Manualshelf

Deployment Guide

ManualsBrandsDell ManualsAccess PlatformsNetworking OS for OpenFlow
11121314151617181920
16
The ACL Policy Flow Table can perform multi-field wildcard matches, analogous to the function of an ACL in a
conventional switch.
DNOS-OF makes extensive use of OpenFlow Group entries, and most forwarding and packet edit actions are
applied based on OpenFlow group entry buckets. Groups support capabilities that are awkward or inefficient
to program in OpenFlow 1.0, such as multi-path and multicast forwarding, while taking advantage of
functionality built into the hardware.
4.3.2 DNOS-OF Object Descriptions Flow Tables and Group Tables
DNOS-OF presents the application writer with a set of objects that can be programmed using OpenFlow 1.3.4.
The programmable objects include flow tables and group table entries.
This section provides programming descriptions for these objects. For details consult the DNOS-OF TTP (Table
Type Patterns) supplied with the firmware.
Flow tables have specific attributes, including entry types (rules) that have specific match fields, actions, and
instructions. Flow entries can have “Goto-Table” instructions that determine the next table to process the
packet. In other words, the flow entry programming determines the order in which packets traverse tables and
accumulate actions in an action set. Actions in the action set are applied prior to the packet being forwarded
when there is no next table specified. Specific forwarding actions, including egress packet edits, are for the
most part included within the action sets of the group entries. DNOS-OF uses specific types of group entries
to support different packet flow scenarios. Apply-actions instructions and action lists are also used for some
VLAN tag packet editing, and to send packets to the controller.
In the general OpenFlow case packets pass from flow table to flow table and can be arbitrarily modified
between tables. To take advantage of this generality each table stage would need to include a packet parser.
In DNOS-OF this kind of packet flow is conceptual - packets are parsed early in the pipeline and header fields
are extracted. After that it is only these fields that are passed between tables and used for matching or
modification by “apply actions” instructions. It is not expected that this distinction will matter to applications.
The next section describes the DNOS-OF flow tables in terms of their supported match fields, flow entry rule
types, instructions, actions, expiration provisions, and statistics counters. Default miss actions are also
specified for each table as applicable. Group table entry types and action set constraints are then described.
Ingress packets always have an associated Tunnel Id metadata value. For packets from physical ports this
value is always zero. Only Physical ports are supported in DNOS-OF, so no Tunnel Id values other than 0
are allowed.
NOTE: The software may have other undocumented tables and groups implemented or partially
implemented. Only the features described here to support bridging and routing are supported.