[openflow-discuss] fail-secure and fail-standalone in OF 1.3

Mon, 18 Mar 2013 21:49:29 -0700 

Hi,

I am looking at 1.3 OF spec for "fail secure" & "fail standalone" mode.
<snip>
                
        
        6.3.2 Connection Interruption    
                
        
        
                
                        In the case that a switch loses contact with all 
controllers, as a result of echo request timeouts, TLS session
timeouts, or other disconnections, the switch should immediately enter either 
“fail secure mode” or “fail
standalone mode”, depending upon the switch implementation and configuration. 
In “fail secure mode”,
the only change to switch behavior is that packets and messages destined to the 
controllers are dropped.
Flow entries should continue to expire according to their timeouts in “fail 
secure mode”. In “fail standalone
mode”, the switch processes all packets using the OFPP_NORMAL reserved port; in 
other words, the switch
acts as a legacy Ethernet switch or router. The “fail standalone mode” is 
usually only available on Hybrid
switches (see 5.1).


                        Upon connecting to a controller again, the existing 
flow entries remain. The controller then has the
option of deleting all flow entries, if desired.


                        The first time a switch starts up, it will operate in 
either “fail secure mode” or “fail standalone
mode” mode, until it successfully connects to a controller. Configuration of 
the default set of flow entries
to be used at startup is outside the scope of the OpenFlow protocol. 
</snip>


There is no mention of when can switch finally purge the flows if controller 
connection doesn't come back on time. These entries will hog resources on 
network element and need to be removed, if not reclaimed in certain time.


So, two things, I see here


1. A timeout between controller and network element(switch). Perhaps, a 
negotiated value at the startup.
2. Modification to the "bold" statement above, flow entries may or may not 
remain in network element based on the "timer" expired mentioned in (1).


Can someone let me know, if this already reflected in any future versions or it 
is already covered in 1.3. Otherwise, I would like to see it in future OF spec.


Thanks
-Pradeep.

                                                                                
                  
_______________________________________________
openflow-discuss mailing list
openflow-discuss@lists.stanford.edu
https://mailman.stanford.edu/mailman/listinfo/openflow-discuss

Reply via email to