What is OpenFlow?
OpenFlow enables network controllers to determine the path of network packets across a network of switches. It separates the control plane from the forwarding plane, allowing more sophisticated traffic management than ACLs and routing protocols alone.
OpenFlow allows switches from different vendors — each with their own proprietary interfaces — to be managed remotely using a single, open protocol. Controllers listen on TCP port 6653 for switch connections (legacy: 6633). The protocol uses TLS for security.
lighty.io Application Bootstrap
The OpenFlow example application follows the standard lighty.io startup pattern:
// 1. Initialize and start Lighty controller
final LightyControllerBuilder lightyControllerBuilder = new LightyControllerBuilder();
final LightyController lightyController = lightyControllerBuilder
.from(controllerConfiguration).build();
lightyController.start().get();
// 2. Start RESTCONF server
final CommunityRestConfBuilder communityRestConfBuilder = new CommunityRestConfBuilder();
final CommunityRestConf communityRestConf = communityRestConfBuilder
.from(RestConfConfigUtils.getRestConfConfiguration(
restConfConfiguration, lightyController.getServices()))
.build();
communityRestConf.start();
// 3. Start OpenFlow southbound plugin
final OpenflowSouthboundPlugin plugin = new OpenflowSouthboundPluginBuilder()
.from(configuration, lightyController.getServices())
.withPacketListener(new PacketInListener())
.build();
plugin.start();
Configuration
OpenFlow configuration is passed as JSON. Key parameters include statistics polling, barrier timeouts, thread pool sizing, and switch SSL settings:
{
"openflow": {
"isStatisticsPollingOn": true,
"barrierCountLimit": "1234",
"echoReplyTimeout": "4000",
"globalNotificationQuota": "9000",
"useSingleLayerSerialization": "true",
"switchConfig": {
"instanceName": "openflow-switch-connection-provider-default-impl",
"port": 1234,
"transportProtocol": 0,
"switchIdleTimeout": 15001
}
}
}
Connecting a Device with Mininet
After starting the controller, connect an OpenFlow device using Mininet:
sudo mn --controller=remote,ip=127.0.0.1 --topo=tree,1 --switch ovsk,protocols=OpenFlow13
The controller log confirms device mastery:
INFO [main] (Main.java:100) - Lighty and OFP started in 7649.765ms INFO [nioEventLoopGroup-10-2] (ContextChainHolderImpl.java:225) - Role MASTER was granted to device openflow:1
Post a Flow Rule
curl -X POST -k \ -H 'Content-Type: application/xml' \ -H 'Authorization: Basic YWRtaW46YWRtaW4=' \ https://localhost:8888/restconf/operations/sal-flow:add-flow \ --data '<input>...</input>'
Verify Device State
curl -X GET -k \ -H 'Authorization: Basic YWRtaW46YWRtaW4=' \ 'https://localhost:8888/restconf/data/opendaylight-inventory:nodes/node=openflow%3A1/table=0?content=nonconfig'
The response will show the installed flow table including your posted rule, match fields, instructions, and statistics — confirming the device is correctly connected and managed.
OpenFlow Capabilities
- Remote administration of layer 3 switch packet forwarding tables
- Add, modify, and remove packet matching rules and actions
- Configurable flow rule lifespan — rules expire or persist as needed
- Unmatched packets can be forwarded to the controller for decision
- Controller can redeploy rules to prevent structural flows between switch and controller
- Layered on TCP with TLS for secure control-plane communication