Skip to main content

OpenFlow

OpenFlow is a programmable network protocol and interface for controlling packet forwarding behavior in network switches and routers as part of Software Defined Networking (SDN) (network control plane).

  • Enables centralized, programmatic control of packet forwarding tables in switches and routers (network control plane).
  • Defines a standardized protocol between an external controller and OpenFlow-capable forwarding hardware or software (network protocol).
  • Supports flow-based forwarding decisions using match-action rules on packet headers and other metadata (traffic engineering).
  • Provides a foundation for SDN architectures that separate the control plane from the data plane (network architecture).
  • Facilitates experimentation and deployment of new network control logic without changing underlying forwarding devices (network programmability).

More About OpenFlow

OpenFlow is a protocol and interface that enables external controllers to program the forwarding behavior of network devices, forming a core mechanism for SDN (network control plane). It addresses environments where operators need direct, programmable control over how packets are matched, processed, and forwarded in switches and routers, rather than relying solely on embedded, vendor-specific control logic.

The protocol defines a standardized communication channel between an OpenFlow controller and one or more OpenFlow-enabled switches (network protocol). Through this channel, the controller installs, updates, and deletes flow entries in the switch flow tables. Each flow entry uses match fields, counters, and actions to determine how packets that meet specified criteria are handled. Match criteria can include header fields across multiple protocol layers, ingress ports, and sometimes metadata, enabling granular policy and Traffic Engineering (TE) (traffic management).

In a typical OpenFlow-based SDN architecture (network architecture), the control plane runs on one or more logically centralized controllers, while the data plane resides in the forwarding devices. The switches maintain flow tables and execute actions such as forwarding, dropping, or modifying packets according to instructions received via OpenFlow. The protocol also includes mechanisms for statistics reporting, event notifications, and capabilities discovery, enabling controllers to monitor network state and adapt flow rules over time (network observability).

Enterprises and institutions use OpenFlow to implement programmable networks for data centers, campus networks, and research testbeds (network infrastructure). Common use cases include TE, Network Virtualization (NV), multi-tenant isolation, and dynamic policy enforcement, where controllers compute forwarding paths and install corresponding flow rules across multiple devices. Because the control logic resides in software running on general-purpose servers, organizations can update routing or policy behavior by changing controller applications rather than upgrading device firmware.

From an ecosystem perspective, OpenFlow functions as a protocol layer that multiple SDN controllers and switch implementations can support, including hardware switches, virtual switches, and software-based forwarding planes (interoperability). This promotes scenarios where controllers from one vendor or open-source project can interact with devices from another, as long as both implement compatible versions of the OpenFlow specification. For enterprise taxonomies, OpenFlow is categorized as a network protocol and control interface within SDN, used for centralized flow management, TE, and policy enforcement across heterogeneous forwarding infrastructure.