Precedent to the connection startup, the switch must be configured with the controller's IP address. Optionally the controller could be configured with the switch's IP address, but the goal is the same: The two devices must be able to find each other.
Channel Connections
The OpenFlow connection operates over TCP, and both the switch and the controller listen on port 6653 and this connection is usually encrypted over Transport Layer Security (TLS) Protocol.
After TCP session is established and certificates are exchanged by TLS, the controller and switch exchange Hello messages to negotiate the OpenFlow version to use. After agreement the version, the connection is up and two sides use Echo messages to monitor the connection.
Connection Interruption
If one side cannot support the version advertised by the other side, it sends an error message and the connection is closed, such as, echo replies are not received, the switch will enter one of two stats depending on implementation:
- Fail secure mode: The switch continues to operate, but does not try to send messages or packets to the controller. Entries in the flow tables continue to time out as they normally would.
- Fail standalone mode: The switch reverts to operating as a standalone (non-OpenFlow) switch. This mode is usually only used by hybrid switch.
Connection Reestablishment
When a switch reestablishes a session with the controller after a connection interruption, the existing entries in the flow table continue to be used.
Message Delivery
Once the channel is established, Controller and switch could exchange OpenFlow messages:
- Controller to Switch, messages are used by the controller to manage the switch
- Asynchronous messages are send from the switch to the controller. To notify a change in flow stat or port status, or an error message.
- Symmetric messages can be sent by either the controller or the switch. These messages are hello, echo requests, and replies, and such on
No comments:
Post a Comment