HP OpenFlow 1.3 Administrator Guide Wired Switches K/KA/KB/WB 15.15
Securing the connection between an OpenFlow instance and the controller
Syntax
[no] controller-id controller-id secure
secure
Initiates a TLS connection with the controller (TLS version 1.0 or greater.)
This command:
• Secures the instance controller main connection. This option is available for
OpenFlow version1.0 as well as OpenFlow version 1.3.
• Supports CA signed certificates. For CA signed certificates, same ROOT
certificate is used to sign both controller and switch certificate.
• Supports mutual authentication.
Example
HP-3500yl-48G-PoEP(of-inst-t1)# show openflow instance t1
Configured OF Version : 1.3
Negotiated OF Version : 1.3
Instance Name : t1
Admin. Status : Enabled
Member List : VLAN 3
Listen Port : None
Oper. Status : Up
Oper. Status Reason : NA
Datapath ID : 0003b499ba86bf80
Mode : Active
Flow Location : Hardware and Software
No. of Hw Flows : 0
No. of Sw Flows : 0
Hw. Rate Limit : 0 kbps
Sw. Rate Limit : 100 pps
Conn. Interrupt Mode : Fail-Secure
Maximum Backoff Interval : 60 seconds
Probe Interval : 10 seconds
Hw. Table Miss Count : NA
No. of Sw Flow Tables : 1
Egress Only Ports : None
Table Model : Policy Engine and Software
Controller Id Connection Status Connection State Secure Role
------------- ----------------- - --------------- - ------ -----
1 Connected Active Yes Equal
Configuring auxiliary connections
Syntax
openflow # auxiliary-connection index port port-number type
tcp|udp
Creates an auxiliary connection with a unique index which is later associated with
the instance controller main connection. Auxiliary connection uses the same source
IP address and the datapath ID as the main connection. The main connection
auxiliary ID is set to zero, while the auxiliary connection ID is set to 1. Only one
auxiliary connection is supported per main connection and transport protocol options
for auxiliary connections can be either TCP or UDP.
Securing the connection between an OpenFlow instance and the controller 21