Software Defined Network
Cloud computing and storage services have benefited largely from virtualization and automation, but network limitations still make it difficult to capitalize on these advantages. SDN has the power to kickstart data centers by offering flexibility, control and a direct path to virtualization.
The main goal of a Software-defined networking (SDN) is to bring agility and flexibility to the networks. SDN enables enterprises and service providers to quickly adapt to the changing business needs.
Contrary to the traditional network architecture where individual network devices make traffic decisions based on their configured routing tables, an SDN, a centralized control console operated by a network engineer or administrator, can direct traffic without the need to touch individual switches in the network.
SDN architecture
A typical SDN architecture consists of three main layers:
- The application layer;
- the control layer;
- the infrastructure layer.
The application layer contains network applications that organizations use, among which we can find intrusion detection systems, load balancing or firewalls. In the case of the traditional network, we would use a specialized appliance, such as a firewall or load balancer, but an SDN replaces this appliance with an application that uses the controller to manage data behaviour.
The control layer is the centralized SDN controller software — the “brains” of the SDN. The controller resides on a server where it manages policies and the flow of traffic within the network.
The infrastructure layer is simply all the physical switches in the network.
All these aforementioned layers communicate using northbound and southbound application programming interface (APIs). Applications talk to the controller through its northbound interface, while the controller uses southbound interfaces to communicate with switches.
How an SDN works
SDN technology is mainly focused on separation of the network control plane from the data plane. Control plane makes decisions about how packets should flow through the network, the data plane actually moves packets.
When a packet arrives at a network switch, rules built into the switch’s firmware tell the switch where to forward the packet. These packet-handling rules are sent to the switch from the centralized controller.
The switch “asks” the controller for guidance while, at the same time, providing it with information about traffic it handles. Every packet that is being sent to the same destination is treated by the switch the exact same way.
Often SDN’s have a virtualization aspect, which is a logically separate network on top of the physical network. Users implement these overlays to abstract the underlying network and segment network traffic. Microsegmentation such as this is beneficial for service providers and operators with multi-tenant cloud environments and cloud services because it allows them to provision a separate virtual network with specific policies for each tenant.
Benefits of an SDN
An administrator can change any network switch’s rules — prioritizing, deprioritizing or even blocking specific types of packets with granular level of control and security. This enables the administrator to use less expensive commodity switches and have more control over network traffic flow than ever before.
Network management and end-to-end visibility is another important facet an SDN. It allows the network administrator to deal with only one centralized controller to distribute policies to the connected switches, instead of configuring them separately. This serves as a security advantage as well as the controller can monitor traffic and deploy security policies. If the traffic is suspicious, for example, the controller can reroute or drop the packets.
Last but not least, SDN virtualizes hardware and services that were carried out by dedicated hardware, resulting in a reduced hardware footprint and lower operational costs.
Slow adoption hides potential
SDN technology emerged around 2011 but the adoption has been relatively slow. Main adopters are service providers, network operators, telecoms and carriers, along with large companies, like Facebook and Google. Currently, only such kind of companies have the resources to tackle and contribute to an emerging technology. Many small and mid-size enterprises cite the cost of SDN deployment to be a deterring factor. And that is the main problem that has to be solved in order to bring this technology to wider use.
Originally published at noia.network on January 4, 2019.
