Open source SDN Controller for production networks

What is Faucet?

Faucet is a SDN controller that works with Openflow v1.3.x switches supporting multiple tables and group table. The Openflow switch is deployed as a drop in replacement for a L2/L3 switch in the network to enable extra SDN based functionality.

Easy Installation, Upgrades

30seconds to a few minutes depending on the mode of installation: python pip install, OVF/ISO deploy or Docker. Once installed, edit the configuration file and start the controller to manage your switches.
Faster upgrades than non SDN (can upgrade controller in <1sec while network still runs and without rebooting the hardware) → Important with increasing number of zero day attacks

Network Operations

Much easier to automate and integrate configuration (YAML). Real-time time-series database integration for stats → Grafana dashboards. NoSQL database integration for flows.
"Push On Green": Built-in unit test framework for Mininet & Hardware

Control Plane Security

Switch-Controller connection on a dedicated port secured by TLS or 802.1AE MACSec. Faucet initally programs the switch with “default-deny” flows to drop all unknown traffic. Flows periodically timeout and are refreshed by the controller.Faucet implements expiry times on all flows. Forwarding will cease if no controller can be reached for a configurable period of time.
Switch can be configured for “fail-secure” (default) - keep forwarding and using currently programmed flows until they expire or “fail-standalone” - revert to being a non-programmable switch

Hardware Support

Any dataplane (Switch) supporting Openflow v1.3.x with multiple tables and group table. Openflow pipeline is built on Faucet and pushed to switches. Vendor specific pipelines (ex. Broadcom's OFDPA) are not supported. Open vSwitch, Lagopous, HPE Aruba, Allied Telesis, Noviflow, and Northbound Networks are some of the switch vendors supported.

SDN Configurability

Ability to configure learning (ex. Unicast flooding), Routing algorithms, ACLs, Policy Based Forwarding (PBF) based on OpenFlow matches, Stacking of switches (Fabric) and so on. This configurability is the biggest difference between a traditional switch with a SDN enabled one.

High Availability & Scalability

High Availability (HA) via Idempotency (make that same call repeatedly while producing the same result). No inter-controller configuration or communication required. 2+ Faucet instances with the same config are configured for the same switch (fabric) to enable HA.
Faucet minimizes PACKET_INs. Controller scaling is decoupled from switch scaling. Faucet controls a fabric of switches and programs intra-switch dataplane.


Get Started


Installation is very simple. As user root, you install via Python pip. Then edit the faucet.yaml file to configure the switches that you would want to control. After this, Faucet controller can be started using the ryu-manager faucet.pycommand.

                        # pip install ryu-faucet
                        # vi /etc/ryu/faucet/faucet.yaml
                        # ryu-manager <path_to_dir>/faucet.py

Full Documentation

All documentation is available (including FAQ etc) on GitHub

Docs on GitHub Blog Tutorials ACM Queue Videos Podcast


Faucet has been deployed in production around the world. Some of the sites include Open Networking Foundation, REANNZ, AARNet, ESNet, GEANT, GEANT HQ, Victoria University of Wellington, Allied Telesis, and WAND Group Waikato University.


Please subscrible to the appropriate mailing lists [ Annoucements, Developers, Users ] to post your questions and feature requests. Use github Issue to post issues.

Get Connected