UNIT I

SDN Introduction

UNIT I SDN: INTRODUCTION

Evolving Network Requirements – The SDN Approach – SDN architecture - SDN Data Plane , Control
plane and Application Plane

Network Devices: Network devices, also known as networking hardware, are physical devices that
allow hardware on a computer network to communicate and interact with one another. For example
Repeater, Hub, Bridge, Switch, Routers, Gateway, Brouter, and NIC, etc.

1. Repeater – A repeater operates at the physical layer. Its job is to regenerate the signal over the same
network before the signal becomes too weak or corrupted to extend the length to which the signal can be
transmitted over the same network. An important point to be noted about repeaters is that they not only
amplify the signal but also regenerate it. When the signal becomes weak, they copy it bit by bit and
regenerate it at its star topology connectors connecting following the original strength. It is a 2-port
device.

2. Hub – A hub is a basically multi-port repeater. A hub connects multiple wires coming from different
branches, for example, the connector in star topology which connects different stations. Hubs cannot
filter data, so data packets are sent to all connected devices. In other words, the collision domain of all
hosts connected through Hub remains one. Also, they do not have the intelligence to find out the best
path for data packets which leads to inefficiencies and wastage.

Types of Hub

Active Hub:- These are the hubs that have their power supply and can clean, boost, and relay the signal
along with the network. It serves both as a repeater as well as a wiring center. These are used to extend
the maximum distance between nodes.

Passive Hub:- These are the hubs that collect wiring from nodes and power supply from the active hub.
These hubs relay signals onto the network without cleaning and boosting them and can’t be used to
extend the distance between nodes.

Intelligent Hub:- It works like an active hub and includes remote management capabilities. They also
provide flexible data rates to network devices. It also enables an administrator to monitor the traffic
passing through the hub and to configure each port in the hub.

3. Bridge – A bridge operates at the data link layer. A bridge is a repeater, with add on the functionality
of filtering content by reading the MAC addresses of the source and destination. It is also used for
interconnecting two LANs working on the same protocol. It has a single input and single output port,
thus making it a 2 port device

Types of Bridges
 Transparent Bridges:- These are the bridge in which the stations are completely unaware of
the bridge’s existence i.e. whether or not a bridge is added or deleted from the network,
 reconfiguration of the stations is unnecessary. These bridges make use of two processes i.e. bridge
forwarding and bridge learning.
 Source Routing Bridges:- In these bridges, routing operation is performed by the source station
and the frame specifies which route to follow. The host can discover the frame by sending a
special frame called the discovery frame, which spreads through the entire network using all
possible paths to the destination.

4. Switch – A switch is a multiport bridge with a buffer and a design that can boost its efficiency(a large
number of ports imply less traffic) and performance. A switch is a data link layer device. The switch can
perform error checking before forwarding data, which makes it very efficient as it does not forward
packets that have errors and forward good packets selectively to the correct port only. In other words,
the switch divides the collision domain of hosts, but the broadcast domain remains the same.

Types of Switch

Unmanaged switches: These switches have a simple plug-and-play design and do not offer advanced
configuration options. They are suitable for small networks or for use as an expansion to a larger
network.

Managed switches: These switches offer advanced configuration options such as VLANs, QoS, and link
aggregation. They are suitable for larger, more complex networks and allow for centralized
management.

Smart switches: These switches have features similar to managed switches but are typically easier to set
up and manage. They are suitable for small- to medium-sized networks.

Layer 2 switches: These switches operate at the Data Link layer of the OSI model and are responsible
for forwarding data between devices on the same network segment.

Layer 3 switches: These switches operate at the Network layer of the OSI model and can route data
between different network segments. They are more advanced than Layer 2 switches and are often used
in larger, more complex networks.

PoE switches: These switches have Power over Ethernet capabilities, which allows them to supply
power to network devices over the same cable that carries data.

Gigabit switches: These switches support Gigabit Ethernet speeds, which are faster than traditional
Ethernet speeds.

Rack-mounted switches: These switches are designed to be mounted in a server rack and are suitable for
use in data centers or other large networks.

Desktop switches: These switches are designed for use on a desktop or in a small office environment
and are typically smaller in size than rack-mounted switches.

Modular switches: These switches have modular design, which allows for easy expansion or
customization. They are suitable for large networks and data centers.

5. Routers – A router is a device like a switch that routes data packets based on their IP addresses.
The router is mainly a Network Layer device. Routers normally connect LANs and WANs and have a
dynamically updating routing table based on which they make decisions on routing the data packets.
The router divides the broadcast domains of hosts connected through it.

6. Gateway – A gateway, as the name suggests, is a passage to connect two networks that may work
upon different networking models. They work as messenger agents that take data from one system,
interpret it, and transfer it to another system. Gateways are also called protocol converters and can
operate at any network layer. Gateways are generally more complex than switches or routers. A
gateway is also called a protocol converter.
7. Brouter – It is also known as the bridging router is a device that combines features of both bridge
and router. It can work either at the data link layer or a network layer. Working as a router, it is
capable of routing packets across networks and working as the bridge, it is capable of filtering local
area network traffic.
8. NIC – NIC or network interface card is a network adapter that is used to connect the computer to
the network. It is installed in the computer to establish a LAN. It has a unique id that is written on the
chip, and it has a connector to connect the cable to it. The cable acts as an interface between the
computer and the router or modem. NIC card is a layer 2 device which means that it works on both the
physical and data link layers of the network model.

1.1 Evolving Network Requirements

A number of trends are driving network providers and users to reevaluate traditional approaches to
network architecture. These trends can be grouped under the categories of demand, supply, and traffic
patterns.
Demand Is Increasing

“Requirements and Technology,” a number of trends are increasing the load on enterprise networks, the
Internet, and other internets.

 Cloud computing: There has been a dramatic shift by enterprises to both public and private
cloud services.
 Big data: The processing of huge data sets requires massive parallel processing on thousands of
servers, all of which require a degree of interconnection to each other. Therefore, there is a large
and constantly growing demand for network capacity within the data canter.
 Mobile traffic: Employees are increasingly accessing enterprise network resources via mobile
personal devices, such as smartphones, tablets, and notebooks. These devices support
sophisticated apps that can consume and generate image and video traffic, placing new burdens
on the enterprise network.
 The Internet of Things (IoT): Most “things” in the IoT generate modest traffic, although there
are exceptions, such as surveillance video cameras. But the sheer number of such devices for
some enterprises results in a significant load on the enterprise network.
Supply Is Increasing
As the demand on networks is rising, so is the capacity of network technologies to absorb rising
loads. The increase in the capacity of the network transmission technologies has been matched by an
increase in the performance of network devices, such as LAN switches, routers, firewalls, intrusion
detection system/intrusion prevention systems (IDS/IPS), and network monitoring and management
systems. Year by year, these devices have larger, faster memories, enabling greater buffer capacity and
faster buffer access, as well as faster processor speeds.
Traffic Patterns Are More Complex
If it were simply a matter of supply and demand, it would appear that today’s networks should be
able to cope with today’s data traffic. But as traffic patterns have changed and become more complex,
traditional enterprise network architectures are increasingly ill suited to the demand.
A number of developments have resulted in far more dynamic and complex traffic patterns
within the enterprise data center, local and regional enterprise networks, and carrier networks. These
include the following:

 Client/server applications typically access multiple databases and servers that must communicate
with each other, generating “horizontal” traffic between servers as well as “vertical” traffic
between servers and clients.
 Network convergence of voice, data, and video traffic creates unpredictable traffic patterns,
often of large multimedia data transfers.
 Unified communications (UC) strategies involve heavy use of applications that trigger access to
multiple servers.
 The heavy use of mobile devices, including personal bring your own device (BYOD) policies,
results in user access to corporate content and applications from any device anywhere any time.
As illustrated previously in Figure 2.6 in Chapter 2, this mobile traffic is becoming an
increasingly significant fraction of enterprise network traffic.
 The widespread use of public clouds has shifted a significant amount of what previously had
been local traffic onto WANs for many enterprises, resulting in increased and often very
unpredictable loads on enterprise routers.
 The now-common practice of application and database server virtualization has significantly
increased the number of hosts requiring high-volume network access and results in every-
changing physical location of server resources.
Traditional Network Architectures are Inadequate
Even with the greater capacity of transmission schemes and the greater performance of network
devices, traditional network architectures are increasingly inadequate in the face of the growing
complexity, variability, and high volume of the imposed load. In addition, as quality of service (QoS)
and quality of experience (QoE) requirements imposed on the network are expanded as a result of the
variety of applications, the traffic load must be handled in an increasingly sophisticated and agile
fashion.The traditional internetworking approach is based on the TCP/IP protocol architecture.
Three main characteristics of this approach are as follows:

 Two-level end system addressing

 TCP/IP protocol architecture : The protocol architecture built around the TCP and IP protocols,
consisting of five layers: physical, data link, network/Internet (usually IP), transport (usually
TCP or UDP), and application.
 Routing based on destination
 Distributed, autonomous control

The traditional architecture relies heavily on the network interface identity. At the physical layer
of the TCP/IP model, devices attached to networks are identified by hardware-based identifiers, such as
Ethernet MAC addresses. At the internetworking level, including both the Internet and private internets,
the architecture is a network of networks. Each attached device has a physical layer identifier recognized
within its immediate network and a logical network identifier, its IP address, which provides global
visibility.
Traditionally, routing was based on each packet’s destination address. In this datagram
approach, successive packets between a source and destination may follow different routes through the
internet, as routers constantly seek to find the minimum-delay path for each individual packet. More
recently, to satisfy QoS requirements, packets are often treated in terms of flows of packets. Packets
associated with a given flow have defined QoS characteristics, which affect the routing for the entire
flow.
Datagram
A packet that is treated independently of other packets for packet switching. A datagram carries
information sufficient for routing from the source to the destination without the necessity of establishing
a logical connection between the endpoints.
Packet
A unit of data sent across a network. A packet is a group of bits that includes data plus protocol
control information. The term generally applies to protocol data units at the network layer.
Flow
A sequence of packets between a source and destination that are recognized by the network as
related and are treated in a uniform fashion.

packet switching

A method of transmitting messages through a communications network, in which long messages are
subdivided into short packets. Each packet is passed from source to destination through intermediate
nodes. At each node, the entire message is received, stored briefly, and then forwarded to the next node.

Four general limitations of traditional network architectures

 Static, complex architecture: To respond for demands such as differing levels of QoS, high and
fluctuating traffic volumes, and security requirements, networking technology has grown more
complex and difficult to manage. This has resulted in a number of independently defined
protocols each of which addresses a portion of networking requirements. Manual procedures
 must be used to configure each vendor’s equipment on a per-application and even per-session
basis.
 Inconsistent policies: To implement a network-wide security policy, staff may have to make
configuration changes to thousands of devices and mechanisms. In a large network, when a new
virtual machine is activated, it can take hours or even days to reconfigure ACLs across the entire
network.
 Inability to scale: Demands on networks are growing rapidly, both in volume and variety.
Adding more switches and transmission capacity, involving multiple vendor equipment, is
difficult because of the complex, static nature of the network. But with the increased use of
virtualization and the increasing variety of multimedia applications, traffic patterns are
unpredictable.
 Vendor dependence: Given the nature of today’s traffic demands on networks, enterprises and
carriers need to deploy new capabilities and services rapidly in response to changing business
needs and user demands. A lack of open interfaces for network functions leaves the enterprises
limited by the relatively slow product cycles of vendor equipment.

1.2 The SDN Approach :

SDN stands for Software Defined Network which is a networking architecture approach. It
enables the control and management of the network using software applications. Through Software
Defined Network (SDN) networking behavior of the entire network and its devices are programmed in a
centrally controlled manner through software applications using open APIs.

1.3 SDN Architecture:

Software-defined networking (SDN) is an approach via which we take the control plane away
from the switch and assign it to a centralized unit called the SDN
controller. Hence, a network administrator can shape traffic via a
centralized console without having to touch the individual switches.
The data plane still resides in the switch and when a packet
enters a switch, its forwarding activity is decided based on the entries
of flow tables, which are pre-assigned by the controller. A flow table
consists of match fields (like input port number and packet header)
and instructions. The packet is first matched against the match fields
of the flow table entries. Then the instructions of the corresponding
flow entry are executed. The instructions can be forwarding the
packet via one or multiple ports, dropping the packet, or adding
headers to the packet. If a packet doesn’t find a corresponding match
in the flow table, the switch queries the controller which sends a new
flow entry to the switch. The switch forwards or drops the packet
based on this flow entry.

A typical SDN architecture consists of three layers.

 Application layer: It contains the typical network applications like intrusion detection, firewall,
and load balancing
 Control layer: It consists of the SDN controller which acts as the brain of the network. It also
allows hardware abstraction to the applications written on top of it.
 Infrastructure layer: This consists of physical switches which form the data plane and carries
out the actual movement of data packets.

The layers communicate via a set of interfaces called the north-bound APIs(between the application and
control layer) and southbound APIs(between the control and infrastructure layer).
1.4 Data plane:

All the activities involving as well as resulting from data packets sent by the end-user belong to
this plane. In computer networking, the data plane is the part of a network device responsible for
forwarding data packets from one interface to another. It is also referred to as the forwarding plane or
the user plane.

The data plane operates at the lowest level of the network stack, typically at Layer 2 (the Data Link
layer) and Layer 3 (the Network layer) of the OSI model. Its main responsibility is to forward packets
from one interface to another based on the destination address contained in the packet header. In SDN,
the data plane is implemented in network devices, such as switches, and is responsible for forwarding
packets based on the instructions received from the centralized control plane. This allows for greater
flexibility and scalability in the network, as the data plane can be reprogrammed in real-time to
accommodate changing network conditions.This includes:

 Forwarding of packets.
 Segmentation and reassembly of data.
 Replication of packets for multicasting.

1.5 Control plane:

In computer networking, the

control plane is part of a network device
or system that is responsible for managing
and controlling the flow of network traffic.
It is responsible for making decisions
about how packets are forwarded across
the network based on factors such as
network topology, routing protocols, and
network policies.

The control plane operates at a higher

network stack level than the data plane,
typically at Layer 3 (the Network layer)
and above in the OSI model. It is
responsible for routing, switching, and
traffic engineering tasks. In SDN, the
controller communicates with the network
devices in the data plane using a standard
protocol, such as OpenFlow, to program the devices to forward packets in a particular way.

The benefits of a separate control plane in SDN include greater network flexibility and scalability, as the
network policy can be changed in real-time to meet changing network conditions. It also allows for
easier network management, as the network can be managed from a centralized location.

All activities necessary to perform data plane activities but do not involve end-user data packets belong
to this plane. In other words, this is the brain of the network. The activities of the control plane include:

 Making routing tables.

 Setting packet handling policies.
Why SDN is Important?

 Better Network Connectivity: SDN provides very better network connectivity for sales,
services, and internal communications. SDN also helps in faster data sharing.
 Better Deployment of Applications: Deployment of new applications, services, and many
business models can be speed up using Software Defined Networking.
 Better Security: Software-defined network provides better visibility throughout the network.
Operators can create separate zones for devices that require different levels of security. SDN
networks give more freedom to operators.
 Better Control with High Speed: Software-defined networking provides better speed than other
networking types by applying an open standard software-based controller.

Where is SDN Used?

 Enterprises use SDN, the most widely used method for application deployment, to deploy
applications faster while lowering overall deployment and operating costs. SDN allows IT
administrators to manage and provision network services from a single location.
 Cloud networking software-defined uses white-box systems. Cloud providers often use generic
hardware so that the Cloud data center can be changed and the cost of CAPEX and OPEX saved.

Components of Software Defining Networking (SDN)

The three main components that make the SDN are:

1. SDN Applications: SDN Applications relay requests or networks through SDN Controller using
API.
2. SDN controller: SDN Controller collects network information from hardware and sends this
information to applications.
3. SDN networking devices: SDN Network devices help in forwarding and data processing tasks.

Different Models of SDN

There are several models, which are used in SDN:

1. Open SDN
2. SDN via APIs
3. SDN via Hypervisor-based Overlay Network
4. Hybrid SDN

1. Open SDN: Open SDN is implemented using the OpenFlow

switch. It is a straightforward implementation of SDN. In Open
SDN, the controller communicates with the switches using
south-bound API with the help of OpenFlow protocol.

2. SDN via APIs: In SDN via API, the functions in remote

devices like switches are invoked using conventional methods
like SNMP or CLI or through newer methods like Rest API.
Here, the devices are provided with control points enabling the
controller to manipulate the remote devices using APIs.

3. SDN via Hypervisor-based Overlay Network: In SDN via the hypervisor, the configuration of
physical devices is unchanged. Instead, Hypervisor based overlay networks are created over the physical
network. Only the devices at the edge of the physical network are connected to the virtualized networks,
thereby concealing the information of other devices in the physical network.

SDN via Hypervisor-based Overlay Network

4. Hybrid SDN: Hybrid Networking is a combination of Traditional Networking with software-defined

networking in one network to support different types of functions on a network.

Difference between SDN and Traditional Networking

Software Defined Networking Traditional Networking
Software Defined Network is a virtual networking A traditional network is the old conventional
approach. networking approach.
Software Defined Network is centralized control. Traditional Network is distributed control.
This network is programmable. This network is nonprogrammable.
Software Defined Network is the open interface. A traditional network is a closed interface.
In Software Defined Network data plane and In a traditional network data plane and control
control, the plane is decoupled by software. plane are mounted on the same plane.
Advantages of SDN
• The network is programmable and hence can easily be modified via the controller rather than
individual switches.
• Switch hardware becomes cheaper since each switch only needs a data plane.
• Hardware is abstracted, hence applications can be written on top of the controller independent of
the switch vendor.
• Provides better security since the controller can monitor traffic and deploy security policies. For
example, if the controller detects suspicious activity in network traffic, it can reroute or drop the
packets.
Disadvantages of SDN
• The central dependency of the network means a single point of failure, i.e. if the controller gets
corrupted, the entire network will be affected.
• The use of SDN on large scale is not properly defined and explored.