Software-Defined networking (SDN) is a network architecture that aims at decoupling control plane functions from data plane functions such that separate apparatuses may be utilized for different functions. In the SDN architecture, network intelligence and states are logically centralized, and the underlying network infrastructure is abstracted from the applications. As a result, networking may be simplified and new applications become feasible. For example, network virtualization can be accomplished by implementing it in a software application where the control plane is separated from the data plane. Also, a network administrator of a SDN system may have programmable central control of network traffic without requiring physical access to the system's hardware devices. With these benefits, SDN architecture based systems (referred to as SDN systems or SDN networks exchangeably herein below) are gaining popularity among carriers and enterprises.
In a SDN system, a network element generally utilizes a set of flow tables to forward packets of traffic flows. Each flow table contains a set of flow table entries, each flow table entry including match fields to match incoming packets and a set of instructions to perform upon a match is found. Once a packet matches a flow table entry, the network element causes the set of instructions of the matching flow table entry to be performed on the packet. A match key is defined for a flow table and it generally contains several match key components (sometimes referred to as key compositions). The values of the match key components in a packet are extracted and matched to the values of match fields of the flow table.
For related traffic flows, it is not uncommon for the match key compositions of flow tables to share some similarities. For example, for communications between a client network element and a server network element, a flow table A may contain a match key of media access control address (MAC) source and destination, say the match key of {client's MAC address, server's MAC address}, where the source MAC is for the client network element and the destination MAC is for the destination network element. Flow table A may be for a traffic flow from the client network element to the server network element. For a traffic flow in the opposite direction, from the server network element to the client network element, a flow table B may have the match key of {server's MAC address, client's MAC address}. Flow tables A and B are two distinct flow tables in a network element, even though they contain the same key components, albeit in different orders.