Software-defined networking
Software-defined networking - Wikipedia, the free encyclopedia
Software defined networking (SDN) is an approach to building computer networks that separates and abstracts elements of these systems. SDN allows system administrators to quickly provision network connections on the fly instead of manually configuring policies.[1] This has become more important with the emergence of virtualization which an enterprise data center may need to create and configure virtual machines (VMs) remotely, and configure firewall rules or network addresses in response. Many approaches exist to resolve this issue such as Virtual LANs but this may also introduce management issues.[1] SDN allows network administrators to have programmable central control of network traffic without requiring physical access to the network's hardware devices.[2][3]
These elements are called the "control plane" and the "data plane." SDN decouples the system that makes decisions about where traffic is sent (the control plane) from the underlying system that forwards traffic to the selected destination (the data plane).[4] The inventors and vendors of these systems claim that this technology simplifies networking [5] and enables new applications, such as network virtualization[6] in which the control plane is separated from the data plane and implemented in a software application.
Companies Google and Facebook have adopted the Openflow protocol within their data center operations. The Open Networking Foundation was founded to promote SDN standards and engineering as Cloud Computing blurs the boundaries between networks and computers.[1]
Contents |
Background
| This article does not cite any references or sources. (February 2013) |
Internet Protocol (IP) based networks were initially built based on the notion of Autonomous Systems (AS). This notion allows networks to scale and extend by connected junctions that forward packets to a reasonable next hop based on partial need-to-know information. This approach to networking is simple, and has proven resilient and scalable. The AS principle does not allow the designated destinations, to move without changing their identity as far as the packet delivery service is concerned. The topological location of destinations, which is the network interface they are attached to, dictates their identity. In addition, using only basic AS, it is hard to specify other identity qualities, such as logical grouping, access control, quality of service, intermediate network processing – or to specify aspects that relate to a sequence of packets that form a flow or networked conversation.
Complementary standards by the Internet Engineering Task Force (IETF) were put in place to augment identity-specific needs, standards such as virtual LANs, and virtual private networks among many others. These incremental standards have increased complexity in network elements specifications and increasingly complex configuration of network interfaces by network operators.
As elastic cloud architectures and dynamic resource allocation evolve and as mobile computer operating systems and virtual machines usage grows, the need arose for an additional layer of Software Defined Networking (SDN). Such a layer allows network operators to specify network services, without coupling these specifications with network interfaces. This enables entities to move between interfaces without changing identities or violating specifications. It can also simplify network operations, where global definitions per identity do not have to be matched to each and every interface location. Such a layer can also reset some of the complexity build-up in network elements by decoupling identity and flow specific control logic from basic topology based forwarding, bridging, and routing.
The global software defined control also tracks specific flow contexts based on source and destination identity aspects. A mechanism for driving network hardware has been added and adopted by network gear manufacturers for the purpose of sharing edge driving between software defined edge and vendor specific bridging and routing. A set of open commands for forwarding was defined in the form of a protocol known as OpenFlow. The OpenFlow protocol enables globally aware centralized or distributed software controllers to drive the network edge hardware in order to create an easily programmable identity based overlay on top of the traditional IP core.
Decoupling between data plane access and control plane access
In one configuration of SDN, the network control plane hardware can be physically decoupled from the data forwarding plane hardware, i.e. a network switch can forward packets and a separate server can run the network control plane.
The rationale for this approach is twofold. First, the decoupling allows for the control plane to be implemented using a different distribution model than the data plane. Second, it allows the control plane development and runtime environment to be on a different platform than the traditionally low-powered management CPUs found on hardware switches and routers.
SDN requires some method for the control plane to communicate with the data plane. One such mechanism is OpenFlow which is a standard interface for controlling computer networking switches. OpenFlow is often misunderstood to be equivalent to SDN, but there is no requirement for the use of OpenFlow within an SDN.
Definition and marketing of SDN and OpenFlow is managed by the Open Networking Foundation.[7]
The term was coined by Kate Greene.[8]
SDN deployment models
- Symmetric vs asymmetric
-
- In an asymmetric model, SDN global information is centralized as much as possible, and edge driving is distributed as much as possible. The considerations behind such an approach are clear, centralization makes global consolidation a lot easier, and distribution lowers SDN traffic aggregation-encapsulation pressures. This model however raises questions regarding the exact relationships between these very different types of SDN elements as far as coherency, scale-out simplicity, and multi-location high-availability, questions which do not come up when using traditional AS based networking models. In a Symmetrically distributed SDN model an effort is applied to increase global information distribution ability, and SDN aggregation performance ability so that the SDN elements are basically one type of component. A group of such elements can form an SDN overlay as long as there is network reachability among any subset.
- Floodless vs flood-based
-
- In a flood-based model, a significant amount of the global information sharing is achieved using well known broadcast and multicast mechanisms. This can help make SDN models more Symmetric and it leverages existing transparent bridging principles encapsulated dynamically in order to achieve global awareness and identity learning. One of the downsides of this approach is that as more locations are added, the load per location increases, which degrades scalability. In a FloodLess model, all forwarding is based on global exact match, which is typically achieved using Distributed Hashing and Distributed Caching of SDN lookup tables.
- Host-based vs Network-centric
-
- In a host-based model an assumption is made regarding use of SDN in data-centers with lots of virtual machines moving to enable elasticity. Under this assumption the SDN encapsulation processing is already done at the host HyperVisor on behalf of the local virtual machines. This design reduces SDN edge traffic pressures and uses "free" processing based on each host spare core capacity. In a NetworkCentric design a clearer demarcation is made between network edge and end points. Such an SDN edge is associated with the access of Top of Rack device and outside the host endpoints. This is a more traditional approach to networking that does not count on end-points to perform any routing function.
-
- Some of the lines between these design models may not be completely sharp. For example in data-centers using compute fabrics "Big" hosts with lots of CPU cards perform also some of the TopOfRack access functions and can concentrate SDN Edge functions on behalf of all the CPU cards in a chassis. This would be both HostBased and NetworkCentric design. There may also be dependency between these design variants, for example a HostBased implementation will typically mandate an Asymmetric centralized Lookup or Orchestration service to help organize a large distribution. Symmetric and FloodLess implementation model would typically mandate in-network SDN aggregation to enable lookup distribution to a reasonable amount of Edge points. Such concentration relies on local OpenFlow interfaces in order to sustain traffic encapsulation pressures.
Applications
| This article does not cite any references or sources. (February 2013) |
One of the most talked about applications of SDN is the consolidated data-center. The first use-case example has been Infrastructure as a Service (IaaS).
This extension means that SDN virtual networking combined with virtual compute (VMs) and virtual storage can emulate elastic resource allocation as if each such enterprise application was written like a Google or Facebook application. In the vast majority of these applications resource allocation is statically mapped in inter process communication (IPC). However if such mapping can be expanded or reduced to large (many cores) or small VMs the behavior would be much like one of the purpose built large Internet applications.
Other uses in the consolidated data-center include consolidation of spare capacity stranded in static partition of racks to pods. Pooling these spare capacities results in significant reduction of computing resources. Pooling the active resources increases average utilization.
The use of SDN distributed and global edge control also includes the ability to balance load on lots of links leading from the racks to the switching spine of the data-center. Without SDN this task is done using traditional link-state updates that update all locations upon change in any location. Distributed global SDN measurements may extend the cap on the scale of physical clusters. Other data-center uses being listed are distributed application load balancing, distributed fire-walls, and similar adaptations to original networking functions that arise from dynamic, any location or rack allocation of compute resources.
Other uses of SDN in enterprise or carrier managed network services (MNS) address the traditional and geo-distributed campus network. These environments were always challenged by the complexities of moves-adds-changes, mergers & acquisitions, and movement of users. Based on SDN principles, it expected that these identity and policy management challenges could be addressed using global definitions and decoupled from the physical interfaces of the network infrastructure. In place infrastructure on the other hand of potentially thousands of switches and routers can remain intact.
It has been noted that this "overlay" approach runs a high likelihood of inefficiency and low performance by ignoring the characteristics of the underlying infrastructure.[9] Hence, carriers have identified the gaps in overlays and asked for them to be filled by SDN solutions that take traffic, topology, and equipment into account.[10] Accordingly, there is a proposal for an SDN solution that exposes network resources so they can be continually optimized and that traffic demands can be handled more predictably.[11]
Access Control in SDN
Remote access to the control plane is made available to administrators or users of the network, typically with a role-based access system (RBAC) in order to provide security.
See also
References
- ^ a b c http://arstechnica.com/information-technology/2013/02/100gbps-and-beyond-what-lies-ahead-in-the-world-of-networking/2/
- ^ Rouse, Margaret; Lim, Ang Ngang.software-defined networking (SDN)Whatis.com, June 2012
- ^ Bort, Julie.The Three Letters That Are Setting The Enterprise Tech World On Fire, Business Insider, 5 October 2012
- ^ "SDN Overview".
- ^ "Big Switch Networks Products".
- ^ Strom, David. Software-defined networking could drastically change today’s network infrastructure, SearchdataCenter
- ^ "Open Networking Foundation".
- ^ Kate Greene (March/April 2009). "TR10: Software-Defined Networking". Technology Review (MIT). Retrieved November 20, 2011.
- ^ "Still no VMware of Networking. Overlays change nothing beneath the surface.".
- ^ "Adoption of SDN: Progress Update".
- ^ "Blueprint for Infrastucture SDN".
External links
http://en.wikipedia.org/wiki/Software-defined_networking
An INDEPENDENT COMMUNITY FOR SDN
Enroll Today! SDN University™ 101: What you need to know about Software-defined networking?
SDNCentral announces availability of SDN University™ 101: What you need to know about Software-defined networking? Enrollment is now open. This 100 level course was co-developed by Computerlinks a leading networking and security training organization and global security and networking distributor. Based on input from the SDNCentral community, we consistently heard demand for an mildly technical SDN ‘basics’ course targeted at end…
Introducing SDN University™: Practical, hands-on SDN Training
SDNCentral Brings Software Defined Networking Training and Education to Engineers via SDN University. We are excited to announce the creation of SDN University™ at SDNCentral to further drive practical, real-world software defined networking education and education for Enterprise Architects, Network Engineers, Network Operators, Systems Engineers, and Resellers. Our SDNCentral research shows that lack of education is one of the top…
- Software Defined Networking (SDN)
- SDN Network Virtualization - Google Search
- SDNCentral | The Independent Community for SDN and #1 Resource for Network Virtualization
- Software-defined networking - Wikipedia, the free encyclopedia
- SDN Network Virtualization - Google Search
- Is the time now right for network virtualization? | Datacenter Dynamics
- A Network Virtualization Application - Big Virtual Switch | Big Switch Networks, Inc.
- Leapfrog Deploys Cloud-Based Wi-Fi Services with ADTRAN’s Virtual WLAN - Network Virtualization
- Xsigo Virtual I/O Provides Kroll 50 Percent More VM Throughput and Saves on Cost - Network Virtualization
- SDN Network Virtualization - Google Search
- Network Virtualization for the Enterprise Data Center - Guido Appenzeller - YouTube
