SDN (Software Defined Net­work­ing)

The com­po­si­tion and ad­min­is­tra­tion of network struc­tures poses great chal­lenges to many companies. Since con­ven­tion­al networks based on physical hardware only rarely meet the re­quire­ments of modern companies, the choice of external In­fra­struc­ture-as-a-Service solutions (Iaas) is becoming more and more common. Compared to tra­di­tion­al in-house in­fra­struc­tures, these cloud services, which give customers access to vir­tu­al­ized computer resources, are char­ac­ter­ized by a high degree of flex­i­bil­i­ty and excellent cost control – unlike a fixed hardware framework, the desired resources can be scaled at any time at the push of a button.

In most cases, the pro­vi­sion­ing and scaling of virtual resource – both on the part of the customer and on the part of the provider – is ac­com­plished with the help of software, without the need for manual access to the in­di­vid­ual physical network com­po­nents. The un­der­ly­ing network concept is also known as Software Defined Net­work­ing (SDN).

Software Defined Net­work­ing describes a network ar­chi­tec­ture that enables a purely software-based man­age­ment of the network. For this purpose, the control plane im­ple­ment­ed as standard in the hardware com­po­nents of the control logic is ab­stract­ed from the hardware – in this context, one also speaks of the in­tel­li­gence of the hardware, which is nothing more than its specific operating software (firmware). Put simply, the SDN concept stands for the sep­a­ra­tion of in­fra­struc­ture and its con­fig­u­ra­tion.

The data plane, on the other hand, remains part of the in­di­vid­ual network devices (i.e. all routers, switches, and firewalls in­te­grat­ed in the network). With SDN, however, its task is ex­clu­sive­ly to forward packets, which is why it requires little computing power. Among other things, this has the advantage that the devices do not require any elab­o­rate­ly developed firmware and are generally much cheaper than other network concepts.

The task field of the ab­stract­ed control plane, which is re­spon­si­ble for the proper data traffic in the SDN ar­chi­tec­ture and therefore has to carry out all relevant analyses, is con­sid­er­ably more complex. However, detached from the hardware and im­ple­ment­ed in cen­tral­ized software, it is highly pro­gram­ma­ble in software defined net­work­ing and therefore much more flexible in terms of network ad­min­is­tra­tion than is the case with other ar­chi­tec­tures.

A specific com­mu­ni­ca­tion interface between control plane and data plane is required for the SDN software operating on the control layer to send in­struc­tions for proper packet traffic to the embedded network com­po­nents. The best known solution for this is OpenFlow. Managed by the Open Net­work­ing Foun­da­tion (ONF), the com­mu­ni­ca­tion protocol is the first stan­dard­ized interface between the control and data levels of a software-defined net­work­ing ar­chi­tec­ture. In many SDN networks, it replaces the in­di­vid­ual in­ter­faces of the network devices, which also reduces the de­pen­den­cy on the hardware man­u­fac­tur­ers.

Once com­mu­ni­ca­tion between hardware and software is es­tab­lished, the ad­min­is­tra­tor can quickly and easily get a good overall view of the network via the control layer and the re­spec­tive SDN software, and manage the network devices through the central, software based control. This allows data streams to be managed with much greater ef­fi­cien­cy than in networks where the various com­po­nents each have their own control logic – greatly sim­pli­fy­ing vir­tu­al­iza­tion and resource scal­a­bil­i­ty. This is also fa­cil­i­tat­ed by the fact that routing and topology in­for­ma­tion is no longer dis­trib­uted in fragments across all routers, but instead converges at a central location.

The ideas and ap­proach­es for im­ple­ment­ing SDN struc­tures vary depending on the provider or operator and com­mu­ni­ca­tion standard used. However, it is not always possible to draw a sharp dividing line between the in­di­vid­ual models, so it could be that a software defined network has elements from different ap­proach­es.

Although the software-based principle basically provides the best possible cen­tral­iza­tion of network device in­tel­li­gence, there are SDN ap­proach­es where the control plane’s scope is dis­trib­uted across multiple control units. With such an asym­met­ri­cal model, the in­di­vid­ual systems typically have the minimal in­for­ma­tion required for immediate operation, so that they will continue to function even if the central control unit fails. However, compared to the tra­di­tion­al sym­met­ri­cal model, this also creates un­nec­es­sary in­for­ma­tion­al re­dun­dan­cies.

Another way to char­ac­ter­ize Software Defined Net­work­ing is to look at the position of the control logic. In highly vir­tu­al­ized en­vi­ron­ments, for example, it makes sense to have the control plane processes handled by the system on which the hy­per­vi­sor, i.e. the virtual machine manager, is hosted. If the SDN software is run on this host system, you can be sure that the necessary ca­pac­i­ties are available for the resulting data load. The al­ter­na­tive to this host-based approach is to dis­trib­ute SDN pro­cess­ing to dedicated routers as is common in tra­di­tion­al networks and therefore handle it based in a network.

A third software-defined network model focuses on the way in­for­ma­tion is passed between the control plane and data plane. On the one hand, there is the option for the control instance to forward new in­for­ma­tion and changes to all par­tic­i­pat­ing network nodes through broadcast or multicast. This so-called flood-based or proactive SDN concept is ad­van­ta­geous if the cen­tral­iza­tion of in­tel­li­gence does not play a role, e.g. because a sym­met­ri­cal approach is used.

However, the more nodes a network has, the higher the network load will be with such a message trans­mis­sion concept, which results in limited scal­a­bil­i­ty. In larger networks, the floodless or reactive SDN model is therefore a popular al­ter­na­tive: In this case, the control plane ensures the correct func­tion­ing of all com­po­nents by means of a con­trolled, reactive in­for­ma­tion transfer in which only the affected devices are clamped. The relevant in­for­ma­tion is usually obtained from special lookup tables, where dis­trib­uted hashtag and caching methods are used.

In the previous sections, the basic dif­fer­ences between a network based on the SDN approach and a classic network have become clear. The crucial point here is un­doubt­ed­ly the sep­a­ra­tion of hardware and software, which was un­think­able years ago. Only since 2013 have there been devices that can implement this el­e­men­tary aspect of software defined net­work­ing. It is therefore hardly sur­pris­ing that future oriented tech­nol­o­gy has not yet been an issue in many companies.

The following sections therefore summarize the main dif­fer­ence between SDN and tra­di­tion­al net­work­ing before con­clud­ing with the goals and benefits as well as the concrete ap­pli­ca­tions scenarios of SDN.

Parallel to the demands placed on the computer’s computing power, the demands placed on the per­for­mance of networks are also con­tin­u­ous­ly in­creas­ing: While digital networks are becoming larger and more complex, the degree of vir­tu­al­iza­tion and the desire for maximum flex­i­bil­i­ty and scal­a­bil­i­ty are also in­creas­ing at the same time. Since con­ven­tion­al devices, which are equipped with their own in­tel­li­gence and process a large part of the processes in­de­pen­dent­ly, have not been able to meet these re­quire­ments for some time, the software-defined net­work­ing concept has been developed. With specific hardware without its own control instance, these goals are to be achieved or re­quire­ments met. The ad­van­tages over tra­di­tion­al networks can be sum­ma­rized as follows:

• No con­fig­u­ra­tion of in­di­vid­ual devices or operating systems required
• Low main­te­nance and ad­min­is­tra­tion costs for the entire network.
• Lower hardware and operating costs.
• Enables dynamic al­lo­ca­tion and mon­i­tor­ing of resources in real time
• Low de­pen­dence on hardware man­u­fac­tur­ers

Thanks to its numerous ad­van­tages over the classic network concept, SDN is in­ter­est­ing for a large number of ap­pli­ca­tions. Among other things, the software-defined network model is suitable for the following purposes:

• Quality of Service (QoS): The central overview of all network nodes makes it easier for the ad­min­is­tra­tor to track how often a single con­nec­tion is used. The ad­min­is­tra­tor can react in real time to the knowledge gained and regulate data traffic ac­cord­ing­ly in order to be able to deliver the promised bandwidth to all par­tic­i­pants at all times.
• Man­u­fac­tur­er-in­de­pen­dent device man­age­ment: The focus on a uniform protocol such as OpenFlow makes SDN an excellent solution when devices from different man­u­fac­tur­ers are to be combined and managed in a network.
• Man­u­fac­tur­er-in­de­pen­dent func­tion­al expansion of the network: The freedom of SDN tech­nol­o­gy is also a good solution for scenarios in which networks should be easily ex­pand­able with new functions at any time – and the in­de­pen­dence of device man­u­fac­tur­ers also plays into the cards of users.
• Ap­pli­ca­tion-driven packet routing: SDN creates the basis for third-party ap­pli­ca­tions to intervene in packet routing, i.e. change and adjust routes in the network. The pre­req­ui­site for this is that the control unit has a suitable interface.
• Central de­f­i­n­i­tion and dis­tri­b­u­tion of security policies: Security policies can be passed on to the in­di­vid­ual network switches simply and ef­fi­cient­ly through the central control unit.

It is no co­in­ci­dence that the SDN approach has been adopted by various network providers in recent years: Software defined net­work­ing optimizes the basic approach of hardware vir­tu­al­iza­tion by removing man­u­fac­tur­er-specific re­stric­tions and con­sid­er­ably sim­pli­fy­ing the ad­min­is­tra­tion of a network. By de­cou­pling the logic from the un­der­ly­ing hardware and the as­so­ci­at­ed ability to control the network via software, network operators are well prepared for future de­vel­op­ments and chal­lenges in the IT industry.