SOFTWARE-DEFINED NETWORKS (SDN)

Software-Defined Networking (SDN) can be briefly defined as the physical separation of the network control plane from the routing-data plane, where one control plane controls several devices. For example, Cisco Catalyst 9500 Series Switches (C9500-24Y4C) are ideal for SDN deployments due to their programmability and high throughput.

In other words, the centralized view and separation of the control plane and the data plane means that the SDN controller can create a physical topology. Nodes, such as Cisco Nexus 9300 Switches (N9K-C93180YC-FX), are connected and create paths through the network based on some algorithmic mappings. Finally, the paths are programmed into the routing engines of the devices like Arista 7050X3 Series (7050X3-48YC12). This allows the SDN controller to better manage traffic flows in the entire network and respond to changes faster and smarter. Of course, how well the controller defines these paths is critical to the operation of an SDN.

SDN is a dynamic, manageable, low-cost, and expandable architecture that makes it ideal for the high bandwidth and dynamic nature of today's applications. This architecture separates the network control and routing functions, enabling the infrastructure to be abstracted for applications and network services, with the network control being directly programmable.

SDN Basic architecture, Fundamental characteristics, Flow definition

Directly Programmable: Network control is directly programmable because it is separated from the routing functions. For instance, Juniper MX Series (MX204) provides direct programmability for SDN applications.

Adaptive: Abstract control from routing allows administrators to adjust traffic flow across the network to meet dynamically changing needs. Products like Huawei CloudEngine S12700 Series (CE-S12700-12) excel in adaptive traffic management.

Centralized: Network intelligence is (logically) centralized in software-based SDN controllers such as VMware NSX Controller (NSX-MGR-ADV).

Programmable Configuration: SDN allows network administrators to configure, manage, secure, and optimize network resources very quickly and dynamically. For example, Palo Alto Networks Firewall (PA-5220) can integrate with SDN for programmable security configurations.

Open Standards-Based and Vendor-Independent: When implemented with open standards, SDN simplifies network design and operation because instructions are provided by SDN controllers rather than multiple, vendor-specific devices and protocols. Devices like Dell EMC PowerSwitch Z9264F-ON support open standards for vendor independence.

Let’s dive into the Software-Defined Networking (SDN) with more technical details:

Our task is data transmission, which is done through message types. In traditional architectures, various devices at each layer control messages. These devices are located in various layers and must be purchased and managed accordingly. For example, a laptop is simply an application-based device and cannot function as a base station. Everyone needs to connect to a base station to access services like Netflix, which creates bottlenecks.

SDN addresses this by turning devices into "dummies" with a centralized Control Plane, which assigns rules to devices. For example, controllers like Cisco DNA Center (DN1-HW-APL) communicate with devices periodically, allowing them to operate autonomously with pre-defined rules.

With this new approach, operating systems from devices are centralized in a controller. Applications such as F5 BIG-IP iSeries (i5800) are integrated into a top-level program that coordinates dummy devices. This creates an efficient Data Plane, composed of hardware optimized for forwarding. Multi-tenancy, routing, switching, and DNS functions are now centralized and managed by a controller.

SDN does have limitations, but its advantages far outweigh them. For instance, in environments with high demands (both spatially and temporally), a centralized controller like Juniper Contrail Networking proves to be more effective.

Key Concepts in SDN

• Network Function Virtualization (NFV): Virtualizes the controller to manage functions dynamically.
• Data Plane: Implemented inside switches like the OpenFlow-enabled TP-Link T2600G-28TS.
• Globalization through SDN: Creates a unified system using NFV as the enabling method.

Switches in SDN use protocols like OpenFlow, which focus on controlling flows rather than individual messages or packets. For instance, a "flow" (a continuous train of packets or messages) replaces packet-level evaluations. Devices now handle flows as virtualized streams, managed centrally by the controller.

An SDN controller aggregates functions like firewalling, routing, switching, traffic scheduling, and quality of service (QoS). For example, a firewall function in the controller is implemented through socket programs for dummy devices. OpenFlow switches like HP Enterprise FlexFabric 5700 (JG896A) execute these functions seamlessly.

In summary, SDN simplifies network management by centralizing intelligence, enhancing programmability, and introducing flows instead of traditional packet handling.

A Network Management Design for SDN

Suppose that, in our local IPv4 network, we are asked to use your gateway device in dual-mode: as a firewall and as a VLAN switch. Devices such as Fortinet FortiGate 600E (FG-600E) can act as both firewall and VLAN switch for such a scenario. This illustration below designed for this purpose

 

The OpenFlow Controller ensures centralized management and simplifies the configuration of the entire network. Using OpenFlow, the network can dynamically adapt to traffic demands, enabling efficient resource utilization. VLAN segmentation improves network organization by isolating traffic for different departments or groups (e.g., Marketing, Sales, Warehouse). The firewall integration within the SDN controller ensures network security at the centralized level, avoiding dependency on individual devices.