For years, computer scientists have dreamed up ways to improve networks’ speed, reliability, energy efficiency, and security. But their schemes have generally remained lab projects, because it’s been impossible to test them on a large enough scale to see if they’d work: the routers and switches at the core of the Internet are locked down, their software the intellectual property of companies such as Cisco and Hewlett-Packard.
Frustrated by this inability to fiddle with Internet routing in the real world, Stanford computer scientist Nick McKeown and colleagues developed a standard called OpenFlow that essentially opens up the Internet to researchers, allowing them to define data flows using software–a sort of “software-defined networking.” Installing a small piece of OpenFlow firmware (software embedded in hardware) gives engineers access to flow tables, rules that tell switches and routers how to direct network traffic. Yet it protects the proprietary routing instructions that differentiate one company’s hardware from another.
With OpenFlow installed on routers and switches, researchers can use software on their computers to tap into flow tables and essentially control a network’s layout and traffic flow with the click of a mouse. This software-based access allows computer scientists to inexpensively and easily test new switching and routing protocols. “Today, security, routing, and energy management are dictated by the box, and it’s very hard to change,” says McKeown. “That’s why the infrastructure hasn’t changed for 40 years.”
Normally, when a data packet arrives at a switch, firmware checks the packet’s destination and forwards it according to predefined rules over which network operators have no control. All packets going to the same place are routed along the same path and treated the same way.
On a network running OpenFlow, computer scientists can add to, subtract from, and otherwise meddle with these rules. This means that researchers could, say, give video priority over e-mail, reducing the annoying stops and starts that sometimes plague streaming video. They could set up rules for traffic coming from or going to a certain destination, allowing them to quarantine traffic from a computer suspected of harboring viruses.
And OpenFlow can be used to improve cellular networks as well. Mobile-service providers have begun to expand their networks using commodity hardware built for the Internet. But such hardware is horrible at maintaining connections when a user is moving: just think about the less-than-seamless way that a laptop’s data connection is transferred from one wireless base station to another. OpenFlow, says McKeown, offers service providers a way to try out new solutions to the mobility problem.
McKeown’s group receives funding and equipment from networking companies such as Cisco, Juniper, HP, and NEC, as well as cellular providers including T-Mobile, Ericsson, and NTT DoCoMo. Ideas tested on switches running OpenFlow could be incorporated into the firmware of new routers, or they could be added to old ones through firmware updates. McKeown expects that within the year, one or more of these companies will ship products with OpenFlow built in.