In this blog post
Chandrasekar Balasubramanian & Suresh Ramanujam
As per Open Networking Foundation’s definition, Software-Defined Networking is the physical separation of the network control plane from the forwarding plane and where a control plane controls several devices.
In a traditional network architecture, individual network devices make traffic decisions (control plane) and forward packets/frames from one interface to another (data plane). Thus, they have all functions and processes related to both control plane and data plane.
But in Software-Defined Networking, the control plane and data plane are decoupled. The control plane is implemented in software which helps the network administrator to manage the traffic programmatically from a centralized location. The added advantage is that individual switches in the network do not require intervention of the network administrator to deliver the network services.
Software-Defined networking (SDN), makes networks agile and flexible. It provides better network control and hence enables the cloud computing service providers to respond quickly to ever changing business requirements. In SDN, the underlying infrastructure is abstracted for applications and network services.
A typical representation of SDN architecture includes three layers: the application layer, the control layer and the infrastructure layer.
The SDN application layer, not surprisingly, contains the typical network applications or functions like intrusion detection systems, load balancing or firewalls. A traditional network uses a specialized appliance, such as a firewall or load balancer, whereas a software-defined network replaces the appliance with an application that uses the controller to manage the data plane behaviour.
SDN architecture separates the network into three distinguishable layers, i.e., applications communicate with the control layer using northbound API and control layer communicates with data plane using southbound APIs. The control layer is considered as the brain of SDN. The intelligence to this layer is provided by centralized SDN controller software. This controller resides on a server and manages policies and the flow of traffic throughout the network. The physical switches in the network constitute the infrastructure layer.
How SDN works
SDN is internally an orchestration of several technologies. Network virtualization and automation using well defined APIs are the key ingredients. Functional Separation adds value by decreasing dependencies.
In a classic SDN scenario, a packet arrives at a network switch, and rules built into the switch’s proprietary firmware tell the switch where to forward the packet. These packet-handling rules are sent to the switch from the centralized controller.
The switch — also known as a data plane device — queries the controller for guidance as needed, and it provides the controller with information about traffic it handles. All the packets destined for same host are treated in a similar manner and forwarded along the same pathway by the switch.
The virtualization aspect of SDN comes into play through a virtual overlay, which is a logically separate network on top of the physical network. In order to segment the network traffic, end-to-end overlays can be implemented. Thus, users can abstract the underlying network as well. This micro-segmentation is especially useful for service providers and operators with multi-tenant cloud environments and cloud services, as they can provision a separate virtual network with specific policies for each tenant.
Network Function Virtualization (NFV) and SDN complement each other very well. NFV virtualizes network services and abstract them from dedicated hardware. Nowadays, there are plethora of physical devices which play a specialized role such as load balancer, routing, switching, WAN acceleration and content filter, etc. Service Providers consider NFV as the solution for deploying new network services by virtualizing network devices.
Some Examples of NFV
- Virtualized Network Appliances, wherededicated network devices are replaced by virtual machines running in servers.
- Virtualized Network Services/functions (VNFs), which virtualizes software-based networkmonitoring and management services, including traffic analysis, network monitoring and alerting, load balancing and quality or class of service handling
Benefits of SDN from networking architecture perspective
With SDN, an administrator can change any SDN based network switch’s rules when necessary — prioritizing, deprioritizing or even blocking specific types of packets with a granular level of control and security. Traffic loads are thus efficiently managed with lot of flexibility, specifically in a cloud environment where multi-tenant architecture is deployed. Essentially, this enables the administrator to use less expensive commodity switches and have more control over network traffic flow than ever before.
End-to-end visibility of the network easing network management is one of the many benefits of SDN. In order to distribute policies to all the networked switches, there is no need to configure multiple individual network devices. In this case, configuring and dealing with one centralized controller is enough. If the controller deems traffic suspicious, for example, it can reroute or drop the packets. SDN also virtualizes hardware and services that were previously carried out by dedicated hardware, resulting in the touted benefits of a reduced hardware footprint and lower operational costs.
Software-Defined Wide Area Network (SD-WAN) emerged from software defined networking using virtual overlay aspect. Connectivity links of a given organization in its WAN are abstracted to form a virtual network. The SDN controller uses any of the connections which deems fit to send and receive traffic. Let us see diagrammatically, the comparison between traditional WAN and SD-WAN.
The Business Benefits of Software-Defined Network Solutions
Dynamically changing needs of the business require programmable network, preferably centralized. SDN aptly caters to these business needs by dynamically provisioning the services in the network. It also provides the following technical and business benefits:
- Directly Programmable: Since control layeris decoupled from infrastructure layer, its directly programmable.
- Centralized Management: Controllersmaintains a global view of the network and thus maintains central intelligence.
- Reduced OpEX/CapEx
- Deliver Agility and Flexibility
- Enable Innovation
Software defined networking will soon transform the legacy data centres into virtualized environment comprising networking, compute and storage. SDN adds flexibility in terms of controlling the network.
Software-Defined Networking Use Cases
As discussed, Software defined networking provide immense benefits as part of migration to virtual environment. SDN use cases in service provider environment with cloud computing architecture are very much effective.
Bandwidth calendaring and WAN optimization are important needs of service providers which are met by SDN. SDN also offers bandwidth-on-demand and hence carriers can have control on links to opt for additional bandwidth on an ad-hoc basis. SDN adds value to cloud computing data centres by network virtualization.
In a segregated network with multi-tenants, this is very important to achieve faster turnaround time and efficient utilization of resources in the cloud. SDN policies offer network access control and monitoring to enterprise campuses.
Together, SDN and NFV represent a path toward more generic network hardware and more open software. SDN with NFV is the future of networking and is becoming more and more the nucleus of modern data centre! At GAVS, we are tracking the SDN developments and adoption by various vendors and we are excited about the potential possibilities with SDN.
About the Authors:
Chandrasekar has 23 years of experience specialized in Networking. He is currently heading Networking Center of Excellence in GAVS with solid experience in Network Management, Network Security and Networking in general. He is passionate about Next Generation Networking technologies and is currently experimenting with it. He holds a couple of approved patents in Switching and Network security.
Suresh is a networking architect and part of Location Zero. He was associated with multiple global network/telecom service providers’ network transformation projects, improving network efficiency and quality of service with optimization of infrastructure (CAPEX and OPEX) by adopting breakthrough models. He is passionate about evolving networking technologies and the journey towards software defines everything.