1) The document provides a summary of a lecture on Software Defined Networking (SDN) and its history and components. 2) SDN is defined as separating the network control plane from the data plane, allowing network administrators to manage network services through abstraction. 3) The lecture traces the history of SDN from 2004 research through the founding of the Open Networking Foundation in 2011 and increasing commercial adoption.

1. Lecture by Jean-Marc ANDRE
UNIWAN 2016

2. Foreword
Source: Wikipedia
This lecture is a compilation of various sources and meetings from e.g.
"Network Innovation through OpenFlow and SDN" by FEI HU at CRC Press
"Software Defined Networking (SDN)" by Marco Cello at DITEN at Università di Genova
"CS 490.31 Software Defined Networks" by Xenofontas Dimitropoulos at ETH Zurich
"Software Defined Networking" by Jennifer Rexford at Princeton
"OrchSec" by Kpatcha Mazabalo Bayarou at Fraunhofer SIT, Darmstadt
"Evolution dans la gestion d’infrastructure de type Cloud (SDI)" by Stéphane Mouton at Cetic Gosselies
Manufacturers: Allied Telesys, Cisco, HP, Juniper, Sophos.
Many meetings during Cebit 2016
Special thanks to our friends from the Infopole Team (Wallonia-Belgium)

3. SDN: Software Defined Network, definition
Source: Wikipedia
Software-defined networking (SDN) is an approach to computer
networking that allows network administrators to manage
network services through abstraction of higher-level
functionality.
This is done by decoupling the system that makes decisions about
where traffic is sent (the control plane) from the underlying
systems that forward traffic to the selected destination
(the data plane).
Some BUZZ: Shiny-thing Desperately Needed, $ome Dollars Now

4. A Short History of SDN
Source: Marco Cello DITEN
~2004: Research on new management paradigms
RCP, 4D [Princeton, CMU,….]
SANE, Ethane [Stanford/Berkeley]
2008: Software-Defined Networking (SDN)
NOX Network Operating System [Nicira]
OpenFlow switch interface [Stanford/Nicira]
2011: Open Networking Foundation (~69 members)
Board: Google, Yahoo, Verizon, DT, Microsoft, Facebook, NTT
Members: Cisco, Juniper, HP, Dell, Broadcom, IBM,…..
2013: Latest Open Networking Summit
1600 attendees, Google: SDN used for their WAN
Commercialized, in production use (few places)

5. Traditional Computer Networks
Collect measurements and configure
the equipment
Management plane:
Human time scale
Source: Jennifer Rexford @ princeton

6. Legacy Network Human Middleware Can’t Scale
10,000 provisions per day
3,333 hours of effort 420 network adminsand
20 commands per changex
Source: HP
200,000 commands per day
1 minute per commandx
• Time and Resource Intensive, Not Suited for Cloud Scale

7. What is SDN?
» SDN is a new way of looking at network infrastructure
– separates the data plane (the part that forwards packets) from the control plane (the
part that decides where the packets should go)
What is SDN?
Data plane:
Packet streaming Forward, filter, buffer,
mark, rate-limit, and measure packets
Control plane:
Distributed algorithms
Track topology changes, compute
routes, install forwarding rules
Source: alliedtelesis

8. » Traditionally, a lot of network control resides in the data forwarding devices
(switches and routers).
» SDN puts control in devices called Controllers, which are themselves serving
Applications running elsewhere
How is SDN different from what we have now?
Source: alliedtelesis

9. Death to the Control Plane!
• Simpler management
• No need to “invert” control-plane operations
• Faster pace of innovation
• Less dependence on vendors and standards
• Easier interoperability
• Compatibility only in “wire” protocols
• Simpler, cheaper equipment
• Minimal software
Source: Jennifer Rexford @ princeton

10. » The terms SDN and OpenFlow are often used interchangeably
» But, OpenFlow is just a component of SDN
– A standard API for SDN controllers to communicate with network devices
Where does OpenFlow fit in?
Source: alliedtelesis

11. The role of OpenFlow as the standard API
for controlling switches means that a large
part of the network infrastructure can be
standardised – one major benefit of the
SDN approach
SDN architecture
This is the control/data architecture for a network running SDN
Source: alliedtelesis
OpenFlow remotely controls
the forwarding table of
a switch or router

12. • A school wishes to automate student access to special network resources
• Only students attending a specific class should have access to special resources for that
lesson
• E.g. color printer only for graphics students,
• Less restrictive internet access for media students (YouTube access, for example)
• SDN could enable network to understand school timetable and reconfigure student network access
permissions accordingly
• Changes could occur automatically between classes!
• Even last minute changes to timetable could be made without disruption or stress
• No I.S. staff required to implement network changes – SDN makes it all automatic!
• This is not a dream! We are already building these applications…
Enterprise SDN – example application
Source: alliedtelesis

13. “Secure Enterprise SDN” enables customers to focus on their business rules and
applications rather than on how their network is configured. Combined with
powerful management tools, this lowers operating expenses and increases
business agility.
Secure Enterprise
SDN controller
OpenFlow
Forwarding engine
Networking protocols
GUI
CLI
SDN controller
Control Layer
Network device
Forwarding Layer
Management
OpenFlow
SNMP
CLI
Stats
Stats
Traps
Business intelligence
Applications
Applications Layer
Northbound API
Source: alliedtelesis

14. Data-Plane: Simple Packet Handling
• Simple packet-handling rules
• Pattern: match packet header bits
• Actions: drop, forward, modify, send to controller
• Priority: disambiguate overlapping patterns
• Counters: #bytes and #packets
1. src=1.2.*.*, dest=3.4.5.*  drop
2. src = *.*.*.*, dest=3.4.*.*  forward(2)
3. src=10.1.2.3, dest=*.*.*.*  send to controller
Source: Jennifer Rexford @ princeton

15. OpenFlow Example Controller
PC
Hardware
Layer
Software
Layer
Flow Table
MAC
src
MAC
dst
IP
Src
IP
Dst
TCP
sport
TCP
dport
Action
OpenFlow Client
**5.6.7.8*** port 1
port 4port 3port 2port 1
1.2.3.45.6.7.8 15
Source: Xenofontas Dimitropoulos @ ETH Zurich

16. OpenFlow Basics
Source: Xenofontas Dimitropoulos @ ETH Zurich
Switch
Port
MAC
src
MAC
dst
Eth
type
VLAN
ID
IP
Src
IP
Dst
IP
Prot
L4
sport
L4
dport
Rule Action Stats
1. Forward packet to zero or more ports
2. Encapsulate and forward to controller
3. Send to normal processing pipeline
4. Modify Fields
5. Any extensions you add!
+ mask what fields to match
Packet + byte counters
VLAN
pcp
IP
ToS
Flow Table Entries

17. Examples
Source: Xenofontas Dimitropoulos @ ETH Zurich
Switching
*
Switch
Port
MAC
src
MAC
dst
Eth
type
VLAN
ID
IP
Src
IP
Dst
IP
Prot
TCP
sport
TCP
dport
Action
* 00:1f:.. * * * * * * * port6
Flow Switching
port3
Switch
Port
MAC
src
MAC
dst
Eth
type
VLAN
ID
IP
Src
IP
Dst
IP
Prot
TCP
sport
TCP
dport
Action
00:20.. 00:1f.. 0800 vlan1 1.2.3.4 5.6.7.8 4 17264 80 port6
Firewall
Switch
Port
MAC
src
MAC
dst
Eth
type
VLAN
ID
IP
Src
IP
Dst
IP
Prot
TCP
sport
TCP
dport
Action
Switch
Match: destination MAC
address
Action: forward or flood
Firewall
Match: IP addresses and
TCP/UDP port numbers
Action: permit or deny
NAT
Match: IP address and
port
Action: rewrite address
and port

18. Examples
Source: Xenofontas Dimitropoulos @ ETH Zurich
Routing
*
Switch
Port
MAC
src
MAC
dst
Eth
type
VLAN
ID
IP
Src
IP
Dst
IP
Prot
TCP
sport
TCP
dport
Action
* * * * * 5.6.7.8 * * * port6
VLAN Switching
*
Switch
Port
MAC
src
MAC
dst
Eth
type
VLAN
ID
IP
Src
IP
Dst
IP
Prot
TCP
sport
TCP
dport
Action
* * vlan1 * * * * *
port6,
port7,
port9
00:1f..
• Router
• Match: longest
destination IP prefix
• Action: forward out a link

19. SDN controller
SES
Controller
The Secure Software Defined networking model is already available!
Secure Enterprise SDN – is reality : Allied Telesis case
GUI
CLI OpenFlow v1.3
SNMP
CLI
Stats
Stats
Traps
Business intelligence
RESTful API
OpenFlow
Forwarding engine
Networking protocols
x510, x930 and DC2552XS/L3
Source: alliedtelesis

20. • AMF is an embedded technology within the AlliedWare Plus
OS
• AMF saves valuable time and money by automating daily
network management tasks:
• Making configuration changes to multiple units
• Backing up configurations
• Rolling out a firmware upgrade
• Adding new units to the network
• Recovering failed units with new units
Allied Telesis Management Framework (AMF)
Source: alliedtelesis

21. Easy Management- AMF in action
Centralized
management
Auto-backup
Auto-recovery
Auto-provisioning
Auto-upgrade
Source: alliedtelesis

22. AMF virtualization
m a s t e r
V i r t u a l
m a s t e r
Virtual
controller
controllerm a s t e r
Source: alliedtelesis

23. Switch
Router
AMF Guest node
Wireless
Switch
Router
AMF Guest node
Wireless
SDN Controller
Video/Voice Mgd
AMF Master
AMF Master
AMF Controller
AMF provides
- Secure Infrastructure
- Centralized Management
- Auto Recovery
- Zero-Touch Installation
- Visual Management
For all
Devices/Sensors
Long-term vision for AMF
Source: alliedtelesis

24. A Helpful Analogy
From Nick McKeown’s talk “Making SDN Work” at the
Open Networking Summit, April 2012

25. Analogy: MainFrame to PC
Source: Nick McKeown’s talk “Making SDN Work”
Vertically integrated
Closed, proprietary
Slow innovation
Small industry
Specialized
Operating
System
Specialized
Hardware
AppAppAppAppAppAppAppAppAppAppApp
Specialized
Applications
Horizontal
Open interfaces
Rapid innovation
Huge industry
Microprocessor
Open Interface
Linux
Mac
OS
Windows
(OS) or or
Open Interface

26. Analogy with Switches & Routers
Vertically integrated
Closed, proprietary
Slow innovation
AppAppAppAppAppAppAppAppAppAppApp
Horizontal
Open interfaces
Rapid innovation
Control
Plane
Control
Plane
Control
Plane or or
Open Interface
Specialized
Control
Plane
Specialized
Hardware
Specialized
Features
Merchant
Switching Chips
Open Interface
Source: Nick McKeown’s talk “Making SDN Work”

27. Other SDN Use Cases
• Energy conservation, routing, and management in data centers
• Seamless use of diverse wireless networks
• Network based load balancing
• Traffic engineering
• Slicing and scalable remote control/management of home networks
• Experimentation with new approaches and protocols using selected production traffic
• Run virtual shadow network for traffic analysis and re-configuration
• And many more …

28. SDN Myths
Source: HP
A Software-defined Network is Not
Only Implementing
Network Functions in
Software or on
Virtual Machine
Only Programmable
Proprietary APIs for
Network Device or
Management System
The End of
Hardware
Innovation

29. Conclusions
• SDN will change the way we will design Network Infrastructure
• Only one interface to the DATA Plane
• Separation of the control and DATA
• Leveraging techniques from distributed systems
• It’s a significant momentum for the research and the industry
• We are moving from proprietary local to open and global architecture
• Sophos goes that way, you will see ;-)

30. Further reading
• http://www.openflow.org/videos/
• Fei Hu @ CRC Press
ISBN-13: 978-1-4665-7210-2

31. Thank You
http://www.uniwan.be
Jean-Marc ANDRE
jean-marc@uniwan.be
+32 71 84 92 90