Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Understanding OpenFlow Hybrid Interfaces on Devices Running Junos OS

On Juniper Networks EX9200 Ethernet Switches and on MX Series 5G Universal Routing Platforms that support OpenFlow, you can configure physical interfaces that support multiple logical interfaces as hybrid interfaces. A hybrid interface concurrently supports OpenFlow logical interfaces and non-OpenFlow logical interfaces.

On a hybrid interface, the OpenFlow protocol and the non-OpenFlow protocols essentially exist independently. Traffic does not get forwarded across OpenFlow and non-OpenFlow logical interfaces. Instead VLANs and VLAN tags are used to distinguish the OpenFlow traffic from the normal traffic. To accomplish this, you must enable the reception and transmission of 802.1Q VLAN-tagged frames on all interfaces, including both hybrid and non-hybrid interfaces. You must also configure separate virtual switch routing instances for OpenFlow traffic and for normal traffic, which serve to separate the VLAN ID space.

On devices using hybrid interfaces, traffic entering an interface must be VLAN-tagged. The VLAN ID differentiates the OpenFlow traffic from the normal traffic, and on the hybrid interface, the VLAN ID also determines the associated logical interface. Once the logical interface is known, the traffic is forwarded accordingly. The device forwards OpenFlow traffic according to OpenFlow flow entries, and it forwards normal traffic using traditional Layer 2 and Layer 3 processing. If you do not configure a native VLAN, untagged packets are dropped.

On a hybrid interface, you configure a logical interface as a trunk interface, which accepts and forwards tagged packets from multiple VLANs. Additionally, you can configure certain non-OpenFlow logical interfaces as Layer 3 subinterfaces that perform traditional Layer 3 or MPLS-based forwarding.

To configure a logical interface to receive and forward VLAN-tagged frames, you must bind a VLAN ID, or a range or list of VLAN IDs, to the logical interface. OpenFlow interfaces must have a different set of VLANs from normal interfaces. On a hybrid interface, OpenFlow traffic can only exit from an interface that has the same VLAN ID range as that of the ingress interface.

A hybrid interface configuration with multiple logical interfaces permits OpenFlow and non-OpenFlow traffic to traverse the same interface while keeping the traffic in separate routing or bridging domains. One advantage of using hybrid interfaces is that you can use fewer physical interfaces where port density is an issue. However, using hybrid interfaces requires some additional configuration, and untagged traffic entering a hybrid port cannot be forwarded according to OpenFlow flow entries. Additionally, several physical port properties such as Layer 1 statistics are reported for all logical interfaces on that physical interface. Thus, when you configure a physical interface in hybrid mode, these properties are reported for all OpenFlow and non-OpenFlow logical interfaces on that physical interface. These properties include queue drops, framing errors, CRC errors, and collisions. When using hybrid interfaces, if you use the Link Layer Discovery Protocol (LLDP) for topology discovery, you must ensure that any LLDP frames entering a hybrid interface are tagged appropriately.