Cisco Plug-in for OpenFlow Configuration Guide for Catalyst 3850 and 3650 Series Switches

Prerequisites for Cisco Plug-in for OpenFlow

A Cisco device and its corresponding operating system that supports the installation of Cisco Plug-in for OpenFlow.

Note

Refer to the corresponding release notes for information about which operating system release supports the features and necessary infrastructure.

Release notes for Cisco Catalyst 3850 Series Switches
Release notes for Cisco Catalyst 3650 Series Switches

An open virtual application (OVA) package that is compatible with the device operating system and downloaded from an FTP server connected to the device. The OVA package is available for download in the same location as your system image (.bin) file.

A controller installed on a connected server.

Table 1 Controller Support
OpenFlow Version	Supported Controllers
OpenFlow 1.0	Extensible Network Controller (XNC) 1.0, POX, Cisco Open SDN Controller, or Ixia controllers .
OpenFlow 1.3	Ixia, Cisco Open SDN Controller, or OpenDaylight

The required disk storage available on the device for installation and deployment of Cisco Plug-in for OpenFlow. The recommended disk space is 360 MB.
2048 TCAM entries are available before you enable OpenFlow.

Restrictions for Cisco Plug-in for OpenFlow

Cisco Plug-in for OpenFlow supports only a subset of OpenFlow 1.3 functions. For more information, see the Cisco Plug-in for OpenFlow Feature Support section.
You cannot configure more than one Cisco Plug-in for OpenFlow logical switch. The logical switch ID has a value of 1.
OpenFlow hybrid model (ships-in-the-night) is supported. VLANs configured for Cisco Plug-in for OpenFlow logical switch ports should not overlap with regular device interfaces.
Cisco Plug-in for OpenFlow logical switch ports must not be configured in a mode other than trunk port.
You cannot configure a bridge domain, Virtual LANs, virtual routing and forwarding (VRF) or port-channel interfaces on a Cisco Plug-in for OpenFlow logical switch. You can only configure physical interfaces.
You cannot make additional configurations to an interface configured as a port of Cisco Plug-in for OpenFlow Logical Switch without removing the configuration as a port of Cisco Plug-in for OpenFlow Logical Switch.
High availability is not supported. On switchover, all flows are deleted resulting in traffic loss. When the standby RP becomes active, the flows are relearned from the controller and reprogrammed. Until then, traffic loss is experienced.
Cisco IOS In-Service Software Upgrade (ISSU) is not supported for Cisco Plug-in for OpenFlow.
MIBs and XMLs are not supported.
You must not add or remove an interface as a port of a Cisco Plug-in for OpenFlow if the Cisco Plug-in for OpenFlow is inactive or not running.
Cisco Catalyst 3850 switch supports 1000 L2 flows with EtherType, 200 L2 flows without EtherType, and 500 L3 flows.
Cisco Catalyst 3650 switch supports 500 L2 flows with EtherType, 100 L2 flows without EtherType type, and 250 L3 flows.
A maximum of 48 ports can be assigned for Openflow operation.
In general, the maximum sustained flow programming rate from the controller should not exceed 50 (added or deleted) flows per second. For flows that have more than 1 match criteria (more than input port + 1 match), the sustained controller programming rate should not exceed 40 flows per second.
The maximum burst flow programming rate from the controller should not exceed 1000 flows, spaced by 30-second time intervals. A minimum of 30-second time interval should be maintained between addition or deletion of flows.
The rate of PACKET_IN messages sent to the controller should be rate-limited to 300 packets per second, using configuration.

About OpenFlow

OpenFlow Switch Specification Version 1.0.1 (Wire Protocol 0x01), referred to as OpenFlow 1.0, and OpenFlow Switch Specification Version 1.3.0 (Wire Protocol 0x04), referred to as OpenFlow 1.3, are based on the concept of an Ethernet switch with an internal flow table and standardized interface to allow traffic flows on a device to be added or removed. OpenFlow 1.3 defines the communication channel between Cisco Plug-in for OpenFlow and controllers.

Cisco supports a subset of OpenFlow 1.0 and OpenFlow 1.3 functions.

A controller can be Extensible Network Controller (XNC) 1.0, or any controller compliant with OpenFlow 1.3.

The following figure gives an overview of the OpenFlow network:

Figure 1. OpenFlow Overview

Related concepts include:

Cisco Plug-in for OpenFlow Operation
OpenFlow Controller Operation
Cisco Plug-in for OpenFlow and Virtual Services Container

Related Information

Cisco Plug-in for OpenFlow Feature Support

Cisco Plug-in for OpenFlow and Virtual Services Container

OpenFlow Workflow

Cisco Plug-in for OpenFlow Operation

Cisco Plug-in for OpenFlow creates OpenFlow–based connections to controllers for a Cisco Plug-in for OpenFlow logical switch. The Cisco Plug-in for OpenFlow creates databases for the following:

A configured logical switch—Contains all the information needed to connect to a controller.
OpenFlow-enabled interfaces—Contains the list of OpenFlow-enabled interfaces associated with a logical switch.
Flows—Contains the list of flows on a logical switch and for the interface that is programmed into forwarded traffic.

OpenFlow Controller Operation

OpenFlow controller (referred to as controller) controls the switch and inserts flows with a subset of OpenFlow 1.3 and 1.0 match and action criteria through Cisco Plug-in for OpenFlow logical switch. Cisco Plug-in for OpenFlow rejects all OpenFlow messages with any other action.

Cisco Plug-in for OpenFlow and Virtual Services Container

Cisco Plug-in for OpenFlow runs in an operating–system–level virtual service container on the device. The Cisco Plug-in for OpenFlow virtual service container is delivered in an open virtual application (OVA) file package (.ova). The OVA package is installed and enabled on the device through the CLI.

Cisco Plug-in for OpenFlow Feature Support

The following is a subset of OpenFlow 1.3 and OpenFlow 1.0 functions that are supported by Cisco Plug-in for OpenFlow.

Feature

Notes

The OpenFlow hybrid (ships-in-night) model is supported.

OpenFlow-hybrid models where traffic can flow between Cisco Plug-in for OpenFlow ports and regular interfaces (integrated) are not supported. Both types of ports can transmit and receive packets.

Note

VLANs must be configured such that the VLANs on the Cisco Plug-in for OpenFlow do not overlap with those on the regular device interfaces.

Configuration of physical interfaces as Cisco Plug-in for OpenFlow logical switch ports

Bridge domain, Virtual LANs and Virtual Routing and Forwarding (VRF), and port-channel interfaces are not supported.

Only L2 interfaces can be Cisco Plug-in for OpenFlow logical switch ports.

Supported OpenFlow message types

Controller to switch:
- Handshake
- Switch Configuration
- Modify State (Port Modification message is not supported)
- Read State
- Packet-Out
- Barrier
Asynchronous messages:
- Packet-In
- Flow Removed
- Port Status
- Error
Symmetric messages:
- Hello
- Echo Request
- Echo Reply
- Vendor

Connection to controllers

You can connect up to eight controllers.

Connection to the controller through a management interface or a switched virtual interface (SVI) is supported.

Connection via TCP and TLS is supported.

Multiple actions

If multiple actions are associated with a flow, they are processed in the order specified. The output action should be the last action in the action list. Any action after the output action is not supported, and can cause the flow to fail and return an error to the controller.

Flows defined on the controller must follow the these guidelines:

The flow can have only one output action.
Some action combinations which are not supported may be rejected at flow programming time.
The flow should not have an output–to–controller action in combination with other rewrite actions.

Supported OpenFlow counters

Per Table—Active entries, packet lookups, and packet matches.

Per Flow—Received Packets, Received bytes, Duration (seconds), Duration (milliseconds).

Per Port—Received or transmitted packets, and bytes.

Per Controller— Flow addition, modification, deletion, error messages, echo requests or replies, barrier requests or replies, connection attempts, successful connections, packet in or packet out.

Default forwarding rule

All packets that cannot be matched to programmed flows are dropped by default. You can configure sending unmatched packets to the controller. You can modify the default action taken on unmatched packets either using the default-miss command or by the controller.

Idle timeout

A minimum Idle timeout of 14 seconds is supported for 700 flows and 48 ports.

The statistics collection interval influences the minimum idle timeout. When the interval is set to 7 seconds, the timeout is a minimum of 14 seconds. 700 flows are supported with the 14-second idle timeout.

When using an idle timeout of less than 25 seconds, the number of L3 flows should be limited to 700.

Supported Match and Actions and Pipelines

Feature

Notes

Pipelines for Cisco Plugin for OpenFlow Logical Switch

Pipelines are mandatory for logical switch. The logical switch supports only pipeline 1.

The logical switch supports only table 1.

Forwarding Table

Match Criteria:

Input Port
Ethernet type
Source Mac Address
Dest Mac Address
VLAN priority
VLAN ID
IP TOS (DSCP bits)
IP Protocol (except for lower 8 bits of ARP code)
IPv4 Source Address
IPv4 Destination Address
Layer 4 Source Port
Layer 4 Destination Port
IPv6 Source Address
IPv6 Destination Address

Action Criteria:

Forward: Controller
Forward: Port
Forward: Drop
Forward: to Queue
Forward: Controller + Port
Set VLAN ID
New VLAN ID
Replace VLAN ID
Set VLAN Priority
Strip VLAN Header
Modify Source MAC
Modify Destination MAC
Modify IPv4 Source Address
Modify IPv4 Destination Address
Modify IPv4 TOS bits
Modify L4 source port
Modify L4 destination port
Decrement TTL

Number of flows

Flow type	TCAM entries for each flow	Scale (c3850)	Scale (c3650)
L2 with EtherType	1	1000	500
L3	2	500	250
L2 without EtherType	5	200	100

Configuration of VLANs for each port of the Cisco Plug-in for OpenFlow logical switch

VLAN range is from 1 to 4094.

OpenFlow Workflow

The following figure describes the overall process of installing and activating the Cisco Plug-In for Open Flow.

Figure 2. OpenFlow WorkFlow

Specifying a Route to a Controller

The following tasks are used to specify a route from the device to a controller. This can be done using a physical interface (Front Panel) or a management interface.

Specifying a Route to a Controller Using a Physical Interface
Specifying a Route to a Controller Using a Management Interface

Related Information

Specifying a Route to a Controller Using a Physical Interface

Specifying a Route to a Controller Using a Management Interface

Specifying a Route to a Controller Using a Physical Interface

SUMMARY STEPS

1. enable

2. configure terminal

3. interface type number

4. no switchport

5. ip address ip-address mask

6. exit

7. ip route 0.0.0.0 0.0.0.0 next-hop

8. exit

9. copy running-config startup-config

DETAILED STEPS

	Command or Action	Purpose
Step 1	enable Example: Switch> `enable`	Enables privileged EXEC mode. Enter your password if prompted.
Step 2	configure terminal Example: Switch# `configure terminal`	Enters the global configuration mode.
Step 3	interface type number Example: Switch(config)# `interface GigabitEthernet1/0/1`	Enters the physical interface. The interface used here should not be an Cisco Plug-in for OpenFlow ports.
Step 4	no switchport Example: Switch(config-if)# `no switchport`	Configures a specified interface as a Layer 3 interface and deletes any interface configuration specific to Layer 2.
Step 5	ip address ip-address mask Example: Switch(config-if)# `ip-address 10.0.1.4 255.255.255.0`	Configures an IP address for a specified interface.
Step 6	exit Example: Switch(config-if)# `exit`	Exits interface configuration mode and enters global configuration mode.
Step 7	ip route 0.0.0.0 0.0.0.0 next-hop Example: Switch(config)# `ip route 0.0.0.0 0.0.0.0 10.0.1.6`	Configures a default route for packet addresses not listed in the routing table. Packets are directed to a controller.
Step 8	exit Example: Switch(config)# `exit`	Exits global configuration mode and enters privileged EXEC mode.
Step 9	copy running-config startup-config Example: Switch# `copy running-config startup-config`	(Optional) Saves your entries in the configuration file.

What to Do Next

Configure interfaces for the Cisco Plug-in for OpenFlow logical switch.

Specifying a Route to a Controller Using a Management Interface

SUMMARY STEPS

1. enable

2. configure terminal

3. interface type number

4. ip address ip-address mask

5. exit

6. ip route vrf vrf-name 0.0.0.0 0.0.0.0 next-hop

7. exit

DETAILED STEPS

	Command or Action	Purpose
Step 1	enable Example: Switch> `enable`	Enables privileged EXEC mode. Enter your password if prompted.
Step 2	configure terminal Example: Switch# `configure terminal`	Enters the global configuration mode.
Step 3	interface type number Example: Switch(config)# `interface GigabitEthernet0/0`	Enters the management interface. The interface used here should not be an Cisco Plug-in for OpenFlow ports.
Step 4	ip address ip-address mask Example: Switch(config-if)# `ip-address 10.0.1.4 255.255.255.0`	Configures an IP address for the specified interface.
Step 5	exit Example: Switch(config-if)# `exit`	Exits interface configuration mode and enters global configuration mode.
Step 6	ip route vrf vrf-name 0.0.0.0 0.0.0.0 next-hop Example: Switch(config)# `ip route vrf mgmtVrf 0.0.0.0 0.0.0.0 10.0.1.6`	Configures an IP address for the specified interface.
Step 7	exit Example: Switch(config)# `exit`	Exits global configuration mode and enters privileged EXEC mode.

What to Do Next

Configure interfaces for the Cisco Plug-in for OpenFlow logical switch.

Configuring OneP

To enable the internal OneP infrastructure required to support the OpenFlow Plug-in, perform this task

SUMMARY STEPS

1. enable

2. configure terminal

3. onep

4. end

5. copy running-config startup-config

DETAILED STEPS

	Command or Action	Purpose
Step 1	enable Example: Switch> `enable`	Enables privileged EXEC mode. Enter your password if prompted.
Step 2	configure terminal Example: Switch# `configure terminal`	Enters the global configuration mode.
Step 3	onep Example: Switch(config)# `onep`	Enters OneP configuration mode.
Step 4	end Example: Switch(config-onep)# `end`	Returns to privileged EXEC mode.
Step 5	copy running-config startup-config Example: Switch# `copy running-config startup-config`	(Optional) Saves your entries in the configuration file.

Configuring a Cisco Plug-in for OpenFlow Logical Switch

To configure a Cisco Plug-in for OpenFlow logical switch and the IP address of a controller, perform this task:

SUMMARY STEPS

1. enable

2. configure terminal

3. openflow

4. switch logical-switch-id

5. pipeline pipeline-id

6. of-port interface interface-name

7. protocol-version version-info

8. controller ipv4 ip-address [ port tcp-port ][ vrf vrf-name ] security{ none | tls }

9. default-miss action-for-unmatched-flows

10. datapath-id datapath-id

11. (Optional) tls trust-point local local-trust-point remote remote-trust-point

12. (Optional) logging flow-mod

13. (Optional) probe-interval probe-interval

14. (Optional) rate-limit packet_in controllet-packet-rate burst maximum-packets-to-controller

15. (Optional) max-backoff backoff-timer

16. statistics collection-interval interval

17. end

18. copy running-config startup-config

DETAILED STEPS

	Command or Action	Purpose
Step 1	enable Example: Switch> `enable`	Enables privileged EXEC mode. Enter your password if prompted.
Step 2	configure terminal Example: Switch# `configure terminal`	Enters the global configuration mode.
Step 3	openflow Example: Switch(config)# `openflow`	Enters Cisco Plug-in for OpenFlow mode.
Step 4	switch logical-switch-id Example: Switch(config-ofa-switch)# `switch 1`	Specifies an ID for a logical switch that is used for OpenFlow switching and enters logical switch configuration mode. The only logical switch ID supported is 1.
Step 5	pipeline pipeline-id Example: Switch(config-ofa-switch)# `pipeline 1`	Configures a pipeline . This step is mandatory for a logical switch configuration. The only pipeline ID supported is 1.
Step 6	of-port interface interface-name Example: Switch(config-ofa-switch)# `of-port interface GigabitEthernet1/0/23` Example: Switch(config-ofa-switch)# `of-port interface TenGigabitEthernet1/1/2`	Configures an Ethernet interface as a port of a Cisco Plug-in for OpenFlow logical switch. Observe these guidelines: Do not abbreviate the interface type. Ensure that the interface type is spelled out completely and is as shown in the examples. If the keyword is abbreviated, the interface is not configured. The interface must be designated for the Cisco Plug-in for OpenFlow logical switch only. The onep application openflow exclusive configuration is added to an interface when an interface is configured as a port of Cisco Plug-in for OpenFlow. To add or remove an interface as a port of Cisco Plug-in for OpenFlow, ensure that the Cisco Plug-in for OpenFlow is activated and running to ensure the proper automatic addition and removal of the onep application openflow exclusive configuration. To remove an interface as a port of Cisco Plug-in for OpenFlow, use the no form of this command. Repeat this step to configure additional interfaces.
Step 7	protocol-version version-info Example: Switch(config-ofa-switch)# `protocol-version negotiate`	Configures the protocol version. Supported values are: 1.0—Configures device to connect to 1.0 controllers only. 1.3—Configures device to connect to 1.3 controllers only. negotiate—Negotiates the protocol version with the controller. Device uses 1.3 for negotiation. The default value is negotiate.
Step 8	controller ipv4 ip-address [ port tcp-port ][ vrf vrf-name ] security{ none \| tls } Example: Controller in default VRF: Switch(config-ofa-switch)# `controller ipv4 5.0.32.10 security none` Controller in management VRF: Switch(config-ofa-switch)# `controller ipv4 5.0.32.10 vrf mgmtVrf security none`	Specifies the IPv4 address, port number used by the controller to connect to the logical switch and the VRF of the controller. Observe these guidelines: Repeat this step if you need to configure additional controllers. You can configure up to eight controllers. If TLS is used in this step, configure TLS trustpoints in the next step. You can use the clear openflow switch 1 controller all command to clear controller connections. This command can reset a connection after Transport Layer Security (TLS) certificates and keys are updated. This is not required for TCP connections. If unspecified, the default VRF is used; Controllers use TCP port 6653 by default. A connection to a controller is initiated by the logical switch.
Step 9	default-miss action-for-unmatched-flows Example: Switch(config-ofa-switch)# `default-miss continue-controller`	Configures the action to be taken for packets that do not match any of the flow defined. Supported values are: continue-drop continue-controller drop controller The default action for both tables or pipeline 1 is drop. This can be overridden by this configuration or the controller.
Step 10	datapath-id datapath-id Example: Switch(config-ofa-switch)# `datapath-id 0x222`	Configures a unique datapath ID for the switch. This step is mandatory for a logical switch configuration. Enter a 64-bit hexadecimal value.
Step 11	tls trust-point local local-trust-point remote remote-trust-point	(Optional) Specifies the local and remote TLS trustpoints to be used for the controller connection. For more information about configuring trustpoints, see chapter PKI Trustpool Management in the Public Key Infrastructure Configuration Guide.
Step 12	logging flow-mod	(Optional) Enables logging of flow changes, including addition, deletion, and modification of flows. Logging of flow changes is a CPU intensive activity and should not be enabled for a large number of flows. Logging of flow changes is disabled by default. Flow changes are logged in syslog and can be viewed using the show logging command.
Step 13	probe-interval probe-interval Example: Switch(config-ofa-switch)# `probe-interval 7`	(Optional) Configures the interval (in seconds) at which the controller is probed. After the configured interval of time passes, if the switch has not received any messages from the controller, the switch sends an echo request (echo_request) to the controller. It should normally receive an echo reply (echo_reply). If no message is seen for the duration of another probe interval, the switch presumes that the controller is down and disconnects the controller connection. The switch tries to reconnect periodically. The default value is 5 seconds; the range is from 5 to 65535 seconds.
Step 14	rate-limit packet_in controllet-packet-rate burst maximum-packets-to-controller Example: Switch(config-ofa-switch)# `rate-limit packet_in 300 burst 50`	(Optional) Configures the maximum packet rate sent to the controller and the maximum packets burst sent to the controller in a second. The default value is zero, that is, an indefinite packet rate and packet burst is permitted. This rate limit is for Cisco Plug-in for OpenFlow. It is not related to the rate limit of the device (data plane) configured by COPP.
Step 15	max-backoff backoff-timer Example: Switch(config-ofa-switch)# `max-backoff 8`	(Optional) Configures the duration (in seconds) for which the device must wait before attempting to initiate a connection with the controller. The device initially tries to initiate connection frequently, as the number of unsuccessful attempts increases, the device tries less frequently, that is, the waiting period between attempts also increases. The backoff timer configures the maximum period that the device waits in-between each retry. The default value is 8 seconds; the range is from 1 to 65535 seconds.
Step 16	statistics collection-interval interval Example: Switch(config-ofa-switch)# `statistics collection-interval 0`	Configures the statistics collection interval (in seconds) for all configured flows of Cisco Plug-in for OpenFlow. Observe these guidelines: The default interval value is 7 seconds. The minimum interval is 7 seconds; the maximum is 82 seconds. You can also specify a value of 0, this disables statistics collection. Flows with an idle timeout value less than 2 * interval are rejected. Configured interval value is displayed in the output of the show openflow switch 1 command.
Step 17	end Example: Switch(config-ofa-switch)# `end`
Step 18	copy running-config startup-config Example: Switch# `copy running-config startup-config`	(Optional) Saves your entries in the configuration file.

What to Do Next

Verify Cisco Plug-in for OpenFlow.

Related Information

Verifying Cisco Plug-in for OpenFlow

Configuration Examples for Cisco Plug-In for OpenFlow

Verifying Cisco Plug-in for OpenFlow

SUMMARY STEPS

1. show openflow copyright

2. show openflow switch switch-id

3. show openflow switch switch-id controllers [ stats ]

4. show openflow switch switch ports

6. show openflow switch switch-id stats

7. show interfaces type number counter

8. show running-config | section openflow

9. show openflow hardware capabilities

DETAILED STEPS

Step 1	show openflow copyright Displays copyright information related to Cisco Plug-in for OpenFlow. Example: Switch# `show openflow copyright` openflow-ott-of-c3k-118-3920 Cisco Plug-in for OpenFlow TAC support: http://www.cisco.com/tac Copyright (c) 2013-2015 by Cisco Systems, Inc. All rights reserved. The copyrights to certain works contained in this software are owned by other third parties and used and distributed under license. Certain components of this software are licensed under the GNU General Public License (GPL) version 2.0, the GNU Lesser General Public License (LGPL) Version 2.1, or or the GNU Library General Public License (LGPL) Version 2. A copy of each such license is available at http://www.opensource.org/licenses/gpl-2.0.php and http://www.opensource.org/licenses/lgpl-2.1.php and http://www.gnu.org/licenses/old-licenses/lgpl-2.0.txt
Step 2	show openflow switch switch-id Displays information related to Cisco Plug-in for OpenFlow logical switch. Example: Switch# `show openflow switch 1` openflow-ott-of-c3k-118-3920 Logical Switch Context Id: 1 Switch type: Forwarding Pipeline id: 1 Data plane: secure Table-Miss default: continue-controller Configured protocol version: Negotiate Config state: no-shutdown Working state: enabled Rate limit (packet per second): 300 Burst limit: 50 Max backoff (sec): 8 Probe interval (sec): 7 TLS local trustpoint name: not configured TLS remote trustpoint name: not configured Logging flow changes: Disabled Stats collect interval (sec): 0 Stats collect Max flows: 0 Stats collect period (sec): disabled Minimum flow idle timeout (sec): disabled OFA Description: Manufacturer: Cisco Systems, Inc. Hardware: WS-C3650-24TS V01 Software: Cisco IOS Software, IOS-XE Software, Catalyst L3 Switch Software (CAT3K_CAA-UNIVERSALK9-M), Version 03.07.03.E3.369 EARLY DEPLOYMENT PROD BUILD ENGINEERING NOVA_WEEKLY BUILD, synced to FLO_DSGS7_BENI_MR2_SYNC\| of_agent 1.1.64148n Serial Num: FDO1909E0XX DP Description: ott-of-c3k-118:sw1 OF Features: DPID:0000000000000222 Number of tables:1 Number of buffers:256 Capabilities: FLOW_STATS TABLE_STATS PORT_STATS Controllers: 5.0.32.10:6233, Protocol: TCP, VRF: default Interfaces: GigabitEthernet1/0/1 GigabitEthernet1/0/3
Step 3	show openflow switch switch-id controllers [ stats ] Displays information related to the connection status between an Cisco Plug-in for OpenFlow logical switch and connected controllers. Example: Switch# `show openflow switch 1 controllers stats` `openflow-ott-of-c3k-118-3920 Logical Switch Id: 1 Total Controllers: 1 Controller: 1 address : tcp:5.0.32.10:6233 connection attempts : 2 successful connection attempts : 1 flow adds : 0 flow mods : 0 flow deletes : 0 flow removals : 0 flow errors : 0 flow unencodable errors : 0 total errors : 0 echo requests : rx: 0, tx: 0 echo reply : rx: 0, tx: 0 flow stats : rx: 0, tx: 0 barrier : rx: 1, tx: 1 packet-in/packet-out : rx: 0, tx: 16` Switch# `show openflow switch 1 controllers` `openflow-ott-of-c3k-118-3920 Logical Switch Id: 1 Total Controllers: 1 Controller: 1 5.0.32.10:6233 Protocol: tcp VRF: default Connected: Yes Role: Master Negotiated Protocol Version: OpenFlow 1.0 Last Alive Ping: 11/17/2015 01:35:51 last_error:Connection timed out state:ACTIVE sec_since_connect:16 sec_since_disconnect:17`
Step 4	show openflow switch switch ports Displays the mapping between physical device interfaces and ports of an Cisco Plug-in for OpenFlow logical switch. Example: Switch# `show openflow switch 1 ports` `openflow-ott-of-c3k-118-3920 Logical Switch Id: 1 Port Interface Name Config-State Link-State Features 5097 Gi1/0/3 PORT_UP LINK_UP 1GB-FD 5098 Gi1/0/1 PORT_UP LINK_UP 1GB-FD`
Step 5	show openflow switch-id flows [ configured \| controller \| default \| fixed \| pending \| pending-del ] [ brief \| summary] Displays flows defined for the device by controllers. Example: Switch# `show openflow switch 1 flows` `openflow-ott-of-c3k-118-3920 Logical Switch Id: 1 Total flows: 3 Flow: 1 Match: in_port=5098 Actions: CONTROLLER:65535 Priority: 32768 Table: 0 Cookie: 0x0 Duration: 21.477s Number of packets: 0 Number of bytes: 0 Flow: 2 Match: in_port=5097 Actions: output:5098 Priority: 32768 Table: 0 Cookie: 0x0 Duration: 7.834s Number of packets: 0 Number of bytes: 0 Flow: 3 Match: any Actions: CONTROLLER:0 Priority: 0 Table: 0 Cookie: 0x0 Duration: 299.759s Number of packets: 0 Number of bytes: 0` Example: Switch# `show openflow switch 1 flows configured` `openflow-ott-of-c3k-118-3920 Logical Switch Id: 1 Total flows: 1 Flow: 1 Match: any Actions: CONTROLLER:0 Priority: 0 Table: 0 Cookie: 0x0 Duration: 370.903s Number of packets: 0 Number of bytes: 0` Example: Switch# `show openflow switch 1 flows controller` `openflow-ott-of-c3k-118-3920 Logical Switch Id: 1 Total flows: 2 Flow: 1 Match: in_port=5098 Actions: CONTROLLER:65535 Priority: 32768 Table: 0 Cookie: 0x0 Duration: 124.211s Number of packets: 0 Number of bytes: 0 Flow: 2 Match: in_port=5097 Actions: output:5098 Priority: 32768 Table: 0 Cookie: 0x0 Duration: 110.568s Number of packets: 0 Number of bytes: 0`
Step 6	show openflow switch switch-id stats Displays send and receive statistics for each port defined for a Cisco Plug-in for OpenFlow logical switch. Example: Switch# `show openflow switch 1 stats` `openflow-ott-of-c3k-118-3920 Logical Switch Id: 1 Total ports: 2 Port 5098: rx pkts=38, bytes=4810, drop=0, errs=0, tx pkts=195, bytes=12652, drop=0, errs=0, Port 5097: rx pkts=0, bytes=0, drop=0, errs=0, tx pkts=195, bytes=12652, drop=0, errs=0, Total tables: 1 Table 0: Openflow SIN Wildcards = 0x00000 Max entries = 1000 Active entries = 2 Number of lookups = 0 Number of matches = 0`
Step 7	show interfaces type number counter Displays send and receive statistics for the specified port defined for an Cisco Plug-in for OpenFlow logical switch. Example: Switch# `show interfaces gigabitethernet 1/0/1 counters` `Port InOctets InUcastPkts InMcastPkts InBcastPkts Gi1/0/1 4810 0 24 14 Port OutOctets OutUcastPkts OutMcastPkts OutBcastPkts Gi1/0/1 13292 102 103 0`
Step 8	show running-config \| section openflow Displays configurations made for Cisco Plug-in for OpenFlow. Example: Switch# `show running-config \| section ^openflow` `openflow switch 1 pipeline 1 controller ipv4 5.0.32.10 port 6233 security none of-port interface GigabitEthernet1/0/1 of-port interface GigabitEthernet1/0/3 default-miss continue-controller probe-interval 7 statistics collection-interval 0 rate-limit packet_in 300 burst 50 datapath-id 0x222`
Step 9	show openflow hardware capabilities Displays Cisco Plug-in for OpenFlow configurations. Example: Switch# `show openflow hardware capabilities` openflow-ott-of-c3k-118-3920 Max Flow Batch Size: 250 Statistics Max Polling Rate (flows/sec): 1024 Max Interfaces: 1000 Aggregated Statistics: YES Pipeline ID: 1 Pipeline Max Flows: 1000 Pipeline Default Statistics Collect Interval: 7 Flow table ID: 0 Max Flow Batch Size: 250 Max Flows: 1000 Bind Subintfs: FALSE Primary Table: TRUE Table Programmable: TRUE Miss Programmable: TRUE Number of goto tables: 0 goto table id: Stats collection time for full table (sec): 1 Match Capabilities Match Types ------------------ ----------- ethernet mac destination optional ethernet mac source optional ethernet type optional VLAN ID optional VLAN priority code point optional IP DSCP optional IP protocol optional IPv4 source address lengthmask IPv4 destination address lengthmask ipv6 source addresss lengthmask ipv6 destination address lengthmask source port optional destination port optional icmpv4 type optional icmpv4 code optional icmpv6 type optional icmpv6 code optional in port (virtual or physical) optional Actions Count Limit Order specified interface 1 100 controller 1 100 divert a copy of pkt to application 1 100 set eth source mac 1 10 set eth destination mac 1 10 set vlan id 1 10 set vlan priority (cos) 1 10 set IPv4 source address 1 10 set IPv4 destination address 1 10 set IP dscp 1 10 set TCP source port 1 10 set TCP destination port 1 10 set UDP source port 1 10 set UDP destination port 1 10 set qos group 1 10 pop vlan tag 1 10 drop packet 1 100 Miss actions Count Limit Order controller 1 100 drop packet 1 100

Related Information

Collecting Troubleshooting Information

Configuration Examples for Cisco Plug-In for OpenFlow

Example: Specifying a Route to a Controller Using a Physical Interface

Switch> enable
Switch# configure terminal
Switch(config)# interface GigabitEthernet1/0/1
Switch(config-if)# no switchport
Switch(config-if)# ip address 10.0.1.4 255.255.255.0
Switch(config-if)# exit
Switch(config)# ip route 0.0.0.0 0.0.0.0 10.0.1.6
Switch# copy running-config startup-config
Switch(config)# exit

Example: Specifying a Route to a Controller Using a Management Interface

Device> enable
Switch# configure terminal
Switch(config)# interface GigabitEthernet0/0
Switch(config-if)# no switchport
Switch(config-if)# ip address 10.0.1.4 255.255.255.0
Switch(config-if)# exit
Switch(config)# ip route vrf mgmtVrf 0.0.0.0 0.0.0.0 10.0.1.6
Switch# copy running-config startup-config
Switch(config)# exit

Example: Cisco Plug-In for OpenFlow Logical Switch Configuration (Default VRF)

Switch> enable
Switch# configure terminal
Switch(config)# onep
Switch(config-onep)# exit

Switch(config)# openflow
Switch(config-ofa)# switch 1

! Specifies the pipeline that enables the IP Forwarding Table.
Switch(config-ofa-switch)# pipeline 1
Switch(config-ofa-switch)# tls trust-point local local-trustpoint-name remote remote-trustpoint-name
Switch(config-ofa-switch)# max-backoff 5
Switch(config-ofa-switch)# probe-interval 5
Switch(config-ofa-switch)# rate-limit packet-in 300 burst 50
Switch(config-ofa-switch)# controller ipv4 10.0.1.6 port 6323 security none
Switch(config-ofa-switch)# datapath-id 0x222

! Adding an interface to the Cisco Plug-In for OpenFlow logical switch.
Switch(config-ofa-switch)# of-port interface GigabitEthernet1/0/23
Switch(config-ofa-switch)#end
Switch# copy running-config startup-config

Example: Configuring a Cisco Plug-In for OpenFlow Logical Switch (Management VRF)

Switch> enable
Switch# configure terminal
Switch(config)# onep
Switch(config-onep)# exit

Switch(config)# openflow
Switch(config-ofa)# switch 1
Switch(config-ofa-switch)# pipeline 1

! Specifying a controller that is part of a VRF.
Switch(config-ofa-switch)# controller ipv4 10.0.1.6 port 6323 vrf mgmtVrf security none

! Adding an interface to the Cisco Plug-In for OpenFlow logical switch.
Switch(config-ofa-switch)# of-port interface GigabitEthernet1/0/23
Switch(config-ofa-switch)# end
Switch# copy running-config startup-config

Additional Information for Cisco Plug-In for OpenFlow

Related Topic	Document Title
Cisco commands	Cisco IOS Master Command List, All Releases

Standards and RFCs

Standard/RFC	Title
OpenFlow 1.3	OpenFlow Switch Specification Version 1.3.0 (Wire Protocol 0x04).
OpenFlow 1.0	OpenFlow Switch Specification Version 1.0.1 (Wire Protocol 0x01).

Technical Assistance

Description	Link
The Cisco Support and Documentation website provides online resources to download documentation and tools. Use these resources to troubleshoot and resolve technical issues with Cisco products and technologies. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password.	http://www.cisco.com/cisco/web/support/index.html

Bias-Free Language

Book Title

Cisco Plug-in for OpenFlow Configuration Guide for Catalyst 3850 and 3650 Series Switches

Chapter Title