Configure an HP OpenFlow Switch for Floodlight
This is a revised tutorial to configure an HP OpenFlow switch for Floodlight or any other OpenFlow controller. HP revised its firmware a few months back which is great. HP has been supporting OpenFlow on its switches with generally available code longer then any other networking vendor. Other vendors with GA OpenFlow firmware are Brocade and Pica8. Maturity of OpenFlow agents should be taken into account when purchasing hardware. Most agents are Open vSwitch based but vendor allocations to software development of porting OVS has been slow while waiting on large volume customer demand.
Hybrid OpenFlow Ships in the Night
Hybrid OpenFlow support is a must for any vendor. We have reviewed different hybrid architectures such as normal and “ships in the night”. For this tutorial we will use the simple ships in the night, meaning there is one Vlan enabled with OpenFlow (VID 3) and one on the native network (VID 1). The native network on Vlan 1 is also the control channel for the FloodLight OpenFlow controller and the host on the native network. The control Vlan could just as easily be a dedicated management network.
Hybrid OpenFlow Gateways
The OpenFlow Vlan L3 gateway can be as simple as a native switch or router tapped into the Vlan with an L3 interface. OpenFlow hosts can use that interface as the default gateway to leave the SDN island. The SDN edge can also use OFPP_Normal to push flows to the normal forwarding pipeline. With one OpenFlow rule you can have all traffic processed as it normally would by the switch. HP supports the “normal” OpenFlow action. All vendors need strong hybrid OpenFlow support if they expect to be taken seriously for early SDN non-vSwitch networks.
Download and Configure The Floodlight OpenFlow Controller
Floodlight and POX OpenFlow controllers are both super easy to get up and running. Both can load as flood and learn reactive switches or proactive only configurations. For building the controller on CentOS check out a colleague Nick Buraglio’s blog post.
sudo apt-get install openjdk-7-jre git git clone git://github.com/floodlight/floodlight.git cd floodlight ant java -jar target/floodlight.jar
Configure the HP switch for OpenFlow
The follwoing HP configuration refelcts the latest firmware. Use “show open flow ?” to view related OpenFlow operational commands. This will also tell you what flows are in hardware and software. My colleague Bill Owens wrote a nice article at Packet Pushers recently on this topic that I highly recommend.
; J8693A Configuration Editor; Created on release #K.15.10.0003 ; Ver #03:03.1f.ef:f0 module 1 type j86yya module 2 type j86xxa ip routing openflow enable controller-id 100 ip 10.1.1.10 controller-interface vlan 1 instance "OpenFlow-Orange" member vlan 3 controller-id 100 limit software-rate 10000 enable exit exit vlan 1 name "DEFAULT_VLAN" ip address 10.1.1.10 255.255.255.0 exit vlan 3 name "VLAN3" ip address 192.168.1.210 255.255.255.0 exit
OpenFlow guide from HP and additional resources
HP continues to put out nice documentation regarding their OpenFlow support. Hybrid OpenFlow is pretty easy to implement. Starting out with a test/dev Vlan is a reasonably safe implementation strategy. Peel traffic off the top of the rules list and either drain traffic to a native L3 gateway or use the normal action to fork the traffic to the normal FIB. SDN is about ingesting traffic at the edge and having flexibility in classification and policy application. Use it early as a tool for niche applications and you will be well positioned as more robust abstractions come out of product pipelines.
Download latest OpenFlow guide from HP HP OpenFlow Switches
HP recently announced their new NAC security application using OpenFlow called Sentinel. I am quite interested about the possibility of enterprise security and SDN. 802.1x NAC has been a non-starter due to interoperability and data plane constraints in the traditional Ethernet fabric. Take a listen to Greg and Ethan talking to HP about this recently.
PacketPushers Show 138 – HP’s Software-Defined Networking (SDN) Strategy and Solution →
Thanks for stopping by!