In a conventional network system, a single switch performed a routing control and a packet transfer.
Recent years, because of virtualization of a network, an open flow (Openflow) system is proposed in which the routing control and the packet transfer of the switch are separated and the routing control is collected in a controller outside the switch (Non-Patent Literature 1).
In the open flow system, the controller monitors the switch in the network and dynamically sets a transmission route of packets to the switches in the network according to the communication situation. The controller registers a flow on the switch by using an open flow protocol (Openflow Protocol) message to generate a flow table.
The flow defines predetermined processing (action) to be done to the packets which conforms to a predetermined rule (rule). The rule of the flow is defined by various combinations of any or all of a destination address, a source address, a destination port, and a source port, which are contained in a header region of a frame which carries the packet, and the rule can be identified. It should be noted that it is supposed that it contains MAC address (Media Access Control Address) and IP address (Internet Protocol Address) in the above-mentioned addresses. Also, the data of input port (Ingress Port) in addition to the above, is practicable as the rule of the flow.
The flow table stores data of the flow (flow entry) every switch.
In the open flow system, the switch carries out the packet transfer according to the generated flow table. The switch needs to confirm whether the flow conforms to a platform function of the switch, before registering of the flow received from the controller on the flow in response to an open flow protocol message table. The switch determines that the conformed flow is a valid flow and an un-conformed flow is an invalid flow, and registers the valid flow on the flow table.
The controller and switch of the open flow system are sometimes called an open flow controller (Openflow controller) and an open flow switch (Openflow switch) respectively.
In the open flow protocol, a flow modification (Flow Mod) message is used for generation of a flow table, but a response message indicating whether or not the generation of a flow entry is succeeded is not defined. Therefore, in order to confirm by the controller whether or not a flow entry has been registered, it is necessary to compare the flow data required in the registration and the flow data acquired in a statistics request (Statistics Request) message.
Also, when an open flow system is introduced into the existing network, there is a possibility that a mismatch with the existing function occurs.
Also, in the open flow protocol, a response message to notify the result to the controller is not defined in the flow modification (Flow Mod) message to carry out a flow setting from the controller to the switch. Therefore, in order to know the setting result by the controller, it is necessary to confirm by using a statistics request (Statistics Request) message.
Generally, in the open flow system, the flow table in the switch retains only the entries of valid flows and does not retain any entry of an invalid flow.
Therefore, there is a problem that the controller cannot determine whether or not the flow to be registered on the flow table in the switch could be actually registered, whether or not the flow could not be registered due to the invalid flow, or whether or not the registration is failed due to another factor. It should be noted that Patent Literature 1 (JP 2004-056340A) discloses that an L3 switch having a flow table.
Also, Patent Literature 2 (JP 2006-254134A) discloses that flow identification data is outputted when there is a flow entry conforming to a search condition, and addition/deletion of the flow entry to/from the flow table is carried out when there is not the flow entry conforming thereto.
Also, Patent Literature 3 (JP 2008-167340A) discloses a technique that a packet relay unit is provided with a flow table in which the pattern of a packet as an object of the flow identification is described.
Also, Patent Literature 4 (JP 2009-049592A) discloses a technique that a search key and each of flow entries registered on the flow table are compared each time an IP packet is received, and that the statistic data such as the number of times of matching and a total packet length for the matching flow entry are updated.