Software defined networks

Question 1

What are the two key principles of SDN?

Answer 1

1. Separation of control plane and data plane.
2. Centralized control plane managing multiple forwarding devices.

Question 2

What is a forwarding device?

Answer 2

A forwarding device is networking hardware or software components responsible for receiving incoming packets and determining how to forward them. Is typically a switch, router or similar.

Question 3

What is the control plane?

Answer 3

A component of network architecture responsible for managing and controlling the operation of network and forwarding devices.

Question 4

What does the control plane do?

Answer 4

It handles tasks such as routing decisions, traffic engineering, access control and sending responses to network events. It is in charge of determining how data packets should be forwarded.

Question 5

What is a global network map?

Answer 5

A comprehensive representation of the entire network infrastructure, showing topology, connections and relevant details of all devices on the network.

Question 6

What is the role of a global network map?

Answer 6

The global network map serves as a visual or data-based reference that provides a complete view of how network elements are interconnected. This map is essential for network administrators and controllers to make informed decisions about routing, traffic management, and resource allocation.

Question 7

What is a control program?

Answer 7

A control program, often part of the control plane, is software or a set of algorithms that manage and control network devices. These programs communicate with forwarding devices to configure their behavior according to network policies and objectives.

Question 8

What is the functionality of a control program?

Answer 8

Control programs are responsible for various network management tasks, such as route computation, traffic engineering, access control, and policy enforcement. They can adapt the network to changing conditions and requirements.

Question 9

What is the relationship between forwarding and control planes?

Answer 9

The forwarding plane and control plane work together to enable operation of a network.

The forwarding plane, also known as the data plane, is responsible for the actual forwarding of data packets based on the instructions received from the control plane. It ensures that packets are transmitted to their destinations efficiently.

The control plane focuses on making decisions about how data packets should be forwarded through the network. It configures the forwarding devices, manages routing tables, and enforces network policies. The control plane communicates with the forwarding plane to convey routing information and policies.

Question 10

What is the data/forwarding plane?

Answer 10

The data plane, also known as the forwarding plane, is responsible for the processing and delivery of packets within a network. It deals with the actual transmission and reception of data packets.

Question 11

What is the function of the data/forwarding plane?

Answer 11

The data plane takes forwarding decisions based on the forwarding state and packet header. It processes incoming packets and determines their appropriate paths through the network. It makes forwarding decisions, performs filtering, buffering and scheduling.

Question 12

What is the management plane?

Answer 12

The management plane is responsible for configuring, tuning, and overseeing the network’s operation to align it with organizational goals and policies.

Question 13

What is the function of the management plane?

Answer 13

1. Traffic Engineering: Similar to the control plane, the management plane may engage in traffic engineering tasks to optimize traffic flows and resource allocation.
2. ACL Configuration: Access Control Lists (ACLs) and security policies are configured and managed within the management plane to control access and protect network resources.
3. Device Provisioning: It involves the provisioning and management of network devices, including routers, switches, and firewalls, to ensure they are properly configured and maintained.
4. Network Monitoring: The management plane includes tools and processes for monitoring network performance, identifying issues, and generating reports to support decision-making.

Question 14

What is a line card in the data plane?

Answer 14

Line cards, often referred to as line modules or line cards, are hardware components within the data plane of a switch. They are responsible for handling the actual data traffic, including packet forwarding, filtering, and scheduling.

Question 15

What is the function of line cards in the data plane?

Answer 15

1. Packet Forwarding: Line cards receive incoming data packets from network ports and make forwarding decisions based on destination addresses.
2. Filtering: They enforce access control lists (ACLs) and other filtering rules to ensure network security and compliance with policies.
3. Scheduling: Line cards manage the scheduling of packets to ensure efficient use of resources and minimize congestion.

Question 16

Where do line cards reside in the data plane?

Answer 16

Line cards are physically located within the switch chassis, typically occupying slots or bays.

Question 17

What is the switching fabric?

Answer 17

The switching fabric is the interconnection system that links the line cards together and facilitates high-speed data transfer between them.

Question 18

What is the function of the switching fabric?

Answer 18

1. High-Speed Data Transfer: The switching fabric enables high-speed data exchange between line cards, ensuring low latency and high throughput.
2. Interconnection: It interconnects multiple line cards, allowing them to communicate and exchange data seamlessly.

Question 19

What is a central processor in the control plane?

Answer 19

The control plane of the switch includes a central processor, often referred to as a control processor or control unit. This processor is responsible for managing the overall operation of the switch, including configuration, routing decisions, and control logic.

Question 20

What is the function of a central processor in the control plane?

Answer 20

1. Configuration: The central processor configures and manages the behavior of line cards, setting up forwarding tables, ACLs, and other parameters.
2. Routing Decisions: It computes routing decisions, determining how packets should be forwarded through the switch.
3. Control Logic: The central processor handles various control functions, such as failure detection, recovery mechanisms, and network optimization.

Question 21

Where does the central processor reside in the control plane?

Answer 21

The central processor is typically situated within the control plane of the switch, connected to the switching fabric.

Question 22

What are streaming algorithms in the data plane?

Answer 22

Streaming algorithms in the data plane involve processing packets in real-time, often without the need to store and analyze the entire packet or payload. These algorithms enable efficient handling of packets as they flow through network devices

Question 23

What is the function of streaming algorithms?

Answer 23

Streaming algorithms can perform various tasks, such as packet sampling, traffic monitoring, and data aggregation. For example, they may sample a subset of packets for traffic analysis rather than processing every packet, reducing computational overhead.

Question 24

What is a header bit?

Answer 24

In the data plane, header matching involves inspecting specific bits or fields within packet headers to make forwarding decisions or apply network policies.

Question 25

What is the function of a header bit?

Answer 25

Header matching can be used for access control, routing, and classification purposes. For instance, routers may examine destination IP addresses or port numbers to determine the next hop for packet forwarding.

Question 26

What are actions in the data plane?

Answer 26

In the data plane, actions are executed based on the results of header matching or other criteria. These actions determine how packets are processed, forwarded, or modified.

Question 27

What is the function of actions in the data plane?

Answer 27

Actions can include forwarding packets to a specific port, dropping packets, modifying packet headers, or redirecting packets to specialized processing modules.

Question 28

What is a path computing algorithm in the control plane?

Answer 28

In the control plane, one of the primary functions is to compute the paths that data packets will follow through the network. This involves determining the optimal routes for packet transmission based on network topology and routing policies.

Question 29

What is the function of a path computing algorithm in the control plane?

Answer 29

Control plane algorithms calculate the paths, taking into account factors like link costs, network congestion, and Quality of Service (QoS) requirements.

Question 30

What is the function of control plane operations?

Answer 30

Control plane operations include populating forwarding tables in network devices such as routers and switches. Forwarding tables contain information about how to forward packets based on destination addresses.

Control plane algorithms update forwarding tables dynamically as network conditions change, ensuring that devices have up-to-date information for packet forwarding.

Question 31

What is traffic engineering within the management plane?

Answer 31

Traffic engineering within the management plane involves configuring network devices to control the flow of traffic and optimize network performance. It’s about making informed decisions on how network resources should be utilized to achieve specific objectives.

Question 32

What is a Network OS?

Answer 32

A Network Operating System is a fundamental component of Software-Defined Networking (SDN) that plays a pivotal role in transforming traditional networks into more agile, programmable, and efficient environments.

A Network OS operates as a distributed system that creates and maintains a consistent, up-to-date view of the entire network. This view encompasses all network devices, links, and traffic flows. By consolidating network information, it allows for centralized control and management.

Network OSes run on dedicated server hardware known as controllers. These controllers are strategically placed within the network infrastructure and serve as the central decision-making entities. Controllers are responsible for orchestrating network behavior, implementing policies, and managing network resources.

One example of a network OS i floodlight, as seen in lab 2.1.

Question 33

What is forwarding abstraction?

Answer 33

Forwarding Abstraction is a fundamental concept in SDN that provides a standardized and flexible way to define forwarding state within network devices. It serves as a crucial bridge between the high-level control plane and the low-level data plane.

The primary purpose of Forwarding Abstraction is to establish a standard method for defining how network devices should forward packets. It abstracts the complex details of packet handling and forwarding, allowing network administrators and control programs to specify desired forwarding behavior in a consistent manner.

Question 34

What is a virtual topology?

Answer 34

Virtual topology in SDN refers to the abstract representation of the network’s connectivity and configuration. It enables the creation of logical network overlays on top of physical infrastructure.

Question 35

What is a network hypervisor?

Answer 35

A network hypervisor is a software layer responsible for managing and orchestrating the virtualization of network resources, similar to how a server hypervisor manages virtual machines.

Question 36

What is a flow entry?

Answer 36

In SDN, network traffic is managed through the use of flow entries, which are rules or policies that dictate how packets should be processed and forwarded. These flow entries are typically installed in network devices such as switches and routers.

Question 37

What is OpenFlow?

Answer 37

OpenFlow is an open and standardized protocol that facilitates communication and interaction between the control plane (where network control decisions are made) and the data plane (where actual data forwarding occurs) in network devices, such as Ethernet switches and routers. It enables centralized network control and programmability by separating the control path from the data path.

Question 38

What is a control path in OpenFlow?

Answer 38

In OpenFlow, the Control Path refers to the portion of the network architecture where network control decisions are made by control programs or SDN controllers like A and B.

• Control programs A and B are responsible for defining network policies, managing routing decisions, and reacting to network events.
  These control programs communicate with network devices, such as Ethernet switches, through the OpenFlow protocol.

Question 39

What is match bit in openflow headers?

Answer 39

OpenFlow’s Match primitive allows network administrators or control programs to specify rules that match arbitrary bits within packet headers. This means you can define conditions based on existing header fields (e.g., source and destination IP addresses, port numbers) or even create custom headers for specialized applications.

Question 40

What is an action in openflow?

Answer 40

An action is paired with a header, and is performed whenever an OpenFlow packet matches.

Question 41

What is a flow table?

Answer 41

In OpenFlow-based networking devices (such as switches, routers, and chipsets), the flow table is a critical component that stores a set of rules defining how incoming packets should be handled.

Question 42

What is a flow entry?

Answer 42

Each rule in the flow table is referred to as a flow entry. It includes:
- Rule: specifies the condition that a packet must meet to match this entry
- Action: what happens when a packet match the rule
- Statistics: Information about packets that match the rule

Question 43

What is an out-of-band control plane?

Answer 43

An “Out-of-Band Control Plane” refers to a control plane architecture where control functions are logically centralized but operate on a separate network infrastructure from the data plane. While out-of-band control planes have been used in many SDN deployments, they do come with certain disadvantages that need to be considered.

Question 44

What are the advantages of out-of-band contrl planes?

Answer 44

1. Logical Centralization: The control plane remains logically centralized, allowing for a unified and global view of the network’s state and policies. This centralization enables consistent control and management.
2. Reliability: By separating the control plane from the data plane and potentially distributing controllers across multiple locations, out-of-band SDN architectures can achieve higher reliability. Failures in one controller or data center can be mitigated by others, reducing the risk of network downtime.
3. Availability: Out-of-band control planes enhance network availability. Multiple controller instances can operate in parallel or as backups, ensuring that network management processes continue even in the presence of hardware failures or network disruptions.
4. Scalability: This architecture allows for greater scalability. As the network grows, new controller instances can be added to support larger and more complex deployments.
5. Low Latency: Separating the control plane from the data plane can reduce contention for resources, resulting in lower latency for control plane operations. This is crucial for real-time network responsiveness.
6. Security: Out-of-band control planes isolate control traffic from data traffic, enhancing security. This separation reduces the risk of unauthorized access and attacks on control plane components.

Question 45

What are the disadvantages of out-of-band control planes?

Answer 45

1. Cost: Maintaining a separate control network can be costly, particularly for large-scale deployments. It involves expenses related to network equipment, redundancy, and management.
2. Interoperability: Integrating traditional routing protocols (e.g., STP, OSPF) for the management network may lead to interoperability challenges and complexities, especially when coexisting with SDN principles.
3. Network Partitioning: In some cases, out-of-band control planes may lead to network partitioning issues if the management network experiences disruptions or misconfigurations, potentially isolating parts of the SDN.
4. Complex Routing: Traditional routing protocols used in the management network might not be optimized for SDN-specific control plane requirements, potentially leading to suboptimal routing decisions.
5. Resource Utilization: The separation of control and data planes, while providing advantages in terms of reliability and security, can also underutilize network resources since they are not shared.
6. Complexity: Managing a separate control network adds complexity to the overall network infrastructure. It requires additional hardware, configuration, and maintenance.

Question 46

What is an in-band SDN control plane?

Answer 46

In contrast to out-of-band control planes, “In-band SDN control” refers to a control plane architecture where control traffic is carried over the same network infrastructure as data-plane traffic. In this scenario, control functions and data traffic share the same network links and devices, and control messages are typically sent through a dedicated management port or channel multiplexed with data-plane traffic. This approach offers several benefits and trade-offs compared to out-of-band control.

Question 47

What are the advantages of in-band control planes?

Answer 47

1. Cost-Effective: One of the primary advantages of in-band SDN control is cost-effectiveness. There is no need for a separate physical or logical control network, which reduces infrastructure and operational expenses.
2. Higher Redundancy: In-band control allows for more straightforward redundancy configurations. Multiple controllers can communicate with the network devices through the same data-plane links, enhancing reliability without the added complexity of a separate control network.
3. Increased Partition Tolerance: In-band control is well-suited for scenarios where network partitions might occur due to network failures or misconfigurations. The shared nature of control and data traffic ensures that control messages can still reach devices even if certain parts of the network become isolated.
4. Simplified Management: Managing an in-band control plane is often simpler because it leverages existing network infrastructure. There is no need for additional equipment or configurations specific to control traffic.

Question 48

What are the disadvantages of in-band control planes?

Answer 48

1. Network Overhead: In-band control traffic shares the same network resources as data traffic. This can lead to increased network overhead, especially in large-scale deployments with frequent control messages.
2. Security: The integration of control and data traffic raises security concerns. Careful design and security measures are necessary to protect the control plane from unauthorized access or attacks.
3. Resource Contention: Network devices may contend for limited resources when processing both data and control traffic simultaneously. This can impact the responsiveness and performance of the control plane.
4. Scalability: While in-band control can be cost-effective and simpler to manage, it may face scalability challenges in extremely large networks. The shared infrastructure may become a bottleneck as the network grows.
5. Interoperability: Integrating in-band control with existing network protocols and devices may require careful planning to ensure compatibility and minimize disruptions.