The OpenFlow switch is a basic forwarding element, which is accessible via the OpenFlow protocol and interface. Although this setup would appear to simplify the switching hardware at first glance, flow-based SDN architectures such as OpenFlow may require additional forwarding table entries, buffer space, and statistical counters that are not very easy to implement in traditional switches with application specific ICs (ASICs).
In an OpenFlow network, switches come in two flavors: hybrid (OpenFlow enabled) and pure (OpenFlow only). Hybrid switches support OpenFlow in addition to traditional operation and protocols (L2/L3 switching). Pure OpenFlow switches have no legacy features or onboard control and completely rely on a controller for forwarding decisions.
Most of the currently available and commercial switches are hybrids. Since OpenFlow switches are controlled by an open interface (over TCP-based TLS session), it is important that this link remain available and secure. The OpenFlow protocol can be viewed as a possible implementation of SDN-based controller-switch interactions (which is a messaging protocol), as it defines the communication between the OpenFlow switch and an OpenFlow controller.
The reference implementation of OpenFlow switch from Stanford University includes ofdatapath, which implements the flow table in user space; ofprotocol, a program that implements the secure channel component of the reference switch; and dpctl, which is a tool for configuring the switch. This distribution includes some additional software as well (for instance, a controller, a simple controller program that connects to any number of OpenFlow switches, and a Wireshark dissector that can decode the OpenFlow protocol).
The following figure depicts the OpenFlow reference switch, interface, and three message types (controller-to-switch, asynchronous, and symmetric) and sub-types. These messages were briefly introduced in the previous chapter. They are presented with more implementation-related details in this section. Controller-to-switch messages are initiated by the controller and may or may not require a response from the OpenFlow switch.
