Você está na página 1de 5

Software-defined networking

Software-defined networking
Software-defined networking (SDN) is an approach to building data networking equipment and software that
separates and abstracts elements of these systems. SDN allows system administrators to network services more
easily through abstraction of lower level functionality into virtual services. This replaces having to manually
configure hardware.[1] This has become more important with the emergence of virtualization which an enterprise
data center may need to create and configure virtual machines (VMs) remotely, and configure firewall rules or
network addresses in response. Many approaches exist to resolve this issue such as Virtual LANs but this may also
introduce management issues.[1] SDN allows network administrators to have programmable central control of
network traffic without requiring physical access to the network's hardware devices.[2][3]
These elements are called the control plane and the data plane. SDN decouples the system that makes decisions
about where traffic is sent (the control plane) from the underlying system that forwards traffic to the selected
destination (the data plane).[4] The inventors and vendors of these systems claim that this technology simplifies
networking [5] and enables new applications, such as network virtualization[6] in which the control plane is separated
from the data plane and implemented in a software application.
Companies like Google and Facebook have adopted the Openflow protocol within their data center operations. The
Open Networking Foundation was founded to promote SDN standards and engineering as Cloud Computing blurs
the boundaries between networks and computers.[1] Alcatel-Lucent [7][8] proposes another implementation of SDN.

Internet Protocol (IP) based networks were initially built based on the notion of Autonomous Systems (AS). This
notion allows networks to scale and extend by connected junctions that forward packets to a reasonable next hop
based on partial need-to-know information. This approach to networking is simple, and has proven resilient and
scalable. The AS principle does not allow the designated destinations to move without changing their identity as far
as the packet delivery service is concerned. The topological location of destinations, which is the network interface
they are attached to, dictates their identity. In addition, using only basic AS, it is hard to specify other identity
qualities, such as logical grouping, access control, quality of service, intermediate network processing, or to specify
aspects that relate to a sequence of packets that form a flow or networked conversation.
Complementary standards by the Internet Engineering Task Force (IETF) were put in place to augment
identity-specific needs, standards such as virtual LANs and virtual private networks, among many others. These
incremental standards have increased complexity in network element specifications and configuration of network
interfaces by network operators.
As elastic cloud architectures and dynamic resource allocation evolve and as mobile computer operating systems and
virtual machines usage grows, the need has arisen for an additional layer of Software Defined Networking (SDN).
Such a layer allows network operators to specify network services, without coupling these specifications with
network interfaces. This enables entities to move between interfaces without changing identities or violating
specifications. It can also simplify network operations, where global definitions per identity do not have to be
matched to each and every interface location. Such a layer can also reset some of the complexity build-up in network
elements by decoupling identity and flow-specific control logic from basic topology-based forwarding, bridging, and
The global software defined control also tracks specific flow contexts based on source and destination identity
aspects. A mechanism for driving network hardware has been added and adopted by network equipment
manufacturers for the purpose of sharing edge driving between software defined edge and vendor specific bridging
and routing. A set of open commands for forwarding was defined in the form of a protocol known as OpenFlow. The
OpenFlow protocol enables globally-aware software controllers, which may be centralized or distributed, to drive the

Software-defined networking
network edge hardware in order to create an easily programmable identity-based overlay on top of the traditional IP
SDN is a step in the evolution towards programmable and active networking.

Decoupling between data plane access and control plane access

In one configuration of SDN, the network control plane hardware can be physically decoupled from the data
forwarding plane hardware, i.e. a network switch can forward packets and a separate server can run the network
control plane.
The rationale for this approach is twofold. First, the decoupling allows for the control plane to be implemented using
a different distribution model than the data plane. Second, it allows the control plane development and runtime
environment to be on a different platform than the traditionally low-powered management CPUs found on hardware
switches and routers.
SDN requires some method for the control plane to communicate with the data plane. One such mechanism is
OpenFlow which is a standard interface for controlling computer networking switches. OpenFlow is often
misunderstood to be equivalent to SDN, but there is no requirement for the use of OpenFlow within an SDN.
Definition and marketing of SDN and OpenFlow is managed by the Open Networking Foundation.[9]
The term was coined by Kate Greene.[]

SDN deployment models

Symmetric vs asymmetric
In an asymmetric model, SDN global information is centralized as much as possible, and edge driving is
distributed as much as possible. The considerations behind such an approach are clear, centralization
makes global consolidation a lot easier, and distribution lowers SDN traffic aggregation-encapsulation
pressures. This model however raises questions regarding the exact relationships between these very
different types of SDN elements as far as coherency, scale-out simplicity, and multi-location
high-availability, questions which do not come up when using traditional AS based networking models.
In a Symmetrically distributed SDN model an effort is applied to increase global information
distribution ability, and SDN aggregation performance ability so that the SDN elements are basically
one type of component. A group of such elements can form an SDN overlay as long as there is network
reachability among any subset.
Floodless vs flood-based
In a flood-based model, a significant amount of the global information sharing is achieved using well
known broadcast and multicast mechanisms. This can help make SDN models more Symmetric and it
leverages existing transparent bridging principles encapsulated dynamically in order to achieve global
awareness and identity learning. One of the downsides of this approach is that as more locations are
added, the load per location increases, which degrades scalability. In a FloodLess model, all forwarding
is based on global exact match, which is typically achieved using Distributed Hashing and Distributed
Caching of SDN lookup tables.
Host-based vs Network-centric
In a host-based model an assumption is made regarding use of SDN in data-centers with lots of virtual
machines moving to enable elasticity. Under this assumption the SDN encapsulation processing is
already done at the host HyperVisor on behalf of the local virtual machines. This design reduces SDN
edge traffic pressures and uses "free" processing based on each host spare core capacity. In a
NetworkCentric design a clearer demarcation is made between network edge and end points. Such an

Software-defined networking
SDN edge is associated with the access of Top of Rack device and outside the host endpoints. This is a
more traditional approach to networking that does not count on end-points to perform any routing
Some of the lines between these design models may not be completely sharp. For example in
data-centers using compute fabrics "Big" hosts with lots of CPU cards perform also some of the
TopOfRack access functions and can concentrate SDN Edge functions on behalf of all the CPU cards in
a chassis. This would be both HostBased and NetworkCentric design. There may also be dependency
between these design variants, for example a HostBased implementation will typically mandate an
Asymmetric centralized Lookup or Orchestration service to help organize a large distribution.
Symmetric and FloodLess implementation model would typically mandate in-network SDN aggregation
to enable lookup distribution to a reasonable amount of Edge points. Such concentration relies on local
OpenFlow interfaces in order to sustain traffic encapsulation pressures.

One of the most talked about applications of SDN is the consolidated data-center. The first use-case example has
been Infrastructure as a Service (IaaS).
This extension means that SDN virtual networking combined with virtual compute (VMs) and virtual storage can
emulate elastic resource allocation as if each such enterprise application was written like a Google or Facebook
application. In the vast majority of these applications resource allocation is statically mapped in inter process
communication (IPC). However if such mapping can be expanded or reduced to large (many cores) or small VMs the
behavior would be much like one of the purpose built large Internet applications.
Other uses in the consolidated data-center include consolidation of spare capacity stranded in static partition of racks
to pods. Pooling these spare capacities results in significant reduction of computing resources. Pooling the active
resources increases average utilization.
The use of SDN distributed and global edge control also includes the ability to balance load on lots of links leading
from the racks to the switching spine of the data-center. Without SDN this task is done using traditional link-state
updates that update all locations upon change in any location. Distributed global SDN measurements may extend the
cap on the scale of physical clusters. Other data-center uses being listed are distributed application load balancing,
distributed fire-walls, and similar adaptations to original networking functions that arise from dynamic, any location
or rack allocation of compute resources.
Other uses of SDN in enterprise or carrier managed network services (MNS) address the traditional and
geo-distributed campus network. These environments were always challenged by the complexities of
moves-adds-changes, mergers & acquisitions, and movement of users. Based on SDN principles, it expected that
these identity and policy management challenges could be addressed using global definitions and decoupled from the
physical interfaces of the network infrastructure. In place infrastructure on the other hand of potentially thousands of
switches and routers can remain intact.
It has been noted that this "overlay" approach runs a high likelihood of inefficiency and low performance by ignoring
the characteristics of the underlying infrastructure.[10] Hence, carriers have identified the gaps in overlays and asked
for them to be filled by SDN solutions that take traffic, topology, and equipment into account.[11] Accordingly, there
is a proposal for an SDN solution that exposes network resources so they can be continually optimized and that
traffic demands can be handled more predictably.[12]

Software-defined networking

Access Control in SDN

Remote access to the control plane is made available to administrators or users of the network, typically with a
role-based access control system (RBAC) in order to provide security.

[1] http:/ / arstechnica. com/ information-technology/ 2013/ 02/ 100gbps-and-beyond-what-lies-ahead-in-the-world-of-networking/ 2/
[2] Rouse, Margaret; Lim, Ang Ngang. software-defined networking (SDN) (http:/ / whatis. techtarget. com/ definition/
software-defined-networking-SDN)Whatis.com, June 2012
[3] Bort, Julie. The Three Letters That Are Setting The Enterprise Tech World On Fire (http:/ / www. businessinsider. com/
software-defined-networking-explainer-2012-10), Business Insider, 5 October 2012
[6] Strom, David. Software-defined networking could drastically change todays network infrastructure (http:/ / searchdatacenter. techtarget. com/
feature/ Software-defined-networking-could-drastically-change-todays-network-infrastructure), SearchdataCenter
[7] http:/ / enterprise. alcatel-lucent. com/ ?dept=Innovation& page=SoftwareDefinedNetworks
[8] http:/ / www. networkcomputing. com/ next-gen-network-tech-center/ alcatel-lucents-sdn-strategy-downplays-o/ 240142962

External links
Software-Defined Networking: The New Norm for Networks (https://www.opennetworking.org/images/
Floodlight, an open source Java based OpenFlow controller (http://www.projectfloodlight.org/floodlight)
Network Function Virtualization (NFV) (http://wikibon.org/wiki/v/
Decoding SDN (http://forums.juniper.net/t5/The-New-Network/Decoding-SDN/ba-p/174651)
Open Daylight Project (http://www.opendaylight.org/)

Article Sources and Contributors

Article Sources and Contributors

Software-defined networking Source: http://en.wikipedia.org/w/index.php?oldid=555592558 Contributors: 2A02:8420:72E6:8B00:89BD:15AD:C012:F586, Abune, Alain Pannetier, Alfredo
ougaowen, Andyjsmith, Back ache, Bearcat, Bushsf, Dfarrell07, Disdero, Dougher, Gillwill2000, Gjcarter, Glaucus, Heading, Jcasman, Jeffq, JnRouvignac, Khalid hassani, Kvng, Llib xoc,
M1sdata, Malcolma, Marmadukehussey, Martincasado, MeekMark, Mild Bill Hiccup, Morning Sunshine, Moucher, Mwehle, Nageh, Nyavatar, Oneeighteen118, Phileasson, Rohit talukdar,
Sardella2, Shaded0, SlubGlub, Sminiman, Thumperward, W Nowicki, 45 anonymous edits

Creative Commons Attribution-Share Alike 3.0 Unported