to network security and correctness.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Our benchmark with software OpenVSwitch handles \(\sim \)42000 rule updates/s.
- 2.
Note that we do not need to fully saturate the switch data plane, and thus a conventional host is capable of handling all of these tasks at the same time.
- 3.
The software is going to be optimized and productized in a near future.
- 4.
While experimenting and digging deep to understand the root causes of various behaviors we made other, less critical observations described in a tech report [10].
- 5.
As specified, after receiving a barrier request, the switch has to finish processing all previously-received messages before executing any messages after the barrier request. When the processing is complete, the switch must send a barrier reply message [1].
- 6.
We need to use such a rule to prevent flooding the control channel with the PacketIn messages caused by data plane probes or flooding the probes to all ports.
- 7.
The vendor claims that this limitation occurs only in firmware prior to PicOS 2.2.
- 8.
We observe periods when the switch does not install rules or respond to the controller, but these periods are rare, non reproducible and seem unrelated to the experiments. We think they are caused by periodic background processing at the switch.
References
OpenFlow Switch Specification. http://www.openflow.org/documents/openflow-spec-v1.0.0.pdf
Ethernet Switch Market: Who’s Winning? (2014). http://www.networkcomputing.com/networking/d/d-id/1234913
Curtis, A., Mogul, J., Tourrilhes, J., Yalagandula, P.: DevoFlow: scaling flow management for high-performance networks. In: SIGCOMM (2011)
Huang, D.Y., Yocum, K., Snoeren, A.C.: High-fidelity switch models for software-defined network emulation. In: HotSDN (2013)
Jain, S., Kumar, A., Mandal, S., Ong, J., Poutievski, L., Singh, A., Venkata, S., Wanderer, J., Zhou, J., Zhu, M., Zolla, J., Hölzle, U., Stuart, S., Vahdat, A.: B4: Experience with a globally-deployed software defined WAN. In: SIGCOMM (2013)
Katta, N.P., Rexford, J., Walker, D.: Incremental consistent updates. In: HotSDN (2013)
Kazemian, P., Chang, M., Zeng, H., Varghese, G., McKeown, N., Whyte, S.: Real time network policy checking using header space analysis. In: NSDI (2013)
Kazemian, P., Varghese, G., McKeown, N.: Header space analysis: static checking for networks. In: NSDI (2012)
Khurshid, A., Zou, X., Zhou, W., Caesar, M., Godfrey, P.B.: VeriFlow: verifying network-wide invariants in real time. In: NSDI (2013)
Kuźniar, M., Perešíni, P., Kostić, D.: What you need to know about SDN control and data planes. Technical report EPFL-REPORT-199497, EPFL (2014)
Lazaris, A., Tahara, D., Huang, X., Li, L.E., Voellmy, A., Yang, Y.R., Yu, M.: Jive: performance driven abstraction and optimization for SDN. In: ONS (2014)
Liu, H.H., Wu, X., Zhang, M., Yuan, L., Wattenhofer, R., Maltz, D.A.: zUpdate: updating data center networks with zero loss. In: SIGCOMM (2013)
Mahajan, R., Wattenhofer, R.: On consistent updates in software defined networks. In: HotNets (2013)
Perešíni, P., Kuźniar, M., Canini, M., Kostić, D.: ESPRES: transparent SDN update scheduling. In: HotSDN (2014)
Reitblatt, M., Foster, N., Rexford, J., Schlesinger, C., Walker, D.: Abstractions for network update. In: SIGCOMM (2012)
Rotsos, C., Sarrar, N., Uhlig, S., Sherwood, R., Moore, A.W.: OFLOPS: an open framework for openflow switch evaluation. In: Taft, N., Ricciato, F. (eds.) PAM 2012. LNCS, vol. 7192, pp. 85–95. Springer, Heidelberg (2012)
Yu, M., Wundsam, A., Raju, M.: NOSIX: a lightweight portability layer for the SDN OS. ACM SIGCOMM Comput. Commun. Rev. 44(2), 28–35 (2014)
Acknowledgments
We thank Marco Canini, Dan Levin and Miguel Peón for helping us get access to the tested switches. We also thank Pica8 and Dell representatives for quick responses and explanations. We thank the reviewers, who provided excellent feedback. The research leading to these results has received funding from the European Research Council under the European Union’s Seventh Framework Programme (FP7/2007–2013) / ERC grant agreement 259110.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Kuźniar, M., Perešíni, P., Kostić, D. (2015). What You Need to Know About SDN Flow Tables. In: Mirkovic, J., Liu, Y. (eds) Passive and Active Measurement. PAM 2015. Lecture Notes in Computer Science(), vol 8995. Springer, Cham. https://doi.org/10.1007/978-3-319-15509-8_26
Download citation
DOI: https://doi.org/10.1007/978-3-319-15509-8_26
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-15508-1
Online ISBN: 978-3-319-15509-8
eBook Packages: Computer ScienceComputer Science (R0)