SDN is the next big thing in networking. It focuses on separating the intelligence from the hardware. OpenFlow is one of the ways (currently the open standard followed by all Datacenters) to implement SDN.
For example, to add or move any device, IT must touch multiple switches, routers, firewalls, Web authentication portals, etc. and update ACLs, VLANs, quality of services (QoS), and other protocol-based mechanisms using device-level management tools. In addition, network topology, vendor switch model, and software version all must be taken into account. Due to this complexity, today's networks are relatively static as IT seeks to minimize the risk of service disruption.The static nature of networks is in stark contrast to the dynamic nature of today's server environment, where server virtualization has greatly increased the number of hosts requiring network connectivity and fundamentally altered assumptions about the physical location of hosts. Prior to virtualization, applications resided on a single server and primarily exchanged traffic with select clients. Today, applications are distributed across multiple virtual machines (VMs), which exchange traffic flows with each other. VMs migrate to optimize and rebalance server workloads, causing the physical end points of existing flows to change (sometimes rapidly) over time. VM migration challenges many aspects of traditional networking, from addressing schemes and namespaces to the basic notion of a segmented, routing-based design.In addition to adopting virtualization technologies, many enterprises today operate an IP converged network for voice, data, and video traffic. While existing networks can provide differentiated QoS levels for different applications, the provisioning of those resources is highly manual. IT must configure each vendor's equipment separately, and adjust parameters such as network bandwidth and QoS on a per-session, per-application basis. Because of its static nature, the network cannot dynamically adapt to changing traffic, application, and user demands.
Multitenancy refers to a principle in software architecture where a single instance of the software runs on a server, serving multiple client-organizations (tenants). Multitenancy contrasts with multi-instance architectures where separate software instances (or hardware systems) operate on behalf of different client organizations. With a multitenant architecture, a software application is designed to virtually partitionits data and configuration, and each client organization works with a customized virtual application instance, thus customers do not share or see each other's dataWhile in virtualization, components are abstracted enabling each customer application to appear to run on a separate physical machineCost: An application instance usually incurs a certain amount of memory and processing overhead which can be substantial when multiplied by many customers, especially if the customers are small. Multitenancy reduces this overhead by amortizing it over many customers. Put crudely, if you can run everything on a single software instance, you only have to buy one software license. The cost savings can be eclipsed by the difficulty of scaling the single instance as demand grows,development of multitenant systems is more complex, and security testing is more stringent owing to the fact that multiple customers' data is being co-mingled.
Enterprise Survey 2012: problems
(% of respondents with N=280)
1. Configuration: Adding or moving devices and
implementing network-wide policies is Overly
complex, manual, time-consuming and risk service-
disruption; discouraging network changes. VM-
migration has challenged many aspects of n/wing
2. Scale: Link oversubscription to provision scalability is
not effective with the dynamic traffic patterns in
3. Features: Slow to respond to business requests
4. Software: Too hard to deploy
5. Packaging: Inflexible, difficult to scale.
6. Reliability: Below expectations
The physical separation of the network control
plane from the forwarding plane.
Ability to directly program n/w operations using
ordinary languages, ordinary OS, ordinary
Generalize the data path: OpenFlow
Decouple Distribution model of control logic from
topology. Ex) Tightly coupled distributed servers for
(Logically) centralized control plane
(logical because of distributed computing. No single point
Need for SDN in DCN/enterprise
Static Networks : Must respond dynamically
based on Business Policy
Essential Applications: Must be developed
within the network to deliver business results
Manual Policies: Must be automated to
reduce personnel cost
Monolithic Network Services: Must
dynamically scale independent of network
Limitations of current n/w
Complexity that leads to stasis:
For example, to add or move any device, IT must touch
multiple switches, routers, firewalls, Web authentication
portals, etc. and update ACLs, VLANs, quality of
services (QoS), and other protocol-based mechanisms
using device-level management tools. In addition,
network topology, vendor switch model, and software
version all must be taken into account. Due to this
complexity, today's networks are relatively static as IT
seeks to minimize the risk of service disruption.
VM-migration hs challenged many aspects of n/wing
for voice, data, and video traffic existing networks can
provide differentiated QoS levels for different
applications, the provisioning of those resources is
To implement a network-wide policy, IT may have to
configure thousands of devices and mechanisms.
For example, every time a new virtual machine is
brought up, it can take hours, in some cases days,
for IT to reconfigure ACLs across the entire network.
The complexity of today's networks makes it very
difficult for IT to apply a consistent set of access,
security, QoS, and other policies to increasingly
mobile users, which leaves the enterprise vulnerable
to security breaches, non-compliance with
regulations, and other negative consequences.
Inability to scale
IT has relied on link oversubscription to scale
the network, based on predictable traffic
patterns; however, in today's virtualized data
centers, traffic patterns are incredibly dynamic
and therefore unpredictable
Multi-tenancy further complicates carriers’
task, as the network must safely serve groups
of users with different applications and
different performance needs.
Carriers and enterprises seek to deploy
new capabilities and services in rapid
response to changing business needs or
Lack of common standard, open
interfaces limits the ability of network
operators to tailor the network to their
Computing Trends Driving N/w
Change:The static architecture of conventional networks is ill-suited to the dynamic
computing and storage needs of today’s data centers, campuses, and
Key Computing trends driving change:
Changing traffic patterns: Applications that commonly access
geographically distributed databases and servers through cloud require
extremely flexible traffic mngmnt and access to bandwidth on demand.
The rise of cloud services: Users expect on-demand access to
applications, infrastructure, and other IT resources. Cloud needs an
environment of increased security, compliance, and auditing
requirements, along with business reorganizations, consolidations, and
mergers that can change assumptions overnight
“Big data” means more bandwidth: Handling today’s mega datasets
requires massive parallel processing that is fuelling a constant demand
for additional capacity and any-to-any connectivity
The "consumerization of IT": Users are increasingly employing
mobile personal devices to access the corporate network. Require
smart and secure connections.
SDN: Future of NetworkingSwitching
• Easy to scale and manage
• Programmable to meet application needs in real time
• Open standards based programmable n/w elements.
• Presents Network As A Service (NAAS) and Network
As An Infrastructure (NAAI)
SDN: Simple, scalable N/w Mgmt
Standard based homogenous network
1 touch point(SDN Controller) vs 1000s of touch points(Nw elements)
Each element has same configuration, mgmnt and control interface
Automated configuration, management and control of the network
Greatly reduce OPEX cost of the network
Greatly reduce network management complexity
Greatly reduce network downtime
Single touch point
SDN: Smarter Network for
Large Scale Deployment
Abstractions of SDN
Data /Forwarding: Interface inside
Control /State-Distribution: Single state-
distribution algo calculates routes centrally in
Management abstraction: Logical
appearance of n/w. N/w can be managed as
a single switch rather than managing multiple
Shift from Hardware to
SoftwareFacilitators of SDN today: What made SDN possible:
ASICs/FGPAs CPU H/W
S/w Engineering and Distributed Computing
Global view of n/w: wire once, program as per business need.
What if I need to modify the quality of the search signal I want?
What if I want more bandwidth for a minute, an hour, a day or month?
What if I want an application to request it automatically, not an IT manager
logging into a portal saying please give me more capacity?
Thus, SDN is a part of the self-healing qualities of its network
Basically the ability to request more bandwidth automatically:
"I am an application and I want to move from here to there and I don’t
always want to pay for a large pipe all the time, I want to apply it only when I
use it. The pay-by-use model is what SDN enables”
No. of RFCs = 6K => 6K protocols
Instead of protocols coded in proprietary OS on a router, Control plane has
programs of the complete bucket of protocols and it can program all the
machines with the required protocol at any time.
SDN: Cloud Multi Tenancy
Network as a Service (NaS)
SDN Application examples
Flow table fields are based on standard fields of Merchant
silica or ASICs.
Multicasting is trivial with this: direct programming of
Setting service priority dynamically.
Load balancing and firewall can be a s/w model written
in APIs in N/w OS.
Mobile service provider
Financial services: multiple separate infra to prevent
cross-mandating, security, etc => redundancy.
OpenFlow (SouthBound API)
North bound API
South bound API
Generic primitives that sit on top of
(v)switches, designed to match well
with ASICS/merchant silicon
All Google’s inter-DC traffic is routed through
openflow based traffic engineering model.
Normal 10GigE switches are deployed.
No s/w on routers, not even CLI, just
openflow. All other s/w in controller.
Servers follow normal IS-IS, BGP protocols
Challenges: controller shouldn’t be the single
point of failure:
Master controller, redundant controllers, and tightly
coupled distributed controllers were used
Google SDN-WAN Advantages:
increased Utilization & Availability: Compute best path for each flow.
Unified view of the network fabric simplifies config, mngmnt, provisioning.
Easy to tweak the n/w since s/w provides ability to undo quickly.
Time to fix bugs is much less
Simulate topology, scale, n/w, by directing the monitoring s/w to the
simulated n/w before actually deploying it.
s/w testing & Bug detection is easy since simulation done before hand.
Simple updates: Earlier update done on each m/c, now only controller
servers. Reduced update traffic. In Conventional setup, each box has
different complicated stacks behaving differently to new changes.
Fast recovery from link failure: the first node to detect failure simply sends
one msg to controller, instead of flooding other routers
OSPF takes time to spread link failure info.
Google SDN-WAN challenges
The OpenFlow protocol is in its infancy and is bare
bones. However, it is good enough for many nw apps like
To provide Fault tolerant OpenFlow controllers ,
multiple OpenFlow controllers must be provisioned. This
requires handling master election and partitions between
Partitioning functionality It is not very clear what
functionality should reside in the network devices and
what should reside in external controllers.
Flow programming: For large networks, programming of
individual flows can take a long time.
Advantages of OpenFlow
Centralized management and control of networking devices
from multiple vendors;
Improved automation and management by using common
APIs to abstract the underlying networking details from the
orchestration and provisioning systems and applications;
Rapid innovation (in each decoupled layer) through the
ability to deliver new network capabilities and services
without the need to configure individual devices or wait for
Programmability by operators, enterprises, independent
software vendors, and users (not just equipment
manufacturers) using common programming environments,
which gives all parties new opportunities to drive revenue
Lower Capex and Opex for Data and Control plane.
Increased network reliability and security as a result of
centralized and automated management of network
devices, uniform policy enforcement, and fewer
Faster time to market/deployment Better and more
rigorous testing is done ahead of rollout accelerating
deployment and only the features needed are developed
More granular network control with the ability to apply
comprehensive and wide-ranging policies at the session,
user, device, and application levels;
Better end-user experience as applications exploit
centralized network-state information to seamlessly adapt
network behaviour to user needs.
Interoperability: Choice of gear from multiple vendors.
References for this ppt
4. SDN Approach to Large Scale Global Data Centers:
Rakesh Saha, IBM & Amit Agarwal, Google
5. Decoding SDN: Bob Muglia, Executive VP, S/w Soln
division, Juniper N/w