A Complete Guide to Software-Defined Networking

You cannot escape the pervasiveness of software.

Mobile, cloud computing, big data, social networks, virtualization, and the
Internet of Things (IoT) have all contributed to software becoming a critical
economic enabler of practically every business on the planet. And these
technologies are still evolving.

Software is eating the world and networking is no different.

Traditional software that runs on conventional hardware is spectacularly bad

at providing a satisfying consumer experience. Most business networks are
controlled by people and administered with management tools in a reactive
and manual process. But this is changing thanks to the improvements in
automation and programmability achieved by software-defined networking
(SDN).

Software-defined networking holds substantial promise for radically changing

how networks are built and operated by reducing cost, improving
performance, and increasing functionality. With the advent of SDN solutions,
such as software-defined wide area network (SD-WAN) software , the
expectations for automation and programmability in network control software
and hardware have risen dramatically.

What is software-defined networking?

Software-defined networking (SDN) is a network architecture that treats the

network itself as a programmable logic rather than having dedicated hardware
devices. It provides end-users with control of the network, enabling them to
change and modify how traffic flows, reducing cost and increasing their ability
to innovate.

That means instead of using physical cables to connect different components

of a network, SDN creates virtual communication channels that IT teams can
reconfigure quickly with software. The phrase "software-defined" in networking
means that specific configurations are no longer hard-coded into the hardware
devices of the network infrastructure, but can be managed through software or
alternate interfaces.

Software-defined networking is a subset of the broader concept of software-

defined everything. Proponents see it as the next generation of software-
based dynamic network control. Software-defined networks eliminate the need
for IT staff to visit each location to configure networking devices physically.
The result is a highly flexible network that can adapt to changing traffic
patterns.

As businesses continue to adopt cloud and mobile solutions, the expectations

for rapid provisioning and automation accelerate beyond what existing
networks can provide. The response is an SDN architecture that reduces
capital expenditures while simplifying network operations. As with many IT
trends, SDNs are transforming networks within companies and between
enterprises and service providers globally.

What makes SDN technology so compelling is that it gives engineers new

ways to program their networks, making it possible for them to create network
configurations that previously would have been impossible or prohibitively
expensive.

Features of software-defined networking

Software-defined networking has four unique features:

1. Agile: Administrators can alter network settings as business and

application demands evolve.
2. Centralized control: SDN unifies network intelligence, allowing for a
complete perspective of network configuration and activities.
3. Programable: Users can control network features and set up network
resources fast and simply through automated SDN services.
4. Open connectivity: SDN is built on open standards and uses them to
implement the technology. As a result, SDN simplifies network design
while also providing consistent networking in a vendor-agnostic
architecture.

Why do businesses need software-defined

networking?

Organizational network traffic patterns have shifted considerably in recent

years as more systems have been transferred to the cloud and demand for
applications to be mobile-friendly has grown. Although conventional network
topologies made sense when applications ran on a basic client-server basis,
something more flexible is now essential.

It's no secret that applications in the data center have become deeply
dependent on predictable network performance and can quickly respond to
service changes through self-service mechanisms. This has led to a more
software-centric view of the network, with many application teams seeking
more control over their application delivery. In comparison, IT teams seek
tighter control over infrastructure complexity and costs.

Today's businesses need technology that ensures their operations are always
up and running, flexible, and scalable to support business growth. Software-
defined networking delivers seamless network control, operational efficiency,
and accelerated business results.

SDN enables business networks to be dynamically configured on demand and

respond transparently to various service changes by integrating these
functions into a single control plane. In short, network switches and routers
become programmable, enabling IT teams to achieve absolute control over
how their network resources are utilized. This ultimately allows them to deliver
a higher quality experience for the end-users.

As a result, businesses can more effectively distribute network resources.

Since the network is controlled by software, it’s more agile, simple to handle,
and ready to adapt to new use cases. SDN enables the programmable nature
of networks through software applications using open APIs.

Organizations can also use software-defined networks to improve network

security by categorizing business traffic. Specific networks can be classified
as highly secure and transport critical data, while others can be public. If a
hacker gains access to a public-facing web server, they are limited to that
portion of the network and cannot access other segments, such as the
protected data center networks.

Are you still confused? The principle of SDN is simple: It enables you to
apply things like open-source practices and abstraction to networks. This
means you can be very granular when making changes to your network
infrastructure, get rid of old legacy systems, and replace them with powerful
new-generation network elements.

What is software-defined networking not about?

Software-defined networking is a revolutionary new approach to network
management that enables businesses to easily control and program their
systems. SDN can solve many problems, but before shifting to an SDN
architecture, companies should clearly understand what software-defined
networking isn't.

 Software-defined networking is not intent-based networking (IBN).

Both intent-based networking and SDN can comprehend network
configuration and interaction across numerous devices, but they are
different. Although SDN separates management control from devices, it
maintains a device-centric view of the network. The directives in IBN are
abstracted at a higher level, moving them from device-centric to
business-centric.
 Software-defined networking is not network automation. Even
though SDN and network automation are both based on code, they
are not the same. SDN only covers a subset of automation. Coupling
network automation with virtualization enables businesses to introduce
new technologies such as SDN into the infrastructure quickly.

Want to learn more about SD-WAN Solutions? Explore SD-WAN products.

Understanding how traditional networking works

Knowing how traditional infrastructure networks work is an essential part of

understanding how SDN works. Traditional networks are characterized by
end-to-end connectivity, meaning every computer can communicate directly
with every other computer.

This allows computers to use various technologies, such as local area

networks (LANs), wide area networks (WANs), urban wireless networks, and
even satellites to connect to the same network.

Traditional network infrastructure is made up of hardware and software. It

allows computation and communication between users, services, applications,
and processes. Fixed-function network equipment, such as switches and
routers, is the foundation of traditional networks. Each of these devices has a
specific purpose that works well with the others and helps to maintain the
network.

Networks are portrayed as one-dimensional with lines connecting nodes, but

that’s not the case. A network has three dimensions known as "planes": the
data plane, the control plane, and the management plane. A plane is an
abstract representation of where certain operations take place in networking.

Data plane

Also known as the forwarding plane, the data plane is a network layer with
infrastructure to carry network traffic. The data plane functionality in
conventional networks is provided by firmware in switches or other devices.

The data plane's actions are dependent on the control plane. The data plane
traffic must be segregated and regulated to protect the router and network
from various attacks. These risks can originate from both valid and malicious
traffic, and the data plane security strategy must account for all scenarios.

Control plane

The control plane is the network layer that carries signaling traffic and is
responsible for routing. A control plane performs its task independently. It
contains network protocols for communication between network elements,
such as routing, signaling, link-state protocols, and additional control protocols
for building network services.

Management plane

The management plane is a subset of the control plane that handles device
management and administrative traffic. Securing the management plane is
equally important as securing the control plane for effective router and
network functioning. Unauthorized access invariably results from a
compromised management plane, allowing an attacker to further compromise
the IP traffic planes by adding routes and changing traffic flows.

Switching and routing in computer networks are traditionally done using

hardware components with the above three planes. Recently, the trend has
been shifting to software-based network devices running on general-purpose
central processing units (CPUs).

How does software-defined networking work?

Software-defined networking is becoming increasingly popular in big data

centers, WANs, branch offices, campuses, data center networks, and telecom
networks for an exciting reason: it increases network efficiency. With its ability
to dynamically allocate resources to reduce maintenance costs and
operational complexity, SDN is emerging as a powerful tool for modern
networks.

In software-defined networking, the software is decoupled from the hardware.

The control plane, which determines where traffic should be sent, is moved to
software by SDN. But the data plane, which sends information, remains in
hardware. This allows network administrators who utilize SDN to program and
administer the whole network from a single control point rather than by device.

SDN eliminates the need for individually managing devices, such as traditional
routers or switches. This has implications for the architecture, economics, and
security of an enterprise network.

While there’s no one model for software-defined networking, the topology of

this kind of network has changed over time. The OpenFlow paradigm, which
was crucial in SDN's early development and standardization, was one of the
earliest SDN communication protocols.

This strategy, managed by the Open Networking Foundation (ONF), requires

businesses to deploy physical network elements, such as SDN controllers,
routers, and switches, explicitly designed to support the OpenFlow protocol.
As SDN grew, many people discovered that the basic paradigm was too
restrictive and devised alternative methods.

As a result, network virtualization models emerged, allowing virtual networks

to be created. These virtual networks can be separated from the underlying
network hardware and controlled by software.

SDN architecture

Software-defined networking comprises three major components that may or

may not be physically placed together: the application layer, the control layer,
and the infrastructure layer.

Application layer

The application layer contains the standard network applications or functions

businesses utilize to enhance application speed, simplify IT, and boost
security. Examples of these systems are intrusion detection systems, WAN
optimization controllers (WOCs), load balancing systems, and application
firewalls.

Traditional networks require dedicated network equipment for these duties. A

software-defined network substitutes the device with an application that
manages data plane behavior through a controller. Programs on the
application layer transmit particular network instructions to the SDN controller.
Control layer

The control layer is in charge of a network's policies and traffic flow. The
requirements presented by the application layer are processed by the control
layer, which subsequently sends them to the underlying network
infrastructure. The control layer also sends data from the infrastructure layer
back to the application layer to improve functionality.

The SDN controller, which links the application and infrastructure layers, is
part of the control layer. SDN controller software offers a centralized view and
control over the whole network. Network teams use the controller to regulate
how the underlying infrastructure's forwarding layer handles traffic.

The controller is also responsible for enforcing regulations that govern

network activity. Network administrators set policies that are implemented
consistently across all nodes in the network. Network policies are rules that
define what degree of access to the network traffic has, how many resources
it is permitted, and what priority it is given.

Infrastructure layer

In the data center, the infrastructure layer houses the network's actual
switches and routers. These network devices are in charge of crucial
forwarding functions and data processing capabilities and gather critical
information,such as network use and topology, to report back to the control
layer.
The above three layers communicate using northbound and southbound APIs.
The northbound API allows communications between the control and
application layers, while the southbound API will enable communications
between the control and infrastructure layers.

Northbound APIs

Applications in a software-defined network rely on the controller to inform

them of the network infrastructure's availability to determine what resources
are available. The SDN controller can automatically guarantee that application
traffic is routed according to the set policies. The apps communicate with the
control layer via northbound APIs, informing them of their required resources
and their intended destination.

The control layer orchestrates how available resources are allocated to the
apps in the network. It also employs intelligence to determine the best path for
the application in terms of latency and security. Northbound APIs are typically
RESTful APIs. Orchestration is fully automated and does not require manual
configuration.

Southbound APIs

The SDN controller uses southbound APIs to connect with network

infrastructures such as routers and switches. The network infrastructure is
informed of the path the application data must take, as determined by the
controller.

The controller can modify how the routers and switches move data in real
time. The data no longer depends on devices and routing tables to determine
where it travels. Instead, the controller's intelligence makes informed
judgments that improve the data's route.
Types of software-defined networking

Next-generation applications require new network architectures to handle

more traffic, provide better performance, and reduce cost. Software-defined
networks lead this effort by shifting networking control from traditional
hardware to software running on commodity server hardware.

However, several SDN architectures exist that vary in their implementation

details, controller structure, and management interfaces.

 Open SDN: An open SDN architecture controls the virtual and physical
devices that route data packets using open protocols.
 API SDN: This topology controls data flow to and from each device by
utilizing programming interfaces, also known as southbound APIs.
 Overlay model SDN: SDN builds a virtual network on top of the current
hardware, offering tunnels with channels to data centers. The model
then assigns devices to each channel and distributes bandwidth in each
channel.
 Hybrid model SDN: This topology blends the best features of SDN with
traditional networking, allowing the best protocol for each kind of traffic
to be allocated. The hybrid SDN is frequently utilized as a phase-in
approach to SDN.

Software-defined networking vs. network function

virtualization

The networking sector is always on the cutting edge of change, dealing with a
constantly altering economic and technological landscape while
simultaneously managing increasingly high consumer expectations. Some of
the most visible disruptors have been the increased prevalence of
smartphones and internet-based apps, the 5G boom, shifting WAN needs,
and the creation of novel traffic patterns from IoT connections.
When paired with a rapid increase in demand for dynamic bandwidth and on-
demand services, flattened revenues, and a pressing need to decrease costs,
service providers and businesses have no choice but to change their networks
and operations.

Software-defined networking and network function virtualization (NFV) are two

concepts gaining a lot of traction. The terms are often used interchangeably
within the industry, even though they achieve different goals.
Software-defined networking

Software-defined networking is a networking architecture that enables

dynamic and programmatically efficient network configuration to increase
overall network performance, making networks more agile and adaptable.
SDN controls networks by decoupling the control and forwarding planes to
enable more automated provisioning and policy-based network resource
management.

SDN serves its users with a method to control network services through
software that makes networks centrally programmable and allows for speedier
configuration. It enables companies and service providers to adapt rapidly to
changing business demands and requirements, eventually improving network
control.

Network function virtualization

Network function virtualization is a network architecture that lets network

operators deliver services faster and for less cost by shifting features like
firewalls and encryption from dedicated hardware to virtual servers. This
consolidates different functions into a single physical server and lowers total
costs. NFV enables multiple network operators to implement network policies
without worrying about where functions should be placed in the network or
how to route traffic.

NFV is a method of virtualizing network services (such routers, firewalls, and

load balancers) and enabling them to run on virtual machines. Multiple
operating systems can share a single hardware processor with the help of a
hypervisor called a virtual machine manager. Compared to networks created
with traditional networking equipment, NFV provides high-performance
networks with better scalability, flexibility, and adaptability at lower prices.
The telecom industry initially developed NFV to address the increasingly
complex process of managing and provisioning network services. There’s also
a growing demand for new business models and innovative service offerings.
The use cases for NFV are increasing and evolving, from virtualized mobile
core networks and carrier Ethernet services to retail and enterprise WAN and
IoT networks.

SDN vs. SD-WAN

The fast-paced nature of business and changes in technology have resulted in

an increased need for responsive networks. Modern companies need agile,
reliable, and secure networking solutions to operate efficiently. The increase
in mobile usage, cloud adoption, and the advent of IoT has added further
complexity to traditional networks.

To meet this challenge and deliver the benefits of software-defined

networking, businesses use a software-defined wide-area network (SD-
WAN) that provides secure and reliable access across an entire enterprise
network.

However, with SDN being one of the most talked-about technologies today,
organizations are also focused on understanding what SDN is all about and
how it can help enterprises build more responsive networks.

SDN and SD-WAN are two related ideas that describe networks that can be
controlled and monitored using software. They both represent essential
technology shifts that will impact how businesses and technology providers
move and manage network traffic in the future. Understanding their
differences is critical in creating agile networks.
Software-defined networking

Software-defined networking was created to satisfy computing demands in

both LANs and service provider networks. The objective was to create
dynamic, flexible, and scalable connections within the data center and on core
networks to accommodate changing needs.

SDNs are directly programmable, allowing for a flexible, centrally managed

platform that separates the control plane, which decides where traffic should
be routed, from the data plane, which defines how traffic should be delivered.

Software-defined wide area network

Software-defined wide area network is an extension of SDN that focuses on

the network edge (the area where a device or local network interfaces with the
Internet) and enables companies to connect several distant sites by utilizing
the internet and multiprotocol label switching (MPLS). It includes a set of
utilities geared at the edge, such as firewall capabilities.

The major difference between the two is that SD-WAN provides a wide-area
network that connects many locations, making it an SDN in the WAN. Another
significant distinction is that SD-WAN is managed by the vendor rather than
by internal resources. SD-WAN requires less effort from a network engineer
because the vendor provides the service.

SDN use cases

SDN adoption has created a buzz in IT circles. Quantifying its impact remains
a challenge because it has many applications across the enterprise. There are
three broad categories where organizations are using SDN: networks,
storage, and workloads.
To get a sense of where SDN is headed, let's look at some of the typical use
cases being implemented across the industry.

 Scaling business data center: Enterprises have utilized SDN to create

scalable data centers, which means engineers can use more or less
resources to efficiently manage software-defined data storage and
consumption.
 Application deployment: SDN allows application teams to release and
control applications from a central hub network.
 Securing IoT architecture: Although IoT devices provide convenience
and options, they also provide hackers and other data thieves several
access points. With SDN, IoT developers can offer a central,
customized protective layer that helps to safeguard the process.
 Support intent-based networking: With intent-based networking,
teams can instruct the network what it needs to perform in accordance
with the specific business objectives. An SDN-enabled infrastructure
can customize the functioning of various components in a way that
harmonizes with large-scale goals.

Challenges of SDN

Software-defined networking has ushered in another network revolution like

open-source software, public cloud computing, and virtualization. It’s changed
the way networks are built and managed in the enterprise. SDN has provided
enormous flexibility, driven multi-fold gains in efficiency, and expanded the
scope of automation to include software-defined network operations, network
security, and SD-WAN services.

No matter how you plan to use SDN, it’s imperative that you understand the
challenges of SDN and how it will affect your organization to undue risk.

 Security risks: While SDN makes networking easier, it also poses a

security risk. Centralized administration is a single point of failure so if it
fails, the entire network suffers.
 Northbound API standards: Vendors and open source entities are
creating different APIs for their SDN controllers since there’s no widely
acknowledged standard for northbound APIs. This complicates
 application development since developers must create numerous
versions of apps in order for them to work with different controllers.
 SDN controller bottlenecks: When an SDN controller has just one
instance, it might create a bottleneck for a network with a lot of traffic,
routers, and switches. There's basically too much to connect with for a
single controller instance.

Benefits of SDN

Businesses that invest in SDN are often attracted to its capacity to handle
data-intensive applications. Beyond that goal, SDN offers a plethora of
advantages that make it a worthwhile endeavor. Listed below are a few of the
most significant perks.

 Increased adaptability: SDN helps companies be more agile by

separating the control plane, which is responsible for routing network
traffic, from the data plane, which sends data through routers. The high-
bandwidth, dynamic nature of today's applications need this scalability.
 Improved use of network resources: Organizations that switch to
SDN can save money on operating expenses (OPEX) by using virtual
resources.
 Increased programmability: SDN helps IT teams easily install, protect,
and optimize network resources since there are no vendor-specific
protocols or proprietary software. The network is directly programmable
because the control plane is separated from the forwarding plane.
 Simplified management: A software-defined network results in an
overall easier-to-operate architecture because it does not require highly
skilled network specialists to operate it.

The new way of networking

As a steadily evolving industry, networking is always looking for emerging

technologies to suit customer demands. Switching to SDN is an essential
milestone for businesses. It provides excellent efficiency improvement in
managing network resources, enhances resiliency, and simplifies service
deployment.
Enterprise networks are evolving from device-centric to intent-based.
Learn how intent-based networking (IBN) can help you build networks
that are intelligent and agile.

Keerthi Rangan

Keerthi Rangan is an SEO specialist and a former content marketing

specialist at G2 focused on the IT management software market. Her content
helps organizations understand the different IT concepts and corresponding
software available to transform their businesses, data, and people. Keerthi
leverages her background in Python development to build subject matter
expertise in the software and IT management space. Her coverage areas
include: network automation, software-defined networking (SDN), blockchain,
databases, asset management, disaster recovery, intent-based networks,
infrastructure as code (IaC), SaaS, and more.