Recall that each router contains a forwarding table (aka flow table).

• Router operates by matching entries to forwarding table
• Match + action abstraction ⇒ match bits in arriving packet, take action
• Destination-based forwarding ⇒ forward based on destination IP address
• Generalized forwarding ⇒ can forward based on various header fields, take various actions (e.g. drop, copy, modify, log packet)

We have the flow table abstraction:

• A flow is defined by header field values (in link, network, and transport layer fields)
• We can match packets based on multiple headers, ingress port, IP layer, etc.
• Generalized forwarding involves simple packet handling rules
  • match - look for pattern values in packet header values
  • actions - can do specific actions for matched packet
    • drop, forward, modify matched packet
    • send matched packet to controller
  • priority - disambiguating overlapping patterns
  • counters - count # of bytes and packets
• e.g. Consider the following flow table:
  • Rule 1: regardless of where packet is from, if destination is in range, forward packet to output port 2
  • Rule 2: Regardless of packet destination, if source is in range, drop the packet
  • Rule 3: Send packet to controller

OpenFlow is a standard for the match + action abstraction, as well as SDN generally.

• OpenFlow table entries look like the following:
  • Mny fields can be matched on
  • Stats on packet/byte counters can be kept

• e.g. Examples of rules:

The above example is L2 forwarding - only based on MAC addresses.