Software Defined Networking (SDN) is an approach to computer networking that employs a split architecture network in which the forwarding (data) plane is decoupled from the control plane. The use of a split architecture network simplifies the network devices (e.g., switches) implementing the forwarding plane by shifting the intelligence of the network into one or more controllers that oversee the switches. SDN facilitates rapid and open innovation at the network layer by providing a programmable network infrastructure.
OpenFlow is a protocol that enables controllers and switches in an SDN network to communicate with each other. OpenFlow enables dynamic programming of flow control policies in the network. An OpenFlow switch transmits a Packet-In message to the controller to transfer control of a packet to the controller. An OpenFlow switch may decide to transfer control of a packet to the controller for various reasons such as an invalid time-to-live (TTL) or non-availability of matching flow entries to process the packet. The controller transmits a Packet-Out message to the switch to instruct the switch on how to handle further processing of the packet. The Packet-Out message can instruct the switch to process the packet through the OpenFlow pipeline, send the packet to a particular group, or output the packet on a particular port.
A Packet-Out message contains a list of actions specifying how the switch should process the packet. The list of actions may include, for example, packet modification actions, group processing actions, and output actions that instruct the switch to output the packet to a specified port. The list of actions may include an output action to the OFPP_TABLE reserved port, which instructs the switch to process the packet through the OpenFlow pipeline, starting at the first flow table. In some cases, packets sent to the OFPP_TABLE reserved port may be forwarded back to the controller (e.g., as a Packet-In message) as a result of matching a flow entry, a table miss, or a group bucket action.
Incorrect usage of the Packet-In message and Packet-Out message can create control plane loops, where a packet keeps returning to the controller after being transmitted into the data path of the network. Control plane loops can be even more hazardous for an SDN network than data plane loops. Typically, data plane loops only impact a section of the network. However, control plane loops consume valuable processing resources of the controller, which may choke the controller and render the entire SDN network unusable.