apt install -y  mininet

git clone
mininet/util/ -h

-a: (default) install (A)ll packages - good luck!
-b: install controller (B)enchmark (oflops)
-c: (C)lean up after kernel install
-d: (D)elete some sensitive files from a VM image
-e: install Mininet d(E)veloper dependencies
-f: install Open(F)low
-i: install (I)ndigo Virtual Switch
-k: install new (K)ernel
-m: install Open vSwitch kernel (M)odule from source dir
-n: install Mini(N)et dependencies + core files
-p: install (P)OX OpenFlow Controller
-r: remove existing Open vSwitch packages
-s <dir>: place dependency (S)ource/build trees in <dir>
-t: complete o(T)her Mininet VM setup tasks
-v: install Open (V)switch
-V <version>: install a particular version of Open (V)switch on Ubuntu
-w: install OpenFlow (W)ireshark dissector 
-y: install R(y)u Controller
-x: install NO(X) Classic OpenFlow controller
-0: (default) -0[fx] installs OpenFlow 1.0 versions
-3: -3[fx] installs OpenFlow 1.3 versions

Supported switch & controller


nox=NOX # NOX_CORE_DIR env var


mn --custom mininet/custom/ --topo mytopo \
   --nat --mac --controller=remote,ip=,port=6633 \
   -v debug

mininet> links/dump/net
mininet> py locals()
mininet> py h1

Remote control

Switch - C - Lagopus - OpenFlow 1.3
tunnel protocol processing for overlay-type networking with GRE, VxLAN and GTP. Memory: 2GB or more

Switch - C - OpenFlow 1.3 Software Switch

Switch - C - Open vSwitch - OpenFlow 1.0+

Features mapping:

# Supported datapaths
Linux upstream
Linux OVS tree:implemented by the Linux kernel module distributed with the OVS source tree.
Userspace:Also known as DPDK, dpif-netdev or dummy datapath. on NetBSD, FreeBSD and Mac OSX.
Hyper-V:Also known as the Windows datapath.
version 2.8: OF 1.0-1.4; 1.5/1.6 missing features
All current versions of ovs-ofctl enable only OpenFlow 1.0 by default.

ovs-ofctl -O OpenFlow13 dump-flows br0  # enable support for later versions

  • ovs-vswitchd | ovs-vswitchd.conf.db
  • ovsdb-server
  • ovs-dpctl, a tool for configuring the switch kernel module.
  • ovs-vsctl, a utility for querying and updating the configuration of ovs-vswitchd.
  • ovs-appctl, a utility that sends commands to running Open vSwitch daemons.
  • ovs-ofctl, a utility for querying and controlling OpenFlow switches and controllers.
  • ovs-pki, a utility for creating and managing the public-key infrastructure for OpenFlow switches.
  • ovs-testcontroller, a simple OpenFlow controller that may be useful for testing
  • A patch to tcpdump that enables it to parse OpenFlow messages.
ovn- ovsdb- ovs-* vtep[-ctl]
VTEP: VXLAN Tunnel End Point


apt install -y openvswitch-switch
systemctl status openvswitch-switch.service
ovs-vswitchd -V # check version


ovs-vsctl add-br br0
ovs-vsctl add-port br0 eth0             # trunk port (the default)
ovs-vsctl add-port br0 tap0 tag=9       # access port
ovs-vsctl add-port br0 eth0 tag=9 vlan_mode=native-tagged

            A native-tagged port resembles a  trunk  port,  with  the
            exception  that  a  packet  without an 802.1Q header that
            ingresses on a native-tagged  port  is  in  the  ``native
            VLAN’’ (specified in the tag column).

            A  native-untagged  port  resembles a native-tagged port,
            with the exception that  a  packet  that  egresses  on  a
            native-untagged  port in the native VLAN will not have an
            802.1Q header.

ovs-vsctl set port tap0 tag=9           # set existing port
ovs-vsctl --if-exists del-port tap1
ovs-vsctl set-controller of-switch tcp: # set Remote Controller

Port bonding

ovs-vsctl add-bond br0 bond0 eth0 eth1  # ovs-vswitchd.conf.db(5) for options

each of the interfaces in my bonded port shows up as an individual OpenFlow port.
Open vSwitch makes individual bond interfaces visible as OpenFlow ports, rather than the bond as a whole.

Port mirroring

# eth0 + tap0 mirrored to tap1
ovs-vsctl add-port br0 eth0
ovs-vsctl set bridge br0 stp_enable=true    # not well tested
ovs-vsctl add-port br0 tap0
ovs-vsctl add-port br0 tap1 \
    -- [email protected] get port tap1 \
    -- [email protected] create mirror name=m0 select-all=true [email protected] \
    -- set bridge br0 [email protected]
ovs-vsctl clear bridge br0 mirrors # disable mirror

RSPAN VLAN, mirroring of all traffic to that VLAN. Mirroring to a VLAN can disrupt a network that contains unmanaged switches.


A physical Ethernet device that is part of an Open vSwitch bridge should not have an IP address.

"normalization": a flow cannot match on an L3 field without saying what L3 protocol is in use.

ovs-ofctl add-flow br0 ip,nw_dst=,actions=drop
ovs-ofctl add-flow br0 arp,nw_dst=,actions=drop

"tp_src=1234" will be ignored. write "tcp,tp_src=1234", or "udp,tp_src=1234".

ofport value -1 means that the interface could not be created due to an error.
ofport value [] means that the interface hasn't been created yet.

ovs-dpctl dump-flows queries a kernel datapath
ovs-ofctl dump-flows queries an OpenFlow switch

OVS with faucet | Youtube

Controller - Python - Faucet - OpenFlow 1.3
for multi table OpenFlow 1.3 switches, that implements layer 2 switching, VLANs, ACLs, and layer 3 IPv4 and IPv6 routing, static and via BGP.

Docs PDF



Attribute Default Description
dp_id None Name for this dp, used for stats reporting and configuration
timeout 300 inactive MAC timeout
arp_neighbor_timeout 500 ARP and neighbor timeout (seconds)
stack None stacking config, when cross connecting multiple DPs
vlan_acl_table None
vlan_table None
port_acl_table None The table for internally associating vlans


Attribute Default Description
number None
acl_in None
native_vlan None
tagged_vlans None
permanent_learn False
stack None
unicast_flood True
mirror None
mirror_destination False
max_hosts 255 maximum number of hosts


Attribute Default Description
vlans None


Attribute Default Description
acl_in None
routes None
vid None
faucet_vips None
max_hosts 255 Limit number of hosts that can be learned on a VLAN.
proactive_arp_limit None proactively ARP for hosts (None unlimited)
proactive_nd_limit None proactively ND for hosts (None unlimited)
unicast_flood True

Manually install

sudo pip install faucet
sudo pip install git+
sudo vi /etc/ryu/faucet/faucet.yaml /etc/ryu/faucet.yaml # verify config
ryu-manager faucet.faucet --verbose



mkdir -p faucet.conf.d && mv -t faucet.conf.d/ faucet.yaml acls.yaml
docker run -v $(pwd)/faucet.conf.d/:/etc/ryu/faucet/ \
    --net host --name faucet \
    -d faucet/faucet
netstat -lntup | grep -P '6653|9302'

docker exec -it faucet cat /var/log/ryu/faucet/faucet.log   # check log
docker exec faucet pkill -HUP -f faucet.faucet      # update configuration


IP_faucet=   # don't use domain name
ovs-vsctl add-br br0 \
     -- set bridge br0 other-config:datapath-id=0000000000000001 \
     -- set-controller br0 tcp:$IP_faucet:6653 \
     -- set controller br0 connection-mode=out-of-band
ovs-vsctl add-port br0 enp3s0 -- set interface enp3s0 ofport_request=1
ovs-vsctl -- --columns=name,ofport,link_speed,admin_state,statistics,mac_in_use list Interface   # mapping

for i in 1 2 3; do
    ip tuntap add mode tap dev tap$i
    ovs-vsctl add-port br0 tap$i -- set interface tap$i ofport_request=$i
    ovs-ofctl mod-port br0 tap$i up

cat /var/log/openvswitch/ovs-vswitchd.log
ovs-vsctl show
ovs-vsctl --if-exists del-br br0
ovs-appctl ofproto/trace br0 in_port=tap1

ovs-appctl vlog/list
ovs-appctl vlog/set ANY:file:dbg

ovs-ofctl dump-flows br0
"in-band": controllers are actually part of the network that is being controlled. occasionally they can cause unexpected behavior.

ovs-appctl bridge/dump-flows br0      # full OpenFlow flow table, including hidden flows
ovs-vsctl set bridge br0 other-config:disable-in-band=true # disables in-band control entirely

Controller - Python - Ryu

git clone git://


docker run --rm --net host -it -w /root/ryu osrg/ryu

# start controller & http://server_ip:8080
PYTHONPATH=. ./bin/ryu run \
    ryu/app/gui_topology/ \
    ryu/app/ \

Writing Your Ryu Application


PyCharm Settings | Python Debugger | Gevent compatible debugging
ryu-manager = ryu.cmd.manager:main
ryu = ryu.cmd.ryu_base:main

Controller - OCaml - Frenetic (.ova provided)

Source build

mkdir src && cd src
git clone
cd ..
opam pin add frenetic src/frenetic -n -k git
opam install -y frenetic
sudo pip install -e  src/frenetic/lang/python


git clone
cd programmers_guide/code


Controller - C - OVN

Controller - C++ - OpenContrail by Juniper

DB node: Cassandra database and Zookeeper.
Configuration Node: Neutron server, configuration API server, IF-MAP server, discovery server and configuration related services.
Analytics Node: the analytics data collector, operational and analytics API server and Query engine.
Web UI: the web-server and web job-server
Control node: BGP speaker, DNS server and named
Compute node: the vRouter a kernel loadable module and a user space vRouter agent, along with Openstack compute services.


Controller - JAVA - ODL


Hydrogen    February 2014
Helium    October 2014
Lithium    June 2015
Beryllium    February 2016
Boron    November 2016
Carbon    June 2017
Nitrogen    September 2017




feature:install odl-restconf odl-l2switch-switch odl-mdsal-apidocs odl-dlux-core \
    odl-dluxapps-nodes odl-dluxapps-topology \
    odl-dluxapps-yangui odl-dluxapps-yangvisualizer odl-dluxapps-yangman    
# visit http://server_ip:8080/index.html    # admin/admin

Controller - JAVA - ONOS


8181    for REST API and GUI
8101    to access the ONOS CLI (SSH)
9876    for intra-cluster communication (communication between target machines)
6653    optional, for OpenFlow
6640    optional, for OVSDB


docker run --name onos -d --net host --restart unless-stopped onosproject/onos:1.11.1
ssh -p 8101 [email protected]_ip



onos> (or Web UI)
    apps -a -s
    app activate org.onosproject.openflow
    app activate org.onosproject.fwd
    add-host-intent <tab>


http://server_ip:8181/onos/ui/login.html # onos/rocks

Running as a service

Forming a cluster

Form a cluster of three instances, from one of the target machines

/opt/onos/bin/onos-form-cluster $TARGET_MACHINE_1_IP ... $TARGET_MACHINE_N_IP

Controller - JAVA - Floodlight

sudo apt-get install build-essential ant maven python-dev
git clone git://
cd floodlight
git submodule init
git submodule update
sudo mkdir /var/lib/floodlight
sudo chmod 777 /var/lib/floodlight

Controller - Calico
enabling cloud native application connectivity and policy
integrates with Kubernetes, Apache Mesos, Docker, OpenStack and more

Controller - Scala/JAVA - MidoNet
use with OpenStack, vanilla Linux hosts, Docker, Mesos, etc.
MidoNet supports virtual L2 switches, virtual L3 routing, distributed, stateful source NAT and distributed stateful L4 TCP load balancing.

curl -sL | sudo bash

Controller - Ruby - Trema

Controller - Powershell - Microsoft SDN

Routing framework - Kulfi

Controller - POX(inactive) - python

Controller - More

Open Security Controller - JAVA

C++ simulation library and framework - OMNeT++

Programming - P4

results matching ""

    No results matching ""