Christos Tranoris

OpenFlow allows the path of network packets through the network of switches to be determined by software running on multiple routers This separation of the control from the forwarding allows for more sophisticated traffic management. Its inventors consider OpenFlow an enabler of software-defined networking (SDN). More on OpenFlow at www.openflow.org
 Open vSwitch is a switch stack which enables the creation of automated network infrastructure for virtualized environments. It is primarily developed and deployed in Linux, used with some virtualization systems like Xen. Cloud management systems like Xen Cloud Platform and Open Stack have it integrated.
A typical deployment we have is like the following:

 
Since I couldn't find examples for modifying the network source and destination and port forwarding with Open VSwitch both with cli and through an OpenFlow controller, I post it here.
Modifying the network source and destination is useful in different scenarios. A typical scenario is like the following, where for testing a new application or for load balancing reasons to modify destination network IP and port :

 The client believes that "talks" with 192.168.1.244, but it's actually connected to 192.168.1.242 on another port. To accomplish this with openvswitch, one can do this through the following commands in the host machine:

sudo ovs-ofctl --strict add-flow pubbr0 priority=100,idle_timeout=50000,
tcp,dl_dst=00:16:3e:4a:06:bf,
nw_dst=192.168.1.244,tp_dst=80,actions=mod_dl_dst:00:16:3e:50:dd:ac,
mod_nw_dst=192.168.1.242,mod_tp_dst:8000,output:12,local

sudo ovs-ofctl --strict add-flow pubbr0 priority=100,idle_timeout=50000,
tcp,nw_src=192.168.1.242,
dl_src=00:16:3e:50:dd:ac,tp_src=8000,actions=mod_nw_src=192.168.1.244,
mod_tp_src:80,output:1

In scenarios were we have other OpenFlow enabled switches, we can use the so called OpenFlow controllers. An OpenFlow controller can control multiple switches utilizing the OpenFlow protocol. The good thing with controllers, is that now applications can have easy access to the network fabric and modify networking according their needs.
 
One such controller is Floodlight. Floodlight can be expanded through modules, but a nice feature (let aside Java) is that it exposes a RESTful API which makes really easy for apps to exploit it .
The API accepts regular get/post/put/delete http request passing JSON payloads. To connect the controller with the switch, the only thing you need to do is to configure your OpenFlow switch with the location of your controller. After this the controller monitors/manages your switch.
 
So the following can be done to repeat the above scenario, this time from our controller and through the REST API, assuming we're sitting on the same machine with the controller (localhost) and post the following:
 
curl -d '{"switch": "00:00:00:1b:21:cb:fe:44", "name":"static-flow1", "cookie":"0", "priority":"32768", "ether-type":"0x0800", "protocol":"6", "dst-mac":"00:16:3e:4a:06:bf", "dst-ip":"192.168.1.244", "dst-port":"80","active":"true", "actions":"set-dst-ip=192.168.1.242,set-dst-port=8000,output=2"}' http://localhost:8080/wm/staticflowentrypusher/json
 
 
curl -d '{"switch": "00:00:00:1b:21:cb:fe:44", "name":"static-flow2", "cookie":"0", "priority":"32768", "ether-type":"0x0800", "protocol":"6", "src-ip":"192.168.1.244", "src-port":"8000", "src-mac":"00:16:3e:4a:06:bf", "active":"true", "actions":"set-src-ip=192.168.1.242,set-src-port=80,output=1"}' http://localhost:8080/wm/staticflowentrypusher/json
 
Aplying similar commands by modifying only ports you can also make some simple port forwarding.