ISSN 1000-1239 CN 11-1777/TP

Journal of Computer Research and Development

Previous Articles     Next Articles

Survey of OpenFlow Switch Flow Table Overflow Mitigation Techniques

Xie Shengxu, Xing Changyou, Zhang Guomin, Song Lihua, Hu Guyu   

  1. Command & Control Engineering College, Army Engineering University of PLA, Nanjing 210007
  • Supported by: 
    This work was supported by the National Natural Science Foundation of China (61379149, 61772271) and the China Postdoctoral Science Foundation (2017M610286).

Abstract: The features of software defined networking (SDN) such as forwarding and control separation, centralized control, and open interfaces make the network flexible and controllable, and its architecture has been fully developed. Due to the good combination with various cloud services, SDN has received a large number of commercial deployments in recent years. In OpenFlow-based SDN architecture, ternary content addressable memory (TCAM) is mostly used on hardware switches to store flow entries installed by the controller in order to achieve such goals as fast lookup of flow entries and mask matching. However, limited by the capacity and price of TCAM, the current commercial OpenFlow switches can store at most tens of thousands of flow entries, which leads to the problem of flow table overflow caused by burst traffic or flow table overflow attacks, which seriously affects the network performance. How to establish an efficient flow table overflow mitigation mechanism has attracted extensive attention from researchers. Firstly, the causes and effects of flow table overflow problem in OpenFlow switch are discussed. On this basis, the current research status of flow table overflow mitigation technology is summarized and compared according to the two situations of burst traffic and attack behavior. Finally, the existing research problems are summarized and analyzed, and the future development direction and challenges are forecasted.

Key words: software defined networking, OpenFlow switch, ternary content addressable memory, flow table overflow, mitigation method