Limited flow table size in switches is a major concern for SDN applications. The common approach to overcome this problem is to identify elephant flows and solely focus on them. However, there is no gold standard to assess the effectiveness of such greedy solutions. In this paper, we formally define this problem by choosing a cost function (hit ratio) and an objective function to optimize the (average table occupancy) and present the optimum solution (i.e., theoretical gold standard) for it. We model the problem as a knapsack problem, analyze how its solution minimizes the table occupancy, and the similarities to and differences from the default idle timeout mechanism used in OpenFlow. We also present a new approach to minimize flow table occupancy based on the insight gained from the knapsack model analysis. Our solution expedites rule evictions by forecasting the TCP flow termination from RST/FIN packets and delays rule installation by incubating non-TCP flows. It reduces average flow table occupancy between 16%-62% in various networks with less than 1.5% reduction in hit ratio. Using three real-world packet traces, we compare the performance of our solution with the theoretically optimum solution, the static idle timeout approach used in current OpenFlow systems, and heavy hitter detection approaches that are commonly used to solve this problem. We provide in-depth analysis of when and where our approach outperforms other solutions, while discussing why it might be better to use rate-based heavy hitter detection in some scenarios.

• 出版日期2018-8