Software Defined Networks (SDN) - The Next Trend in Networking

Every once in a while a protocol is named so succinctly that in a few brief words the explanation is actually embedded within the name.  SDN is a good example of a name that says so much.  For the newcomer to the world of networking these three words may seem nebulous, and for those of you who have seen the evolution, the terms take on new meaning.

This article will explore what this simple name means and why this standard is attracting so much attention.

Exhibit A

Let's start with the word "Networking".   Whenever the industry experts discuss networking they all refer to the OSI model which describes the functions performed at each of the seven layers.  For those of you that need a refresher, refer to our Exhibit A.  While "networking" does involve all seven layers, most industry experts and analysts are commonly referring to the Data Link/Network/Transport/Session layers when they use the term "network".  Within these layers are the appliances that users connect to that contain the intelligence to forward and route data frames/packets.

Today these appliances are known as switches. Universally they all support Ethernet (the current
defacto data link standard) at its various speeds (10/100/1000 mb).  Some offer PoE and L3 (routing), almost all support SNMP (Simple Network Management Protocol).  There are also firewalls, Session Border Controllers, traditional routers and some gateways.   The amalgamation of these devices with their interconnections is known collectively as "the network".  Below in our Exhibit B is a depiction of a typical network that shows the various components and where they are deployed.  These networks have been built, managed, and maintained by highly skilled individuals that perform magic that allows end users to connect various devices (PCs, printers, servers) to run the applications that mere mortals use to work, play, and interact.

Exhibit B

Ever since Radia Perlman defined the Spanning Tree protocol/802.1d to solve the issue of loops in bridged networks, networking architects have been formulating new and creative protocols to overcome the challenges that have arisen as the IoT (Internet of Things) sprang into being.  Considering that the versions of the standards are defined with letters and that the current standard is 802.1aq, it is obvious that many iterations of the standards have been previously published. Each iteration had been written to resolve a challenge that was encountered as new applications and uses for the Internet were introduced.

While each of these standards resolved an issue, they also put an additional burden on the network administrators who had to learn how to deploy these protocols and perform even greater and more complex forms of magic on the network.  This new magic was layered on top of the old magic creating a complex set of steps that had to be performed repeatedly on each device in the network, resulting in a manually configured and defined network.

Networking vendors have all tried to overcome this complexity with proprietary management systems that allow the administrators to control various components from a centralized management console.  The engineers could access the individual appliances from this console and write and execute the complex scripts necessary to configure the devices, and then rollout, audit, and rollback changes made to the network (provided they had connectivity).  These management applications could also be used to monitor the overall health of the network and devices.  While this was substantially better than telnetting to each device and executing the changes manually or via scripts. It still required touching each device and an intimate knowledge of the network design and configuration, as well as the protocols and how they were implemented on each of the different elements.

Today, the great minds of the Internet (IEEE/IETF members) have come together to develop a standard that incorporates all the industry's "best practices" for each of the underlying networking protocols; network and endpoint security, and application and endpoint performance into a common management and control plane. This protocol will allow the administrators to Define profiles for users, devices, applications, etc. via Software for the Network.  These definitions will then be pushed out to the network. When an application, user, or device attempts to join or transmit on the network, the pre-defined rules (profiles) will determine IF that application, user, or device may enter the network. Once access is gained, SDN will define what level of access it will have and what level of performance it will receive.

As always, there are a number of competing standards being proposed and championed by different manufacturers.  The good news is that they are being rolled out, tested, and updated quickly.  The reason behind this rapid acceptance and testing is that the industry understands that the IoT (Internet of Things) is here and that every day new devices are joining the network using Ethernet with PoE.  "New devices" include LED lighting, fire alarms, smoke detectors, paging systems, IP cameras, refrigerators, thermostats, etc.  The value to the world is so tangible that there is no waiting. The Smart Buildings of the future will actually use less electricity and low voltage wiring using Ethernet with PoE is so safe and cost effective that the adoption rate is skyrocketing.

To enable SDN, the network must be equipped with technologies such as SPB (Shortest Path Bridging/802.1aq).  This is because when the network is comprised of these smart devices they automagically configure the best available paths from the devices (Ingress) to the applications (Egress) using the industry's best practices.  The network administrators no longer configure the individual components, they merely configure the ingress and egress (entry and exit points), and the "network" self-configures to establish the communications path. This of course is predicated on the device, user, and/or applications having permission to access the network based on the rules/profiles set by SDN.  The SDN controller (aka management station) is where the administrator defines the rules. Once defined, these rules are pushed to the network and therefore the controller is not a single point of failure.

SDN

Too good to be true?  Nah… the team of experts (IEEE/IETF members) understands that the rules, no matter how seemingly complex, are configurable and therefore they can be incorporated into the new 802.1 standards.  They just had to be codified aka SPB/SDN.

The current version of SDN still requires the configuration of the ingress/egress. The next iteration of SDN will allow auto-configuration based on the rules.  Impossible you say?  Nope, it will take a similar approach as DHCP (Dynamic Host Configuration Protocol).  The device will connect, identify itself, the user and the application, and then the network will look up the rules/profile and allow only and exactly what the profile says.

In conclusion, since everything has moved to the network, businesses that are looking to do more with less complexity, expense, delay, and risk, and with greater speed, security, and ease of management should be seriously investigating how to introduce SDN into their network.

The Internet of Things (IoT) is a scenario in which objects, animals or people are provided with unique identifiers and the ability to transfer data over a network without requiring human-to-human or human-to-computer interaction.

Shortest Path Bridging (SPB)

For those of you who have been around long enough to know that “token ring” (not to be confused with Tolkien Ring or something a guy gives a girl when he’s not ready to get married but wants her to stick around), you are going to LOVE SPB! For those of you newer to networking, you’ll love it too, but perhaps not with the same level of appreciation.

And yes, I am almost afraid to admit that I understand that ArcNet is not a type of basketball shot, and that at one time ATM was NOT a machine that you used to withdraw funds from your account.  But maybe that explains why I am so excited about the new era of networking that is known as "Fabric".

Over the years we have seen the number of Data Link and Network Layer protocols whittled down to Ethernet and IP, while the number of routing protocols (RIP, RIPII, OSPF) and Transport Layers (UDP, TCP, RDP) increased to address the advent of new applications emerging.  I stand in awe of the folks on the IETF along with their ingenuity to extend IPV4 well past its expected lifespan through creative methods devised via subnetting, use of private subnets, NAT, spoofing, etc.  You really need to take your hat off to these creative individuals. Talk about making the most of something!

That being said, deploying a network in the era of the "Internet of things", is to say the least quite challenging.  Those of you who are tasked with maintaining the IP Addressing and extending the network to support the vast number of users and devices in a secure fashion are to be commended.  I sympathize with all of you who have to carve out an IP range, negotiate for a maintenance window to deploy a new application, and then have to spend late night hours programming each switch (ingress/egress) with the IP addresses that you manually input. Hoping that you input each of the 32 bits correctly without a fat finger or dyslexic moment.  Some of you are so adept at writing the scripts that are executed at each point that you remind me of those irritating folks in typing class (yes, back then it was typing, not keyboarding) that could type 100 words per minute without a mistake.  Quite unnatural, even freakish I’d say.  Anyway, back to networking.  I almost forgot, multicast.  Great IDEA! But woe to those of you with Cisco or Enterasys networks, should you be asked to deploy.

Welcome SPB!
I can only imagine that some very bright, out of the box thinkers must have been sitting in a room with a really big white board pondering these issues.  Or perhaps they sat in a brew house discussing them over a few beers when they decided to make a list.  This list consisted of all the networking protocols, and in another column all the services these protocols performed and in yet another column the problems the protocols were created to solve. Finally in the last column, all the challenges associated with them.  I can just see them sitting back and asking themselves,  "What if we could create a NEW networking standard that could do all the good things, and eliminate the problems?" …hmmmm – the birth of SPB!

SPB is a scalable (it can grow really big!), extensible (it can support new devices, applications, etc.), secure (you can’t hack what you can’t see), fast (lots of high speed links), resilient (it can have a link or two or three…go down and your packets still get around), and simple (zero touch cores, endpoint only provisioning, no more scripts, maintenance windows, or all-nighters!).  For those of you who want to take a deep dive you can see Paul Unbehagen (Co-Author) giving an overview of the protocol in a 30-minute YouTube video:

Avaya Fabric Connect SPB Deep Dive

For the rest of us, here are the common denominators of networking today:

Layer 1:  Cabling standards:
Copper Twisted Pair (Cat 6e).  Yes, we still run into Cat 5e and via the use of ingenuous designs we can also ride over Cat 3 but….
- Fiber:  Single Mode / Multi-Mode with SC or LC connectors
- Air Waves:  802.11ac is the current flavor of WiFi.  In a very short time, everyone will be using ac. Since the standard is relatively new, you will see a lot of legacy WiFi with 802.11n, but manufactures are now offering APs that have software upgradeable options.

Layer 2:  Ethernet  10/100/1000 
There were a number of competing standards in the early days but Ethernet was declared the winner a long time ago (at least in networking years).

Layer 3:  IP Won in the Enterprise
There were also a number of competing standards in the early days but IP was declared the winner in that arena. Anyone shedding a tear over IPX or AppleTalk?

However, in the carrier space there have been protocols that we mere mortals rarely encounter. One of these protocols is IS-IS that is renowned for scalability.  (This is a hint)

A new standard has emerged that blends the best of L2, L3 and the concept of virtualization, that standard is ….SPB.  It takes the best of all the rest and combines them to create a virtualized network with ease of configuration and inherent scalability through the use of IS-IS in the core of the Fabric.  Ethernet endpoints can now be added to the Fabric by simply configuring the ingress (Entry point) port and Egress (Exit Point).  The Fabric will automatically determine the best and shortest path through the network automatically.

How?  The intermediate devices (switches with Fabric and SDN) communicate and negotiate to provide the Shortest Path with the best available service to Bridge the two Points together = SPB.

How?  Well, the devices talk amongst themselves and exchange information about who knows about what and they maintain tables of the paths, their speed and link states.

SPB uses the concept of VLANs but at a whole new level.  While VLANs imposed a limit of 4096 VLANs, SPB allows over 16 Million VRFs (Virtual Route Fabric) to be created and SPB devices are provided VID (Virtual InDentifiers).  Those of you who are familiar with Routing protocols and the concept of Link States will be right at home with SPB, because as I previously stated, SPB took the best of the rest, eliminated the negative components, and combined them to create a scalable (you can grow it really, really big across large geographic areas), secure (you can’t hack what you can’t see),  extensible (add any protocol or application you need to your network – event ones that haven’t been written yet), and simple (a few technicians can configure and run an enormous, extremely complex network all by themselves, easily).  One of the most gratifying aspects of the protocol is that it gives the technical staff back their life!  

Yes, their life.

How you ask?  Because they don’t have to spend their holiday weekends rolling out new applications or adding another site. The Management tools provide an easy to use interface that enables the users to become involved as much or as little as they want.

Avaya Fabric - Simplifying Networking

In Summary SPB is:
• Plug and Play
• Ethernet attached
• Has a Symbiotic relationship with IP and Ethernet
• Scalable
• Uses VRF offering (16 Million)
• Creates a seamless, consistent, contextually relevant experience
• Offers One protocol that does all the routing and switching at once
• With no complexity
• Edge Only Configuration
• Protection for applications

All with major:
• Cost reduction to build and maintain network – 20-30% savings in hardware, Rackspace,
• Reduction in time to deploy. – reduce provisioning 80%
• Operational expense saving of 87% through reduction in time to service and time to deploy
• 37% of all network outage is a result of human error at the core
• 5 9’s reliability (less than 4 minutes downtime annually)
• Usage of ISID 802.1ah protocol for simplicity

SPB Offers support that includes:
• 16 million services
• A Network that becomes invisible/No IP Visibility
• 1 Hop through the Fabric to the Internet for low latency
• Integrated Routing & Switching
• A Fabric that is a single state machine
• Isolation of services
• Simple endpoint provisioning
• Flexible – Multiple Services
• Secure – Separation of Networks
• Zero Touch Core
• Fabric Attach
• Zero Touch Edge
• No Clients
• The Endpoint/Client connections trigger auto configuration of ISID, VLANs, port membership, etc.
• Automatically, authenticated, authorized, and provisioned to automatically connect the client to the required services.

SPB is the foundation for:
• SDN
• Automation
• A network that does not require tuning every day.

And as such, it is going to be one of the key elements that will enable your organization to keep up with the pressures being exerted on your team.  The pressure to provide new services by your customers, employees, business initiatives, applications, compliance regulations, security initiatives, etc.  So, strap in and get ready for a fun ride with a driving force in the next wave of the "Internet of Things".

Stay tuned for the next article on SDN:  The deployment tool that makes network provisioning a 15 minute task rather than a maintenance window.

Fabric

The term Fabric and Fabric Networking is used a lot these days by almost all vendors, the question is:  What does that actually mean?

The industry came up with the term “Fabric” to describe networking technologies that allow networking gear (Switches & L3 Switches) to connect in a way to achieve a mesh topology.  If you think of a real piece of cloth (fabric) the threads create a mesh. Mesh topology has always been identified as the ideal for resiliency; however, in the past, due to cost and protocol limitations this has been difficult, if not impossible to achieve. Traditional networking connectivity had only a few connections between devices.  Resiliency typically meant two trunks, maybe three, especially in the WAN.  Recent advancements in technology now permit intelligent switches to be hyper-connected and thus the term “Fabric” emerged to describe this new intelligent network.  When you hear the term “Fabric” think more than “lots of links”.   This new fabric is intelligent and scaleable. 

What does it mean to have an intelligent network?  It means that the devices that comprise the network fabric are managed and seen as an integrated whole rather than a series of interconnected devices.  The network administrator has the ability to define policies for any device, application, job classification, individual, etc.  These policies can intersect and the fabric will automatically adjust to provide that object the level of service that the policies dictate.  There is no longer a need to provision each switch and port whenever a new user, device, or application is added to the organization.  An administrator will create the policy, provision the endpoints and the fabric will auto learn and provision itself to meet the requirements. 

This capability is enabled via new technologies and protocols that have been defined and ratified by the IEEE (Institute of Electrical and Electronics Engineers) and IETF (Internet Engineering Task Force).   To achieve end to end fabric, the network will need to have intelligent devices capable of SPB (Shortest Path Bridging), and SDN (Software Defined Networks).  TRILL ("Transparent Interconnection of Lots of Links") is another standard that was developed in an attempt to achieve full fabric networking.  While it does meet some of the requirement for fabric, it is intended only for the core and does not reach to the edge so that the promise of full fabric and SDN can never be realized.

This article is the first in a series of the new state of the network. The next article will be on the topic of Shortened Path Bridging (SPB).