What’s Software-Defined Networking (SDN)? - SDxCentral
www.sdxcentral.com /networking/sdn/definitions/what-the-definition-of-software-defined-networking-sdn/
Software-defined networking (SDN) is the separation of the control functions from the forwarding functions, which enables greater automation and programmability in the network. It is often paired with network function virtualization ( NFV), which separates network functions from hardware in for the form of virtualized network functions (VNFs).
SDN enables cloud-like computing within a network. This enables network engineers and administrators to respond quickly to changes in business requirements through a centralized control console that is abstracted from the physical hardware of the network. In other words, SDN creates a centralized brain for the network that can communicate and command the rest of the network.
SDN ArchitectureThe three layers in an SDN architecture are:
- Application: the applications and services running on the network
- Control: the SDN controller or “brains” of the network
- Infrastructure: switches and routers, and the supporting physical hardware
To communicate between these layers, SDN uses northbound and southbound application program interfaces (APIs) where the northbound API communicates between the infrastructure and control layers and the southbound API communicates between the application and the control layers.
Northbound APIs: Applications using an SDN rely on the controller to tell them what the status of the network infrastructure is so that they can know what resources are available. Additionally, the SDN controller can automatically ensure application traffic is routed according to policies established by network administrators. The applications talk to the control layer and tell it what resources the applications need, and their destination. The control layer orchestrates how the applications are given the resources available in the network. It also uses its intelligence to find the optimal path for the application in the context of its latency and security needs. Northbound APIs are often RESTful APIs. Orchestration is automated and not manually configured.
Southbound APIs: The SDN controller communicates with the network infrastructure, such as routers and switches, through southbound APIs. The network infrastructure is told what path the application data must take as decided by the controller. In real time, the controller can change how the routers and switches are moving data. The data no longer relies on the devices and routing tables to determine where the data goes. Instead, the controller’s intelligence makes informed decisions that optimize the data’s path.
SDN ControllersAn SDN controller is the software that provides a centralized view of and control over the entire network. Network administrators use the controller to govern how the underlying infrastructure’s forwarding plane should handle the traffic. The controller is also used to enforce policies that dictate network behavior. Network administrators establish policies that are uniformly applied to multiple nodes in the network. Network policies are rules that are applied to traffic that determines what level of access it has to the network, how much resources it is allowed, or what priority it is assigned. Having a centralized view of the network and the policies in place makes for simpler management of the network that is more uniform and consistent.
The application, control, and infrastructure layers are kept separate in SDN and communicate through APIs. Source: Open Networking Foundation
SDN BenefitsSDN offers a centralized, programmable network that can dynamically provision network resources so as to address the changing needs of businesses. It also provides the following technical and business benefits:
Direct programmability: SDN network policy is directly programmable because the control functions are decoupled from forwarding functions, which enables the network to be programmatically configured by proprietary or open source automation tools, including OpenStack, Puppet, Salt, Ansible, and Chef.
Centralized management: Network intelligence is logically centralized in SDN controller software that maintains a global view of the network, which appears to applications and SDN network policy engines as a single, logical switch.
Reduced capex: SDN potentially limits the need to purchase purpose-built, ASIC-based networking hardware, and instead supports pay-as-you-grow models with its scaling capabilities. Most switches on the market support SDN capabilities and software like OpenFlow (an SDN communications protocol). Whether it is in a data center or other network, if the infrastructure contains switches with SDN capabilities, they simply need to have the option activated. A massive truck roll is not needed to rip and replace the infrastructure.
Reduced opex: The ability to automate the updates to the network’s software means there is no need to rip and replace the whole infrastructure when business needs or network demand necessitate a change. Additionally, policies can be uniformly spread network wide, reducing the chance for human error when updating the network. Automation takes over the monotonous tasks from network administrators and operators, which reduces the overall network management time.
Agility and flexibility: SDN can help organizations rapidly deploy new applications, services, and infrastructure to quickly meet changing business goals and objectives because whenever something new is created, a simple update deploys it network-wide.
SDN ChallengesSDN is not without its downsides. As with everything in the IT industry, there are security issues, scaling problems, and a lack of widespread industry cooperation.
Security risks of centralized management: While this makes networking easier, it is also a security risk. Centralized management is a single point of attack and if it goes down, the whole network is affected.
SDN controller bottleneck: When there is only a single instance of an SDN controller, it can become a bottleneck for a network with a large amount of traffic, routers, and switches. There is simply too much to communicate with for one instance of a controller.
No universally-accepted standard for northbound APIs: Without a universally-accepted standard for northbound APIs, vendors and open source organizations are making dissimilar APIs for their SDN controllers. This makes application development difficult because, in order to interoperate with different controllers, the developers have to make multiple versions of applications.
SDN Use CasesSDN software automation enables DevOps approaches including automated testing and deployment changes to applications and virtualized portions of the network. Smart buildings can also take advantage of SDN to handle the wireless network that connects all of the devices within the building.
The virtualization principles that SDN introduced to the networking world can also be used in vehicle-to-everything (V2X) communication for autonomous driving. SDN software normally only covers a single data center, however, it can extend over an enterprise’s entire campus. By using SDN technology, a campus can simplify the wireless and wired network connections, whether it’s WiFi or Ethernet, centrally manage them, and automate services.
The Influence of SDN on Networking TechnologyThe virtualization wave that SDN has been a part of is continuing to move forward. Vendors and their offerings that have learned from SDN and NFV principles are growing in number. SD-WAN, SD-branch, Secure Access Service Edge (SASE), and the cloud are all examples of this. In 5G networks, the control of the network core is centralized, like in SDN. The cloud also uses centralized control and policies learned from SDN.
SDN vs NFV (Network Functions Virtualization)NFV is the virtualization of network components, decoupling them from the hardware appliances that run them in favor of virtual machines. These functions can range from load balancing to firewalls to virtual routing.
SDN separates the control and data planes to enable centralized control, allow automation, and to create a programmable network. Essentially, NFV virtualizes the components of the network and SDN centralizes the control of those components. While SDN and NFV are not dependent on each other, combined, they take a traditional networking approach and replace it with one where software operates, manages, and secures everything.
SDN and SD-WANSoftware-defined wide-area network (SD-WAN) is an extension of SDN. SD-WAN applies SDN to networking connections that cover a wide geographical area. According to IEEE, this technology allows enterprises to connect all their networks within their system across a wide geographic area without being restrained by the distance between nodes.
For instance, all the branch office networks and data centers within a national enterprise, with branches in every state, can be connected via SD-WAN and managed by a single central controller. More organizations and companies are turning toward SD-WAN due to this ability to unify the various connections. Another perk to SD-WAN is that it provides end-to-end encryption across the network, and thus increases security.
SD-WAN is also applicable to a local area network (LAN) to create an SD-branch deployment for a single office or location. This can be used for networks and data centers that need to be kept on-premises at a branch for security, regulatory, or logistical reasons. SD-branch still offers the flexibility and scalability of SD-WAN.
Updated January 2020 by Connor Craven |
