Lesson 7: SDN 1 Flashcards
What spurred the development of Software Defined Networking (SDN)?
The need for making networks more programmable in order to mange the complexity of computer networks due to the following reasons:
- Diversity of equipment on the network
- Proprietary technologies for the equipment
What are the three phases in the history of SDN?
- Active networks
- Control and data plane separation
- OpenFlow API and network operating systems
Summarize OpenFlow API and network operating systems
This phase took place from around 2007 to 2010. OpenFlow was born out of the interest in the idea of network experimentation at a scale (by researchers and funding agencies). It was able to balance the vision of fully programmable networks and the practicality of ensuring real world deployment. OpenFlow built on the existing hardware and enabled more functions than earlier route controllers. Although this dependency on hardware limited its flexibility, it enabled immediate deployment.
The basic working of an OpenFlow switch is as follows. Each switch contains a table of packet-handling rules. Each rule has a pattern, list of actions, set of counters and a priority. When an OpenFlow switch receives a packet, it determines the highest priority matching rule, performs the action associated with it and increments the counter.
Why Separate the Data Plane from the Control Plane?
The reasons we separate the two are:
- Independent evolution and development
In the traditional approach, routers are responsible for both routing and forwarding functionalities. This meant that a change to either of the functions would require an upgrade of hardware. In this new approach, routers only focus on forwarding. Thus, innovation in this design can proceed independently of other routing considerations. Similarly, improvement in routing algorithms can take place without affecting any of the existing routers. By limiting the interplay between these two functions, we can develop them more easily. - Control from high-level software program
In SDN, we use software to compute the forwarding tables. Thus, we can easily use higher-order programs to control the routers’ behavior. The decoupling of functions makes debugging and checking the behavior of the network easier.
Separation of the control and data planes supports the independent evolution and development of both. Thus, the software aspect of the network can evolve independent of the hardware aspect. Since both control and forwarding behavior are separate, this enables us to use higher-level software programs for control. This makes it easier to debug and check the network’s behavior.
Why did the SDN lead to opportunities in various areas such as data centers, routing, enterprise networks, and research networks?
- Data centers.*Consider large data centers with thousands of servers and VMs. Management of such large network is not easy. SDN helps to make network management easier.
- Routing.*The interdomain routing protocol used today, BGP, constrains routes. There are limited controls over inbound and outbound traffic. There is a set procedure that needs to be followed for route selection. Additionally, it is hard to make routing decisions using multiple criteria. With SDN, it is easier to update the router’s state, and SDN can provide more control over path selection.
- Enterprise networks.*SDN can improve the security applications for enterprise networks. For example, using SDN it is easier to protect a network from volumetric attacks such as DDoS, if we drop the attack traffic at strategic locations of the network.
- Research networks.*SDN allows research networks to coexist with production networks.
What is the relationship between forwarding and routing?
- Forwarding
Forwarding is one of the most common, yet important functions of the network layer. When a router receives a packet at its input link, it must determine which output link that packet should be sent through.This process is called forwarding. It could also entail blocking a packet from exiting the router, if it is suspected to have been sent by a malicious router. It could also duplicate the packet and send it along multiple output links.Since forwarding is a local function for routers,it usually takes place in nanoseconds and is implemented in the hardware itself.Forwarding is a function of the data plane.**
So,a router looks at the header of an incoming packet and consults the forwarding table, to determine the outgoing link to send the packet to.
- Routing
Routing involves determining the path from the sender to the receiver across the network. Routers rely on routing algorithms for this purpose.It is an end-to-end process for networks. It usually takes place in seconds and is implemented in the software.Routing is a function of the control plane.**
What is the difference between a traditional and SDN approach in terms of coupling of control and data plane?
In the traditional approach, the routing algorithms (control plane) and forwarding function (data plane) are closely coupled. The router runs and participates in the routing algorithms. From there it is able to construct the forwarding table which consults it for the forwarding function.
In the SDN approach, on the other hand, there is a remote controller that computes and distributes the forwarding tables to be used by every router. This controller is physically separate from the router. It could be located in some remote data center, managed by the ISP or some other third party.
What are the main components of an SDN network and their responsibilities?
- SDN-controlled network elements
The SDN-controlled network elements, sometimes called the infrastructure layer, is responsible for the forwarding of traffic in a network based on the rules computed by the SDN control plane.**
- SDN controller
TheSDN controlleris a logically centralized entity that acts as aninterface between the network elements and the network-control applications.
- Network-control applications
The network-control applications are programs that manage the underlying network by collecting information about the network elements with the help of SDN controller.
What are the four defining features of an SDN architecture?
1)Flow-based forwarding:The rules for forwarding packets in the SDN-controlled switches can be computed based on any number of header field values in various layers such as the transport-layer, network-layer and link-layer. This differs from the traditional approach where only the destination IP address determines the forwarding of a packet. For example, OpenFlow allows up to 11 header field values to be considered.
2)Separation of data plane and control plane:The SDN-controlled switches operate on the data plane and they only execute the rules in the flow tables. Those rules are computed, installed, and managed by software that runs on separate servers.
3)Network control functions:The SDN control plane, (running on multiple servers for increased performance and availability) consists of two components: the controller and the network applications. The controller maintains up-to-date network state information about the network devices and elements (for example, hosts, switches, links) and provides it to the network-control applications. This information, in turn, is used by the applications to monitor and control the network devices.
4)A programmable network:The network-control applications act as the “brain” of SDN control plane by managing the network. Example applications can include network management, traffic engineering, security, automation, analytics, etc. For example, we can have an application that determines the end-to-end path between sources and destinations in the network using Dijkstra’s algorithm.
What are the three layers of SDN controllers?
- Communication Layer: This layer consists of a protocol through which the SDN controller and the network controlled elements communicate. Using this protocol, the devices send locally observed events to the SDN controller providing the controller with a current view of the network state. For example, these events can be a new device joining the network, heartbeat indicating the device is up, etc. The communication between SDN controller and the controlled devices is known as the “southbound” interface. OpenFlow is an example of this protocol, which is broadly used by SDN controllers today.
- Network-wide state-management layer: This layer is about the network-state that is maintained by the controller. The network-state includes any information about the state of the hosts, links, switches and other controlled elements in the network. It also includes copies of the flow tables of the switches. Network-state information is needed by the SDN control plane to configure the flow tables.
- The interface to the network-control application layer:This layer is also known as the controller’s “northbound” interface using which the SDN controller interacts with network-control applications. Network-control applications can read/write network state and flow tables in controller’s state-management layer. The SDN controller can notify applications of changes in the network state, based on the event notifications sent by the SDN-controlled devices. The applications can then take appropriate actions based on the event. A REST interface is an example of a northbound API.
What is the function of the control and data planes?
Control plane - controls forwarding behavior of routers, such as routing protocols and network middlebox configurations.
Data plane - performs actual forwarding as dictated by the control plane. IP forwarding and layer 2 switching are functions of the data plane.
