Cross-Entrance Consistent Range Classifier with OpenFlow

In this paper we present a new Openflow based architecture to manage flows across a multi entrance SDN network in a consistent way, thus improving in several aspects on previous works [4, 5]. Our contributions are in three levels. At the first level we use OpenFlow features in a sophisticated way to implement a range classification scheme which to the best of our knowledge is more space efficient (only 3 entries per range) than previous known classifiers. In the second contribution we show how to update ranges across multiple switches in an atomic manner allows to update the set of ranges and their associated actions while packets are classified and the network is changing. Finally, using the two schemes above, we present an architecture suitable for several applications such as load-balancing, and NFV, to manage multi-entrance consistency keeping Per Flow consistency even when the flow changes the entrance point to our network. Our scheme utilizes advanced OpenFlow features to efficiently implement a complex computation of a nonoverlapping range classification scheme which requires only 3n+2w+1 table entries (a significant saving is observed already with 4 ranges see Figure 1(b)), where n is the number of ranges and w is the size of values (e.g. 32 for IPv4 addresses). The three key OpenFlow features (and limitations) that we use are: (i) a packet can be processed by several forwarding tables using ’goto’ action command to decide on the next table. (ii) a packet can be extended with an auxiliary field which may be altered (e.g., xored with a constant) and considered as the packet goes through subsequent flow tables. (iii) Openflow lack of support for general computation on packet field values. Three levels of atomicity are considered and supported by our scheme: (i) Per packet consistency each packet is handled according to correct configuration either before or after the update. (ii) Per flow Consistency all packets of a flow are handled according to the same configuration and new flows are handled according to the newest configuration. (iii) Cross-entrance consistency keeping Per Flow consistency even when the flow changes the entrance point to our network. Our ranges classification is based on PIDR, a non-OpenFlow system design by Panigrahy and Sharma [3] which uses special hardware (e.g., ASIC or FPGA) and has no notion of atomicity. PIDR creates two patterns for each range called the ELCP0 and ELCP1 of the range (see definition in [3]) and save them separately in two TCAMs associated with range bounds. The two TCAMs are arranged in a very specific manner to support the scheme. In order to classify a value, it should be queried against the two TCAMs, returning two matches that are associated with two possible ranges. Then the value is checked whether it belongs to one of these two ranges.