Open Flow enables network controllers to determine the path of network packets across a network of switches. The controllers are distinct from the switches. This separation of the control from the act of forwarding allows for more sophisticated traffic management than is feasible using access control lists (ACLs) and routing protocols. Also, Open Flow allows switches from different vendors, often each with their own proprietary interfaces and scripting languages, to be managed remotely using a single, open protocol. The protocol's inventors consider Open Flow an enabler of Software Defined Networking (SDN).
Open Flow allows remote administration of a layer 3 switch's packet forwarding tables, by adding, modifying, and removing packet matching rules and actions. This way, routing decisions can be made periodically or ad hoc by the controller and translated into rules and actions with a configurable lifespan, which are then deployed to a switch's flow table, leaving the actual forwarding of matched packets to the switch at wire speed for the duration of those rules. Packets which are unmatched by the switch can be forwarded to the controller. The controller can then decide to modify existing flow table rules on one or more switches or to deploy new rules, to prevent a structural flow of traffic between switch and controller. The controller can even decide to forward the traffic itself, provided that it has told the switch to forward entire packets instead of just their header.
However, SDN architecture may bring the following problems. First, data streams are repeated back and forth between a control device and a switch, as well as between the switches. Second, the out-of-band signal management port of the switch limits communication speed between the switch and the control device. Solving these shortcomings is problematic.