Understanding and Embracing SDN Capabilities

By Craig Hill, Distinguished Systems Engineer, CISCO Systems

Craig Hill, Distinguished Systems Engineer, CISCO Systems

Not since the advent of cloud computing has a technology area meant so many different things to so many people as Software Defined Networking (SDN) and Network Function Virtualization (NFV), which is now synonymous in the SDN discussion. While there are plenty of articles describing various meanings of SDN, the discussion is shifting to how IT organizations and CIOs can leverage SDN to address key focus areas (e.g. simplification, driving down OPEX and WAN cost, and re-thinking security) while exploiting new areas including Big Data/Analytics, cloud, and service delivery acceleration. This high-level overview of SDN use cases, deployment scenarios, operations, and integration with existing infrastructure targets critical pain points that are common in networks today.

Defining SDN

Unlocking SDN’s benefits require understanding the components that make up the basic SDN framework. A simple definition of SDN is that it’s a new approach to designing, building, and managing networks that separates the network’s control (brains) and forwarding (muscle) planes to better optimize each. A breakdown of the key layers (see Figure 1) includes the infrastructure (routers and switches), the controller layer (i.e. the “brains” for these abstracted functions), and the APIs from the controller for the applications. This enables an entirely new set of network capabilities and services, specifically around the applications that can leverage automation and programmability, through open APIs on a central controller. This creates opportunities for application developers and DevOps teams to request a deeper set of services to/from the network, allowing IT organizations more automation while enhancing the user application experience when traversing the network.

The ability for applications to use the controller APIs is vital. In most cases, industry is moving to open-source controllers (e.g. OpenDayLight), but application innovation is where IT organizations will differentiate themselves, simplify, and enhance service offerings.

A common SDN deployment question is, “does the network need to be ‘forklift’ upgraded?” The answer is, “it depends.” OpenFlow , for example, abstracts packet-forwarding software into the central controller, and changes the way network operations teams are trained to provision and troubleshoot. Some desire OpenFlow, but the Hybrid model (see Figure 1) is gaining the most acceptances because it lets customers leverage their existing install base while implementing the SDN controller. This allows organizations to ease into new levels of automation and programmability.


Use Cases Targeting Simplification and Agility

Most IT organizations are challenged by device configuration issues that cause many network outages. Using central controllers, organizations can automate configuration changes on hundreds of network devices simultaneously, simplifying a previously manual process. This model offers enhanced agility while reducing human-operator errors (typically through command line or scripts). This new centralized approach greatly increases the speed with which IT organizations/providers can roll out new services for end users and customers. The ideal controller/orchestrator should leverage open standard configuration templates, open APIs, and support multi-vendor to help consolidate provisioning platforms.

Another popular use case is leveraging SDN in the WAN. This solution uses collection-and-provisioning functions in the WAN controller (e.g. Cisco’s WAN Automation Engine) that pull topology and link-capacity information from the network in real-time. Operators can leverage “what if” modeling capabilities, assuring that bandwidth requests can be met. For example, an application can push attributes to network elements that establish a 50Mb traffic path between San Jose and New York. This vastly reduces capacity planning and provisioning from weeks/months to minutes/seconds and maximizes link capacity of expensive WAN links, driving major cost reduction.

Data Center discussions are shifting from network jargon toward applications, specifically how applications communicate and are secured, managed and orchestrated. Benefits for customers include faster delivery, security, and agility to deliver new applications while leveraging application-focused network telemetry.

NFV builds on simplification, automation and service delivery acceleration by using virtualization to take these capabilities to a new level. NFV takes typical network service functions (firewall, IDS, WAAS, routers) and virtualizes them, running on open computing platform hardware. Combined with sophisticated orchestration, the rapid spin-up/tear-down effort gets reduced from days to seconds, and is targeting service providers as well as virtual branch offices in the Enterprise.

Network as a Sensor

An important capability for the SDN controller model is the ability to leverage two-way communications between controller/application and network. Consider the use cases for network security, specifically the concept of “network as a sensor.” For example, network elements contain valuable network telemetry (Netflow) that can be sent to a controller (hosting a security application). This data can be analyzed, producing a result, which would trigger an action (e.g. drop certain traffic, redirect to a “data scrubber” application, or to a cloud location for further analysis). This use case is the epitome of SDN. The number of operators is vastly reduced, and the manual intervention required to create this feedback loop is reduced from hours or days to minutes with SDN. In addition, reaction to security threats is immediate, which is vital when under attack.

The emergence of the Internet of Everything offers a similar use case. Distributed analytics applications reside on edge routers closer to the sensors. This eliminates the need for massive storage and compute in central data centers, decreases bandwidth consumption on WAN links and discards irrelevant data at the edge.


The Path Forward

New SDN innovations are focused on solving businesses challenges that CIOs are facing today. SDN’s capabilities can help expedite service delivery, examine different approaches to security and simplify network provisioning. As IT organizations evolve, it’s imperative that IT teams collaborate cross-functionally and clearly understand the IT and business goals of the organization. SDN capabilities are available today, but the best solutions leverage existing infrastructure and investments, allowing organizations the ability to co-exist and ease into a new environment.