KALOMBO NYEMBWE SERGE
L20192E060111
Homework 4
SOFTWARE-DEFINED NETWORKING (SDN)
Software-defined networking (SDN) is an architecture that aims to make networks agile and flexible. The goal of SDN is to improve network control by enabling enterprises and service providers to respond quickly to changing business requirements.
In a software-defined network, a network engineer or administrator can shape traffic from a centralized control console without having to touch individual switches in the network. The centralized
SDN controller directs the switches to deliver network services wherever they're needed, regardless of the specific connections between a server and devices.
This process is a move away from traditional network architecture, in which individual network devices make traffic decisions based on their configured routing tables.
SDN architecture
A typical representation of SDN architecture comprises three layers: the application layer, the control layer and the infrastructure layer.
The application layer, not surprisingly, contains the typical network applications or functions organizations use, which can include intrusion detection systems, load balancing or firewalls. Where a traditional network would use a specialized appliance, such as a firewall or load balancer, a software-defined network replaces the appliance with an application that uses the controller to manage
data plane behavior.
SDN architecture separates the network into three distinguishable layers, connected through northbound and southbound APIs.
SDN architecture separates the network into three distinguishable layers, connected through northbound and southbound APIs.
The control layer represents the centralized SDN controller software that acts as the brain of the software-defined network. This controller resides on a server and manages policies and the flow of traffic throughout the network.
The infrastructure layer is made up of the physical switches in the network.
These three layers communicate using respective
northbound and southbound application programming interfaces (
APIs). For example, applications talk to the controller through its northbound interface, while the controller and switches communicate using southbound interfaces, such as
OpenFlow , although other protocols exist.
There is currently no formal standard for the controller's northbound API to match OpenFlow as a general southbound interface. It is likely the OpenDaylight controller's northbound API may emerge as a de facto standard over time, given its broad vendor support.
How SDN works
SDN encompasses several types of technologies, including functional separation, network virtualization and
automation through programmability.
Originally, SDN technology focused solely on separation of the network
control plane from the data plane. While the control plane makes decisions about how packets should flow through the network, the data plane actually moves packets from place to place.
In a classic SDN scenario, a packet arrives at a network switch, and rules built into the switch's proprietary firmware tell the switch where to forward the packet. These packet-handling rules are sent to the switch from the centralized controller.
The switch -- also known as a
data plane device -- queries the controller for guidance as needed, and it provides the controller with information about traffic it handles. The switch sends every packet going to the same destination along the same path and treats all the packets the exact same way.
Software-defined networking uses an operation mode that is sometimes called
adaptive or
dynamic, in which a switch issues a route request to a controller for a packet that does not have a specific route. This process is separate from
adaptive routing, which issues route requests through routers and algorithms based on the network topology, not through a controller.
The virtualization aspect of SDN comes into play through a virtual overlay, which is a logically separate network on top of the physical network. Users can implement end-to-end overlays to abstract the underlying network and segment network traffic. This microsegmentation is especially useful for service providers and operators with
multi-tenant cloud environments and cloud services, as they can provision a separate virtual network with specific policies for each tenant.
Benefits of SDN
With SDN, an administrator can change any network switch's rules when necessary -- prioritizing, deprioritizing or even blocking specific types of packets with a granular level of control and security. This is especially helpful in a
cloud computing multi-tenant architecture, because it enables the administrator to manage traffic loads in a flexible and more efficient manner. Essentially, this enables the administrator to use less expensive commodity switches and have more control over network traffic flow than ever before.
Other benefits of SDN are network management and end-to-end visibility. A network administrator need only deal with one centralized controller to distribute policies to the connected switches, instead of configuring multiple individual devices. This capability is also a security advantage because the controller can monitor traffic and deploy security policies. If the controller deems traffic suspicious, for example, it can reroute or drop the packets.
SDN also virtualizes hardware and services that were previously carried out by dedicated hardware, resulting in the touted benefits of a reduced hardware footprint and lower operational costs.
Additionally, software-defined networking contributed to the emergence of software-defined wide area network (
SD-WAN) technology. SD-WAN employs the virtual overlay aspect of SDN technology, abstracting an organization's connectivity links throughout its WAN and creating a virtual network that can use whichever connection the controller deems fit to send traffic.
SDN use cases
Some use cases for SDN include:
- DevOps: An approach based on software-defined networking can facilitate DevOps by automating app updates and deployments, including automating IT infrastructure components as the DevOps apps and platforms are deployed.
- Campus networks: Campus networks can be difficult to manage, especially with the ongoing need to unify Wi-Fi and Ethernet networks. SDN controllers can benefit campus networks by offering centralized management and automation, improved security and application-level quality of service across the network.
- Service provider networks : SDN helps service providers simplify and automate the provisioning of their networks for end-to-end network and service management and control.
- Data center security : SDN supports more targeted protection and simplifies firewall administration. Generally, an enterprise depends on a traditional perimeter firewallto secure its entire datacenter. However, a company can create a distributed firewall system by adding virtual firewalls to protect the virtual machines. This extra layer of firewall security helps prevent a breach in one virtual machine from jumping to another. Also, SDN centralized control and automation allow the admin to view, modify and control network activity to reduce the risk of a breach to begin with.
The impact of SDN
Software-defined networking has had a major impact on the management of IT infrastructure and network design. As SDN technology matures, it not only changes network infrastructure design, it also changes how IT views its role, since IT management is more heavily involved throughout the decision process, and redefines the entire IT infrastructure.
SDN architectures can make network control programmable, often using open protocols, such as OpenFlow. Because of this, enterprises can apply globally aware software control at the edges of their networks to access network switches and routers rather than the closed and proprietary firmware generally used to configure, manage, secure and optimize network resources.
While SDN deployments are found in every industry, the impact of the technology is strongest in technology-related fields and financial services.
SDN is having an impact on the way
telecommunications companies operate. For example, Verizon uses SDN to combine all its existing service
edge routers for Ethernet and IP-based services into one platform.
The goal is to simplify the edge architecture, enabling Verizon to enhance operational efficiency and flexibility to support new functions and services. SDN will help Verizon improve network management and ultimately offer better services to its customers.
Success in the financial services sector hinges on connecting to large numbers of trading participants, low latency and a highly secure network infrastructure to power financial markets worldwide.
Nearly all of the participants in the financial market depend on legacy networks that, in part, are non-predictive, hard to manage, slow to deliver and have huge security vulnerabilities. With SDN technology, however, organizations in the financial services sector can build predictive networks to enable more efficient and effective platforms for financial trading apps
> Computer and Education