So forwarding is done based on MACs? Basically building a large virtual bridge and state is roughly O(N) where N is number of connected ISPs. Because if it's based on L3 information, then any ingress switch on the fabric will need to have forwarding entry for each distinct prefix+next hop that it's expected to forward pkts to... or I'm on the verge of learning about something new, in which case don't be cryptic please ;) On 1/8/2013 8:55 PM, Josh Bailey wrote:

Hi Nathan;

Hardware flows != OpenFlow flows. OpenFlow is an API.

Some reflection on these statements may suggest an answer.

Thanks,

==

If you hit the limit of number of flows, what happens? Does it reject the flow, or does it delete older ones to make room for it?

Given there is no default route, what happens if you get a packet that doesn't match a flow? Does it drop it, or punt it to the controller? (ie. is there a default flow to drop)

If it deletes older flows, and punts non-matching packets to the controller, that sounds like there's a potential for really bad performance spikes as you approach the upper limits of the flow table.

If it deletes older flows and drops non-matching packets, then that's worse.

If you simply reject new flows, then that's a bit better, but you've got to make sure that the route reflectors never re-advertise prefixes unless they're installed in to the flow tables successfully, or you drop packets, or punt them to the controller as above.

Some interesting issues to consider!

Agreed re. VPLS/etc. - but you've got to make sure your switches have reliable connectivity to your controller(s). In a network like WIX, that might be hard, not sure.

_______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog