Sunday, November 11, 2012

Software-defined networking


A programmable central control plane brings flexibility and automation to network management

Software-defined networking (SDN) was born of frustration. Computer science researchers wanted to test new networking ideas on real, live production networks, but they faced obstacles. Not only were the production networks on their college campuses typically off-limits, but the commercial switches and routers comprising those networks were proprietary and closed. The computer scientists couldn't program the networks even if they were allowed to.


Their response was OpenFlow, an open, standard, and centralized way of programming flow tables in heterogeneous switches and routers. Flow table entries provide the instructions for packet processing and routing; they determine which packets should be forwarded to which ports. By adding flow table entries to switches via a central controller, researchers could experiment with new kinds of flows but not interfere with existing ones. Experimental traffic could be isolated from production traffic.


Sometimes what's good for academia is also good for the so-called real world. The separation of the control plane from the packet-forwarding plane in OpenFlow paves the way for whole networks of switches and routers to be configured and reconfigured on the fly -- even orchestrated like virtual servers. Because the entire network appears to the controller as a single logical switch, changes can be made across the network without touching individual devices. Managing the network becomes much more dynamic and flexible.


OpenFlow isn't the only way to do software-defined networking. For example, Cisco has its own SDN initiative, called Cisco ONE, that (unlike OpenFlow) will program layers in the network both above and below the control and data planes. The defining characteristic of SDN is the abstraction of the network control plane from the physical switches and routers, making it possible to program solutions -- for orchestration and provisioning, network virtualization and isolated multitenancy, bandwidth management and load balancing, security and access control, and so on -- that leverage the abstraction.

No comments:

Post a Comment