From a877a48111fda3cddb0c01d1aef76ff0a59c0ba6 Mon Sep 17 00:00:00 2001
From: wenyingd <wenyingd@vmware.com>
Date: Mon, 9 Aug 2021 07:23:01 -0700
Subject: [PATCH] Modify OF table name

Signed-off-by: wenyingd <wenyingd@vmware.com>
---
 go.mod                                        |   4 +-
 go.sum                                        |   9 +-
 .../apiserver/handlers/ovsflows/handler.go    |  14 +-
 .../handlers/ovsflows/handler_test.go         |   7 +
 .../controller/networkpolicy/packetin.go      |  18 +-
 pkg/agent/controller/traceflow/packetin.go    |  32 +-
 .../controller/traceflow/packetin_test.go     |   8 +-
 pkg/agent/openflow/client_test.go             |   2 +-
 pkg/agent/openflow/network_policy.go          |  12 +-
 pkg/agent/openflow/network_policy_test.go     |  76 ++--
 pkg/agent/openflow/pipeline.go                | 392 +++++++++---------
 pkg/agent/openflow/pipeline_windows.go        |  12 +-
 pkg/agent/querier/querier.go                  |   4 +-
 pkg/agent/querier/querier_test.go             |   1 +
 pkg/antctl/antctl.go                          |   7 +-
 pkg/ovs/openflow/interfaces.go                |  12 +-
 pkg/ovs/openflow/ofctrl_action.go             |   8 +-
 pkg/ovs/openflow/ofctrl_bridge.go             | 100 ++++-
 pkg/ovs/openflow/ofctrl_flow.go               |   2 +-
 pkg/ovs/openflow/ofctrl_flow_test.go          |  16 +-
 pkg/ovs/openflow/ofctrl_group.go              |   2 +-
 pkg/ovs/ovsctl/interface.go                   |   3 +
 pkg/ovs/ovsctl/ofctl.go                       |  18 +-
 pkg/ovs/ovsctl/testing/mock_ovsctl.go         |  19 +
 plugins/octant/go.sum                         |   5 +-
 test/integration/agent/openflow_test.go       |   4 +-
 test/integration/ovs/ofctrl_test.go           | 100 +++--
 test/integration/ovs/openflow_test_utils.go   |   4 +-
 28 files changed, 505 insertions(+), 386 deletions(-)

diff --git a/go.mod b/go.mod
index b09b6cd8ec8..cc6e7e91c25 100644
--- a/go.mod
+++ b/go.mod
@@ -3,8 +3,8 @@ module antrea.io/antrea
 go 1.17
 
 require (
-	antrea.io/libOpenflow v0.2.0
-	antrea.io/ofnet v0.1.0
+	antrea.io/libOpenflow v0.3.1
+	antrea.io/ofnet v0.2.0
 	github.com/Mellanox/sriovnet v1.0.2
 	github.com/Microsoft/go-winio v0.4.16-0.20201130162521-d1ffc52c7331
 	github.com/Microsoft/hcsshim v0.8.9
diff --git a/go.sum b/go.sum
index 9a5b09a32d0..b5a8f57424b 100644
--- a/go.sum
+++ b/go.sum
@@ -1,7 +1,8 @@
-antrea.io/libOpenflow v0.2.0 h1:bBNT3CI8q2FMQRdphP0dynImRK1LBDmA+cQOu7JULj4=
-antrea.io/libOpenflow v0.2.0/go.mod h1:CzEJZxDNAupiGxeL5VOw92PsxfyvehEAvE3PiC6gr8o=
-antrea.io/ofnet v0.1.0 h1:r5c/TM5pa8xSVd5xEUj1L2vYfc4EjIzCWs6cHbeuVFc=
-antrea.io/ofnet v0.1.0/go.mod h1:fLmHHD9XWeVza2pz/HEdLkGyA7pNutxlXCqodlwWQsA=
+antrea.io/libOpenflow v0.3.0/go.mod h1:CzEJZxDNAupiGxeL5VOw92PsxfyvehEAvE3PiC6gr8o=
+antrea.io/libOpenflow v0.3.1 h1:zDu2TGxZYbrBCHxHq4o4TKgA7iRk+PfSW6y+nJSBsu4=
+antrea.io/libOpenflow v0.3.1/go.mod h1:CzEJZxDNAupiGxeL5VOw92PsxfyvehEAvE3PiC6gr8o=
+antrea.io/ofnet v0.2.0 h1:NtiV7Ax2hv23NQukem3vEvMQuQNL1+1kPZEFSRRnZ60=
+antrea.io/ofnet v0.2.0/go.mod h1:t9GyuMB4FWTdC54ChMWP/146nRJfX1YHPGP49EYEa1s=
 cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
 cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
 cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU=
diff --git a/pkg/agent/apiserver/handlers/ovsflows/handler.go b/pkg/agent/apiserver/handlers/ovsflows/handler.go
index ac7afcaa41c..35a0a7a37bf 100644
--- a/pkg/agent/apiserver/handlers/ovsflows/handler.go
+++ b/pkg/agent/apiserver/handlers/ovsflows/handler.go
@@ -50,12 +50,12 @@ func dumpMatchedFlows(aq agentquerier.AgentQuerier, flowKeys []string) ([]Respon
 	return resps, nil
 }
 
-func dumpFlows(aq agentquerier.AgentQuerier, table binding.TableIDType) ([]Response, error) {
+func dumpFlows(aq agentquerier.AgentQuerier, table uint8) ([]Response, error) {
 	resps := []Response{}
 	var flowStrs []string
 	var err error
-	if table != binding.TableIDAll {
-		flowStrs, err = aq.GetOVSCtlClient().DumpTableFlows(uint8(table))
+	if table != binding.TableIDAll.GetID() {
+		flowStrs, err = aq.GetOVSCtlClient().DumpTableFlows(table)
 	} else {
 		flowStrs, err = aq.GetOVSCtlClient().DumpFlows()
 	}
@@ -89,17 +89,17 @@ func getTableFlows(aq agentquerier.AgentQuerier, tables string) ([]Response, err
 	var resps []Response
 	for _, tableSeg := range strings.Split(tables, ",") {
 		tableSeg = strings.TrimSpace(tableSeg)
-		var tableNumber binding.TableIDType
+		var tableNumber uint8
 		// Table nubmer is a 8-bit unsigned integer.
 		n, err := strconv.ParseUint(tableSeg, 10, 8)
 		if err == nil {
-			tableNumber = binding.TableIDType(n)
+			tableNumber = uint8(n)
 			if openflow.GetFlowTableName(tableNumber) == "" {
 				return nil, nil
 			}
 		} else {
 			tableNumber = openflow.GetFlowTableNumber(tableSeg)
-			if tableNumber == binding.TableIDAll {
+			if tableNumber == binding.TableIDAll.GetID() {
 				return nil, nil
 			}
 		}
@@ -197,7 +197,7 @@ func HandleFunc(aq agentquerier.AgentQuerier) http.HandlerFunc {
 		}
 
 		if pod == "" && service == "" && networkPolicy == "" && namespace == "" && table == "" && groups == "" {
-			resps, err = dumpFlows(aq, binding.TableIDAll)
+			resps, err = dumpFlows(aq, binding.TableIDAll.GetID())
 		} else if pod != "" {
 			// Pod Namespace must be provided to dump flows of a Pod.
 			resps, err = getPodFlows(aq, pod, namespace)
diff --git a/pkg/agent/apiserver/handlers/ovsflows/handler_test.go b/pkg/agent/apiserver/handlers/ovsflows/handler_test.go
index d115f490742..12912961694 100644
--- a/pkg/agent/apiserver/handlers/ovsflows/handler_test.go
+++ b/pkg/agent/apiserver/handlers/ovsflows/handler_test.go
@@ -25,12 +25,14 @@ import (
 
 	"antrea.io/antrea/pkg/agent/interfacestore"
 	interfacestoretest "antrea.io/antrea/pkg/agent/interfacestore/testing"
+	"antrea.io/antrea/pkg/agent/openflow"
 	oftest "antrea.io/antrea/pkg/agent/openflow/testing"
 	proxytest "antrea.io/antrea/pkg/agent/proxy/testing"
 	agentquerier "antrea.io/antrea/pkg/agent/querier"
 	aqtest "antrea.io/antrea/pkg/agent/querier/testing"
 	cpv1beta "antrea.io/antrea/pkg/apis/controlplane/v1beta2"
 	binding "antrea.io/antrea/pkg/ovs/openflow"
+	"antrea.io/antrea/pkg/ovs/ovsconfig"
 	ovsctltest "antrea.io/antrea/pkg/ovs/ovsctl/testing"
 	"antrea.io/antrea/pkg/querier"
 	queriertest "antrea.io/antrea/pkg/querier/testing"
@@ -131,6 +133,11 @@ func TestServiceFlows(t *testing.T) {
 	ctrl := gomock.NewController(t)
 	defer ctrl.Finish()
 
+	// Create openflow.Client to ensure the OVS tables are added into the cache.
+	bridgeName := "testbr"
+	bridgeMgmtAddr := binding.GetMgmtAddress(ovsconfig.DefaultOVSRunDir, bridgeName)
+	openflow.NewClient(bridgeName, bridgeMgmtAddr, ovsconfig.OVSDatapathSystem, true, false, false, false)
+
 	testcases := []testCase{
 		{
 			test:           "Existing Service",
diff --git a/pkg/agent/controller/networkpolicy/packetin.go b/pkg/agent/controller/networkpolicy/packetin.go
index ed4ccdf8c7d..597e1647c9f 100644
--- a/pkg/agent/controller/networkpolicy/packetin.go
+++ b/pkg/agent/controller/networkpolicy/packetin.go
@@ -94,19 +94,19 @@ func getMatchRegField(matchers *ofctrl.Matchers, field *binding.RegField) *ofctr
 
 // getMatch receives ofctrl matchers and table id, match field.
 // Modifies match field to Ingress/Egress register based on tableID.
-func getMatch(matchers *ofctrl.Matchers, tableID binding.TableIDType, disposition uint32) *ofctrl.MatchField {
+func getMatch(matchers *ofctrl.Matchers, tableID uint8, disposition uint32) *ofctrl.MatchField {
 	// Get match from CNPDenyConjIDReg if disposition is not allow.
 	if disposition != openflow.DispositionAllow {
 		return getMatchRegField(matchers, openflow.CNPDenyConjIDField)
 	}
 	// Get match from ingress/egress reg if disposition is allow
 	for _, table := range append(openflow.GetAntreaPolicyEgressTables(), openflow.EgressRuleTable) {
-		if tableID == table {
+		if tableID == table.GetID() {
 			return getMatchRegField(matchers, openflow.TFEgressConjIDField)
 		}
 	}
 	for _, table := range append(openflow.GetAntreaPolicyIngressTables(), openflow.IngressRuleTable) {
-		if tableID == table {
+		if tableID == table.GetID() {
 			return getMatchRegField(matchers, openflow.TFIngressConjIDField)
 		}
 	}
@@ -130,7 +130,7 @@ func getNetworkPolicyInfo(pktIn *ofctrl.PacketIn, c *Controller, ob *logInfo) er
 	matchers := pktIn.GetMatches()
 	var match *ofctrl.MatchField
 	// Get table name
-	tableID := binding.TableIDType(pktIn.TableId)
+	tableID := pktIn.TableId
 	ob.tableName = openflow.GetFlowTableName(tableID)
 
 	// Get disposition Allow or Drop
@@ -326,7 +326,7 @@ func (c *Controller) storeDenyConnection(pktIn *ofctrl.PacketIn) error {
 	matchers := pktIn.GetMatches()
 	var match *ofctrl.MatchField
 	// Get table ID
-	tableID := binding.TableIDType(pktIn.TableId)
+	tableID := pktIn.TableId
 	// Get disposition Allow, Drop or Reject
 	match = getMatchRegField(matchers, openflow.APDispositionField)
 	id, err := getInfoInReg(match, openflow.APDispositionField.GetRange().ToNXRange())
@@ -336,10 +336,10 @@ func (c *Controller) storeDenyConnection(pktIn *ofctrl.PacketIn) error {
 	disposition := openflow.DispositionToString[id]
 
 	// For K8s NetworkPolicy implicit drop action, we cannot get name/namespace.
-	if tableID == openflow.IngressDefaultTable {
+	if tableID == openflow.IngressDefaultTable.GetID() {
 		denyConn.IngressNetworkPolicyType = registry.PolicyTypeK8sNetworkPolicy
 		denyConn.IngressNetworkPolicyRuleAction = flowexporter.RuleActionToUint8(disposition)
-	} else if tableID == openflow.EgressDefaultTable {
+	} else if tableID == openflow.EgressDefaultTable.GetID() {
 		denyConn.EgressNetworkPolicyType = registry.PolicyTypeK8sNetworkPolicy
 		denyConn.EgressNetworkPolicyRuleAction = flowexporter.RuleActionToUint8(disposition)
 	} else { // Get name and namespace for Antrea Network Policy or Antrea Cluster Network Policy
@@ -356,13 +356,13 @@ func (c *Controller) storeDenyConnection(pktIn *ofctrl.PacketIn) error {
 			// Default drop by K8s NetworkPolicy
 			klog.V(4).Infof("Cannot find NetworkPolicy or rule that has ruleID %v", ruleID)
 		} else {
-			if tableID == openflow.AntreaPolicyIngressRuleTable {
+			if tableID == openflow.AntreaPolicyIngressRuleTable.GetID() {
 				denyConn.IngressNetworkPolicyName = policy.Name
 				denyConn.IngressNetworkPolicyNamespace = policy.Namespace
 				denyConn.IngressNetworkPolicyType = flowexporter.PolicyTypeToUint8(policy.Type)
 				denyConn.IngressNetworkPolicyRuleName = rule.Name
 				denyConn.IngressNetworkPolicyRuleAction = flowexporter.RuleActionToUint8(disposition)
-			} else if tableID == openflow.AntreaPolicyEgressRuleTable {
+			} else if tableID == openflow.AntreaPolicyEgressRuleTable.GetID() {
 				denyConn.EgressNetworkPolicyName = policy.Name
 				denyConn.EgressNetworkPolicyNamespace = policy.Namespace
 				denyConn.EgressNetworkPolicyType = flowexporter.PolicyTypeToUint8(policy.Type)
diff --git a/pkg/agent/controller/traceflow/packetin.go b/pkg/agent/controller/traceflow/packetin.go
index dba0bc0f2ba..fafbe0dad29 100644
--- a/pkg/agent/controller/traceflow/packetin.go
+++ b/pkg/agent/controller/traceflow/packetin.go
@@ -205,8 +205,8 @@ func (c *Controller) parsePacketIn(pktIn *ofctrl.PacketIn) (*crdv1alpha1.Tracefl
 	}
 
 	// Get drop table.
-	if tableID == uint8(openflow.EgressMetricTable) || tableID == uint8(openflow.IngressMetricTable) {
-		ob := getNetworkPolicyObservation(tableID, tableID == uint8(openflow.IngressMetricTable))
+	if tableID == openflow.EgressMetricTable.GetID() || tableID == openflow.IngressMetricTable.GetID() {
+		ob := getNetworkPolicyObservation(tableID, tableID == openflow.IngressMetricTable.GetID())
 		if match := getMatchRegField(matchers, openflow.CNPDenyConjIDField); match != nil {
 			notAllowConjInfo, err := getRegValue(match, nil)
 			if err != nil {
@@ -222,13 +222,13 @@ func (c *Controller) parsePacketIn(pktIn *ofctrl.PacketIn) (*crdv1alpha1.Tracefl
 			}
 		}
 		obs = append(obs, *ob)
-	} else if tableID == uint8(openflow.EgressDefaultTable) || tableID == uint8(openflow.IngressDefaultTable) {
-		ob := getNetworkPolicyObservation(tableID, tableID == uint8(openflow.IngressDefaultTable))
+	} else if tableID == openflow.EgressDefaultTable.GetID() || tableID == openflow.IngressDefaultTable.GetID() {
+		ob := getNetworkPolicyObservation(tableID, tableID == openflow.IngressDefaultTable.GetID())
 		obs = append(obs, *ob)
 	}
 
 	// Get output table.
-	if tableID == uint8(openflow.L2ForwardingOutTable) {
+	if tableID == openflow.L2ForwardingOutTable.GetID() {
 		ob := new(crdv1alpha1.Observation)
 		tunnelDstIP := ""
 		isIPv6 := c.nodeConfig.NodeIPAddr.IP.To4() == nil
@@ -262,7 +262,7 @@ func (c *Controller) parsePacketIn(pktIn *ofctrl.PacketIn) (*crdv1alpha1.Tracefl
 			// Output port is Pod port, packet is delivered.
 			ob.Action = crdv1alpha1.ActionDelivered
 		}
-		ob.ComponentInfo = openflow.GetFlowTableName(binding.TableIDType(tableID))
+		ob.ComponentInfo = openflow.L2ForwardingOutTable.GetName()
 		ob.Component = crdv1alpha1.ComponentForwarding
 		obs = append(obs, *ob)
 	}
@@ -340,22 +340,30 @@ func getNetworkPolicyObservation(tableID uint8, ingress bool) *crdv1alpha1.Obser
 	ob.Component = crdv1alpha1.ComponentNetworkPolicy
 	if ingress {
 		switch tableID {
-		case uint8(openflow.IngressMetricTable), uint8(openflow.IngressDefaultTable):
+		case openflow.IngressMetricTable.GetID():
 			// Packet dropped by ANP/default drop rule
-			ob.ComponentInfo = openflow.GetFlowTableName(binding.TableIDType(tableID))
+			ob.ComponentInfo = openflow.IngressMetricTable.GetName()
+			ob.Action = crdv1alpha1.ActionDropped
+		case openflow.IngressDefaultTable.GetID():
+			// Packet dropped by ANP/default drop rule
+			ob.ComponentInfo = openflow.IngressDefaultTable.GetName()
 			ob.Action = crdv1alpha1.ActionDropped
 		default:
-			ob.ComponentInfo = openflow.GetFlowTableName(openflow.IngressRuleTable)
+			ob.ComponentInfo = openflow.IngressRuleTable.GetName()
 			ob.Action = crdv1alpha1.ActionForwarded
 		}
 	} else {
 		switch tableID {
-		case uint8(openflow.EgressMetricTable), uint8(openflow.EgressDefaultTable):
+		case openflow.EgressMetricTable.GetID():
+			// Packet dropped by ANP/default drop rule
+			ob.ComponentInfo = openflow.EgressMetricTable.GetName()
+			ob.Action = crdv1alpha1.ActionDropped
+		case openflow.EgressDefaultTable.GetID():
 			// Packet dropped by ANP/default drop rule
-			ob.ComponentInfo = openflow.GetFlowTableName(binding.TableIDType(tableID))
+			ob.ComponentInfo = openflow.EgressDefaultTable.GetName()
 			ob.Action = crdv1alpha1.ActionDropped
 		default:
-			ob.ComponentInfo = openflow.GetFlowTableName(openflow.EgressRuleTable)
+			ob.ComponentInfo = openflow.EgressRuleTable.GetName()
 			ob.Action = crdv1alpha1.ActionForwarded
 		}
 	}
diff --git a/pkg/agent/controller/traceflow/packetin_test.go b/pkg/agent/controller/traceflow/packetin_test.go
index 96c6cceb275..2cc437bb340 100644
--- a/pkg/agent/controller/traceflow/packetin_test.go
+++ b/pkg/agent/controller/traceflow/packetin_test.go
@@ -41,7 +41,7 @@ func Test_getNetworkPolicyObservation(t *testing.T) {
 		{
 			name: "ingress metric drop",
 			args: args{
-				tableID: uint8(openflow.IngressMetricTable),
+				tableID: openflow.IngressMetricTable.GetID(),
 				ingress: true,
 			},
 			want: &crdv1alpha1.Observation{
@@ -53,7 +53,7 @@ func Test_getNetworkPolicyObservation(t *testing.T) {
 		{
 			name: "ingress accept",
 			args: args{
-				tableID: uint8(openflow.L2ForwardingOutTable),
+				tableID: openflow.L2ForwardingOutTable.GetID(),
 				ingress: true,
 			},
 			want: &crdv1alpha1.Observation{
@@ -65,7 +65,7 @@ func Test_getNetworkPolicyObservation(t *testing.T) {
 		{
 			name: "egress default drop",
 			args: args{
-				tableID: uint8(openflow.EgressDefaultTable),
+				tableID: openflow.EgressDefaultTable.GetID(),
 				ingress: false,
 			},
 			want: &crdv1alpha1.Observation{
@@ -77,7 +77,7 @@ func Test_getNetworkPolicyObservation(t *testing.T) {
 		{
 			name: "egress accept",
 			args: args{
-				tableID: uint8(openflow.L2ForwardingOutTable),
+				tableID: openflow.L2ForwardingOutTable.GetID(),
 				ingress: false,
 			},
 			want: &crdv1alpha1.Observation{
diff --git a/pkg/agent/openflow/client_test.go b/pkg/agent/openflow/client_test.go
index d2e4f3edd57..0c7d33eb572 100644
--- a/pkg/agent/openflow/client_test.go
+++ b/pkg/agent/openflow/client_test.go
@@ -402,7 +402,7 @@ func prepareTraceflowFlow(ctrl *gomock.Controller) *client {
 	mFlow := ovsoftest.NewMockFlow(ctrl)
 	ctx := &conjMatchFlowContext{dropFlow: mFlow}
 	mFlow.EXPECT().FlowProtocol().Return(binding.Protocol("ip"))
-	mFlow.EXPECT().CopyToBuilder(priorityNormal+2, false).Return(c.pipeline[EgressDefaultTable].BuildFlow(priorityNormal + 2)).Times(1)
+	mFlow.EXPECT().CopyToBuilder(priorityNormal+2, false).Return(getTableByTableID(EgressDefaultTable).BuildFlow(priorityNormal + 2)).Times(1)
 	c.globalConjMatchFlowCache["mockContext"] = ctx
 	c.policyCache.Add(&policyRuleConjunction{metricFlows: []binding.Flow{c.denyRuleMetricFlow(123, false)}})
 	return c
diff --git a/pkg/agent/openflow/network_policy.go b/pkg/agent/openflow/network_policy.go
index d500e7d6289..103fb077b0f 100644
--- a/pkg/agent/openflow/network_policy.go
+++ b/pkg/agent/openflow/network_policy.go
@@ -234,7 +234,7 @@ func (m *conjunctiveMatch) generateGlobalMapKey() string {
 	} else {
 		priorityStr = strconv.Itoa(int(*m.priority))
 	}
-	return fmt.Sprintf("table:%d,priority:%s,type:%v,value:%s", m.tableID, priorityStr, matchType, valueStr)
+	return fmt.Sprintf("table:%d,priority:%s,type:%v,value:%s", m.tableID.GetID(), priorityStr, matchType, valueStr)
 }
 
 // changeType is generally used to describe the change type of a conjMatchFlowContext. It is also used in "flowChange"
@@ -1138,12 +1138,12 @@ func (c *policyRuleConjunction) calculateClauses(rule *types.PolicyRule, clnt *c
 	var isEgressRule = false
 	switch rule.Direction {
 	case v1beta2.DirectionOut:
-		dropTable = clnt.pipeline[EgressDefaultTable]
+		dropTable = getTableByTableID(EgressDefaultTable)
 		isEgressRule = true
 	default:
-		dropTable = clnt.pipeline[IngressDefaultTable]
+		dropTable = getTableByTableID(IngressDefaultTable)
 	}
-	ruleTable := clnt.pipeline[rule.TableID]
+	ruleTable := getTableByTableID(rule.TableID)
 
 	var fromID, toID, serviceID, nClause uint8
 	// Calculate clause IDs and the total number of clauses.
@@ -1642,8 +1642,8 @@ func parseMetricFlow(flow string) (uint32, types.RuleMetric) {
 
 func (c *client) NetworkPolicyMetrics() map[uint32]*types.RuleMetric {
 	result := map[uint32]*types.RuleMetric{}
-	egressFlows, _ := c.ovsctlClient.DumpTableFlows(uint8(EgressMetricTable))
-	ingressFlows, _ := c.ovsctlClient.DumpTableFlows(uint8(IngressMetricTable))
+	egressFlows, _ := c.ovsctlClient.DumpTableFlows(EgressMetricTable.GetID())
+	ingressFlows, _ := c.ovsctlClient.DumpTableFlows(IngressMetricTable.GetID())
 
 	collectMetricsFromFlows := func(flows []string) {
 		for _, flow := range flows {
diff --git a/pkg/agent/openflow/network_policy_test.go b/pkg/agent/openflow/network_policy_test.go
index 86bbb6916c8..c7590cbd40a 100644
--- a/pkg/agent/openflow/network_policy_test.go
+++ b/pkg/agent/openflow/network_policy_test.go
@@ -334,50 +334,50 @@ func TestBatchInstallPolicyRuleFlows(t *testing.T) {
 				cookiePolicy := c.cookieAllocator.Request(cookie.Policy).Raw()
 				cookieDefault := c.cookieAllocator.Request(cookie.Default).Raw()
 				return []binding.Flow{
-					c.pipeline[EgressRuleTable].BuildFlow(priorityLow).Cookie(cookiePolicy).
+					getTableByTableID(EgressRuleTable).BuildFlow(priorityLow).Cookie(cookiePolicy).
 						MatchProtocol(binding.ProtocolIP).MatchConjID(10).
 						Action().LoadToRegField(TFEgressConjIDField, 10).
 						Action().CT(true, EgressMetricTable, CtZone).LoadToLabelField(10, EgressRuleCTLabel).CTDone().Done(),
-					c.pipeline[EgressRuleTable].BuildFlow(priorityLow).Cookie(cookiePolicy).
+					getTableByTableID(EgressRuleTable).BuildFlow(priorityLow).Cookie(cookiePolicy).
 						MatchProtocol(binding.ProtocolIP).MatchConjID(11).
 						Action().LoadToRegField(TFEgressConjIDField, 11).
 						Action().CT(true, EgressMetricTable, CtZone).LoadToLabelField(11, EgressRuleCTLabel).CTDone().Done(),
-					c.pipeline[EgressRuleTable].BuildFlow(priorityNormal).Cookie(cookiePolicy).
+					getTableByTableID(EgressRuleTable).BuildFlow(priorityNormal).Cookie(cookiePolicy).
 						MatchProtocol(binding.ProtocolIP).MatchSrcIP(net.ParseIP("192.168.1.40")).
 						Action().Conjunction(10, 1, 2).
 						Action().Conjunction(11, 1, 3).Done(),
-					c.pipeline[EgressRuleTable].BuildFlow(priorityNormal).Cookie(cookiePolicy).
+					getTableByTableID(EgressRuleTable).BuildFlow(priorityNormal).Cookie(cookiePolicy).
 						MatchProtocol(binding.ProtocolIP).MatchSrcIP(net.ParseIP("192.168.1.50")).
 						Action().Conjunction(10, 1, 2).Done(),
-					c.pipeline[EgressRuleTable].BuildFlow(priorityNormal).Cookie(cookiePolicy).
+					getTableByTableID(EgressRuleTable).BuildFlow(priorityNormal).Cookie(cookiePolicy).
 						MatchProtocol(binding.ProtocolIP).MatchSrcIP(net.ParseIP("192.168.1.51")).
 						Action().Conjunction(11, 1, 3).Done(),
-					c.pipeline[EgressRuleTable].BuildFlow(priorityNormal).Cookie(cookiePolicy).
+					getTableByTableID(EgressRuleTable).BuildFlow(priorityNormal).Cookie(cookiePolicy).
 						MatchProtocol(binding.ProtocolIP).MatchDstIPNet(*ip.MustParseCIDR("0.0.0.0/0")).
 						Action().Conjunction(10, 2, 2).
 						Action().Conjunction(11, 2, 3).Done(),
-					c.pipeline[EgressRuleTable].BuildFlow(priorityNormal).Cookie(cookiePolicy).
+					getTableByTableID(EgressRuleTable).BuildFlow(priorityNormal).Cookie(cookiePolicy).
 						MatchProtocol(binding.ProtocolTCP).MatchDstPort(8080, nil).
 						Action().Conjunction(11, 3, 3).Done(),
-					c.pipeline[EgressDefaultTable].BuildFlow(priorityNormal).Cookie(cookieDefault).
+					getTableByTableID(EgressDefaultTable).BuildFlow(priorityNormal).Cookie(cookieDefault).
 						MatchProtocol(binding.ProtocolIP).MatchSrcIP(net.ParseIP("192.168.1.40")).
 						Action().Drop().Done(),
-					c.pipeline[EgressDefaultTable].BuildFlow(priorityNormal).Cookie(cookieDefault).
+					getTableByTableID(EgressDefaultTable).BuildFlow(priorityNormal).Cookie(cookieDefault).
 						MatchProtocol(binding.ProtocolIP).MatchSrcIP(net.ParseIP("192.168.1.50")).
 						Action().Drop().Done(),
-					c.pipeline[EgressDefaultTable].BuildFlow(priorityNormal).Cookie(cookieDefault).
+					getTableByTableID(EgressDefaultTable).BuildFlow(priorityNormal).Cookie(cookieDefault).
 						MatchProtocol(binding.ProtocolIP).MatchSrcIP(net.ParseIP("192.168.1.51")).
 						Action().Drop().Done(),
-					c.pipeline[EgressMetricTable].BuildFlow(priorityNormal).Cookie(cookiePolicy).
+					getTableByTableID(EgressMetricTable).BuildFlow(priorityNormal).Cookie(cookiePolicy).
 						MatchProtocol(binding.ProtocolIP).MatchCTStateNew(true).MatchCTLabelField(0, uint64(10)<<32, EgressRuleCTLabel).
 						Action().GotoTable(l3ForwardingTable).Done(),
-					c.pipeline[EgressMetricTable].BuildFlow(priorityNormal).Cookie(cookiePolicy).
+					getTableByTableID(EgressMetricTable).BuildFlow(priorityNormal).Cookie(cookiePolicy).
 						MatchProtocol(binding.ProtocolIP).MatchCTStateNew(false).MatchCTLabelField(0, uint64(10)<<32, EgressRuleCTLabel).
 						Action().GotoTable(l3ForwardingTable).Done(),
-					c.pipeline[EgressMetricTable].BuildFlow(priorityNormal).Cookie(cookiePolicy).
+					getTableByTableID(EgressMetricTable).BuildFlow(priorityNormal).Cookie(cookiePolicy).
 						MatchProtocol(binding.ProtocolIP).MatchCTStateNew(true).MatchCTLabelField(0, uint64(11)<<32, EgressRuleCTLabel).
 						Action().GotoTable(l3ForwardingTable).Done(),
-					c.pipeline[EgressMetricTable].BuildFlow(priorityNormal).Cookie(cookiePolicy).
+					getTableByTableID(EgressMetricTable).BuildFlow(priorityNormal).Cookie(cookiePolicy).
 						MatchProtocol(binding.ProtocolIP).MatchCTStateNew(false).MatchCTLabelField(0, uint64(11)<<32, EgressRuleCTLabel).
 						Action().GotoTable(l3ForwardingTable).Done(),
 				}
@@ -439,62 +439,62 @@ func TestBatchInstallPolicyRuleFlows(t *testing.T) {
 			expectedFlowsFn: func(c *client) []binding.Flow {
 				cookiePolicy := c.cookieAllocator.Request(cookie.Policy).Raw()
 				return []binding.Flow{
-					c.pipeline[AntreaPolicyIngressRuleTable].BuildFlow(priority100).Cookie(cookiePolicy).
+					getTableByTableID(AntreaPolicyIngressRuleTable).BuildFlow(priority100).Cookie(cookiePolicy).
 						MatchProtocol(binding.ProtocolIP).MatchConjID(10).
 						Action().LoadToRegField(TFIngressConjIDField, 10).
 						Action().CT(true, IngressMetricTable, CtZone).LoadToLabelField(10, IngressRuleCTLabel).CTDone().Done(),
-					c.pipeline[AntreaPolicyIngressRuleTable].BuildFlow(priority100).Cookie(cookiePolicy).
+					getTableByTableID(AntreaPolicyIngressRuleTable).BuildFlow(priority100).Cookie(cookiePolicy).
 						MatchConjID(11).
 						Action().LoadToRegField(CNPDenyConjIDField, 11).
 						Action().LoadRegMark(CnpDenyRegMark).
 						Action().GotoTable(IngressMetricTable).Done(),
-					c.pipeline[AntreaPolicyIngressRuleTable].BuildFlow(priority200).Cookie(cookiePolicy).
+					getTableByTableID(AntreaPolicyIngressRuleTable).BuildFlow(priority200).Cookie(cookiePolicy).
 						MatchConjID(12).
 						Action().LoadToRegField(CNPDenyConjIDField, 12).
 						Action().LoadRegMark(CnpDenyRegMark).
 						Action().GotoTable(IngressMetricTable).Done(),
-					c.pipeline[AntreaPolicyIngressRuleTable].BuildFlow(priority100).Cookie(cookiePolicy).
+					getTableByTableID(AntreaPolicyIngressRuleTable).BuildFlow(priority100).Cookie(cookiePolicy).
 						MatchProtocol(binding.ProtocolIP).MatchSrcIP(net.ParseIP("192.168.1.40")).
 						Action().Conjunction(10, 1, 2).
 						Action().Conjunction(11, 1, 3).Done(),
-					c.pipeline[AntreaPolicyIngressRuleTable].BuildFlow(priority200).Cookie(cookiePolicy).
+					getTableByTableID(AntreaPolicyIngressRuleTable).BuildFlow(priority200).Cookie(cookiePolicy).
 						MatchProtocol(binding.ProtocolIP).MatchSrcIP(net.ParseIP("192.168.1.40")).
 						Action().Conjunction(12, 1, 3).Done(),
-					c.pipeline[AntreaPolicyIngressRuleTable].BuildFlow(priority100).Cookie(cookiePolicy).
+					getTableByTableID(AntreaPolicyIngressRuleTable).BuildFlow(priority100).Cookie(cookiePolicy).
 						MatchProtocol(binding.ProtocolIP).MatchSrcIP(net.ParseIP("192.168.1.50")).
 						Action().Conjunction(10, 1, 2).Done(),
-					c.pipeline[AntreaPolicyIngressRuleTable].BuildFlow(priority100).Cookie(cookiePolicy).
+					getTableByTableID(AntreaPolicyIngressRuleTable).BuildFlow(priority100).Cookie(cookiePolicy).
 						MatchProtocol(binding.ProtocolIP).MatchSrcIP(net.ParseIP("192.168.1.51")).
 						Action().Conjunction(11, 1, 3).Done(),
-					c.pipeline[AntreaPolicyIngressRuleTable].BuildFlow(priority100).Cookie(cookiePolicy).
+					getTableByTableID(AntreaPolicyIngressRuleTable).BuildFlow(priority100).Cookie(cookiePolicy).
 						MatchRegFieldWithValue(TargetOFPortField, uint32(1)).
 						Action().Conjunction(10, 2, 2).
 						Action().Conjunction(11, 2, 3).Done(),
-					c.pipeline[AntreaPolicyIngressRuleTable].BuildFlow(priority200).Cookie(cookiePolicy).
+					getTableByTableID(AntreaPolicyIngressRuleTable).BuildFlow(priority200).Cookie(cookiePolicy).
 						MatchRegFieldWithValue(TargetOFPortField, uint32(1)).
 						Action().Conjunction(12, 2, 3).Done(),
-					c.pipeline[AntreaPolicyIngressRuleTable].BuildFlow(priority100).Cookie(cookiePolicy).
+					getTableByTableID(AntreaPolicyIngressRuleTable).BuildFlow(priority100).Cookie(cookiePolicy).
 						MatchRegFieldWithValue(TargetOFPortField, uint32(2)).
 						Action().Conjunction(10, 2, 2).Done(),
-					c.pipeline[AntreaPolicyIngressRuleTable].BuildFlow(priority100).Cookie(cookiePolicy).
+					getTableByTableID(AntreaPolicyIngressRuleTable).BuildFlow(priority100).Cookie(cookiePolicy).
 						MatchRegFieldWithValue(TargetOFPortField, uint32(3)).
 						Action().Conjunction(11, 2, 3).Done(),
-					c.pipeline[AntreaPolicyIngressRuleTable].BuildFlow(priority100).Cookie(cookiePolicy).
+					getTableByTableID(AntreaPolicyIngressRuleTable).BuildFlow(priority100).Cookie(cookiePolicy).
 						MatchProtocol(binding.ProtocolTCP).MatchDstPort(8080, nil).
 						Action().Conjunction(11, 3, 3).Done(),
-					c.pipeline[AntreaPolicyIngressRuleTable].BuildFlow(priority200).Cookie(cookiePolicy).
+					getTableByTableID(AntreaPolicyIngressRuleTable).BuildFlow(priority200).Cookie(cookiePolicy).
 						MatchProtocol(binding.ProtocolTCP).MatchDstPort(8080, nil).
 						Action().Conjunction(12, 3, 3).Done(),
-					c.pipeline[IngressMetricTable].BuildFlow(priorityNormal).Cookie(cookiePolicy).
+					getTableByTableID(IngressMetricTable).BuildFlow(priorityNormal).Cookie(cookiePolicy).
 						MatchProtocol(binding.ProtocolIP).MatchCTStateNew(true).MatchCTLabelField(0, 10, IngressRuleCTLabel).
 						Action().GotoTable(conntrackCommitTable).Done(),
-					c.pipeline[IngressMetricTable].BuildFlow(priorityNormal).Cookie(cookiePolicy).
+					getTableByTableID(IngressMetricTable).BuildFlow(priorityNormal).Cookie(cookiePolicy).
 						MatchProtocol(binding.ProtocolIP).MatchCTStateNew(false).MatchCTLabelField(0, 10, IngressRuleCTLabel).
 						Action().GotoTable(conntrackCommitTable).Done(),
-					c.pipeline[IngressMetricTable].BuildFlow(priorityNormal).Cookie(cookiePolicy).
+					getTableByTableID(IngressMetricTable).BuildFlow(priorityNormal).Cookie(cookiePolicy).
 						MatchRegMark(CnpDenyRegMark).MatchRegFieldWithValue(CNPDenyConjIDField, 11).
 						Action().Drop().Done(),
-					c.pipeline[IngressMetricTable].BuildFlow(priorityNormal).Cookie(cookiePolicy).
+					getTableByTableID(IngressMetricTable).BuildFlow(priorityNormal).Cookie(cookiePolicy).
 						MatchRegMark(CnpDenyRegMark).MatchRegFieldWithValue(CNPDenyConjIDField, 12).
 						Action().Drop().Done(),
 				}
@@ -618,7 +618,7 @@ func TestConjMatchFlowContextKeyConflict(t *testing.T) {
 	err = c.applyConjunctiveMatchFlows(flowChange2)
 	require.Nil(t, err, "no error expect in applyConjunctiveMatchFlows")
 
-	expectedMatchKey := fmt.Sprintf("table:%d,priority:%s,type:%v,value:%s", EgressRuleTable, strconv.Itoa(int(priorityNormal)), MatchDstIPNet, ipNet.String())
+	expectedMatchKey := fmt.Sprintf("table:%d,priority:%s,type:%v,value:%s", EgressRuleTable.GetID(), strconv.Itoa(int(priorityNormal)), MatchDstIPNet, ipNet.String())
 	ctx, found := c.globalConjMatchFlowCache[expectedMatchKey]
 	assert.True(t, found)
 	assert.Equal(t, 2, len(ctx.actions))
@@ -938,6 +938,7 @@ func createMockTable(ctrl *gomock.Controller, tableID binding.TableIDType, nextT
 	table.EXPECT().GetID().Return(tableID).AnyTimes()
 	table.EXPECT().GetNext().Return(nextTable).AnyTimes()
 	table.EXPECT().GetMissAction().Return(missAction).AnyTimes()
+	flowTableCache.Update(table)
 	return table
 }
 
@@ -954,13 +955,6 @@ func prepareClient(ctrl *gomock.Controller) *client {
 	metricTable = createMockTable(ctrl, EgressMetricTable, l3ForwardingTable, binding.TableMissActionNext)
 	outAllowTable = createMockTable(ctrl, l3ForwardingTable, l2ForwardingCalcTable, binding.TableMissActionNext)
 	c = &client{
-		pipeline: map[binding.TableIDType]binding.Table{
-			AntreaPolicyEgressRuleTable: cnpOutTable,
-			EgressRuleTable:             outTable,
-			EgressDefaultTable:          outDropTable,
-			EgressMetricTable:           metricTable,
-			l3ForwardingTable:           outAllowTable,
-		},
 		policyCache:              policyCache,
 		globalConjMatchFlowCache: map[string]*conjMatchFlowContext{},
 		bridge:                   bridge,
@@ -1101,8 +1095,8 @@ func TestNetworkPolicyMetrics(t *testing.T) {
 			mockOVSClient := ovsctltest.NewMockOVSCtlClient(ctrl)
 			c.ovsctlClient = mockOVSClient
 			gomock.InOrder(
-				mockOVSClient.EXPECT().DumpTableFlows(uint8(EgressMetricTable)).Return(tt.egressFlows, nil),
-				mockOVSClient.EXPECT().DumpTableFlows(uint8(IngressMetricTable)).Return(tt.ingressFlows, nil),
+				mockOVSClient.EXPECT().DumpTableFlows(EgressMetricTable.GetID()).Return(tt.egressFlows, nil),
+				mockOVSClient.EXPECT().DumpTableFlows(IngressMetricTable.GetID()).Return(tt.ingressFlows, nil),
 			)
 			got := c.NetworkPolicyMetrics()
 			assert.Equal(t, tt.want, got)
diff --git a/pkg/agent/openflow/pipeline.go b/pkg/agent/openflow/pipeline.go
index 187e30f9bf9..bfee39bea82 100644
--- a/pkg/agent/openflow/pipeline.go
+++ b/pkg/agent/openflow/pipeline.go
@@ -20,7 +20,6 @@ import (
 	"math"
 	"net"
 	"sort"
-	"strings"
 	"sync"
 	"time"
 
@@ -40,37 +39,37 @@ import (
 	"antrea.io/antrea/third_party/proxy"
 )
 
-const (
+var (
 	// Flow table id index
-	ClassifierTable              binding.TableIDType = 0
-	uplinkTable                  binding.TableIDType = 5
-	spoofGuardTable              binding.TableIDType = 10
-	arpResponderTable            binding.TableIDType = 20
-	ipv6Table                    binding.TableIDType = 21
-	serviceHairpinTable          binding.TableIDType = 29
-	conntrackTable               binding.TableIDType = 30
-	conntrackStateTable          binding.TableIDType = 31
-	sessionAffinityTable         binding.TableIDType = 40
-	dnatTable                    binding.TableIDType = 40
-	serviceLBTable               binding.TableIDType = 41
-	endpointDNATTable            binding.TableIDType = 42
-	AntreaPolicyEgressRuleTable  binding.TableIDType = 45
-	DefaultTierEgressRuleTable   binding.TableIDType = 49
-	EgressRuleTable              binding.TableIDType = 50
-	EgressDefaultTable           binding.TableIDType = 60
-	EgressMetricTable            binding.TableIDType = 61
-	l3ForwardingTable            binding.TableIDType = 70
-	snatTable                    binding.TableIDType = 71
-	l3DecTTLTable                binding.TableIDType = 72
-	l2ForwardingCalcTable        binding.TableIDType = 80
-	AntreaPolicyIngressRuleTable binding.TableIDType = 85
-	DefaultTierIngressRuleTable  binding.TableIDType = 89
-	IngressRuleTable             binding.TableIDType = 90
-	IngressDefaultTable          binding.TableIDType = 100
-	IngressMetricTable           binding.TableIDType = 101
-	conntrackCommitTable         binding.TableIDType = 105
-	hairpinSNATTable             binding.TableIDType = 106
-	L2ForwardingOutTable         binding.TableIDType = 110
+	ClassifierTable              = binding.NewTableIDType(0, "Classification")
+	uplinkTable                  = binding.NewTableIDType(5, "Uplink")
+	spoofGuardTable              = binding.NewTableIDType(10, "SpoofGuard")
+	arpResponderTable            = binding.NewTableIDType(20, "ARPResponder")
+	ipv6Table                    = binding.NewTableIDType(21, "IPv6")
+	serviceHairpinTable          = binding.NewTableIDType(29, "ServiceHairpin")
+	conntrackTable               = binding.NewTableIDType(30, "ConntrackZone")
+	conntrackStateTable          = binding.NewTableIDType(31, "ConntrackState")
+	sessionAffinityTable         = binding.NewTableIDType(40, "SessionAffinity")
+	dnatTable                    = binding.NewTableIDType(40, "DNAT(SessionAffinity)")
+	serviceLBTable               = binding.NewTableIDType(41, "ServiceLB")
+	endpointDNATTable            = binding.NewTableIDType(42, "EndpointDNAT")
+	AntreaPolicyEgressRuleTable  = binding.NewTableIDType(45, "AntreaPolicyEgressRule")
+	DefaultTierEgressRuleTable   = binding.NewTableIDType(49, "DefaultTierEgressRule")
+	EgressRuleTable              = binding.NewTableIDType(50, "EgressRule")
+	EgressDefaultTable           = binding.NewTableIDType(60, "EgressDefaultRule")
+	EgressMetricTable            = binding.NewTableIDType(61, "EgressMetric")
+	l3ForwardingTable            = binding.NewTableIDType(70, "L3Forwarding")
+	snatTable                    = binding.NewTableIDType(71, "SNAT")
+	l3DecTTLTable                = binding.NewTableIDType(72, "IPTTLDec")
+	l2ForwardingCalcTable        = binding.NewTableIDType(80, "L2Forwarding")
+	AntreaPolicyIngressRuleTable = binding.NewTableIDType(85, "AntreaPolicyIngressRule")
+	DefaultTierIngressRuleTable  = binding.NewTableIDType(89, "DefaultTierIngressRule")
+	IngressRuleTable             = binding.NewTableIDType(90, "IngressRule")
+	IngressDefaultTable          = binding.NewTableIDType(100, "IngressDefaultRule")
+	IngressMetricTable           = binding.NewTableIDType(101, "IngressMetric")
+	conntrackCommitTable         = binding.NewTableIDType(105, "ConntrackCommit")
+	hairpinSNATTable             = binding.NewTableIDType(106, "HairpinSNATTable")
+	L2ForwardingOutTable         = binding.NewTableIDType(110, "Output")
 
 	// Flow priority level
 	priorityHigh            = uint16(210)
@@ -88,6 +87,8 @@ const (
 	ipv6MulticastAddr = "FF00::/8"
 	// IPv6 link-local prefix
 	ipv6LinkLocalAddr = "FE80::/10"
+
+	tableNameIndex = "tableNameIndex"
 )
 
 type ofAction int32
@@ -120,61 +121,59 @@ var (
 		EgressDefaultTable:          {},
 	}
 
-	FlowTables = []struct {
-		Number binding.TableIDType
-		Name   string
-	}{
-		{ClassifierTable, "Classification"},
-		{uplinkTable, "Uplink"},
-		{spoofGuardTable, "SpoofGuard"},
-		{arpResponderTable, "ARPResponder"},
-		{ipv6Table, "IPv6"},
-		{serviceHairpinTable, "ServiceHairpin"},
-		{conntrackTable, "ConntrackZone"},
-		{conntrackStateTable, "ConntrackState"},
-		{dnatTable, "DNAT(SessionAffinity)"},
-		{sessionAffinityTable, "SessionAffinity"},
-		{serviceLBTable, "ServiceLB"},
-		{endpointDNATTable, "EndpointDNAT"},
-		{AntreaPolicyEgressRuleTable, "AntreaPolicyEgressRule"},
-		{EgressRuleTable, "EgressRule"},
-		{EgressDefaultTable, "EgressDefaultRule"},
-		{EgressMetricTable, "EgressMetric"},
-		{l3ForwardingTable, "L3Forwarding"},
-		{snatTable, "SNAT"},
-		{l3DecTTLTable, "IPTTLDec"},
-		{l2ForwardingCalcTable, "L2Forwarding"},
-		{AntreaPolicyIngressRuleTable, "AntreaPolicyIngressRule"},
-		{IngressRuleTable, "IngressRule"},
-		{IngressDefaultTable, "IngressDefaultRule"},
-		{IngressMetricTable, "IngressMetric"},
-		{conntrackCommitTable, "ConntrackCommit"},
-		{hairpinSNATTable, "HairpinSNATTable"},
-		{L2ForwardingOutTable, "Output"},
-	}
+	flowTableCache = cache.NewIndexer(tableIDIndexFunc, cache.Indexers{tableNameIndex: tableNameIndexFunc})
 )
 
+func tableNameIndexFunc(obj interface{}) ([]string, error) {
+	ofTable := obj.(binding.Table)
+	return []string{ofTable.GetID().GetName()}, nil
+}
+
+func tableIDIndexFunc(obj interface{}) (string, error) {
+	ofTable := obj.(binding.Table)
+	return fmt.Sprintf("%d", ofTable.GetID().GetID()), nil
+}
+
+func getTableByTableID(tableID binding.TableIDType) binding.Table {
+	return getTableByID(tableID.GetID())
+}
+
+func getTableByID(id uint8) binding.Table {
+	obj, exists, _ := flowTableCache.GetByKey(fmt.Sprintf("%d", id))
+	if !exists {
+		return nil
+	}
+	return obj.(binding.Table)
+}
+
 // GetFlowTableName returns the flow table name given the table number. An empty
 // string is returned if the table cannot be found.
-func GetFlowTableName(tableNumber binding.TableIDType) string {
-	for _, t := range FlowTables {
-		if t.Number == tableNumber {
-			return t.Name
-		}
+func GetFlowTableName(tableNumber uint8) string {
+	table := getTableByID(tableNumber)
+	if table == nil {
+		return ""
 	}
-	return ""
+	return table.GetID().GetName()
 }
 
 // GetFlowTableNumber does a case insensitive lookup of the table name, and
 // returns the flow table number if the table is found. Otherwise TableIDAll is
 // returned if the table cannot be found.
-func GetFlowTableNumber(tableName string) binding.TableIDType {
-	for _, t := range FlowTables {
-		if strings.EqualFold(t.Name, tableName) {
-			return t.Number
-		}
+func GetFlowTableNumber(tableName string) uint8 {
+	objs, _ := flowTableCache.ByIndex(tableNameIndex, tableName)
+	if len(objs) == 0 {
+		return binding.TableIDAll.GetID()
 	}
-	return binding.TableIDAll
+	return objs[0].(binding.Table).GetID().GetID()
+}
+
+func PrintTableBaseInfo() string {
+	msg := ""
+	for _, obj := range flowTableCache.List() {
+		t := obj.(binding.Table)
+		msg += fmt.Sprintf("\n  %d\t%s", uint32(t.GetID().GetID()), t.GetID().GetName())
+	}
+	return msg
 }
 
 func GetAntreaPolicyEgressTables() []binding.TableIDType {
@@ -205,20 +204,6 @@ func GetAntreaPolicyMultiTierTables() []binding.TableIDType {
 	}
 }
 
-type regType uint
-
-func (rt regType) number() string {
-	return fmt.Sprint(rt)
-}
-
-func (rt regType) nxm() string {
-	return fmt.Sprintf("NXM_NX_REG%d", rt)
-}
-
-func (rt regType) reg() string {
-	return fmt.Sprintf("reg%d", rt)
-}
-
 const (
 	CtZone   = 0xfff0
 	CtZoneV6 = 0xffe6
@@ -300,7 +285,6 @@ type client struct {
 	bridge             binding.Bridge
 	egressEntryTable   binding.TableIDType
 	ingressEntryTable  binding.TableIDType
-	pipeline           map[binding.TableIDType]binding.Table
 	// Flow caches for corresponding deletions.
 	nodeFlowCache, podFlowCache, serviceFlowCache, snatFlowCache, tfFlowCache *flowCategoryCache
 	// "fixed" flows installed by the agent after initialization and which do not change during
@@ -439,7 +423,8 @@ func (c *client) DeleteOFEntries(ofEntries []binding.OFEntry) error {
 
 // defaultFlows generates the default flows of all tables.
 func (c *client) defaultFlows() (flows []binding.Flow) {
-	for _, table := range c.pipeline {
+	for _, obj := range flowTableCache.List() {
+		table := obj.(binding.Table)
 		flowBuilder := table.BuildFlow(priorityMiss)
 		switch table.GetMissAction() {
 		case binding.TableMissActionNext:
@@ -460,7 +445,7 @@ func (c *client) defaultFlows() (flows []binding.Flow) {
 
 // tunnelClassifierFlow generates the flow to mark traffic comes from the tunnelOFPort.
 func (c *client) tunnelClassifierFlow(tunnelOFPort uint32, category cookie.Category) binding.Flow {
-	return c.pipeline[ClassifierTable].BuildFlow(priorityNormal).
+	return getTableByTableID(ClassifierTable).BuildFlow(priorityNormal).
 		MatchInPort(tunnelOFPort).
 		Action().LoadRegMark(FromTunnelRegMark).
 		Action().LoadRegMark(RewriteMACRegMark).
@@ -471,7 +456,7 @@ func (c *client) tunnelClassifierFlow(tunnelOFPort uint32, category cookie.Categ
 
 // gatewayClassifierFlow generates the flow to mark traffic comes from the gatewayOFPort.
 func (c *client) gatewayClassifierFlow(category cookie.Category) binding.Flow {
-	classifierTable := c.pipeline[ClassifierTable]
+	classifierTable := getTableByTableID(ClassifierTable)
 	return classifierTable.BuildFlow(priorityNormal).
 		MatchInPort(config.HostGatewayOFPort).
 		Action().LoadRegMark(FromGatewayRegMark).
@@ -482,7 +467,7 @@ func (c *client) gatewayClassifierFlow(category cookie.Category) binding.Flow {
 
 // podClassifierFlow generates the flow to mark traffic comes from the podOFPort.
 func (c *client) podClassifierFlow(podOFPort uint32, category cookie.Category) binding.Flow {
-	classifierTable := c.pipeline[ClassifierTable]
+	classifierTable := getTableByTableID(ClassifierTable)
 	return classifierTable.BuildFlow(priorityLow).
 		MatchInPort(podOFPort).
 		Action().LoadRegMark(FromLocalRegMark).
@@ -502,9 +487,9 @@ func (c *client) podClassifierFlow(podOFPort uint32, category cookie.Category) b
 //    to a Service.
 // 6) Add a flow to bypass reject response packet sent by the controller.
 func (c *client) connectionTrackFlows(category cookie.Category) []binding.Flow {
-	connectionTrackTable := c.pipeline[conntrackTable]
-	connectionTrackStateTable := c.pipeline[conntrackStateTable]
-	connectionTrackCommitTable := c.pipeline[conntrackCommitTable]
+	connectionTrackTable := getTableByTableID(conntrackTable)
+	connectionTrackStateTable := getTableByTableID(conntrackStateTable)
+	connectionTrackCommitTable := getTableByTableID(conntrackCommitTable)
 	flows := c.conntrackBasicFlows(category)
 	if c.enableProxy {
 		flows = append(flows,
@@ -567,7 +552,7 @@ func (c *client) connectionTrackFlows(category cookie.Category) []binding.Flow {
 // conntrackBypassRejectFlow generates a flow which is used to bypass the reject
 // response packet sent by the controller to avoid unexpected packet drop.
 func (c *client) conntrackBypassRejectFlow(proto binding.Protocol) binding.Flow {
-	connectionTrackStateTable := c.pipeline[conntrackStateTable]
+	connectionTrackStateTable := getTableByTableID(conntrackStateTable)
 	return connectionTrackStateTable.BuildFlow(priorityHigh).
 		MatchProtocol(proto).
 		MatchRegMark(CustomReasonRejectRegMark).
@@ -605,8 +590,8 @@ func (c *client) dnsResponseBypassPacketInFlow() binding.Flow {
 }
 
 func (c *client) conntrackBasicFlows(category cookie.Category) []binding.Flow {
-	connectionTrackStateTable := c.pipeline[conntrackStateTable]
-	connectionTrackCommitTable := c.pipeline[conntrackCommitTable]
+	connectionTrackStateTable := getTableByTableID(conntrackStateTable)
+	connectionTrackCommitTable := getTableByTableID(conntrackCommitTable)
 	var flows []binding.Flow
 	for _, proto := range c.ipProtocols {
 		ctZone := CtZone
@@ -630,7 +615,7 @@ func (c *client) conntrackBasicFlows(category cookie.Category) []binding.Flow {
 }
 
 func (c *client) kubeProxyFlows(category cookie.Category) []binding.Flow {
-	connectionTrackTable := c.pipeline[conntrackTable]
+	connectionTrackTable := getTableByTableID(conntrackTable)
 	var flows []binding.Flow
 	for _, proto := range c.ipProtocols {
 		ctZone := CtZone
@@ -662,7 +647,7 @@ func (c *client) kubeProxyFlows(category cookie.Category) []binding.Flow {
 // when receiverOnly is true, the flow is added into l2ForwardingCalcTable and
 // matches the destination MAC (the receiver Pod MAC).
 func (c *client) traceflowConnectionTrackFlows(dataplaneTag uint8, receiverOnly bool, packet *binding.Packet, ofPort uint32, timeout uint16, category cookie.Category) []binding.Flow {
-	connectionTrackStateTable := c.pipeline[conntrackStateTable]
+	connectionTrackStateTable := getTableByTableID(conntrackStateTable)
 	var flows []binding.Flow
 	if packet == nil {
 		for _, ipProtocol := range c.ipProtocols {
@@ -708,7 +693,7 @@ func (c *client) traceflowConnectionTrackFlows(dataplaneTag uint8, receiverOnly
 					Action().ResubmitToTable(connectionTrackStateTable.GetNext())
 			}
 		} else {
-			l2FwdCalcTable := c.pipeline[l2ForwardingCalcTable]
+			l2FwdCalcTable := getTableByTableID(l2ForwardingCalcTable)
 			nextTable := c.ingressEntryTable
 			flowBuilder = l2FwdCalcTable.BuildFlow(priorityHigh).
 				MatchDstMAC(packet.DestinationMAC).
@@ -828,7 +813,7 @@ func (c *client) traceflowNetworkPolicyFlows(dataplaneTag uint8, timeout uint16,
 // serviceLBBypassFlows makes packets that belong to a tracked connection bypass
 // service LB tables and enter egressRuleTable directly.
 func (c *client) serviceLBBypassFlows(ipProtocol binding.Protocol) []binding.Flow {
-	connectionTrackStateTable := c.pipeline[conntrackStateTable]
+	connectionTrackStateTable := getTableByTableID(conntrackStateTable)
 	flows := []binding.Flow{
 		// Tracked connections with the ServiceCTMark (load-balanced by AntreaProxy) receive
 		// the macRewriteMark and are sent to egressRuleTable.
@@ -853,7 +838,7 @@ func (c *client) serviceLBBypassFlows(ipProtocol binding.Protocol) []binding.Flo
 
 // l2ForwardCalcFlow generates the flow that matches dst MAC and loads ofPort to reg.
 func (c *client) l2ForwardCalcFlow(dstMAC net.HardwareAddr, ofPort uint32, skipIngressRules bool, category cookie.Category) binding.Flow {
-	l2FwdCalcTable := c.pipeline[l2ForwardingCalcTable]
+	l2FwdCalcTable := getTableByTableID(l2ForwardingCalcTable)
 	nextTable := l2FwdCalcTable.GetNext()
 	if !skipIngressRules {
 		// Go to ingress NetworkPolicy tables for traffic to local Pods.
@@ -874,7 +859,7 @@ func (c *client) l2ForwardCalcFlow(dstMAC net.HardwareAddr, ofPort uint32, skipI
 // to OVS port and Antrea Agent after L2forwarding calculation.
 func (c *client) traceflowL2ForwardOutputFlows(dataplaneTag uint8, liveTraffic, droppedOnly bool, timeout uint16, category cookie.Category) []binding.Flow {
 	flows := []binding.Flow{}
-	l2FwdOutTable := c.pipeline[L2ForwardingOutTable]
+	l2FwdOutTable := getTableByTableID(L2ForwardingOutTable)
 	for _, ipProtocol := range c.ipProtocols {
 		if c.encapMode.SupportsEncap() {
 			// SendToController and Output if output port is tunnel port.
@@ -1005,7 +990,7 @@ func (c *client) traceflowL2ForwardOutputFlows(dataplaneTag uint8, liveTraffic,
 // l2ForwardOutputServiceHairpinFlow uses in_port action for Service
 // hairpin packets to avoid packets from being dropped by OVS.
 func (c *client) l2ForwardOutputServiceHairpinFlow() binding.Flow {
-	return c.pipeline[L2ForwardingOutTable].BuildFlow(priorityHigh).
+	return getTableByTableID(L2ForwardingOutTable).BuildFlow(priorityHigh).
 		MatchRegMark(HairpinRegMark).
 		Action().OutputInPort().
 		Cookie(c.cookieAllocator.Request(cookie.Service).Raw()).
@@ -1016,12 +1001,12 @@ func (c *client) l2ForwardOutputServiceHairpinFlow() binding.Flow {
 func (c *client) l2ForwardOutputFlows(category cookie.Category) []binding.Flow {
 	var flows []binding.Flow
 	flows = append(flows,
-		c.pipeline[L2ForwardingOutTable].BuildFlow(priorityNormal).MatchProtocol(binding.ProtocolIP).
+		getTableByTableID(L2ForwardingOutTable).BuildFlow(priorityNormal).MatchProtocol(binding.ProtocolIP).
 			MatchRegMark(OFPortFoundRegMark).
 			Action().OutputToRegField(TargetOFPortField).
 			Cookie(c.cookieAllocator.Request(category).Raw()).
 			Done(),
-		c.pipeline[L2ForwardingOutTable].BuildFlow(priorityNormal).MatchProtocol(binding.ProtocolIPv6).
+		getTableByTableID(L2ForwardingOutTable).BuildFlow(priorityNormal).MatchProtocol(binding.ProtocolIPv6).
 			MatchRegMark(OFPortFoundRegMark).
 			Action().OutputToRegField(TargetOFPortField).
 			Cookie(c.cookieAllocator.Request(category).Raw()).
@@ -1035,7 +1020,7 @@ func (c *client) l2ForwardOutputFlows(category cookie.Category) []binding.Flow {
 // the Pod interface MAC, and rewrites the source MAC to the gateway interface
 // MAC.
 func (c *client) l3FwdFlowToPod(localGatewayMAC net.HardwareAddr, podInterfaceIPs []net.IP, podInterfaceMAC net.HardwareAddr, category cookie.Category) []binding.Flow {
-	l3FwdTable := c.pipeline[l3ForwardingTable]
+	l3FwdTable := getTableByTableID(l3ForwardingTable)
 	var flows []binding.Flow
 	for _, ip := range podInterfaceIPs {
 		ipProtocol := getIPProtocol(ip)
@@ -1057,7 +1042,7 @@ func (c *client) l3FwdFlowToPod(localGatewayMAC net.HardwareAddr, podInterfaceIP
 // interface MAC. The flow is used in the networkPolicyOnly mode for the traffic
 // from the gateway to a local Pod.
 func (c *client) l3FwdFlowRouteToPod(podInterfaceIPs []net.IP, podInterfaceMAC net.HardwareAddr, category cookie.Category) []binding.Flow {
-	l3FwdTable := c.pipeline[l3ForwardingTable]
+	l3FwdTable := getTableByTableID(l3ForwardingTable)
 	var flows []binding.Flow
 	for _, ip := range podInterfaceIPs {
 		ipProtocol := getIPProtocol(ip)
@@ -1076,7 +1061,7 @@ func (c *client) l3FwdFlowRouteToPod(podInterfaceIPs []net.IP, podInterfaceMAC n
 // interface MAC. The flow is used in the networkPolicyOnly mode for the traffic
 // from a local Pod to remote Pods, Nodes, or external network.
 func (c *client) l3FwdFlowRouteToGW(gwMAC net.HardwareAddr, category cookie.Category) []binding.Flow {
-	l3FwdTable := c.pipeline[l3ForwardingTable]
+	l3FwdTable := getTableByTableID(l3ForwardingTable)
 	var flows []binding.Flow
 	for _, ipProto := range c.ipProtocols {
 		flows = append(flows, l3FwdTable.BuildFlow(priorityLow).MatchProtocol(ipProto).
@@ -1092,7 +1077,7 @@ func (c *client) l3FwdFlowRouteToGW(gwMAC net.HardwareAddr, category cookie.Cate
 // l3FwdFlowToGateway generates the L3 forward flows to rewrite the destination MAC of the packets to the gateway interface
 // MAC if the destination IP is the gateway IP or the connection was initiated through the gateway interface.
 func (c *client) l3FwdFlowToGateway(localGatewayIPs []net.IP, localGatewayMAC net.HardwareAddr, category cookie.Category) []binding.Flow {
-	l3FwdTable := c.pipeline[l3ForwardingTable]
+	l3FwdTable := getTableByTableID(l3ForwardingTable)
 	var flows []binding.Flow
 	for _, ip := range localGatewayIPs {
 		ipProtocol := getIPProtocol(ip)
@@ -1136,7 +1121,7 @@ func (c *client) l3FwdFlowToRemote(
 	tunnelPeer net.IP,
 	category cookie.Category) binding.Flow {
 	ipProto := getIPProtocol(peerSubnet.IP)
-	return c.pipeline[l3ForwardingTable].BuildFlow(priorityNormal).MatchProtocol(ipProto).
+	return getTableByTableID(l3ForwardingTable).BuildFlow(priorityNormal).MatchProtocol(ipProto).
 		MatchDstIPNet(peerSubnet).
 		// Rewrite src MAC to local gateway MAC and rewrite dst MAC to virtual MAC.
 		Action().SetSrcMAC(localGatewayMAC).
@@ -1156,7 +1141,7 @@ func (c *client) l3FwdFlowToRemoteViaGW(
 	peerSubnet net.IPNet,
 	category cookie.Category) binding.Flow {
 	ipProto := getIPProtocol(peerSubnet.IP)
-	l3FwdTable := c.pipeline[l3ForwardingTable]
+	l3FwdTable := getTableByTableID(l3ForwardingTable)
 	return l3FwdTable.BuildFlow(priorityNormal).MatchProtocol(ipProto).
 		MatchDstIPNet(peerSubnet).
 		Action().SetDstMAC(localGatewayMAC).
@@ -1168,7 +1153,7 @@ func (c *client) l3FwdFlowToRemoteViaGW(
 // arpResponderFlow generates the ARP responder flow entry that replies request comes from local gateway for peer
 // gateway MAC.
 func (c *client) arpResponderFlow(peerGatewayIP net.IP, category cookie.Category) binding.Flow {
-	return c.pipeline[arpResponderTable].BuildFlow(priorityNormal).MatchProtocol(binding.ProtocolARP).
+	return getTableByTableID(arpResponderTable).BuildFlow(priorityNormal).MatchProtocol(binding.ProtocolARP).
 		MatchARPOp(1).
 		MatchARPTpa(peerGatewayIP).
 		Action().Move(binding.NxmFieldSrcMAC, binding.NxmFieldDstMAC).
@@ -1186,7 +1171,7 @@ func (c *client) arpResponderFlow(peerGatewayIP net.IP, category cookie.Category
 // arpResponderStaticFlow generates ARP reply for any ARP request with the same global virtual MAC.
 // This flow is used in policy-only mode, where traffic are routed via IP not MAC.
 func (c *client) arpResponderStaticFlow(category cookie.Category) binding.Flow {
-	return c.pipeline[arpResponderTable].BuildFlow(priorityNormal).MatchProtocol(binding.ProtocolARP).
+	return getTableByTableID(arpResponderTable).BuildFlow(priorityNormal).MatchProtocol(binding.ProtocolARP).
 		MatchARPOp(1).
 		Action().Move(binding.NxmFieldSrcMAC, binding.NxmFieldDstMAC).
 		Action().SetSrcMAC(globalVirtualMAC).
@@ -1205,8 +1190,7 @@ func (c *client) arpResponderStaticFlow(category cookie.Category) binding.Flow {
 // podIPSpoofGuardFlow generates the flow to check IP traffic sent out from local pod. Traffic from host gateway interface
 // will not be checked, since it might be pod to service traffic or host namespace traffic.
 func (c *client) podIPSpoofGuardFlow(ifIPs []net.IP, ifMAC net.HardwareAddr, ifOFPort uint32, category cookie.Category) []binding.Flow {
-	ipPipeline := c.pipeline
-	ipSpoofGuardTable := ipPipeline[spoofGuardTable]
+	ipSpoofGuardTable := getTableByTableID(spoofGuardTable)
 	var flows []binding.Flow
 	for _, ifIP := range ifIPs {
 		ipProtocol := getIPProtocol(ifIP)
@@ -1252,7 +1236,7 @@ func (c *client) serviceHairpinResponseDNATFlow(ipProtocol binding.Protocol) bin
 		from = "NXM_NX_IPV6_SRC"
 		to = "NXM_NX_IPV6_DST"
 	}
-	return c.pipeline[serviceHairpinTable].BuildFlow(priorityNormal).MatchProtocol(ipProtocol).
+	return getTableByTableID(serviceHairpinTable).BuildFlow(priorityNormal).MatchProtocol(ipProtocol).
 		MatchDstIP(hpIP).
 		Action().Move(from, to).
 		Action().LoadRegMark(HairpinRegMark).
@@ -1263,7 +1247,7 @@ func (c *client) serviceHairpinResponseDNATFlow(ipProtocol binding.Protocol) bin
 
 // gatewayARPSpoofGuardFlow generates the flow to check ARP traffic sent out from the local gateway interface.
 func (c *client) gatewayARPSpoofGuardFlow(gatewayIP net.IP, gatewayMAC net.HardwareAddr, category cookie.Category) binding.Flow {
-	return c.pipeline[spoofGuardTable].BuildFlow(priorityNormal).MatchProtocol(binding.ProtocolARP).
+	return getTableByTableID(spoofGuardTable).BuildFlow(priorityNormal).MatchProtocol(binding.ProtocolARP).
 		MatchInPort(config.HostGatewayOFPort).
 		MatchARPSha(gatewayMAC).
 		MatchARPSpa(gatewayIP).
@@ -1274,7 +1258,7 @@ func (c *client) gatewayARPSpoofGuardFlow(gatewayIP net.IP, gatewayMAC net.Hardw
 
 // arpSpoofGuardFlow generates the flow to check ARP traffic sent out from local pods interfaces.
 func (c *client) arpSpoofGuardFlow(ifIP net.IP, ifMAC net.HardwareAddr, ifOFPort uint32, category cookie.Category) binding.Flow {
-	return c.pipeline[spoofGuardTable].BuildFlow(priorityNormal).MatchProtocol(binding.ProtocolARP).
+	return getTableByTableID(spoofGuardTable).BuildFlow(priorityNormal).MatchProtocol(binding.ProtocolARP).
 		MatchInPort(ifOFPort).
 		MatchARPSha(ifMAC).
 		MatchARPSpa(ifIP).
@@ -1288,7 +1272,7 @@ func (c *client) arpSpoofGuardFlow(ifIP net.IP, ifMAC net.HardwareAddr, ifOFPort
 // case will occur if an Endpoint is removed and is the learned Endpoint
 // selection of the Service.
 func (c *client) sessionAffinityReselectFlow() binding.Flow {
-	return c.pipeline[endpointDNATTable].BuildFlow(priorityLow).
+	return getTableByTableID(endpointDNATTable).BuildFlow(priorityLow).
 		MatchRegMark(EpSelectedRegMark).
 		Action().LoadRegMark(EpToSelectRegMark).
 		Action().ResubmitToTable(serviceLBTable).
@@ -1298,8 +1282,7 @@ func (c *client) sessionAffinityReselectFlow() binding.Flow {
 
 // gatewayIPSpoofGuardFlow generates the flow to skip spoof guard checking for traffic sent from gateway interface.
 func (c *client) gatewayIPSpoofGuardFlows(category cookie.Category) []binding.Flow {
-	ipPipeline := c.pipeline
-	ipSpoofGuardTable := ipPipeline[spoofGuardTable]
+	ipSpoofGuardTable := getTableByTableID(spoofGuardTable)
 	var flows []binding.Flow
 	for _, proto := range c.ipProtocols {
 		nextTable := ipSpoofGuardTable.GetNext()
@@ -1323,7 +1306,7 @@ func (c *client) serviceCIDRDNATFlows(serviceCIDRs []*net.IPNet) []binding.Flow
 	for _, serviceCIDR := range serviceCIDRs {
 		if serviceCIDR != nil {
 			ipProto := getIPProtocol(serviceCIDR.IP)
-			flows = append(flows, c.pipeline[dnatTable].BuildFlow(priorityNormal).MatchProtocol(ipProto).
+			flows = append(flows, getTableByTableID(dnatTable).BuildFlow(priorityNormal).MatchProtocol(ipProto).
 				MatchDstIPNet(*serviceCIDR).
 				Action().LoadToRegField(TargetOFPortField, config.HostGatewayOFPort).
 				Action().LoadRegMark(OFPortFoundRegMark).
@@ -1337,7 +1320,7 @@ func (c *client) serviceCIDRDNATFlows(serviceCIDRs []*net.IPNet) []binding.Flow
 
 // serviceNeedLBFlow generates flows to mark packets as LB needed.
 func (c *client) serviceNeedLBFlow() binding.Flow {
-	return c.pipeline[sessionAffinityTable].BuildFlow(priorityMiss).
+	return getTableByTableID(sessionAffinityTable).BuildFlow(priorityMiss).
 		Cookie(c.cookieAllocator.Request(cookie.Service).Raw()).
 		Action().LoadRegMark(EpToSelectRegMark).
 		Done()
@@ -1345,7 +1328,7 @@ func (c *client) serviceNeedLBFlow() binding.Flow {
 
 // arpNormalFlow generates the flow to response arp in normal way if no flow in arpResponderTable is matched.
 func (c *client) arpNormalFlow(category cookie.Category) binding.Flow {
-	return c.pipeline[arpResponderTable].BuildFlow(priorityLow).MatchProtocol(binding.ProtocolARP).
+	return getTableByTableID(arpResponderTable).BuildFlow(priorityLow).MatchProtocol(binding.ProtocolARP).
 		Action().Normal().
 		Cookie(c.cookieAllocator.Request(category).Raw()).
 		Done()
@@ -1363,11 +1346,11 @@ func (c *client) allowRulesMetricFlows(conjunctionID uint32, ingress bool) []bin
 		field = EgressRuleCTLabel
 	}
 	metricFlow := func(isCTNew bool, protocol binding.Protocol) binding.Flow {
-		return c.pipeline[metricTableID].BuildFlow(priorityNormal).
+		return getTableByTableID(metricTableID).BuildFlow(priorityNormal).
 			MatchProtocol(protocol).
 			MatchCTStateNew(isCTNew).
 			MatchCTLabelField(0, uint64(conjunctionID)<<offset, field).
-			Action().GotoTable(c.pipeline[metricTableID].GetNext()).
+			Action().GotoTable(getTableByTableID(metricTableID).GetNext()).
 			Cookie(c.cookieAllocator.Request(cookie.Policy).Raw()).
 			Done()
 	}
@@ -1387,7 +1370,7 @@ func (c *client) denyRuleMetricFlow(conjunctionID uint32, ingress bool) binding.
 	if !ingress {
 		metricTableID = EgressMetricTable
 	}
-	return c.pipeline[metricTableID].BuildFlow(priorityNormal).
+	return getTableByTableID(metricTableID).BuildFlow(priorityNormal).
 		MatchRegMark(CnpDenyRegMark).
 		MatchRegFieldWithValue(CNPDenyConjIDField, conjunctionID).
 		Action().Drop().
@@ -1405,19 +1388,19 @@ func (c *client) ipv6Flows(category cookie.Category) []binding.Flow {
 	flows = append(flows,
 		// Allow IPv6 packets (e.g. Multicast Listener Report Message V2) which are sent from link-local addresses in spoofGuardTable,
 		// so that these packets will not be dropped.
-		c.pipeline[spoofGuardTable].BuildFlow(priorityNormal).MatchProtocol(binding.ProtocolIPv6).
+		getTableByTableID(spoofGuardTable).BuildFlow(priorityNormal).MatchProtocol(binding.ProtocolIPv6).
 			MatchSrcIPNet(*ipv6LinkLocalIpnet).
 			Action().GotoTable(ipv6Table).
 			Cookie(c.cookieAllocator.Request(category).Raw()).
 			Done(),
 		// Handle IPv6 Neighbor Solicitation and Neighbor Advertisement as a regular L2 learning Switch by using normal.
-		c.pipeline[ipv6Table].BuildFlow(priorityNormal).MatchProtocol(binding.ProtocolICMPv6).
+		getTableByTableID(ipv6Table).BuildFlow(priorityNormal).MatchProtocol(binding.ProtocolICMPv6).
 			MatchICMPv6Type(135).
 			MatchICMPv6Code(0).
 			Action().Normal().
 			Cookie(c.cookieAllocator.Request(category).Raw()).
 			Done(),
-		c.pipeline[ipv6Table].BuildFlow(priorityNormal).MatchProtocol(binding.ProtocolICMPv6).
+		getTableByTableID(ipv6Table).BuildFlow(priorityNormal).MatchProtocol(binding.ProtocolICMPv6).
 			MatchICMPv6Type(136).
 			MatchICMPv6Code(0).
 			Action().Normal().
@@ -1425,7 +1408,7 @@ func (c *client) ipv6Flows(category cookie.Category) []binding.Flow {
 			Done(),
 		// Handle IPv6 multicast packets as a regular L2 learning Switch by using normal.
 		// It is used to ensure that all kinds of IPv6 multicast packets are properly handled (e.g. Multicast Listener Report Message V2).
-		c.pipeline[ipv6Table].BuildFlow(priorityNormal).MatchProtocol(binding.ProtocolIPv6).
+		getTableByTableID(ipv6Table).BuildFlow(priorityNormal).MatchProtocol(binding.ProtocolIPv6).
 			MatchDstIPNet(*ipv6MulticastIpnet).
 			Action().Normal().
 			Cookie(c.cookieAllocator.Request(category).Raw()).
@@ -1455,7 +1438,7 @@ func (c *client) conjunctionActionFlow(conjunctionID uint32, tableID binding.Tab
 			ctZone = CtZoneV6
 		}
 		if enableLogging {
-			fb := c.pipeline[tableID].BuildFlow(ofPriority).MatchProtocol(proto).
+			fb := getTableByTableID(tableID).BuildFlow(ofPriority).MatchProtocol(proto).
 				MatchConjID(conjunctionID)
 			if c.ovsMetersAreSupported {
 				fb = fb.Action().Meter(PacketInMeterIDNP)
@@ -1471,7 +1454,7 @@ func (c *client) conjunctionActionFlow(conjunctionID uint32, tableID binding.Tab
 				Cookie(c.cookieAllocator.Request(cookie.Policy).Raw()).
 				Done()
 		}
-		return c.pipeline[tableID].BuildFlow(ofPriority).MatchProtocol(proto).
+		return getTableByTableID(tableID).BuildFlow(ofPriority).MatchProtocol(proto).
 			MatchConjID(conjunctionID).
 			Action().LoadToRegField(conjReg, conjunctionID). // Traceflow.
 			Action().CT(true, nextTable, ctZone).            // CT action requires commit flag if actions other than NAT without arguments are specified.
@@ -1497,7 +1480,7 @@ func (c *client) conjunctionActionDenyFlow(conjunctionID uint32, tableID binding
 		metricTableID = EgressMetricTable
 	}
 
-	flowBuilder := c.pipeline[tableID].BuildFlow(ofPriority).
+	flowBuilder := getTableByTableID(tableID).BuildFlow(ofPriority).
 		MatchConjID(conjunctionID).
 		Action().LoadToRegField(CNPDenyConjIDField, conjunctionID).
 		Action().LoadRegMark(CnpDenyRegMark)
@@ -1545,19 +1528,19 @@ func (c *client) establishedConnectionFlows(category cookie.Category) (flows []b
 	// egressDropTable checks the source address of packets, and drops packets sent from the AppliedToGroup but not
 	// matching the NetworkPolicy rules. Packets in the established connections need not to be checked with the
 	// egressRuleTable or the egressDropTable.
-	egressDropTable := c.pipeline[EgressDefaultTable]
+	egressDropTable := getTableByTableID(EgressDefaultTable)
 	// ingressDropTable checks the destination address of packets, and drops packets sent to the AppliedToGroup but not
 	// matching the NetworkPolicy rules. Packets in the established connections need not to be checked with the
 	// ingressRuleTable or ingressDropTable.
-	ingressDropTable := c.pipeline[IngressDefaultTable]
+	ingressDropTable := getTableByTableID(IngressDefaultTable)
 	var allEstFlows []binding.Flow
 	for _, ipProto := range c.ipProtocols {
-		egressEstFlow := c.pipeline[EgressRuleTable].BuildFlow(priorityHigh).MatchProtocol(ipProto).
+		egressEstFlow := getTableByTableID(EgressRuleTable).BuildFlow(priorityHigh).MatchProtocol(ipProto).
 			MatchCTStateNew(false).MatchCTStateEst(true).
 			Action().GotoTable(egressDropTable.GetNext()).
 			Cookie(c.cookieAllocator.Request(category).Raw()).
 			Done()
-		ingressEstFlow := c.pipeline[IngressRuleTable].BuildFlow(priorityHigh).MatchProtocol(ipProto).
+		ingressEstFlow := getTableByTableID(IngressRuleTable).BuildFlow(priorityHigh).MatchProtocol(ipProto).
 			MatchCTStateNew(false).MatchCTStateEst(true).
 			Action().GotoTable(ingressDropTable.GetNext()).
 			Cookie(c.cookieAllocator.Request(category).Raw()).
@@ -1570,7 +1553,7 @@ func (c *client) establishedConnectionFlows(category cookie.Category) (flows []b
 	apFlows := make([]binding.Flow, 0)
 	for _, tableID := range GetAntreaPolicyEgressTables() {
 		for _, ipProto := range c.ipProtocols {
-			apEgressEstFlow := c.pipeline[tableID].BuildFlow(priorityTopAntreaPolicy).MatchProtocol(ipProto).
+			apEgressEstFlow := getTableByTableID(tableID).BuildFlow(priorityTopAntreaPolicy).MatchProtocol(ipProto).
 				MatchCTStateNew(false).MatchCTStateEst(true).
 				Action().GotoTable(egressDropTable.GetNext()).
 				Cookie(c.cookieAllocator.Request(category).Raw()).
@@ -1581,7 +1564,7 @@ func (c *client) establishedConnectionFlows(category cookie.Category) (flows []b
 	}
 	for _, tableID := range GetAntreaPolicyIngressTables() {
 		for _, ipProto := range c.ipProtocols {
-			apIngressEstFlow := c.pipeline[tableID].BuildFlow(priorityTopAntreaPolicy).MatchProtocol(ipProto).
+			apIngressEstFlow := getTableByTableID(tableID).BuildFlow(priorityTopAntreaPolicy).MatchProtocol(ipProto).
 				MatchCTStateNew(false).MatchCTStateEst(true).
 				Action().GotoTable(ingressDropTable.GetNext()).
 				Cookie(c.cookieAllocator.Request(category).Raw()).
@@ -1599,19 +1582,19 @@ func (c *client) relatedConnectionFlows(category cookie.Category) (flows []bindi
 	// egressDropTable checks the source address of packets, and drops packets sent from the AppliedToGroup but not
 	// matching the NetworkPolicy rules. Packets in the related connections need not to be checked with the
 	// egressRuleTable or the egressDropTable.
-	egressDropTable := c.pipeline[EgressDefaultTable]
+	egressDropTable := getTableByTableID(EgressDefaultTable)
 	// ingressDropTable checks the destination address of packets, and drops packets sent to the AppliedToGroup but not
 	// matching the NetworkPolicy rules. Packets in the related connections need not to be checked with the
 	// ingressRuleTable or ingressDropTable.
-	ingressDropTable := c.pipeline[IngressDefaultTable]
+	ingressDropTable := getTableByTableID(IngressDefaultTable)
 	var allRelFlows []binding.Flow
 	for _, ipProto := range c.ipProtocols {
-		egressRelFlow := c.pipeline[EgressRuleTable].BuildFlow(priorityHigh).MatchProtocol(ipProto).
+		egressRelFlow := getTableByTableID(EgressRuleTable).BuildFlow(priorityHigh).MatchProtocol(ipProto).
 			MatchCTStateNew(false).MatchCTStateRel(true).
 			Action().GotoTable(egressDropTable.GetNext()).
 			Cookie(c.cookieAllocator.Request(category).Raw()).
 			Done()
-		ingressRelFlow := c.pipeline[IngressRuleTable].BuildFlow(priorityHigh).MatchProtocol(ipProto).
+		ingressRelFlow := getTableByTableID(IngressRuleTable).BuildFlow(priorityHigh).MatchProtocol(ipProto).
 			MatchCTStateNew(false).MatchCTStateRel(true).
 			Action().GotoTable(ingressDropTable.GetNext()).
 			Cookie(c.cookieAllocator.Request(category).Raw()).
@@ -1624,7 +1607,7 @@ func (c *client) relatedConnectionFlows(category cookie.Category) (flows []bindi
 	apFlows := make([]binding.Flow, 0)
 	for _, tableID := range GetAntreaPolicyEgressTables() {
 		for _, ipProto := range c.ipProtocols {
-			apEgressRelFlow := c.pipeline[tableID].BuildFlow(priorityTopAntreaPolicy).MatchProtocol(ipProto).
+			apEgressRelFlow := getTableByTableID(tableID).BuildFlow(priorityTopAntreaPolicy).MatchProtocol(ipProto).
 				MatchCTStateNew(false).MatchCTStateRel(true).
 				Action().GotoTable(egressDropTable.GetNext()).
 				Cookie(c.cookieAllocator.Request(category).Raw()).
@@ -1635,7 +1618,7 @@ func (c *client) relatedConnectionFlows(category cookie.Category) (flows []bindi
 	}
 	for _, tableID := range GetAntreaPolicyIngressTables() {
 		for _, ipProto := range c.ipProtocols {
-			apIngressRelFlow := c.pipeline[tableID].BuildFlow(priorityTopAntreaPolicy).MatchProtocol(ipProto).
+			apIngressRelFlow := getTableByTableID(tableID).BuildFlow(priorityTopAntreaPolicy).MatchProtocol(ipProto).
 				MatchCTStateNew(false).MatchCTStateRel(true).
 				Action().GotoTable(ingressDropTable.GetNext()).
 				Cookie(c.cookieAllocator.Request(category).Raw()).
@@ -1654,19 +1637,19 @@ func (c *client) rejectBypassNetworkpolicyFlows(category cookie.Category) (flows
 	// egressDropTable checks the source address of packets, and drops packets sent from the AppliedToGroup but not
 	// matching the NetworkPolicy rules. Generated reject responses need not to be checked with the
 	// egressRuleTable or the egressDropTable.
-	egressDropTable := c.pipeline[EgressDefaultTable]
+	egressDropTable := getTableByTableID(EgressDefaultTable)
 	// ingressDropTable checks the destination address of packets, and drops packets sent to the AppliedToGroup but not
 	// matching the NetworkPolicy rules. Generated reject responses need not to be checked with the
 	// ingressRuleTable or ingressDropTable.
-	ingressDropTable := c.pipeline[IngressDefaultTable]
+	ingressDropTable := getTableByTableID(IngressDefaultTable)
 	var allRejFlows []binding.Flow
 	for _, ipProto := range c.ipProtocols {
-		egressRejFlow := c.pipeline[EgressRuleTable].BuildFlow(priorityHigh).MatchProtocol(ipProto).
+		egressRejFlow := getTableByTableID(EgressRuleTable).BuildFlow(priorityHigh).MatchProtocol(ipProto).
 			MatchRegFieldWithValue(CustomReasonField, CustomReasonReject).
 			Action().GotoTable(egressDropTable.GetNext()).
 			Cookie(c.cookieAllocator.Request(category).Raw()).
 			Done()
-		ingressRejFlow := c.pipeline[IngressRuleTable].BuildFlow(priorityHigh).MatchProtocol(ipProto).
+		ingressRejFlow := getTableByTableID(IngressRuleTable).BuildFlow(priorityHigh).MatchProtocol(ipProto).
 			MatchRegFieldWithValue(CustomReasonField, CustomReasonReject).
 			Action().GotoTable(ingressDropTable.GetNext()).
 			Cookie(c.cookieAllocator.Request(category).Raw()).
@@ -1679,7 +1662,7 @@ func (c *client) rejectBypassNetworkpolicyFlows(category cookie.Category) (flows
 	apFlows := make([]binding.Flow, 0)
 	for _, tableID := range GetAntreaPolicyEgressTables() {
 		for _, ipProto := range c.ipProtocols {
-			apEgressRejFlow := c.pipeline[tableID].BuildFlow(priorityTopAntreaPolicy).MatchProtocol(ipProto).
+			apEgressRejFlow := getTableByTableID(tableID).BuildFlow(priorityTopAntreaPolicy).MatchProtocol(ipProto).
 				MatchRegFieldWithValue(CustomReasonField, CustomReasonReject).
 				Action().GotoTable(egressDropTable.GetNext()).
 				Cookie(c.cookieAllocator.Request(category).Raw()).
@@ -1690,7 +1673,7 @@ func (c *client) rejectBypassNetworkpolicyFlows(category cookie.Category) (flows
 	}
 	for _, tableID := range GetAntreaPolicyIngressTables() {
 		for _, ipProto := range c.ipProtocols {
-			apIngressRejFlow := c.pipeline[tableID].BuildFlow(priorityTopAntreaPolicy).MatchProtocol(ipProto).
+			apIngressRejFlow := getTableByTableID(tableID).BuildFlow(priorityTopAntreaPolicy).MatchProtocol(ipProto).
 				MatchRegFieldWithValue(CustomReasonField, CustomReasonReject).
 				Action().GotoTable(ingressDropTable.GetNext()).
 				Cookie(c.cookieAllocator.Request(category).Raw()).
@@ -1765,7 +1748,7 @@ func (c *client) conjunctionExceptionFlow(conjunctionID uint32, tableID binding.
 	if tableID == EgressRuleTable {
 		conjReg = TFEgressConjIDField
 	}
-	fb := c.pipeline[tableID].BuildFlow(priorityNormal).MatchConjID(conjunctionID)
+	fb := getTableByTableID(tableID).BuildFlow(priorityNormal).MatchConjID(conjunctionID)
 	return c.addFlowMatch(fb, matchKey, matchValue).
 		Action().LoadToRegField(conjReg, conjunctionID). // Traceflow.
 		Action().GotoTable(nextTable).
@@ -1781,7 +1764,7 @@ func (c *client) conjunctiveMatchFlow(tableID binding.TableIDType, matchKey *typ
 	} else {
 		ofPriority = priorityNormal
 	}
-	fb := c.pipeline[tableID].BuildFlow(ofPriority)
+	fb := getTableByTableID(tableID).BuildFlow(ofPriority)
 	fb = c.addFlowMatch(fb, matchKey, matchValue)
 	if c.deterministic {
 		sort.Sort(conjunctiveActionsInOrder(actions))
@@ -1794,7 +1777,7 @@ func (c *client) conjunctiveMatchFlow(tableID binding.TableIDType, matchKey *typ
 
 // defaultDropFlow generates the flow to drop packets if the match condition is matched.
 func (c *client) defaultDropFlow(tableID binding.TableIDType, matchKey *types.MatchKey, matchValue interface{}) binding.Flow {
-	fb := c.pipeline[tableID].BuildFlow(priorityNormal)
+	fb := getTableByTableID(tableID).BuildFlow(priorityNormal)
 	if c.enableDenyTracking {
 		return c.addFlowMatch(fb, matchKey, matchValue).
 			Action().Drop().
@@ -1836,7 +1819,7 @@ func (c *client) localProbeFlow(localGatewayIPs []net.IP, category cookie.Catego
 	if runtime.IsWindowsPlatform() || c.ovsDatapathType == ovsconfig.OVSDatapathNetdev {
 		for _, ip := range localGatewayIPs {
 			ipProtocol := getIPProtocol(ip)
-			flows = append(flows, c.pipeline[IngressRuleTable].BuildFlow(priorityHigh).
+			flows = append(flows, getTableByTableID(IngressRuleTable).BuildFlow(priorityHigh).
 				MatchProtocol(ipProtocol).
 				MatchSrcIP(ip).
 				Action().GotoTable(conntrackCommitTable).
@@ -1844,7 +1827,7 @@ func (c *client) localProbeFlow(localGatewayIPs []net.IP, category cookie.Catego
 				Done())
 		}
 	} else {
-		flows = append(flows, c.pipeline[IngressRuleTable].BuildFlow(priorityHigh).
+		flows = append(flows, getTableByTableID(IngressRuleTable).BuildFlow(priorityHigh).
 			MatchPktMark(types.HostLocalSourceMark, &types.HostLocalSourceMark).
 			Action().GotoTable(conntrackCommitTable).
 			Cookie(c.cookieAllocator.Request(category).Raw()).
@@ -1857,7 +1840,7 @@ func (c *client) localProbeFlow(localGatewayIPs []net.IP, category cookie.Catego
 // the external network. The flows identify the packets to external, and send
 // them to snatTable, where SNAT IPs are looked up for the packets.
 func (c *client) snatCommonFlows(nodeIP net.IP, localSubnet net.IPNet, localGatewayMAC net.HardwareAddr, category cookie.Category) []binding.Flow {
-	l3FwdTable := c.pipeline[l3ForwardingTable]
+	l3FwdTable := getTableByTableID(l3ForwardingTable)
 	nextTable := l3FwdTable.GetNext()
 	ipProto := getIPProtocol(localSubnet.IP)
 	flows := []binding.Flow{
@@ -1901,7 +1884,7 @@ func (c *client) snatCommonFlows(nodeIP net.IP, localSubnet net.IPNet, localGate
 			Done(),
 
 		// Drop the traffic from remote Nodes if no matched SNAT policy.
-		c.pipeline[snatTable].BuildFlow(priorityLow).
+		getTableByTableID(snatTable).BuildFlow(priorityLow).
 			MatchProtocol(ipProto).
 			MatchCTStateNew(true).MatchCTStateTrk(true).
 			MatchRegMark(FromTunnelRegMark).
@@ -1916,7 +1899,7 @@ func (c *client) snatCommonFlows(nodeIP net.IP, localSubnet net.IPNet, localGate
 // remote Nodes. The SNAT IP matches the packet's tunnel destination IP.
 func (c *client) snatIPFromTunnelFlow(snatIP net.IP, mark uint32) binding.Flow {
 	ipProto := getIPProtocol(snatIP)
-	return c.pipeline[snatTable].BuildFlow(priorityNormal).
+	return getTableByTableID(snatTable).BuildFlow(priorityNormal).
 		MatchProtocol(ipProto).
 		MatchCTStateNew(true).MatchCTStateTrk(true).
 		MatchTunnelDst(snatIP).
@@ -1932,7 +1915,7 @@ func (c *client) snatIPFromTunnelFlow(snatIP net.IP, mark uint32) binding.Flow {
 // on a remote Node, it tunnels the packets to the SNAT IP.
 func (c *client) snatRuleFlow(ofPort uint32, snatIP net.IP, snatMark uint32, localGatewayMAC net.HardwareAddr) binding.Flow {
 	ipProto := getIPProtocol(snatIP)
-	snatTable := c.pipeline[snatTable]
+	snatTable := getTableByTableID(snatTable)
 	if snatMark != 0 {
 		// Local SNAT IP.
 		return snatTable.BuildFlow(priorityNormal).
@@ -1961,7 +1944,7 @@ func (c *client) snatRuleFlow(ofPort uint32, snatIP net.IP, snatMark uint32, loc
 // to gateway. kube-proxy will then handle the traffic.
 // This flow is for Windows Node only.
 func (c *client) loadBalancerServiceFromOutsideFlow(svcIP net.IP, svcPort uint16, protocol binding.Protocol) binding.Flow {
-	return c.pipeline[uplinkTable].BuildFlow(priorityHigh).
+	return getTableByTableID(uplinkTable).BuildFlow(priorityHigh).
 		MatchProtocol(protocol).
 		MatchDstPort(svcPort, nil).
 		MatchRegMark(FromUplinkRegMark).
@@ -1976,7 +1959,7 @@ func (c *client) loadBalancerServiceFromOutsideFlow(svcIP net.IP, svcPort uint16
 func (c *client) serviceLearnFlow(groupID binding.GroupIDType, svcIP net.IP, svcPort uint16, protocol binding.Protocol, affinityTimeout uint16) binding.Flow {
 	// Using unique cookie ID here to avoid learned flow cascade deletion.
 	cookieID := c.cookieAllocator.RequestWithObjectID(cookie.Service, uint32(groupID)).Raw()
-	learnFlowBuilder := c.pipeline[serviceLBTable].BuildFlow(priorityLow).
+	learnFlowBuilder := getTableByTableID(serviceLBTable).BuildFlow(priorityLow).
 		MatchRegMark(EpToLearnRegMark).
 		MatchDstIP(svcIP).
 		MatchProtocol(protocol).
@@ -2045,7 +2028,7 @@ func (c *client) serviceLBFlow(groupID binding.GroupIDType, svcIP net.IP, svcPor
 		lbResultMark = EpSelectedRegMark
 	}
 
-	return c.pipeline[serviceLBTable].BuildFlow(priorityNormal).
+	return getTableByTableID(serviceLBTable).BuildFlow(priorityNormal).
 		MatchProtocol(protocol).
 		MatchDstPort(svcPort, nil).
 		MatchDstIP(svcIP).
@@ -2063,7 +2046,7 @@ func (c *client) serviceLBFlow(groupID binding.GroupIDType, svcIP net.IP, svcPor
 func (c *client) endpointDNATFlow(endpointIP net.IP, endpointPort uint16, protocol binding.Protocol) binding.Flow {
 	ipProtocol := getIPProtocol(endpointIP)
 	unionVal := (EpSelectedRegMark.GetValue() << EndpointPortField.GetRange().Length()) + uint32(endpointPort)
-	table := c.pipeline[endpointDNATTable]
+	table := getTableByTableID(endpointDNATTable)
 
 	flowBuilder := table.BuildFlow(priorityNormal).
 		Cookie(c.cookieAllocator.Request(cookie.Service).Raw()).
@@ -2096,7 +2079,7 @@ func (c *client) hairpinSNATFlow(endpointIP net.IP) binding.Flow {
 	if ipProtocol == binding.ProtocolIPv6 {
 		hpIP = hairpinIPv6
 	}
-	return c.pipeline[hairpinSNATTable].BuildFlow(priorityNormal).
+	return getTableByTableID(hairpinSNATTable).BuildFlow(priorityNormal).
 		Cookie(c.cookieAllocator.Request(cookie.Service).Raw()).
 		MatchProtocol(ipProtocol).
 		MatchDstIP(endpointIP).
@@ -2151,7 +2134,7 @@ func (c *client) serviceEndpointGroup(groupID binding.GroupIDType, withSessionAf
 // TTL already for such packets.
 func (c *client) decTTLFlows(category cookie.Category) []binding.Flow {
 	var flows []binding.Flow
-	decTTLTable := c.pipeline[l3DecTTLTable]
+	decTTLTable := getTableByTableID(l3DecTTLTable)
 	for _, proto := range c.ipProtocols {
 		flows = append(flows,
 			// Skip packets from the gateway interface.
@@ -2208,49 +2191,48 @@ func (c *client) genPacketInMeter(meterID binding.MeterIDType, rate uint32) bind
 
 func (c *client) generatePipeline() {
 	bridge := c.bridge
-	c.pipeline = map[binding.TableIDType]binding.Table{
-		ClassifierTable:    bridge.CreateTable(ClassifierTable, spoofGuardTable, binding.TableMissActionDrop),
-		arpResponderTable:  bridge.CreateTable(arpResponderTable, binding.LastTableID, binding.TableMissActionDrop),
-		conntrackTable:     bridge.CreateTable(conntrackTable, conntrackStateTable, binding.TableMissActionNone),
-		EgressRuleTable:    bridge.CreateTable(EgressRuleTable, EgressDefaultTable, binding.TableMissActionNext),
-		EgressDefaultTable: bridge.CreateTable(EgressDefaultTable, EgressMetricTable, binding.TableMissActionNext),
-		EgressMetricTable:  bridge.CreateTable(EgressMetricTable, l3ForwardingTable, binding.TableMissActionNext),
-		l3ForwardingTable:  bridge.CreateTable(l3ForwardingTable, l2ForwardingCalcTable, binding.TableMissActionNext),
-		l3DecTTLTable:      bridge.CreateTable(l3DecTTLTable, l2ForwardingCalcTable, binding.TableMissActionNext),
-		// Packets from l2ForwardingCalcTable should be forwarded to IngressMetricTable by default to collect ingress stats.
-		l2ForwardingCalcTable: bridge.CreateTable(l2ForwardingCalcTable, IngressMetricTable, binding.TableMissActionNext),
-		IngressRuleTable:      bridge.CreateTable(IngressRuleTable, IngressDefaultTable, binding.TableMissActionNext),
-		IngressDefaultTable:   bridge.CreateTable(IngressDefaultTable, IngressMetricTable, binding.TableMissActionNext),
-		IngressMetricTable:    bridge.CreateTable(IngressMetricTable, conntrackCommitTable, binding.TableMissActionNext),
-		L2ForwardingOutTable:  bridge.CreateTable(L2ForwardingOutTable, binding.LastTableID, binding.TableMissActionDrop),
-	}
+	flowTableCache.Add(bridge.CreateTable(ClassifierTable, spoofGuardTable, binding.TableMissActionDrop))
+	flowTableCache.Add(bridge.CreateTable(arpResponderTable, binding.LastTableID, binding.TableMissActionDrop))
+	flowTableCache.Add(bridge.CreateTable(conntrackTable, conntrackStateTable, binding.TableMissActionNone))
+	flowTableCache.Add(bridge.CreateTable(EgressRuleTable, EgressDefaultTable, binding.TableMissActionNext))
+	flowTableCache.Add(bridge.CreateTable(EgressDefaultTable, EgressMetricTable, binding.TableMissActionNext))
+	flowTableCache.Add(bridge.CreateTable(EgressMetricTable, l3ForwardingTable, binding.TableMissActionNext))
+	flowTableCache.Add(bridge.CreateTable(l3ForwardingTable, l2ForwardingCalcTable, binding.TableMissActionNext))
+	flowTableCache.Add(bridge.CreateTable(l3ForwardingTable, l2ForwardingCalcTable, binding.TableMissActionNext))
+	flowTableCache.Add(bridge.CreateTable(l3DecTTLTable, l2ForwardingCalcTable, binding.TableMissActionNext))
+	// Packets from l2ForwardingCalcTable should be forwarded to IngressMetricTable by default to collect ingress stats.
+	flowTableCache.Add(bridge.CreateTable(l2ForwardingCalcTable, IngressMetricTable, binding.TableMissActionNext))
+	flowTableCache.Add(bridge.CreateTable(IngressRuleTable, IngressDefaultTable, binding.TableMissActionNext))
+	flowTableCache.Add(bridge.CreateTable(IngressDefaultTable, IngressMetricTable, binding.TableMissActionNext))
+	flowTableCache.Add(bridge.CreateTable(IngressMetricTable, conntrackCommitTable, binding.TableMissActionNext))
+	flowTableCache.Add(bridge.CreateTable(L2ForwardingOutTable, binding.LastTableID, binding.TableMissActionDrop))
 	if c.enableProxy {
-		c.pipeline[spoofGuardTable] = bridge.CreateTable(spoofGuardTable, serviceHairpinTable, binding.TableMissActionDrop)
-		c.pipeline[ipv6Table] = bridge.CreateTable(ipv6Table, serviceHairpinTable, binding.TableMissActionNext)
-		c.pipeline[serviceHairpinTable] = bridge.CreateTable(serviceHairpinTable, conntrackTable, binding.TableMissActionNext)
-		c.pipeline[conntrackStateTable] = bridge.CreateTable(conntrackStateTable, endpointDNATTable, binding.TableMissActionNext)
-		c.pipeline[sessionAffinityTable] = bridge.CreateTable(sessionAffinityTable, binding.LastTableID, binding.TableMissActionNone)
-		c.pipeline[serviceLBTable] = bridge.CreateTable(serviceLBTable, endpointDNATTable, binding.TableMissActionNext)
-		c.pipeline[endpointDNATTable] = bridge.CreateTable(endpointDNATTable, c.egressEntryTable, binding.TableMissActionNext)
-		c.pipeline[conntrackCommitTable] = bridge.CreateTable(conntrackCommitTable, hairpinSNATTable, binding.TableMissActionNext)
-		c.pipeline[hairpinSNATTable] = bridge.CreateTable(hairpinSNATTable, L2ForwardingOutTable, binding.TableMissActionNext)
+		flowTableCache.Add(bridge.CreateTable(spoofGuardTable, serviceHairpinTable, binding.TableMissActionDrop))
+		flowTableCache.Add(bridge.CreateTable(ipv6Table, serviceHairpinTable, binding.TableMissActionNext))
+		flowTableCache.Add(bridge.CreateTable(serviceHairpinTable, conntrackTable, binding.TableMissActionNext))
+		flowTableCache.Add(bridge.CreateTable(conntrackStateTable, endpointDNATTable, binding.TableMissActionNext))
+		flowTableCache.Add(bridge.CreateTable(sessionAffinityTable, binding.LastTableID, binding.TableMissActionNone))
+		flowTableCache.Add(bridge.CreateTable(serviceLBTable, endpointDNATTable, binding.TableMissActionNext))
+		flowTableCache.Add(bridge.CreateTable(endpointDNATTable, c.egressEntryTable, binding.TableMissActionNext))
+		flowTableCache.Add(bridge.CreateTable(conntrackCommitTable, hairpinSNATTable, binding.TableMissActionNext))
+		flowTableCache.Add(bridge.CreateTable(hairpinSNATTable, L2ForwardingOutTable, binding.TableMissActionNext))
 	} else {
-		c.pipeline[spoofGuardTable] = bridge.CreateTable(spoofGuardTable, conntrackTable, binding.TableMissActionDrop)
-		c.pipeline[ipv6Table] = bridge.CreateTable(ipv6Table, conntrackTable, binding.TableMissActionNext)
-		c.pipeline[conntrackStateTable] = bridge.CreateTable(conntrackStateTable, dnatTable, binding.TableMissActionNext)
-		c.pipeline[dnatTable] = bridge.CreateTable(dnatTable, c.egressEntryTable, binding.TableMissActionNext)
-		c.pipeline[conntrackCommitTable] = bridge.CreateTable(conntrackCommitTable, L2ForwardingOutTable, binding.TableMissActionNext)
+		flowTableCache.Add(bridge.CreateTable(spoofGuardTable, conntrackTable, binding.TableMissActionDrop))
+		flowTableCache.Add(bridge.CreateTable(ipv6Table, conntrackTable, binding.TableMissActionNext))
+		flowTableCache.Add(bridge.CreateTable(conntrackStateTable, dnatTable, binding.TableMissActionNext))
+		flowTableCache.Add(bridge.CreateTable(dnatTable, c.egressEntryTable, binding.TableMissActionNext))
+		flowTableCache.Add(bridge.CreateTable(conntrackCommitTable, L2ForwardingOutTable, binding.TableMissActionNext))
 	}
 	// The default SNAT is implemented with OVS on Windows.
 	if c.enableEgress || runtime.IsWindowsPlatform() {
-		c.pipeline[snatTable] = bridge.CreateTable(snatTable, l2ForwardingCalcTable, binding.TableMissActionNext)
+		flowTableCache.Add(bridge.CreateTable(snatTable, l2ForwardingCalcTable, binding.TableMissActionNext))
 	}
 	if runtime.IsWindowsPlatform() {
-		c.pipeline[uplinkTable] = bridge.CreateTable(uplinkTable, spoofGuardTable, binding.TableMissActionNone)
+		flowTableCache.Add(bridge.CreateTable(uplinkTable, spoofGuardTable, binding.TableMissActionNone))
 	}
 	if c.enableAntreaPolicy {
-		c.pipeline[AntreaPolicyEgressRuleTable] = bridge.CreateTable(AntreaPolicyEgressRuleTable, EgressRuleTable, binding.TableMissActionNext)
-		c.pipeline[AntreaPolicyIngressRuleTable] = bridge.CreateTable(AntreaPolicyIngressRuleTable, IngressRuleTable, binding.TableMissActionNext)
+		flowTableCache.Add(bridge.CreateTable(AntreaPolicyEgressRuleTable, EgressRuleTable, binding.TableMissActionNext))
+		flowTableCache.Add(bridge.CreateTable(AntreaPolicyIngressRuleTable, IngressRuleTable, binding.TableMissActionNext))
 	}
 }
 
diff --git a/pkg/agent/openflow/pipeline_windows.go b/pkg/agent/openflow/pipeline_windows.go
index a31e552526b..bd7941b0faf 100644
--- a/pkg/agent/openflow/pipeline_windows.go
+++ b/pkg/agent/openflow/pipeline_windows.go
@@ -48,7 +48,7 @@ var (
 
 func (c *client) snatMarkFlows(snatIP net.IP, mark uint32) []binding.Flow {
 	snatIPRange := &binding.IPRange{StartIP: snatIP, EndIP: snatIP}
-	ctCommitTable := c.pipeline[conntrackCommitTable]
+	ctCommitTable := getTableByTableID(conntrackCommitTable)
 	nextTable := ctCommitTable.GetNext()
 	flows := []binding.Flow{
 		c.snatIPFromTunnelFlow(snatIP, mark),
@@ -82,12 +82,12 @@ func (c *client) snatMarkFlows(snatIP net.IP, mark uint32) []binding.Flow {
 // outside.
 func (c *client) hostBridgeUplinkFlows(localSubnet net.IPNet, category cookie.Category) (flows []binding.Flow) {
 	flows = []binding.Flow{
-		c.pipeline[ClassifierTable].BuildFlow(priorityNormal).
+		getTableByTableID(ClassifierTable).BuildFlow(priorityNormal).
 			MatchInPort(config.UplinkOFPort).
 			Action().Output(config.BridgeOFPort).
 			Cookie(c.cookieAllocator.Request(category).Raw()).
 			Done(),
-		c.pipeline[ClassifierTable].BuildFlow(priorityNormal).
+		getTableByTableID(ClassifierTable).BuildFlow(priorityNormal).
 			MatchInPort(config.BridgeOFPort).
 			Action().Output(config.UplinkOFPort).
 			Cookie(c.cookieAllocator.Request(category).Raw()).
@@ -96,7 +96,7 @@ func (c *client) hostBridgeUplinkFlows(localSubnet net.IPNet, category cookie.Ca
 	if c.encapMode.SupportsNoEncap() {
 		// If NoEncap is enabled, the reply packets from remote Pod can be forwarded to local Pod directly.
 		// by explicitly resubmitting them to serviceHairpinTable and marking "macRewriteMark" at same time.
-		flows = append(flows, c.pipeline[ClassifierTable].BuildFlow(priorityHigh).MatchProtocol(binding.ProtocolIP).
+		flows = append(flows, getTableByTableID(ClassifierTable).BuildFlow(priorityHigh).MatchProtocol(binding.ProtocolIP).
 			MatchInPort(config.UplinkOFPort).
 			MatchDstIPNet(localSubnet).
 			Action().LoadRegMark(FromUplinkRegMark).
@@ -112,9 +112,9 @@ func (c *client) l3FwdFlowToRemoteViaRouting(localGatewayMAC net.HardwareAddr, r
 	category cookie.Category, peerIP net.IP, peerPodCIDR *net.IPNet) []binding.Flow {
 	if c.encapMode.NeedsDirectRoutingToPeer(peerIP, c.nodeConfig.NodeTransportIPAddr) && remoteGatewayMAC != nil {
 		ipProto := getIPProtocol(peerIP)
-		l3FwdTable := c.pipeline[l3ForwardingTable]
+		l3FwdTable := getTableByTableID(l3ForwardingTable)
 		// It enhances Windows Noencap mode performance by bypassing host network.
-		flows := []binding.Flow{c.pipeline[l2ForwardingCalcTable].BuildFlow(priorityNormal).
+		flows := []binding.Flow{getTableByTableID(l2ForwardingCalcTable).BuildFlow(priorityNormal).
 			MatchDstMAC(remoteGatewayMAC).
 			Action().LoadToRegField(TargetOFPortField, config.UplinkOFPort).
 			Action().LoadRegMark(OFPortFoundRegMark).
diff --git a/pkg/agent/querier/querier.go b/pkg/agent/querier/querier.go
index e1b4a138c5b..9ad97ca6b02 100644
--- a/pkg/agent/querier/querier.go
+++ b/pkg/agent/querier/querier.go
@@ -15,8 +15,6 @@
 package querier
 
 import (
-	"strconv"
-
 	v1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	clientset "k8s.io/client-go/kubernetes"
@@ -136,7 +134,7 @@ func (aq agentQuerier) getOVSFlowTable() map[string]int32 {
 	flowTable := make(map[string]int32)
 	flowTableStatus := aq.ofClient.GetFlowTableStatus()
 	for _, tableStatus := range flowTableStatus {
-		flowTable[strconv.Itoa(int(tableStatus.ID))] = int32(tableStatus.FlowCount)
+		flowTable[tableStatus.Name] = int32(tableStatus.FlowCount)
 	}
 	return flowTable
 }
diff --git a/pkg/agent/querier/querier_test.go b/pkg/agent/querier/querier_test.go
index 2661398057b..ee8c1cd5814 100644
--- a/pkg/agent/querier/querier_test.go
+++ b/pkg/agent/querier/querier_test.go
@@ -50,6 +50,7 @@ func TestAgentQuerierGetAgentInfo(t *testing.T) {
 	ofClient.EXPECT().GetFlowTableStatus().Return([]binding.TableStatus{
 		{
 			ID:        1,
+			Name:      "1",
 			FlowCount: 2,
 		},
 	}).AnyTimes()
diff --git a/pkg/antctl/antctl.go b/pkg/antctl/antctl.go
index c08e3459e2a..188c32d7016 100644
--- a/pkg/antctl/antctl.go
+++ b/pkg/antctl/antctl.go
@@ -15,7 +15,6 @@
 package antctl
 
 import (
-	"fmt"
 	"reflect"
 
 	"antrea.io/antrea/pkg/agent/apiserver/handlers/agentinfo"
@@ -459,9 +458,5 @@ var CommandList = &commandList{
 }
 
 func generateFlowTableHelpMsg() string {
-	msg := ""
-	for _, t := range openflow.FlowTables {
-		msg += fmt.Sprintf("\n  %d\t%s", uint32(t.Number), t.Name)
-	}
-	return msg
+	return openflow.PrintTableBaseInfo()
 }
diff --git a/pkg/ovs/openflow/interfaces.go b/pkg/ovs/openflow/interfaces.go
index c7e1ec2c2bd..9e2b910d07a 100644
--- a/pkg/ovs/openflow/interfaces.go
+++ b/pkg/ovs/openflow/interfaces.go
@@ -22,7 +22,10 @@ import (
 )
 
 type Protocol string
-type TableIDType uint8
+type TableIDType struct {
+	id   uint8
+	name string
+}
 type GroupIDType uint32
 type MeterIDType uint32
 
@@ -30,9 +33,9 @@ type MissActionType uint32
 type Range [2]uint32
 type OFOperation int
 
-const (
-	LastTableID TableIDType = 0xff
-	TableIDAll              = LastTableID
+var (
+	LastTableID = TableIDType{id: 0xff, name: "LastTable"}
+	TableIDAll  = LastTableID
 )
 
 const (
@@ -128,6 +131,7 @@ type Bridge interface {
 // TableStatus represents the status of a specific flow table. The status is useful for debugging.
 type TableStatus struct {
 	ID         uint      `json:"id"`
+	Name       string    `json:"name"`
 	FlowCount  uint      `json:"flowCount"`
 	UpdateTime time.Time `json:"updateTime"`
 }
diff --git a/pkg/ovs/openflow/ofctrl_action.go b/pkg/ovs/openflow/ofctrl_action.go
index fcc779dc7d2..6f51229a9b8 100644
--- a/pkg/ovs/openflow/ofctrl_action.go
+++ b/pkg/ovs/openflow/ofctrl_action.go
@@ -54,7 +54,7 @@ func (a *ofFlowAction) CT(commit bool, tableID TableIDType, zone int) CTAction {
 	base := ctBase{
 		commit:  commit,
 		force:   false,
-		ctTable: uint8(tableID),
+		ctTable: tableID.id,
 		ctZone:  uint16(zone),
 	}
 	ct := &ofCTAction{
@@ -277,7 +277,7 @@ func (a *ofFlowAction) MoveRange(fromField, toField string, fromRange, toRange R
 // Resubmit is an action to resubmit packet to the specified table with the port as new in_port. If port is empty string,
 // the in_port field is not changed.
 func (a *ofFlowAction) Resubmit(ofPort uint16, tableID TableIDType) FlowBuilder {
-	table := uint8(tableID)
+	table := tableID.id
 	resubmitAct := ofctrl.NewResubmit(&ofPort, &table)
 	a.builder.ApplyAction(resubmitAct)
 	return a.builder
@@ -346,7 +346,7 @@ func (a *ofFlowAction) Meter(meterID uint32) FlowBuilder {
 func (a *ofFlowAction) Learn(id TableIDType, priority uint16, idleTimeout, hardTimeout uint16, cookieID uint64) LearnAction {
 	la := &ofLearnAction{
 		flowBuilder: a.builder,
-		nxLearn:     ofctrl.NewLearnAction(uint8(id), priority, idleTimeout, hardTimeout, 0, 0, cookieID),
+		nxLearn:     ofctrl.NewLearnAction(id.id, priority, idleTimeout, hardTimeout, 0, 0, cookieID),
 	}
 	return la
 }
@@ -549,6 +549,6 @@ func getFieldRange(name string) (*openflow13.MatchField, Range, error) {
 
 // GotoTable is an action to jump to the specified table.
 func (a *ofFlowAction) GotoTable(table TableIDType) FlowBuilder {
-	a.builder.ofFlow.Goto(uint8(table))
+	a.builder.ofFlow.Goto(table.id)
 	return a.builder
 }
diff --git a/pkg/ovs/openflow/ofctrl_bridge.go b/pkg/ovs/openflow/ofctrl_bridge.go
index 5d5a3f992de..cf4386a93ea 100644
--- a/pkg/ovs/openflow/ofctrl_bridge.go
+++ b/pkg/ovs/openflow/ofctrl_bridge.go
@@ -41,7 +41,8 @@ func (t *ofTable) Status() TableStatus {
 	defer t.RUnlock()
 
 	return TableStatus{
-		ID:         uint(t.id),
+		ID:         uint(t.id.id),
+		Name:       t.id.name,
 		FlowCount:  t.flowCount,
 		UpdateTime: t.updateTime,
 	}
@@ -66,7 +67,7 @@ func (t *ofTable) UpdateStatus(flowCountDelta int) {
 	}
 
 	metrics.OVSTotalFlowCount.Add(float64(flowCountDelta))
-	metrics.OVSFlowCount.WithLabelValues(strconv.Itoa(int(t.id))).Add(float64(flowCountDelta))
+	metrics.OVSFlowCount.WithLabelValues(strconv.Itoa(int(t.id.id))).Add(float64(flowCountDelta))
 
 	t.updateTime = time.Now()
 }
@@ -77,7 +78,7 @@ func (t *ofTable) ResetStatus() {
 
 	t.flowCount = 0
 
-	metrics.OVSFlowCount.WithLabelValues(strconv.Itoa(int(t.id))).Set(0)
+	metrics.OVSFlowCount.WithLabelValues(strconv.Itoa(int(t.id.id))).Set(0)
 
 	t.updateTime = time.Now()
 }
@@ -129,7 +130,7 @@ type OFBridge struct {
 	// sync.RWMutex protects tableCache from concurrent modification and iteration.
 	sync.RWMutex
 	// tableCache is used to cache ofTables.
-	tableCache map[TableIDType]*ofTable
+	tableCache map[uint8]*ofTable
 
 	// ofSwitch is the target OFSwitch.
 	ofSwitch *ofctrl.OFSwitch
@@ -146,6 +147,7 @@ type OFBridge struct {
 	connected chan bool
 	// pktConsumers is a map from PacketIn reason to the channel that is used to publish the PacketIn message.
 	pktConsumers sync.Map
+	mpartRplChs  map[uint32]chan *openflow13.MultipartReply
 }
 
 func (b *OFBridge) CreateGroup(id GroupIDType) Group {
@@ -208,13 +210,13 @@ func (b *OFBridge) CreateTable(id, next TableIDType, missAction MissActionType)
 	b.Lock()
 	defer b.Unlock()
 
-	b.tableCache[id] = t
+	b.tableCache[id.id] = t
 	return t
 }
 
-// DeleteTable removes the table from ofctrl.OFSwitch, and remove from local cache.
+// *DeleteTable removes the table from ofctrl.OFSwitch, and remove from local cache.
 func (b *OFBridge) DeleteTable(id TableIDType) bool {
-	err := b.ofSwitch.DeleteTable(uint8(id))
+	err := b.ofSwitch.DeleteTable(id.id)
 	if err != nil {
 		return false
 	}
@@ -222,7 +224,7 @@ func (b *OFBridge) DeleteTable(id TableIDType) bool {
 	b.Lock()
 	defer b.Unlock()
 
-	delete(b.tableCache, id)
+	delete(b.tableCache, id.id)
 	return true
 }
 
@@ -269,6 +271,9 @@ func (b *OFBridge) SwitchConnected(sw *ofctrl.OFSwitch) {
 // MultipartReply is a callback when multipartReply message is received on ofctrl.OFSwitch is connected.
 // Client uses this method to handle the reply message if it has customized MultipartRequest message.
 func (b *OFBridge) MultipartReply(sw *ofctrl.OFSwitch, rep *openflow13.MultipartReply) {
+	if ch, ok := b.mpartRplChs[rep.Xid]; ok {
+		ch <- rep
+	}
 }
 
 func (b *OFBridge) SwitchDisconnected(sw *ofctrl.OFSwitch) {
@@ -284,9 +289,9 @@ func (b *OFBridge) initialize() {
 		if id == 0 {
 			table.Table = b.ofSwitch.DefaultTable()
 		} else {
-			ofTable, err := b.ofSwitch.NewTable(uint8(id))
+			ofTable, err := b.ofSwitch.NewTable(id)
 			if err != nil && err.Error() == ofTableExistsError {
-				ofTable = b.ofSwitch.GetTable(uint8(id))
+				ofTable = b.ofSwitch.GetTable(id)
 			}
 			table.Table = ofTable
 		}
@@ -294,6 +299,8 @@ func (b *OFBridge) initialize() {
 		table.ResetStatus()
 	}
 
+	b.queryTableFeatures()
+
 	metrics.OVSTotalFlowCount.Set(0)
 }
 
@@ -629,14 +636,85 @@ func (b *OFBridge) RetryInterval() time.Duration {
 	return b.retryInterval
 }
 
+func (b *OFBridge) queryTableFeatures() {
+	mpartRequest := &openflow13.MultipartRequest{
+		Header: openflow13.NewOfp13Header(),
+		Type:   openflow13.MultipartType_TableFeatures,
+		Flags:  0,
+	}
+	mpartRequest.Header.Type = openflow13.Type_MultiPartRequest
+	mpartRequest.Header.Length = mpartRequest.Len()
+	tableFeatureChan := make(chan *openflow13.MultipartReply)
+	b.mpartRplChs[mpartRequest.Header.Xid] = tableFeatureChan
+	go b.processTableFeatures(mpartRequest.Header.Xid, tableFeatureChan)
+	b.ofSwitch.Send(mpartRequest)
+}
+
+func (b *OFBridge) processTableFeatures(xid uint32, ch chan *openflow13.MultipartReply) {
+	header := openflow13.NewOfp13Header()
+	header.Type = openflow13.Type_MultiPartRequest
+	requests := make([]*openflow13.MultipartRequest, 0)
+	tableCount := 0
+	for tableCount < int(LastTableID.id-1) {
+		select {
+		case rpl := <-ch:
+			request := &openflow13.MultipartRequest{
+				Header: header,
+				Type:   openflow13.MultipartType_TableFeatures,
+				Flags:  1,
+			}
+			for _, body := range rpl.Body {
+				request.Body = append(request.Body, body)
+			}
+			tableCount += len(rpl.Body)
+			request.Length = request.Len()
+			requests = append(requests, request)
+		}
+	}
+	close(ch)
+	delete(b.mpartRplChs, xid)
+	for i := range requests {
+		req := requests[i]
+		for _, body := range req.Body {
+			tableFeature := body.(*openflow13.OFPTableFeatures)
+			// Modify table name if the table is in the pipeline, otherwise use the default table features.
+			// OVS doesn't allow to skip any table except the hidden table (always the last table) in a table_features
+			// request. So use the table features which is got from the initial query result for the tables that Antrea
+			// doesn't define in the pipeline.
+			if t, ok := b.tableCache[tableFeature.TableID]; ok {
+				// Set table name with the configured value.
+				copy(tableFeature.Name[0:], t.id.name)
+			}
+
+		}
+		if i == (len(requests) - 1) {
+			req.Flags = 0
+		}
+		b.ofSwitch.Send(req)
+	}
+}
+
 func NewOFBridge(br string, mgmtAddr string) Bridge {
 	s := &OFBridge{
 		bridgeName:    br,
 		mgmtAddr:      mgmtAddr,
-		tableCache:    make(map[TableIDType]*ofTable),
+		tableCache:    make(map[uint8]*ofTable),
 		retryInterval: 1 * time.Second,
 		pktConsumers:  sync.Map{},
+		mpartRplChs:   make(map[uint32]chan *openflow13.MultipartReply),
 	}
 	s.controller = ofctrl.NewController(s)
 	return s
 }
+
+func NewTableIDType(id uint8, name string) TableIDType {
+	return TableIDType{id: id, name: name}
+}
+
+func (id TableIDType) GetID() uint8 {
+	return id.id
+}
+
+func (id TableIDType) GetName() string {
+	return id.name
+}
diff --git a/pkg/ovs/openflow/ofctrl_flow.go b/pkg/ovs/openflow/ofctrl_flow.go
index ca2297f8ea6..a52340b1b39 100644
--- a/pkg/ovs/openflow/ofctrl_flow.go
+++ b/pkg/ovs/openflow/ofctrl_flow.go
@@ -91,7 +91,7 @@ func (f *ofFlow) KeyString() string {
 }
 
 func (f *ofFlow) MatchString() string {
-	repr := fmt.Sprintf("table=%d", f.table.GetID())
+	repr := fmt.Sprintf("table=%d", f.table.id.id)
 	if f.protocol != "" {
 		repr = fmt.Sprintf("%s,%s", repr, f.protocol)
 	}
diff --git a/pkg/ovs/openflow/ofctrl_flow_test.go b/pkg/ovs/openflow/ofctrl_flow_test.go
index 789013fa9b6..f1c413ef605 100644
--- a/pkg/ovs/openflow/ofctrl_flow_test.go
+++ b/pkg/ovs/openflow/ofctrl_flow_test.go
@@ -6,12 +6,16 @@ import (
 	"github.com/stretchr/testify/assert"
 )
 
-var testField = NewRegField(1, 0, 15, "testField")
+var (
+	testField = NewRegField(1, 0, 15, "testField")
+	t0        = TableIDType{id: 0, name: "table-0"}
+	t1        = TableIDType{id: 1, name: "table-1"}
+)
 
 func TestCopyToBuilder(t *testing.T) {
 	table := &ofTable{
-		id:   0,
-		next: 1,
+		id:   t0,
+		next: t1,
 	}
 	mark := NewCTMark(12345, 0, 31)
 	oriFlow := table.BuildFlow(uint16(100)).MatchProtocol(ProtocolIP).
@@ -20,7 +24,7 @@ func TestCopyToBuilder(t *testing.T) {
 		MatchCTStateNew(true).MatchCTStateTrk(true).
 		Action().CT(
 		true,
-		1,
+		t1,
 		0x1234).
 		LoadToCtMark(mark).
 		MoveToLabel(NxmFieldSrcMAC, &Range{0, 47}, &Range{0, 47}).CTDone().
@@ -35,8 +39,8 @@ func TestCopyToBuilder(t *testing.T) {
 
 func TestCopyToBuilder_Drop(t *testing.T) {
 	table := &ofTable{
-		id:   0,
-		next: 1,
+		id:   t0,
+		next: t1,
 	}
 	oriFlow := table.BuildFlow(uint16(100)).MatchProtocol(ProtocolIP).
 		Cookie(uint64(1004)).
diff --git a/pkg/ovs/openflow/ofctrl_group.go b/pkg/ovs/openflow/ofctrl_group.go
index 4e1dbf2b88c..d3b35b9ee66 100644
--- a/pkg/ovs/openflow/ofctrl_group.go
+++ b/pkg/ovs/openflow/ofctrl_group.go
@@ -124,7 +124,7 @@ func (b *bucketBuilder) LoadRegMark(mark *RegMark) BucketBuilder {
 
 // ResubmitToTable is an action to resubmit packet to the specified table when the bucket is selected.
 func (b *bucketBuilder) ResubmitToTable(tableID TableIDType) BucketBuilder {
-	b.bucket.AddAction(openflow13.NewNXActionResubmitTableAction(openflow13.OFPP_IN_PORT, uint8(tableID)))
+	b.bucket.AddAction(openflow13.NewNXActionResubmitTableAction(openflow13.OFPP_IN_PORT, tableID.id))
 	return b
 }
 
diff --git a/pkg/ovs/ovsctl/interface.go b/pkg/ovs/ovsctl/interface.go
index 85abf16afc1..4854aa6f325 100644
--- a/pkg/ovs/ovsctl/interface.go
+++ b/pkg/ovs/ovsctl/interface.go
@@ -35,6 +35,9 @@ type TracingRequest struct {
 type OVSCtlClient interface {
 	// DumpFlows returns flows of the bridge.
 	DumpFlows(args ...string) ([]string, error)
+	// DumpFlowsWithoutTableNames returns flows of the bridge, and the table is shown as uint8 value in the result.
+	// This function is only used in test.
+	DumpFlowsWithoutTableNames(args ...string) ([]string, error)
 	// DumpMatchedFlows returns the flow which exactly matches the matchStr.
 	DumpMatchedFlow(matchStr string) (string, error)
 	// DumpTableFlows returns all flows in the table.
diff --git a/pkg/ovs/ovsctl/ofctl.go b/pkg/ovs/ovsctl/ofctl.go
index f54ebfb61a4..abe50a53211 100644
--- a/pkg/ovs/ovsctl/ofctl.go
+++ b/pkg/ovs/ovsctl/ofctl.go
@@ -28,12 +28,28 @@ func (c *ovsCtlClient) DumpFlows(args ...string) ([]string, error) {
 	if err != nil {
 		return nil, err
 	}
+	return c.parseFlowEntries(flowDump)
+}
+
+func (c *ovsCtlClient) DumpFlowsWithoutTableNames(args ...string) ([]string, error) {
+	flowDump, err := c.RunOfctlCmd("dump-flows", append(args, "--no-names")...)
+	if err != nil {
+		return nil, err
+	}
+	return c.parseFlowEntries(flowDump)
+}
 
+func (c *ovsCtlClient) parseFlowEntries(flowDump []byte) ([]string, error) {
 	scanner := bufio.NewScanner(strings.NewReader(string(flowDump)))
 	scanner.Split(bufio.ScanLines)
 	flowList := []string{}
 	for scanner.Scan() {
-		flowList = append(flowList, trimFlowStr(scanner.Text()))
+		flow := trimFlowStr(scanner.Text())
+		// Skip the non-flow line, which is printed when using parameter "--no-names" in tests.
+		if strings.Contains(flow, "NXST_FLOW reply") || strings.Contains(flow, "OFPST_FLOW reply") {
+			continue
+		}
+		flowList = append(flowList, flow)
 	}
 	return flowList, nil
 }
diff --git a/pkg/ovs/ovsctl/testing/mock_ovsctl.go b/pkg/ovs/ovsctl/testing/mock_ovsctl.go
index 7b1f3cc7e95..05e0663d8a9 100644
--- a/pkg/ovs/ovsctl/testing/mock_ovsctl.go
+++ b/pkg/ovs/ovsctl/testing/mock_ovsctl.go
@@ -67,6 +67,25 @@ func (mr *MockOVSCtlClientMockRecorder) DumpFlows(arg0 ...interface{}) *gomock.C
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DumpFlows", reflect.TypeOf((*MockOVSCtlClient)(nil).DumpFlows), arg0...)
 }
 
+// DumpFlowsWithoutTableNames mocks base method
+func (m *MockOVSCtlClient) DumpFlowsWithoutTableNames(arg0 ...string) ([]string, error) {
+	m.ctrl.T.Helper()
+	varargs := []interface{}{}
+	for _, a := range arg0 {
+		varargs = append(varargs, a)
+	}
+	ret := m.ctrl.Call(m, "DumpFlowsWithoutTableNames", varargs...)
+	ret0, _ := ret[0].([]string)
+	ret1, _ := ret[1].(error)
+	return ret0, ret1
+}
+
+// DumpFlowsWithoutTableNames indicates an expected call of DumpFlowsWithoutTableNames
+func (mr *MockOVSCtlClientMockRecorder) DumpFlowsWithoutTableNames(arg0 ...interface{}) *gomock.Call {
+	mr.mock.ctrl.T.Helper()
+	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DumpFlowsWithoutTableNames", reflect.TypeOf((*MockOVSCtlClient)(nil).DumpFlowsWithoutTableNames), arg0...)
+}
+
 // DumpGroup mocks base method
 func (m *MockOVSCtlClient) DumpGroup(arg0 uint32) (string, error) {
 	m.ctrl.T.Helper()
diff --git a/plugins/octant/go.sum b/plugins/octant/go.sum
index 5aa3133e9b0..ddab63c95ee 100644
--- a/plugins/octant/go.sum
+++ b/plugins/octant/go.sum
@@ -1,5 +1,6 @@
-antrea.io/libOpenflow v0.2.0/go.mod h1:CzEJZxDNAupiGxeL5VOw92PsxfyvehEAvE3PiC6gr8o=
-antrea.io/ofnet v0.1.0/go.mod h1:fLmHHD9XWeVza2pz/HEdLkGyA7pNutxlXCqodlwWQsA=
+antrea.io/libOpenflow v0.3.0/go.mod h1:CzEJZxDNAupiGxeL5VOw92PsxfyvehEAvE3PiC6gr8o=
+antrea.io/libOpenflow v0.3.1/go.mod h1:CzEJZxDNAupiGxeL5VOw92PsxfyvehEAvE3PiC6gr8o=
+antrea.io/ofnet v0.2.0/go.mod h1:t9GyuMB4FWTdC54ChMWP/146nRJfX1YHPGP49EYEa1s=
 cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
 cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
 cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU=
diff --git a/test/integration/agent/openflow_test.go b/test/integration/agent/openflow_test.go
index b44329c6b25..b4b2bb9573e 100644
--- a/test/integration/agent/openflow_test.go
+++ b/test/integration/agent/openflow_test.go
@@ -733,11 +733,11 @@ func checkConjunctionFlows(t *testing.T, ruleTable uint8, dropTable uint8, allow
 	conjunctionActionMatch := fmt.Sprintf("priority=%d,conj_id=%d,ip", priority-10, ruleID)
 	conjReg := 6
 	nextTable := ofClient.IngressMetricTable
-	if ruleTable == uint8(ofClient.EgressRuleTable) {
+	if ruleTable == ofClient.EgressRuleTable.GetID() {
 		nextTable = ofClient.EgressMetricTable
 	}
 
-	flow := &ofTestUtils.ExpectFlow{MatchStr: conjunctionActionMatch, ActStr: fmt.Sprintf("load:0x%x->NXM_NX_REG%d[],ct(commit,table=%d,zone=65520,exec(load:0x%x->NXM_NX_CT_LABEL[0..31])", ruleID, conjReg, nextTable, ruleID)}
+	flow := &ofTestUtils.ExpectFlow{MatchStr: conjunctionActionMatch, ActStr: fmt.Sprintf("load:0x%x->NXM_NX_REG%d[],ct(commit,table=%d,zone=65520,exec(load:0x%x->NXM_NX_CT_LABEL[0..31])", ruleID, conjReg, nextTable.GetID(), ruleID)}
 	testFunc(t, ofTestUtils.OfctlFlowMatch(flowList, ruleTable, flow), "Failed to update conjunction action flow")
 
 	useIPv4 := false
diff --git a/test/integration/ovs/ofctrl_test.go b/test/integration/ovs/ofctrl_test.go
index 7d20006a944..70b1c112e25 100644
--- a/test/integration/ovs/ofctrl_test.go
+++ b/test/integration/ovs/ofctrl_test.go
@@ -67,6 +67,12 @@ var (
 	vMAC, _          = net.ParseMAC("aa:bb:cc:dd:ee:ff")
 
 	ipDSCP = uint8(10)
+
+	t0 = binding.NewTableIDType(0, "table-0")
+	t1 = binding.NewTableIDType(1, "table-1")
+	t2 = binding.NewTableIDType(2, "table-2")
+	t3 = binding.NewTableIDType(3, "table-3")
+	t4 = binding.NewTableIDType(4, "table-4")
 )
 
 func newOFBridge(brName string) binding.Bridge {
@@ -88,7 +94,7 @@ func TestDeleteFlowStrict(t *testing.T) {
 	}()
 
 	bridge := newOFBridge(br)
-	table = bridge.CreateTable(3, 4, binding.TableMissActionNext)
+	table = bridge.CreateTable(t3, t4, binding.TableMissActionNext)
 
 	err = bridge.Connect(maxRetry, make(chan struct{}))
 	if err != nil {
@@ -128,7 +134,7 @@ func prepareOverlapFlows(table binding.Table, ipStr string, sameCookie bool) ([]
 	expectFlows := []*ExpectFlow{
 		{"priority=200,ip", "drop"},
 		{fmt.Sprintf("priority=200,ip,nw_src=%s", ipStr),
-			fmt.Sprintf("goto_table:%d", table.GetNext())},
+			fmt.Sprintf("goto_table:%d", table.GetNext().GetID())},
 	}
 	return flows, expectFlows
 }
@@ -139,7 +145,7 @@ func testDeleteSingleFlow(t *testing.T, ovsCtlClient ovsctl.OVSCtlClient, table
 			t.Fatalf("Failed to install flow%d: %v", id, err)
 		}
 	}
-	dumpTable := uint8(table.GetID())
+	dumpTable := table.GetID().GetID()
 	CheckFlowExists(t, ovsCtlClient, dumpTable, true, expectFlows)
 
 	err := flows[0].Delete()
@@ -177,8 +183,8 @@ func TestOFctrlFlow(t *testing.T) {
 	}()
 
 	bridge := newOFBridge(br)
-	table1 := bridge.CreateTable(1, 2, binding.TableMissActionNext)
-	table2 := bridge.CreateTable(2, 3, binding.TableMissActionNext)
+	table1 := bridge.CreateTable(t1, t2, binding.TableMissActionNext)
+	table2 := bridge.CreateTable(t2, t3, binding.TableMissActionNext)
 
 	err = bridge.Connect(maxRetry, make(chan struct{}))
 	if err != nil {
@@ -201,7 +207,7 @@ func TestOFctrlFlow(t *testing.T) {
 			}
 		}
 
-		dumpTable := uint8(myTable.GetID())
+		dumpTable := myTable.GetID().GetID()
 		flowList := CheckFlowExists(t, ovsCtlClient, dumpTable, true, expectflows)
 
 		// Test: DumpTableStatus
@@ -234,7 +240,7 @@ func TestOFctrlFlow(t *testing.T) {
 		if err != nil {
 			t.Errorf("Failed to DeleteFlowsByCookie: %v", err)
 		}
-		flowList, _ = OfctlDumpTableFlows(ovsCtlClient, uint8(myTable.GetID()))
+		flowList, _ = OfctlDumpTableFlows(ovsCtlClient, myTable.GetID().GetID())
 		if len(flowList) > 0 {
 			t.Errorf("Failed to delete flows by CookieID")
 		}
@@ -269,8 +275,8 @@ func TestOFctrlGroup(t *testing.T) {
 		resubmitTable binding.TableIDType
 	}{
 		"Normal": {
-			{weight: 100, reg2reg: [][4]uint32{{0, 1, 0, 31}, {1, 2, 15, 31}}, resubmitTable: 31},
-			{weight: 110, resubmitTable: 42},
+			{weight: 100, reg2reg: [][4]uint32{{0, 1, 0, 31}, {1, 2, 15, 31}}, resubmitTable: binding.NewTableIDType(31, "table31")},
+			{weight: 110, resubmitTable: binding.NewTableIDType(42, "table42")},
 		},
 	} {
 		t.Run(name, func(t *testing.T) {
@@ -278,7 +284,7 @@ func TestOFctrlGroup(t *testing.T) {
 			for _, bucket := range buckets {
 				require.NotZero(t, bucket.weight, "Weight value of a bucket must be specified")
 				bucketBuilder := group.Bucket().Weight(bucket.weight)
-				if bucket.resubmitTable != 0 {
+				if bucket.resubmitTable.GetID() != 0 {
 					bucketBuilder = bucketBuilder.ResubmitToTable(bucket.resubmitTable)
 				}
 				for _, loading := range bucket.reg2reg {
@@ -304,8 +310,8 @@ func TestOFctrlGroup(t *testing.T) {
 					loadStr := fmt.Sprintf("load:0x%x->NXM_NX_REG%d%s", loading[1], loading[0], rngStr)
 					assert.Contains(t, dumpedGroup[i+1], loadStr)
 				}
-				if bucket.resubmitTable != 0 {
-					resubmitStr := fmt.Sprintf("resubmit(,%d)", bucket.resubmitTable)
+				if bucket.resubmitTable.GetID() != 0 {
+					resubmitStr := fmt.Sprintf("resubmit(,%d)", bucket.resubmitTable.GetID())
 					assert.Contains(t, dumpedGroup[i+1], resubmitStr)
 				}
 			}
@@ -328,7 +334,7 @@ func TestTransactions(t *testing.T) {
 	}()
 
 	bridge := newOFBridge(br)
-	table = bridge.CreateTable(2, 3, binding.TableMissActionNext)
+	table = bridge.CreateTable(t2, t3, binding.TableMissActionNext)
 
 	err = bridge.Connect(maxRetry, make(chan struct{}))
 	require.Nil(t, err, "Failed to start OFService")
@@ -339,7 +345,7 @@ func TestTransactions(t *testing.T) {
 	flows, expectflows := prepareFlows(table)
 	err = bridge.AddFlowsInBundle(flows, nil, nil)
 	require.Nil(t, err, fmt.Sprintf("Failed to add flows in a transaction: %v", err))
-	dumpTable := uint8(table.GetID())
+	dumpTable := table.GetID().GetID()
 	flowList := CheckFlowExists(t, ovsCtlClient, dumpTable, true, expectflows)
 
 	// Test: DumpTableStatus
@@ -354,7 +360,7 @@ func TestTransactions(t *testing.T) {
 	// Delete flows in a bundle
 	err = bridge.AddFlowsInBundle(nil, nil, flows)
 	require.Nil(t, err, fmt.Sprintf("Failed to delete flows in a transaction: %v", err))
-	dumpTable = uint8(table.GetID())
+	dumpTable = table.GetID().GetID()
 	flowList = CheckFlowExists(t, ovsCtlClient, dumpTable, false, expectflows)
 
 	for _, tableStates := range bridge.DumpTableStatus() {
@@ -387,7 +393,7 @@ func TestBundleErrorWhenOVSRestart(t *testing.T) {
 	}()
 
 	bridge := newOFBridge(br)
-	table = bridge.CreateTable(2, 3, binding.TableMissActionNext)
+	table = bridge.CreateTable(t2, t3, binding.TableMissActionNext)
 
 	err = bridge.Connect(maxRetry, make(chan struct{}))
 	require.Nil(t, err, "Failed to start OFService")
@@ -506,7 +512,7 @@ func TestBundleWithGroupAndFlow(t *testing.T) {
 	defer DeleteOVSBridge(br)
 
 	bridge := newOFBridge(br)
-	table = bridge.CreateTable(2, 3, binding.TableMissActionNext)
+	table = bridge.CreateTable(t2, t3, binding.TableMissActionNext)
 
 	err = bridge.Connect(maxRetry, make(chan struct{}))
 	require.Nil(t, err, "Failed to start OFService")
@@ -550,12 +556,12 @@ func TestBundleWithGroupAndFlow(t *testing.T) {
 	expectedGroupBuckets := []string{bucket0, bucket1}
 	err = bridge.AddOFEntriesInBundle([]binding.OFEntry{flow, group}, nil, nil)
 	require.Nil(t, err)
-	CheckFlowExists(t, ovsCtlClient, uint8(table.GetID()), true, expectedFlows)
+	CheckFlowExists(t, ovsCtlClient, table.GetID().GetID(), true, expectedFlows)
 	CheckGroupExists(t, ovsCtlClient, groupID, "select", expectedGroupBuckets, true)
 
 	err = bridge.AddOFEntriesInBundle(nil, nil, []binding.OFEntry{flow, group})
 	require.Nil(t, err)
-	CheckFlowExists(t, ovsCtlClient, uint8(table.GetID()), false, expectedFlows)
+	CheckFlowExists(t, ovsCtlClient, table.GetID().GetID(), false, expectedFlows)
 	CheckGroupExists(t, ovsCtlClient, groupID, "select", expectedGroupBuckets, false)
 }
 
@@ -566,8 +572,8 @@ func TestPacketOutIn(t *testing.T) {
 	defer DeleteOVSBridge(br)
 
 	bridge := newOFBridge(br)
-	table0 := bridge.CreateTable(0, 1, binding.TableMissActionNext)
-	table1 := bridge.CreateTable(1, 2, binding.TableMissActionNext)
+	table0 := bridge.CreateTable(t0, t1, binding.TableMissActionNext)
+	table1 := bridge.CreateTable(t1, t2, binding.TableMissActionNext)
 
 	err = bridge.Connect(maxRetry, make(chan struct{}))
 	require.Nil(t, err, "Failed to start OFService")
@@ -659,7 +665,7 @@ func TestTLVMap(t *testing.T) {
 	defer DeleteOVSBridge(br)
 
 	bridge := newOFBridge(br)
-	table := bridge.CreateTable(0, 1, binding.TableMissActionNext)
+	table := bridge.CreateTable(t0, t1, binding.TableMissActionNext)
 
 	ch := make(chan struct{})
 	err = bridge.Connect(maxRetry, ch)
@@ -681,11 +687,11 @@ func TestTLVMap(t *testing.T) {
 	expectedFlows := []*ExpectFlow{
 		{
 			MatchStr: "priority=100,ip,tun_metadata0=0x1234",
-			ActStr:   fmt.Sprintf("resubmit(,%d)", table.GetNext()),
+			ActStr:   fmt.Sprintf("resubmit(,%d)", table.GetNext().GetID()),
 		},
 	}
 	ovsCtlClient := ovsctl.NewClient(br)
-	CheckFlowExists(t, ovsCtlClient, uint8(table.GetID()), true, expectedFlows)
+	CheckFlowExists(t, ovsCtlClient, table.GetID().GetID(), true, expectedFlows)
 }
 
 func TestMoveTunMetadata(t *testing.T) {
@@ -695,7 +701,7 @@ func TestMoveTunMetadata(t *testing.T) {
 	//defer DeleteOVSBridge(br)
 
 	bridge := newOFBridge(br)
-	table := bridge.CreateTable(0, 1, binding.TableMissActionNext)
+	table := bridge.CreateTable(t0, t1, binding.TableMissActionNext)
 
 	err = bridge.Connect(maxRetry, make(chan struct{}))
 	require.Nil(t, err, "Failed to start OFService")
@@ -714,11 +720,11 @@ func TestMoveTunMetadata(t *testing.T) {
 	expectedFlows := []*ExpectFlow{
 		{
 			MatchStr: "priority=100,ip,tun_metadata0=0x1234",
-			ActStr:   fmt.Sprintf("move:NXM_NX_TUN_METADATA0[28..31]->NXM_NX_REG0[28..31],resubmit(,%d)", table.GetNext()),
+			ActStr:   fmt.Sprintf("move:NXM_NX_TUN_METADATA0[28..31]->NXM_NX_REG0[28..31],resubmit(,%d)", table.GetNext().GetID()),
 		},
 	}
 	ovsCtlClient := ovsctl.NewClient(br)
-	CheckFlowExists(t, ovsCtlClient, uint8(table.GetID()), true, expectedFlows)
+	CheckFlowExists(t, ovsCtlClient, table.GetID().GetID(), true, expectedFlows)
 }
 
 func TestFlowWithCTMatchers(t *testing.T) {
@@ -728,7 +734,9 @@ func TestFlowWithCTMatchers(t *testing.T) {
 	defer DeleteOVSBridge(br)
 
 	bridge := newOFBridge(br)
-	table = bridge.CreateTable(2, 3, binding.TableMissActionNext)
+	t2 := binding.NewTableIDType(2, "table-2")
+	t3 := binding.NewTableIDType(3, "table-3")
+	table = bridge.CreateTable(t2, t3, binding.TableMissActionNext)
 
 	err = bridge.Connect(maxRetry, make(chan struct{}))
 	require.Nil(t, err, "Failed to start OFService")
@@ -761,24 +769,24 @@ func TestFlowWithCTMatchers(t *testing.T) {
 	expectFlows := []*ExpectFlow{
 		{fmt.Sprintf("priority=%d,ct_state=+new,ct_nw_src=%s,ct_nw_dst=%s,ct_nw_proto=6,ct_tp_src=%d,ct_tp_dst=%d,ip",
 			priority, ctIPSrc.String(), ctIPDst.String(), ctPortSrc, ctPortDst),
-			fmt.Sprintf("resubmit(,%d)", table.GetNext()),
+			fmt.Sprintf("resubmit(,%d)", table.GetNext().GetID()),
 		},
 		{
 			fmt.Sprintf("priority=%d,ct_state=+est,ct_nw_src=%s,ct_nw_dst=%s,ct_nw_proto=6,ip",
 				priority, ctIPSrcNet.String(), ctIPDstNet.String()),
-			fmt.Sprintf("resubmit(,%d)", table.GetNext()),
+			fmt.Sprintf("resubmit(,%d)", table.GetNext().GetID()),
 		},
 	}
 	for _, f := range []binding.Flow{flow1, flow2} {
 		err = f.Add()
 		assert.Nil(t, err, "no error returned when adding flow")
 	}
-	CheckFlowExists(t, ofctlClient, uint8(table.GetID()), true, expectFlows)
+	CheckFlowExists(t, ofctlClient, table.GetID().GetID(), true, expectFlows)
 	for _, f := range []binding.Flow{flow1, flow2} {
 		err = f.Delete()
 		assert.Nil(t, err, "no error returned when deleting flow")
 	}
-	CheckFlowExists(t, ofctlClient, uint8(table.GetID()), false, expectFlows)
+	CheckFlowExists(t, ofctlClient, table.GetID().GetID(), false, expectFlows)
 }
 
 func TestNoteAction(t *testing.T) {
@@ -788,7 +796,7 @@ func TestNoteAction(t *testing.T) {
 	defer DeleteOVSBridge(br)
 
 	bridge := newOFBridge(br)
-	table = bridge.CreateTable(2, 3, binding.TableMissActionNext)
+	table = bridge.CreateTable(t2, t3, binding.TableMissActionNext)
 
 	err = bridge.Connect(maxRetry, make(chan struct{}))
 	require.Nil(t, err, "Failed to start OFService")
@@ -821,15 +829,15 @@ func TestNoteAction(t *testing.T) {
 	notesStr := convertNoteToHex(testNotes)
 	expectFlows := []*ExpectFlow{
 		{fmt.Sprintf("priority=%d,ip,nw_src=%s", priority, srcIP.String()),
-			fmt.Sprintf("note:%s,goto_table:%d", notesStr, table.GetNext())},
+			fmt.Sprintf("note:%s,goto_table:%d", notesStr, table.GetNext().GetID())},
 	}
 
 	err = flow1.Add()
 	assert.Nil(t, err, "expected no error when adding flow")
-	CheckFlowExists(t, ofctlClient, uint8(table.GetID()), true, expectFlows)
+	CheckFlowExists(t, ofctlClient, table.GetID().GetID(), true, expectFlows)
 	err = flow1.Delete()
 	assert.Nil(t, err, "expected no error when deleting flow")
-	CheckFlowExists(t, ofctlClient, uint8(table.GetID()), false, expectFlows)
+	CheckFlowExists(t, ofctlClient, table.GetID().GetID(), false, expectFlows)
 }
 
 func prepareFlows(table binding.Table) ([]binding.Flow, []*ExpectFlow) {
@@ -1003,7 +1011,7 @@ func prepareFlows(table binding.Table) ([]binding.Flow, []*ExpectFlow) {
 			Action().GotoTable(table.GetNext()).Done(),
 	)
 
-	gotoTableAction := fmt.Sprintf("goto_table:%d", table.GetNext())
+	gotoTableAction := fmt.Sprintf("goto_table:%d", table.GetNext().GetID())
 	var flowStrs []*ExpectFlow
 	flowStrs = append(flowStrs,
 		&ExpectFlow{"priority=190,in_port=3", fmt.Sprintf("load:0x2->NXM_NX_REG0[0..15],%s", gotoTableAction)},
@@ -1011,13 +1019,13 @@ func prepareFlows(table binding.Table) ([]binding.Flow, []*ExpectFlow) {
 		&ExpectFlow{"priority=200,ip,in_port=3,dl_src=aa:aa:aa:aa:aa:13,nw_src=192.168.1.3", gotoTableAction},
 		&ExpectFlow{"priority=200,arp,arp_tpa=192.168.2.1,arp_op=1", "move:NXM_OF_ETH_SRC[]->NXM_OF_ETH_DST[],set_field:aa:bb:cc:dd:ee:ff->eth_src,load:0x2->NXM_OF_ARP_OP[],move:NXM_NX_ARP_SHA[]->NXM_NX_ARP_THA[],set_field:aa:bb:cc:dd:ee:ff->arp_sha,move:NXM_OF_ARP_SPA[]->NXM_OF_ARP_TPA[],set_field:192.168.2.1->arp_spa,IN_PORT"},
 		&ExpectFlow{"priority=190,arp", "NORMAL"},
-		&ExpectFlow{"priority=200,tcp", fmt.Sprintf("learn(table=%d,idle_timeout=10,priority=190,delete_learned,cookie=0x1,eth_type=0x800,nw_proto=6,NXM_OF_TCP_DST[],NXM_NX_REG0[0..15]=0xfff,load:NXM_NX_REG0[0..15]->NXM_NX_REG0[0..15],load:0xffe->NXM_NX_REG0[16..31]),resubmit(,%d)", table.GetID(), table.GetID())},
-		&ExpectFlow{"priority=200,ip", fmt.Sprintf("ct(table=%d,zone=65520)", table.GetNext())},
+		&ExpectFlow{"priority=200,tcp", fmt.Sprintf("learn(table=%d,idle_timeout=10,priority=190,delete_learned,cookie=0x1,eth_type=0x800,nw_proto=6,NXM_OF_TCP_DST[],NXM_NX_REG0[0..15]=0xfff,load:NXM_NX_REG0[0..15]->NXM_NX_REG0[0..15],load:0xffe->NXM_NX_REG0[16..31]),resubmit(,%d)", table.GetID().GetID(), table.GetID().GetID())},
+		&ExpectFlow{"priority=200,ip", fmt.Sprintf("ct(table=%d,zone=65520)", table.GetNext().GetID())},
 		&ExpectFlow{"priority=210,ct_state=-new+trk,ct_mark=0x20/0xff,ip,reg0=0x1/0xffff", gotoTableAction},
-		&ExpectFlow{"priority=200,ct_state=+new+trk,ip,reg0=0x1/0xffff", fmt.Sprintf("ct(commit,table=%d,zone=65520,exec(load:0x20->NXM_NX_CT_MARK[0..7])", table.GetNext())},
+		&ExpectFlow{"priority=200,ct_state=+new+trk,ip,reg0=0x1/0xffff", fmt.Sprintf("ct(commit,table=%d,zone=65520,exec(load:0x20->NXM_NX_CT_MARK[0..7])", table.GetNext().GetID())},
 		&ExpectFlow{"priority=200,ct_state=-new+trk,ct_mark=0x20/0xff,ip", fmt.Sprintf("load:0xaaaaaaaaaa11->NXM_OF_ETH_DST[],%s", gotoTableAction)},
 		&ExpectFlow{"priority=200,ct_state=+new+inv,ip", "drop"},
-		&ExpectFlow{"priority=190,ct_state=+new+trk,ip", fmt.Sprintf("ct(commit,table=%d,zone=65520)", table.GetNext())},
+		&ExpectFlow{"priority=190,ct_state=+new+trk,ip", fmt.Sprintf("ct(commit,table=%d,zone=65520)", table.GetNext().GetID())},
 		&ExpectFlow{"priority=200,ip,dl_dst=aa:bb:cc:dd:ee:ff,nw_dst=192.168.1.3", fmt.Sprintf("set_field:aa:aa:aa:aa:aa:11->eth_src,set_field:aa:aa:aa:aa:aa:13->eth_dst,dec_ttl,%s", gotoTableAction)},
 		&ExpectFlow{"priority=200,ip,nw_dst=192.168.2.0/24", fmt.Sprintf("dec_ttl,set_field:aa:aa:aa:aa:aa:11->eth_src,set_field:aa:bb:cc:dd:ee:ff->eth_dst,set_field:10.1.1.2->tun_dst,%s", gotoTableAction)},
 		&ExpectFlow{"priority=200,ipv6,ipv6_dst=fd74:ca9b:172:21::/64", fmt.Sprintf("dec_ttl,set_field:aa:aa:aa:aa:aa:11->eth_src,set_field:aa:bb:cc:dd:ee:ff->eth_dst,set_field:20:ca9b:172:35::3->tun_ipv6_dst,%s", gotoTableAction)},
@@ -1088,22 +1096,22 @@ func prepareNATflows(table binding.Table) ([]binding.Flow, []*ExpectFlow) {
 	}
 
 	flowStrs := []*ExpectFlow{
-		{"priority=200,ip", fmt.Sprintf("ct(table=%d,zone=65520,nat)", table.GetNext())},
+		{"priority=200,ip", fmt.Sprintf("ct(table=%d,zone=65520,nat)", table.GetNext().GetID())},
 		{"priority=200,ip,reg0=0x20000/0x20000",
 			fmt.Sprintf("ct(commit,table=%d,zone=65520,nat(src=%s),exec(load:0x40->NXM_NX_CT_MARK[0..7]))",
-				table.GetNext(), natedIP1.String()),
+				table.GetNext().GetID(), natedIP1.String()),
 		},
 		{"priority=200,ip,reg0=0x40000/0x40000",
 			fmt.Sprintf("ct(commit,table=%d,zone=65520,nat(src=%s-%s),exec(load:0x40->NXM_NX_CT_MARK[0..7]))",
-				table.GetNext(), natedIP1.String(), natedIP2.String()),
+				table.GetNext().GetID(), natedIP1.String(), natedIP2.String()),
 		},
 		{"priority=200,ip,reg0=0x80000/0x80000",
 			fmt.Sprintf("ct(commit,table=%d,zone=65520,nat(dst=%s),exec(load:0x40->NXM_NX_CT_MARK[0..7]))",
-				table.GetNext(), natedIP1.String()),
+				table.GetNext().GetID(), natedIP1.String()),
 		},
 		{"priority=200,ip,reg0=0x100000/0x100000",
 			fmt.Sprintf("ct(commit,table=%d,zone=65520,nat(dst=%s-%s),exec(load:0x40->NXM_NX_CT_MARK[0..7]))",
-				table.GetNext(), natedIP1.String(), natedIP2.String()),
+				table.GetNext().GetID(), natedIP1.String(), natedIP2.String()),
 		},
 	}
 
diff --git a/test/integration/ovs/openflow_test_utils.go b/test/integration/ovs/openflow_test_utils.go
index 006ec36a785..514bde9185f 100644
--- a/test/integration/ovs/openflow_test_utils.go
+++ b/test/integration/ovs/openflow_test_utils.go
@@ -121,7 +121,7 @@ func formatFlowDump(rawFlows []string) []string {
 }
 
 func OfctlDumpFlows(ovsCtlClient ovsctl.OVSCtlClient, args ...string) ([]string, error) {
-	rawFlows, err := ovsCtlClient.DumpFlows(args...)
+	rawFlows, err := ovsCtlClient.DumpFlowsWithoutTableNames(args...)
 	if err != nil {
 		return nil, err
 	}
@@ -129,7 +129,7 @@ func OfctlDumpFlows(ovsCtlClient ovsctl.OVSCtlClient, args ...string) ([]string,
 }
 
 func OfctlDumpTableFlows(ovsCtlClient ovsctl.OVSCtlClient, table uint8) ([]string, error) {
-	rawFlows, err := ovsCtlClient.DumpTableFlows(table)
+	rawFlows, err := ovsCtlClient.DumpFlowsWithoutTableNames(fmt.Sprintf("table=%d", table))
 	if err != nil {
 		return nil, err
 	}