Is OpenFlow Useful?

The Does Centralized Control Plane Make Sense post triggered several comments along the lines of “do you think there’s no need for OpenFlow?

TL;DR version: OpenFlow is just a low-level tool; don’t blame it for how it’s being promoted… but once you figure out it’s nothing more than TCAM (ACL+PBR) programming tool, you’ll quickly find a few interesting use cases. If only we’d have hardware we could use to implement them; most vendors gave up years ago.

OpenFlow is just a tool that allows you to install PBR-like forwarding entries into networking devices using a standard protocol that should work across multiple vendors. From this perspective, OpenFlow offers slightly more advanced functionality than BGP FlowSpec.

Where could you use PBR-like functionality? I’m positive you already have a dozen ideas with various levels of craziness; here are a few more:

OpenFlow has another advantage over BGP FlowSpec – it has the packet-in and packet-out functionality that allows the controller to communicate with the devices outside of the OpenFlow network. You could use this functionality to implement new control-plane protocols or (for example) interesting layered authentication scheme that is not available in off-the-shelf switches.

Summary: OpenFlow is a low-level tool that can help you implement numerous interesting ideas, but I wouldn’t spend my time reinventing the switching fabric (or other things we already do well).

For more information, watch the SDN webinars (some of them are free).

Latest blog posts in OpenFlow Basics series


  1. Open flow do it in much simplier way and improve managebility a lot. It made obsolate all cisco expensive protocols and hw.
    1. And this opinion happens to be based on what empirical data?
Add comment