Openflow: Internet 3.0?

Openflow: Internet 3.0?

Summary: A who's who of technology wants to change how the Internet works.

TOPICS: Browser, Networking

If it's not broke, then don't fix it. I may make a living on the cutting edge of technology, but I like that advice. Now, just as we're finally switching from IPv4 to IPv6 for the Internet's master protocol, the newly formed Open Network Foundation (ONF) is proposing that we use the OpenFlow as a new standard on how packets are forwarded through network switches and how we'll manage them.

Was packet switching really broke? Did we need yet another network switch standard? Well, actually, according to the researchers who came up with OpenFlow, we don't. Instead, according to their 2008 white paper, OpenFlow: Enabling Innovation in Campus Networks (PDF Link): "The basic idea is simple: we exploit the fact that most modern Ethernet switches and routers contain flow-tables (typically built from TCAMs [Ternary Content Addressable Memory) that run at line-rate to implement firewalls, NAT [Network Address Translation], QoS [Quality of Service], and to collect statistics. While each vendor's flow-table is different, we've identified an interesting common set of functions that run in many switches and routers. OpenFlow exploits this common set of functions."

In other words, the OpenFlow researchers wanted to standardize what a lot of network vendors were already doing. If this had just stayed an academic standard-making effort, this probably wouldn't have mattered much. But, six companies that own and operate some of the largest networks in the world: Deutsche Telekom, Facebook, Google, Microsoft, Verizon, and Yahoo! and network powerhouses like Cisco and Juniper joined together to promoting this new approach to networking.

Broadly speaking, OpenFlow is a kind of Software-Defined Networking (SDN). An "OpenFlow Switch," according to the white paper, "consists of at least three parts: (1) A Flow Table, with an action associated with each flow entry, to tell the switch how to process the flow, (2) A Secure Channel that connects the switch to a remote control process (called the controller), allowing commands and packets to be sent between a controller and the switch using (3) The OpenFlow Protocol, which provides an open and standard way for a controller to communicate with a switch. By specifying a standard interface (the OpenFlow Protocol) through which entries in the Flow Table can be defined externally."

The point of all this as noted standards lawyer Andrew "Andy" Updegrove sums up is to "adapt network architecture to streamline its interoperation with cloud computing." It works with the cloud because OpenFlow enables network switches, at very high speeds, to move traffic to the most efficient part of the cloud. In short, in a way OpenFlow switches will also work as a standardized way of handling server and network load balancing.

The New York Times quotes Nick McKeown, one of OpenFlow's founders and a professor of electrical engineering and computer science at Stanford, saying, "This answers a question that the entire industry has had, and that is how do you provide owners and operators of large networks with the flexibility of control that they want in a standardized fashion."

For network administrators, the broad argument for OpenFlow is that it will open up hardware and software routers and switches to give them far more control than they have currently. According to the Times, this will let ISP set "up on-demand 'express lanes' for voice and data traffic that is time-sensitive. Or it might let big telecommunications companies, like Verizon or AT&T, use software to combine several fiber-optic backbones temporarily for particularly heavy information loads and then have them automatically separate when a data rush hour is over. For households, the new capabilities might let Internet service providers offer remote services like home security or energy control."

How much difference will it really make? We'll have to wait and see. The potential is certainly there for making large-scale networks and the Internet easier to manage and more efficient. But, will ISPs use it or will they stick to the enormous work of dealing with the switchover from IPv4 to IPv6? My bet is that the IPv6 conversation will keep them more than busy enough. If they get OpenFlow hardware and software in their hands I'm sure they'll be happy to use it as well, but it can't be their first priority for the next few years.

See also:

OpenFlow: Enabling Innovation In Campus Networks

OpenFlow-Based Server Load Balancing Gone Wild

Don't Panic! It's only the Internet running out of Addresses

Real Help for your Network's IPv6 Transition

Topics: Browser, Networking

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • RE: Openflow: Internet 3.0?

    If they want to exploit insecure Access-Points that's fine. It's on their owners. However!, <b><u>mine is locked and not up for use by anyone but me</u>!</b> That's all we need!, a way for the criminals to perpetrate crimes in my name since they used my Access-Point to do it. If it comes to this, mine goes down <B><U>PERMANENTLY</u>!</b>
    The Rifleman
    • RE: Openflow: Internet 3.0?

      @The Rifleman That's all we need!, a way for the criminals? what does this means.
      <a href="">Multimedia Design</a> | <a href="">E Training Design</a> | <a href="">Large Scale Design</a> | <a href="">Menu Design</a>
  • Let's not focus on Internet 3.0

    Lets focus on building an open internet. An internet where it's impossible to track packets. An internet where it's impossible to DDOS someone. An internet, free of any form of government. If we can have this internet, we don't need net neutrality. OpenMesh anyone?
    • RE: Openflow: Internet 3.0?


      NOT GOING TO HAPPEN! That is the bottom line here. There is no way to make it so that DDoS attacks cannot be done. There is no way to make it impossible to track packets. Etc. etc. etc.

      You are holding out for something that is never going to come into being.
      • No Absolutes

        @Lerianis10: I'll agree that DDoS is not likely stoppable in the foreseeable future, certainly as long as botnets and the like exist. However, right now, there are several ways to make it effectively impossible to track packets end-to-end. It might not hold true in the future, but packet data is generally not kept around, so unlike fingerprints and DNA, you probably don't have to worry about your packets sent today being tracked in 2021. These methods are mostly only used by the military and criminals, but it's possible, and not that hard. Check out the Tor project for good-enough protection, if you don't want to go beyond the download-and-go solutions.
        Mr. Copro Encephalic to You
    • That internet would be free of accountability...

      If no one is able to track anyone, then all sorts of crimes will happen all the time, to everyone... without any penalties.

      I'm of the opinion where there should be less anonymity in general. Have things more encrypted, where there's automatic keys being passed that encrypt all traffic...

      they can easily know who sent it, but they can't easily know what it contains. Thus, when a crime happens, there's a clear trace that can be turned over... but it should only be turned over at a court order.

      Oh, and if you ever had an internet with no form of government, how would you prevent people from locking each other out? :P
  • RE: Openflow: Internet 3.0?

    The issue here is essentially how the internet was created in the first place. The protocols in use were never meant for this big an infrastructure. Ideally, the internet needs to be completely rebuilt. The problem with that is the world runs on the internet now. This internet would have to be maintained while the other was being built in it's place. GIANT undertaking.
  • If you want Bandwidth Throttling then this is the answer

    Think about it. If the major contributors & backbones switched to IPv6 and consumers were still on IPv4, then P2P will be throttled. The current problem with the 2 versions is their compatibility, ISPs will have to install converters for their consumers to switch from IPv4 to IPv6. The result is huge decline in software, music, and video pirating. For customers to get around this, they will need to install IPv6 modems, switches, etc so they will not be throttled. This will be a small price to pay to be a step ahead and gain a much faster speed for businesses before the household takes their step to IPv6.
  • Seems like a product in search of a problem

    Maybe I'm missing something, but all the proposed new features of "OpenFlow" seem pretty standard in current routers.

    I suspect the "new" would be in cross-licensing into a new "standard" these existing technologies so that the big players can lock up the market.

    Not that there's anything wrong with making a buck, but Google, M$, Verizon, etc. aren't going to promote any technology out of the goodness of their hearts. There's always a market angle.
    • cross license? nah. It's in reduced overhead

      If everyone makes standard hardware, all of these features will be handled *THE SAME WAY*. When everything is uniform, you only need 1 set of maintenance guides, 1 manual, 1 training course... Google and Verizon and other consumers want to reduce their costs (the market angle you mention). Cisco will go along with it, because these giants will buy the hardware that offers this standard.

      It's not about *adding* features, it's about reducing *costs*. The market has cost AND benefit to consider, after all.
    • RE: Openflow: Internet 3.0?

      @Takalok Actually from I read it just combining and cleaning up all the current different versions and combining those into a single open standard. I am presuming the reason it is called openflow is because it free to use by anyone . Which it surely has to be otherwise the current users would just carry on doing there own seperate versions of the code.

      The reason they probably all supporting it is because it will surely cut costs in the long term.
    • RE: Openflow: Internet 3.0?


      Standard is perhaps not the right word for what you mean. Perhaps typical would be more precise. This is a perennial issue. Cisco has CDP, but they mess with it whenever they like, and no one else can predict what they'll do next with it. So, everyone else gets together and comes up with LLDP to do it instead. LLDP didn't make CDP go away. It just took a function everyone was using a made it so admins had the option of deploying it in a heterogeneous environment with an expectation it would actually work.
  • RE: Openflow: Internet 3.0?

    So from the article is appears that for them to use Openflow they will need to purchase new hardware. An for them to role out IP6 they need to buy new hardware so may be they should just do both at the same time and are they two different sets of hardware.
    • RE: Openflow: Internet 3.0?


      Actually, they're both probably software fixes, but you didn't hear that from me, Shhhhh.
  • RE: Openflow: Internet 3.0?

    Frst of all, "clouds" are nothing but a server or a server farm with accounts and applications, so it's no different than any server farm, really, except now joining the "cloud" makes you an even easier target because every member is now located in the ONE set of servers for exploitation. Sensitive data/operations/data do NOT belong on the cloud! They belong where they were developed and NOT connected to the 'net, in fact!

    Secondly, OpenFlow, whatever it really is, is totally unnecessary; everything that needs to be done for the 'net can already easily be done NOW with the possible exception of IPV 6! Spam could be stopped right in its track if EVERY ISP dropped anything without a valid connection data at every node along the way, including the originating machine. They simply refuse to do so and put ZERO interest n whether there are forgeries in a mail, allowing scams, spams, stalking, Nigeria-like frauds and all kinds of things. All it would take is to use what is already available to them!
    So what makes anyone think, with today's ISP attitudes, that Openflow would find itself a useful home, well, anywhere? It's really just one more protocol in the protocol basket IMO; we havn\'t yet used what we have!
    Starting up a new 'net might be an interesting task, one which I doubt would have the steam to happen anyway. Yuk! Not enough information in the article to get me interested; I don't know about others.
  • RE: Openflow: Internet 3.0?

    Openflow has security vulnerabilities but patches have been released to make it more secured
    <H1><a href="">Louisville seo</a></H1>
  • RE: Openflow: Internet 3.0?

    I can almost see a lot of hacker when openflow approved as the standard protocol... <a href="" rel="dofollow">action forex</a>