User-defined actions for SDN


In Software-Defined Networking (SDN), the control plane can program the data plane via SDN open APIs such as OpenFlow. An OpenFlow-like data plane applies <match, action> rules to every packet. However, it only supports a few actions that are all predefined and hardcoded to a piece of hardware in SDN switch. We argue that we should extend the programmability and flexibility of SDN to the data plane to allow network owners to add their custom network functions while keeping the programability of existing SDN. Since current OpenFlow actions are not sufficient and flexible, we posit we need user-defined actions deployed within the switch box rather than an external equipment (e.g., Fire-wall). Finally, we study the feasibility of two sample user-defined actions (i.e., Portscan detector and Botminer detector) using two different underlying mechanisms: OpenFlow and our previous work, TagFlow. Our evaluations show that user-defined actions are capable of handling traffic at line speed. Moreover, we also indicate that TagFlow user-defined actions are 33% faster than OpenFlow. We concluded that extending SDN features to include user-defined actions is lightweight and feasible.

DOI: 10.1145/2619287.2619292

Extracted Key Phrases

6 Figures and Tables

Cite this paper

@inproceedings{Farhadi2014UserdefinedAF, title={User-defined actions for SDN}, author={Hamid Farhadi and Ping Du and Akihiro Nakao}, booktitle={CFI}, year={2014} }