Software Defined Networks (SDN) - The Next Trend in Networking

Every once in a while a protocol is named so succinctly that in a few brief words the explanation is actually embedded within the name.  SDN is a good example of a name that says so much.  For the newcomer to the world of networking these three words may seem nebulous, and for those of you who have seen the evolution, the terms take on new meaning.

This article will explore what this simple name means and why this standard is attracting so much attention.

Exhibit A

Let's start with the word "Networking".   Whenever the industry experts discuss networking they all refer to the OSI model which describes the functions performed at each of the seven layers.  For those of you that need a refresher, refer to our Exhibit A.  While "networking" does involve all seven layers, most industry experts and analysts are commonly referring to the Data Link/Network/Transport/Session layers when they use the term "network".  Within these layers are the appliances that users connect to that contain the intelligence to forward and route data frames/packets.

Today these appliances are known as switches. Universally they all support Ethernet (the current
defacto data link standard) at its various speeds (10/100/1000 mb).  Some offer PoE and L3 (routing), almost all support SNMP (Simple Network Management Protocol).  There are also firewalls, Session Border Controllers, traditional routers and some gateways.   The amalgamation of these devices with their interconnections is known collectively as "the network".  Below in our Exhibit B is a depiction of a typical network that shows the various components and where they are deployed.  These networks have been built, managed, and maintained by highly skilled individuals that perform magic that allows end users to connect various devices (PCs, printers, servers) to run the applications that mere mortals use to work, play, and interact.

Exhibit B

Ever since Radia Perlman defined the Spanning Tree protocol/802.1d to solve the issue of loops in bridged networks, networking architects have been formulating new and creative protocols to overcome the challenges that have arisen as the IoT (Internet of Things) sprang into being.  Considering that the versions of the standards are defined with letters and that the current standard is 802.1aq, it is obvious that many iterations of the standards have been previously published. Each iteration had been written to resolve a challenge that was encountered as new applications and uses for the Internet were introduced.

While each of these standards resolved an issue, they also put an additional burden on the network administrators who had to learn how to deploy these protocols and perform even greater and more complex forms of magic on the network.  This new magic was layered on top of the old magic creating a complex set of steps that had to be performed repeatedly on each device in the network, resulting in a manually configured and defined network.

Networking vendors have all tried to overcome this complexity with proprietary management systems that allow the administrators to control various components from a centralized management console.  The engineers could access the individual appliances from this console and write and execute the complex scripts necessary to configure the devices, and then rollout, audit, and rollback changes made to the network (provided they had connectivity).  These management applications could also be used to monitor the overall health of the network and devices.  While this was substantially better than telnetting to each device and executing the changes manually or via scripts. It still required touching each device and an intimate knowledge of the network design and configuration, as well as the protocols and how they were implemented on each of the different elements.

Today, the great minds of the Internet (IEEE/IETF members) have come together to develop a standard that incorporates all the industry's "best practices" for each of the underlying networking protocols; network and endpoint security, and application and endpoint performance into a common management and control plane. This protocol will allow the administrators to Define profiles for users, devices, applications, etc. via Software for the Network.  These definitions will then be pushed out to the network. When an application, user, or device attempts to join or transmit on the network, the pre-defined rules (profiles) will determine IF that application, user, or device may enter the network. Once access is gained, SDN will define what level of access it will have and what level of performance it will receive.

As always, there are a number of competing standards being proposed and championed by different manufacturers.  The good news is that they are being rolled out, tested, and updated quickly.  The reason behind this rapid acceptance and testing is that the industry understands that the IoT (Internet of Things) is here and that every day new devices are joining the network using Ethernet with PoE.  "New devices" include LED lighting, fire alarms, smoke detectors, paging systems, IP cameras, refrigerators, thermostats, etc.  The value to the world is so tangible that there is no waiting. The Smart Buildings of the future will actually use less electricity and low voltage wiring using Ethernet with PoE is so safe and cost effective that the adoption rate is skyrocketing.

To enable SDN, the network must be equipped with technologies such as SPB (Shortest Path Bridging/802.1aq).  This is because when the network is comprised of these smart devices they automagically configure the best available paths from the devices (Ingress) to the applications (Egress) using the industry's best practices.  The network administrators no longer configure the individual components, they merely configure the ingress and egress (entry and exit points), and the "network" self-configures to establish the communications path. This of course is predicated on the device, user, and/or applications having permission to access the network based on the rules/profiles set by SDN.  The SDN controller (aka management station) is where the administrator defines the rules. Once defined, these rules are pushed to the network and therefore the controller is not a single point of failure.

SDN

Too good to be true?  Nah… the team of experts (IEEE/IETF members) understands that the rules, no matter how seemingly complex, are configurable and therefore they can be incorporated into the new 802.1 standards.  They just had to be codified aka SPB/SDN.

The current version of SDN still requires the configuration of the ingress/egress. The next iteration of SDN will allow auto-configuration based on the rules.  Impossible you say?  Nope, it will take a similar approach as DHCP (Dynamic Host Configuration Protocol).  The device will connect, identify itself, the user and the application, and then the network will look up the rules/profile and allow only and exactly what the profile says.

In conclusion, since everything has moved to the network, businesses that are looking to do more with less complexity, expense, delay, and risk, and with greater speed, security, and ease of management should be seriously investigating how to introduce SDN into their network.

The Internet of Things (IoT) is a scenario in which objects, animals or people are provided with unique identifiers and the ability to transfer data over a network without requiring human-to-human or human-to-computer interaction.