Software-Defined Networking Overview
Software-defined networking (SDN) is a revolutionary approach to network management that centralizes control and separates it from the underlying hardware. It represents a shift from traditional, static network configurations to dynamic, programmable networks. SDN brings flexibility, automation, and agility to modern networking by allowing administrators to control network devices through software applications.
One significant benefit of SDN is improved network efficiency. Dynamically allocating resources and optimizing traffic flow ensure better utilization of available bandwidth. SDN also enhances network security through automated threat detection and response, ultimately making it a cornerstone of modern networking.
In addition, SDN employs a centralized controller that facilitates effortless policy implementation across the entire network. For instance, instead of managing access control lists individually, networkwide policies are defined and consistently distributed from the controller to connected devices. This approach also streamlines the management of specific traffic treatment, replacing complex mechanisms like policy-based routing with traffic flow rules pushed to all forwarding devices as part of routine operations.
The main advantage lies in the unified view of the network, with the controller serving as a single administration point. This boosts scalability and reduces complexity, similar to how Cisco Wireless LAN Controllers (WLCs) simplify wireless client authentication, authorization, and accounting (AAA) compared to traditional wired network configurations.
SDN finds extensive application in data centers, especially in environments where workloads change frequently. It enables administrators to allocate network resources and provision networks as needed, guaranteeing top-notch performance and resource efficiency. This flexibility makes SDN particularly well-suited for the demands of cloud computing and virtualized setups.
Traditional vs. SDN Network
Traditional networks consist of routers, switches, and WLCs, each possessing data and control planes. While the data plane forwards network traffic, the control plane learns information and creates forwarding table decisions, and the management plane intertwines with the control plane. As you can see in the image below, in this model, devices are self-contained and capable of making independent decisions due to the presence of the control plane.
SDN, on the other hand, brings a transformation. As you can see in the image below, it centralizes the control (and management) plane, removing it from individual devices. Initially, the idea was to consolidate control and management planes into an SDN controller, simplifying protocol evolution and offering centralized control. However, scalability issues arose with this approach, which can result in potential bottlenecks and limitations.
Hybrid SDN, the third option, combines the strengths of both models. As you can see in the image below, the controller actively participates in the distributed network control plane with this approach, granting a centralized network overview and controller-driven network management.
While some traditional network protocols are automation-friendly, the controller delivers a unified interface, simplifying administration and interaction with the network and eliminating the need for SSH connections to individual devices for configuration and data retrieval.
SDN Layers
SDN architecture operates through three distinct layers, each serving a unique purpose:
- Application Layer: This top layer consists of network applications that define the network's behavior. These applications communicate with the control layer through northbound APIs, allowing developers to create software solutions for network management, traffic engineering, security, and more.
- Control Layer: The middle layer contains the SDN controller, which manages the network's control plane. It makes global decisions about network behavior based on information from the application layer and communicates these decisions to the data plane. The control layer communicates with the application layer through northbound APIs and the data plane through southbound APIs.
- Infrastructure Layer: The bottom layer consists of the network devices such as switches, routers, and access points. These devices execute the forwarding instructions provided by the controller in response to network changes. The data plane communicates with the control layer through southbound APIs.
Northbound and Southbound APIs
An API, or Application Programming Interface, is a set of rules and protocols allowing software applications to communicate and interact. In an SDN network, APIs play a crucial role by enabling communication between applications or network services and the SDN controller, facilitating network automation and management.
Northbound and Southbound APIs are vital for communication in SDN networks. Northbound APIs enable communication between SDN applications or services and the SDN controller. They allow applications to request network services, gather information, and configure network behavior. The REST API is the primary northbound interface for communicating between the controller and all applications.
On the other hand, Southbound APIs facilitate communication between the SDN controller and network devices, such as switches and routers. They are responsible for instructing devices on forwarding packets based on the controller's decisions. Various protocols and APIs facilitate communication between the SDN Controller and network devices in the Infrastructure layer:
- OpenFlow: An industry-standard API that allows direct access and manipulation of network device forwarding planes.
- NETCONF: An IETF standardized network management protocol for configuring devices via Remote Procedure Call (RPC) mechanisms using XML encoding.
- RESTCONF: An extension of NETCONF that adds a REST API.
- OpFlex: An open-standard protocol employing a declarative policy information model, contrasting with OpenFlow's imperative model.
- REST: A software architectural style enabling HTTP/HTTPS-based monitoring and management of infrastructure.
- SNMP: Used for management information communication between network management systems and agents in network devices.
- Vendor-Specific Protocols: Numerous vendors develop their proprietary solutions, offering REST API access to devices. For instance, Cisco utilizes NX-API for their Cisco Nexus data center switches.