Table des matières

FlowVisor, a network virtualization layer

FlowVisor was developed and used in production network at Stanford University by OpenNetworkingLab between 2009 and 2013.

What is it ?

FlowVisor is a special SDN controller which aims at separating one physical SDN into multiple (potentially overlapping) virtual slices. “It acts as a controller for the switches and as an OpenFlow switch for the controllers”[1]. “The Prefix-based Layer 2 Network Virtualization (L2PNV) [7] is an extension of FlowVisor, with the main objective of providing a level 2 virtualization engine without using VLAN, instead basing the virtual networks created in Media Access Control (MAC) on the address of origin and destination”[1].

From FlowVisor’s github project (https://github.com/OPENNETWORKINGLAB/flowvisor/):

Although FlowVisor setup may be quite long, as it requires a lot of manual configuration, some tutorials are available on the internet to help network administrators deploying FlowVisor (https://github.com/onstutorial/onstutorial/wiki/Flowvisor-Exercise).

While still being effective and functional, FlowVisor is not maintained anymore and should not be run in production networks[2] for two main reasons:

Yet, FlowVisor has been used from 2009 and is still being used in multiple research networks where slices’ isolation vulnerabilities may not be a big concern.

How it works ?

“The FlowVisor intercepts OpenFlow messages from guest controllers (1) and, using the user’s slicing policy (2), transparently rewrites (3) the message to control only a slice of the network.” [5]

What is the differnece between Flowvisor and VTN ?

In both you create slices or tenant which are basically a group of physical network links and devices.

References