Policy engine 402 may include SDN flow master list 404 and/or router flow arbiter 406. The SDN flow master list, also known as the master data flow list, may include entries of flow criteria associated with authorized data flows. In one embodiment, each entry of the master data flow list 404 may include a timeout, which may indicate how long the data flow is estimated to be active. The timeout may be set based on the type of data flow. For example, a data flow associated with a messaging application, such as e-mail communications, may receive a shorter timeout than a video application. The messaging application may involve less frequent transmissions than the video application, which may be characterized as an elephant data flow. In another embodiment, each entry may also be associated with a timestamp, which may indicate when the entry was last inserted or updated in the master data flow list. Master data flow list 404 may communicate with router flow arbiter 406 to send flow criteria associated with authorized data flows to one or more routers. For example, links 408 and 410 may connect with two routers, which may also use these links to indicate to SDN controller 400 that the free entry count, or the number of free entries at the router is equal to or less than a threshold. Router flow arbiter 406 may also delay sending flow criteria to a router if the same flow criteria was previously sent to the same router within a delay or wait period. In this case, router flow arbiter 406 may not send any communication to the router to account for the latency of the link to the router and the router's ability to respond to a future data packet. In one embodiment, the flow criteria may be inserted into a queue. In another embodiment, the flow criteria may not be retained or discarded, and data packets associated with the data flow may be processed and forwarded normally until the wait period has expired. Although two links are shown, any number of links connected to any number of routers may be used.