SlideShare a Scribd company logo

Study materials for software defined networks

T
tguna21

SDN is a networking architecture that separates the network control and forwarding functions. The control plane that makes decisions about where traffic is sent is centralized on an SDN controller. The data plane forwarding plane is distributed across SDN switches. OpenFlow is a standard SDN protocol that allows the SDN controller to communicate with SDN switches and program their flow tables to determine how traffic is forwarded. The controller installs rules in the flow tables of switches using OpenFlow messages. This gives network administrators centralized control over how traffic is routed in the network.

Education
1 of 11
Downloaded 16 times
1
2
Most read
3
4
5
Most read
6
7
Most read
8
9
10
11
1. SDN stands for Software Defined Network which is a networking architecture approach. It enables the control and management of the network using software applications. Through Software Defined Network (SDN) networking behavior of the entire network and its devices are programmed in a centrally controlled manner through software applications using open APIs. 2. Simplified policy change-With SDN, an administrator can change any network switch's rules when necessary -- prioritizing, deprioritizing or even blocking specific types of packets with a granular level of control and security. Network management and visibility - Other benefits of SDN are network management and end-to- end visibility. A network administrator needs to deal with only one centralized controller to distribute policies to the connected switches. Reduced hardware footprint and Opex - SDN also virtualizes hardware and services that were previously carried out by dedicated hardware. Networking innovations-SDN also contributed to the emergence of software-defined wide area network (SD-WAN) technology. 3. The three main components that make the SDN are: SDN Applications: SDN Applications relay requests or networks through SDN Controller using API. SDN controller: SDN Controller collects network information from hardware and sends this information to applications. SDN networking devices: SDN Network devices help in forwarding and data processing tasks. 4. Flow tables are the fundamental data structures in an SDN device. These flow tables allow the device to evaluate incoming packets and take the appropriate action based on the contents of the packet that has just been received. Flow tables consist of a number of prioritized flow entries. 5. Distributed control plane means that control plane of all networking devices lies within the device itself. Each device have their own control plane to control data plane. In Centralized control plane system, there is a device which contains control plane of all devices. This device control the activities of data plane of all networking devices simultaneously. This device is called Controller or SDN controller.
1. SDN Architecture  In a traditional network, each switch has its own data plane as well as the control plane.  The control plane of various switches exchange topology information and hence construct a forwarding table that decides where an incoming data packet has to be forwarded via the data plane.  Software-defined networking (SDN) is an approach via which we take the control plane away from the switch and assign it to a centralized unit called the SDN controller. Hence, a network administrator can shape traffic via a centralized console without having to touch the individual switches.  The data plane still resides in the switch and when a packet enters a switch, its forwarding activity is decided based on the entries of flow tables, which are pre-assigned by the controller.  A flow table consists of match fields (like input port number and packet header) and instructions.  The packet is first matched against the match fields of the flow table entries. Then the instructions of the corresponding flow entry are executed.  The instructions can be forwarding the packet via one or multiple ports, dropping the packet, or adding headers to the packet. If a packet doesn’t find a corresponding match in the flow table, the switch queries the controller which sends a new flow entry to the switch.  The switch forwards or drops the packet based on this flow entry. A typical SDN architecture consists of three layers.  Application layer: It contains the typical network applications like intrusion detection, firewall, and load balancing  Control layer: It consists of the SDN controller which acts as the brain of the network. It also allows hardware abstraction to the applications written on top of it.  Infrastructure layer: This consists of physical switches which form the data plane and carries out the actual movement of data packets. The layers communicate via a set of interfaces called the north-bound APIs(between the application and control layer) and southbound APIs(between the control and infrastructure layer). SDN Architecture
2. SDN Data plane and Control plane The control plane and the data plane are two key components of a network, each facilitating the flow of network packets, and each with its own set of functions and responsibilities. Understanding the differences between these two planes helps you design and optimize networks for improved performance, scalability, and security. This article will explore the control and data planes, including their functionalities, fundamental differences and use cases. The article also explains the advantages and drawbacks of decoupling these two components. What is the control plane? The control plane is an integral part of a network. It governs everything related to forwarding data packets, or how data is sent from a source to a destination. The control plane is responsible for various functions and processes such as routing table creation, maintenance, forwarding, establishing network policies, managing routing protocols and creating the network topology. (These functions and processes are all part of the larger concept of managing network configuration.) The control plane utilizes several protocols such as  OSPF  RIP  BGP They enable the control plane to exchange routing details and determine the optimal paths for directing network traffic. Usually, the control plane is separated from the data plane, allowing it to become more efficient and scalable. Furthermore, there are distributed and centralized control planes. Those centralized planes are managed by a central controller responsible for making decisions and managing the behavior of network devices. What is the data plane? The data plane is the part of networking that forwards network packets between source and destination devices. As simple analogy to the data and control planes, think of these in a transportation sense:  The control plane works as the traffic controller that controls and routes traffic.  Meanwhile, the data plane acts as the vehicle that transports passengers to the correct destination. (Hence why the data plane is also called the ‘forwarding plane.’) The data plane performs tasks like receiving and inspecting the packets, forwarding them to the correct destination, queuing network packets during network congestion, and ensuring the safe delivery of packets to the correct destination. Similar to the control plane, the data plane also uses protocols such as Internet Protocol (IP) and Ethernet to carry out its functions. The data plane operates at a lower abstraction level than the control plane — forwarding packets based on the routing configured by the control plane.
Control vs. data planes: key differences Now let’s look at the major differences between these two planes Focus and functions The main focus of the control plane is managing and controlling the network and defining how data packets should be transmitted. The following are the core functionalities of a control plane.  Creating routing tables  Maintaining routing tables  Establishing network security policies  Deciding the optimal routing paths  Creating and maintaining network topology  Monitoring network health On the other hand, the data plane focuses on forwarding the network packets to the correct destination. The following are its core functionalities.  Receiving and inspecting the data packets  Forwarding the data packets to their correct destinations  Verifying the accurate delivery of the data packets  Queuing data packets during network congestion  Packet error detection  Demultiplexing data packets
2. OpenFlow, Protocol OpenFlow an open srce standard supported by many vendors, is the first software defined networking (SDN) control protocol. It separates the control plane (decision-making) from the forwarding plane (packet routing). OpenFlow is a network control protocol. Network traffic does not go through the OpenFlow d, OpenFlow sends the control signals that tell the network switches how to route the network traffic. SDN architecture enabled by OpenFlow separates the network into three distinguishable layers, connectedvia northbound and southbound APIs. In traditional network design, each switch would contain a routing table that it used to decide how to route each packet. This routing table is largely static; it would be updated by the administrator individually on each router. In OpenFlow, an SDN controller is the control plane. The SDN controller contains the logic and does the decision-making for how the network traffic should flow between the switches. The SDN controller establishes a connection to each switch to pass messages. This connection uses Transmission Control Protocol (TCP) and is often encrypted with Transport Layer Security (TLS). It uses port 6653 with earlier versions using 6633. The controller sends commands to the OpenFlow switches, which handle the network data. The OpenFlow commands change the switch's flow routing table. The flow table is the OpenFlow equivalent of the routing and MAC address forwarding tables. It contains all the instructions for how the switch will handle network traffic.
The flow table contains many rows of flow entries which tell the switch how to handle each packet. The flow entries can use each OSI layer of a packet, including MAC address match, IP address match, protocol match or port match. These rules can be multilevel and combined to create complex rules. This level of flexibility allows each OpenFlow switch to act as a basic firewall as well. Switches can forward packets that do not match any rules to the SDN controller for the controller to inspect and create a new flow rule for it. Flow tables can be delivered proactively or reactively. In proactive delivery the controller sends the flow table to all switches. In reactive mode the controller only sends new flow entries when requested by the switch. This can help to reduce the amount of data stored on each switch and improve performance. The OpenFlow SDN controller can communicate with higher-level applications. These higher-level applications contain the business logic and can be configured more easily by a technician. This is then put on a northbound interface API to the controller. The controller then makes the flow rules. Advantages of OpenFlow OpenFlow is an open source SDN technology. It is supported by many vendors and providers. Some switches can use either OpenFlow rules or its own internal ones. It can be used in an entirely virtualized network environment to control virtual switches in cloud computing. The SDN nature of OpenFlow allows for quick response to changes and failures. It is also highly flexible and can manage highly complex rules. To illustrate the use of OpenFlow, imagine a campus area network (CAN) with many buildings, switches and two internet connections. For normal operation, the network traffic flows through the closest connections to get to its destination. If a link connecting two buildings goes down, the switches can report the connection status to the controller, which then sends new flow rules out to the affected switches with a new forwarding path. If an internet connection goes down it can also route any internet-bound traffic over the good link. A large CAN with many different types of devices could also quickly become full of unwanted traffic, but it would be expensive to put a firewall between each building or even each floor within a building.
4. South Bound and North Bound Interface Southbound Interface The SDN controller has to communicate with our network devices in order to program the data plane. This is done through the southbound interface. This is not a physical interface but a software interface, often an API (Application Programming Interface). An API is a software interface that allows an application to give access to other applications by using pre- defined functions and data structures. I’ll explain more about this in a minute. Some popular southbound interfaces are:  OpenFlow: this is probably the most popular SBI at the moment, it’s an open source protocol from the Open Networking Foundation. There are quite a few network devices and SDN controllers that support OpenFlow.  Cisco OpFlex: this is Cisco’s answer to OpenFlow. It’s also an open source protocol which has been submitted to the IETF for standardization.  CLI: Cisco offers APIC-EM which is an SDN solution for the current generation of routers and switches. It uses protocols that are available on current generation hardware like telnet, SSH, and SNMP. Northbound Interface The northbound interface is used to access the SDN controller itself. This allows a network administrator to access the SDN to configure it or to retrieve information from it. This could be done through a GUI but it also offers an API which allows other applications access to the SDN controller. You can use this to write scripts and automate your network administration. Here are some examples:  List information from all network devices in your network.  Show the status of all physical interfaces in the network.  Add a new VLAN on all your switches.  Show the topology of your entire network.  Automatically configure IP addresses, routing, and access-lists when a new virtual machine is created. Here’s an illustration to help you visualize this:
Through the API, multiple applications are able to access the SDN controller:  A user that is using a GUI to retrieve information about the network from the SDN controller. Behind the scenes, the GUI is using the API.  Scripts that are written in Java or Python can use the API to retrieve information from the SDN controller or configure the network.  Other applications are able to access the SDN controller. Perhaps an application that automatically configures the network once a new virtual machine is created on a VMware ESXi server. ONOS  Open Network Operating System (ONOS) is an OS designed to help network service providers build carrier-grade software-defined networks architected for high scalability, availability and performance.  Although specifically designed to address the needs of service providers, ONOS can also act as a software-defined networking (SDN) control plane for enterprise campus local area networks (LANs) and data center networks.
5. SDN Vs Traditional The key difference between SDN and traditional networking is infrastructure: SDN is software-based, while traditional networking is hardware-based. Because the control plane is software-based, SDN is much more flexible than traditional networking. It allows administrators to control the network, change configuration settings, provision resources, and increase network capacity—all from a centralized user interface, without adding more hardware. There are also security differences between SDN and traditional networking. Thanks to greater visibility and the ability to define secure pathways, SDN offers better security in many ways. However, because software-defined networks use a centralized controller, securing the controller is crucial to maintaining a secure network, and this single point of failure represents a potential vulnerability of SDN. Difference between SDN and Traditional Networking Software Defined Networking Traditional Networking Software Defined Network is a virtual networking approach. A traditional network is the old conventional networking approach. Software Defined Network is centralized control. Traditional Network is distributed control. This network is programmable. This network is nonprogrammable. Software Defined Network is the open interface. A traditional network is a closed interface. In Software Defined Network data plane and control, the plane is decoupled by software. In a traditional network data plane and control plane are mounted on the same plane.
5 RYU Controller Ryu Controller is an open, software-defined networking (SDN) Controller designed to increase the agility of the network by making it easy to manage and adapt how traffic is handled. In general, the SDN Controller is the brain of the SDN environment, communicating information down to the switches and routers with southbound APIs, and up to the applications and business logic with northbound APIs. The Ryu Controller is supported by NTT and is deployed in NTT cloud data centers as well. The Ryu Controller provides software components, with well-defined application program interfaces (APIs), that make it easy for developers to create new network management and control applications. This component approach helps organizations customize deployments to meet their specific needs; developers can quickly and easily modify existing components or implement their own to ensure the underlying network can meet the changing demands of their applications. The Ryu Controller source code is hosted on GitHub and managed and maintained by the open Ryu community. OpenStack, which runs an open collaboration focused on developing a cloud operating system that can control the compute, storage, and networking resources of an organization, supports deployments of Ryu as the Network Controller.
OpenDaylight Project (ODL) Controller  is an open source SDN project aimed at enhancing SDN by offering a community-led and industry- supported framework for the OpenDaylight Controller, which has been renamed the OpenDaylight Platform. It is open to anyone, including end users and customers, and it provides a shared platform for those with SDN goals to work together to find new solutions.  Since the OpenDaylight platform is both multiprotocol and modular, users can build an SDN controller to fit their specific needs. This modular and multiprotocol approach gives IT admins the ability to pick a singular protocol or to select multiple protocols to resolve complex problems as they crop up. The platform includes support for all SDN platforms, including OpenFlow, Open VSwitch (OVS) Database (OVSDB), NETCONF, and BGP.  The OpenFlow protocol, considered the first SDN standard, defines the open communications protocol that allows the SDN Controller to work with the forwarding plane and make changes to the network. This gives businesses the ability to better adapt to their changing needs, and have greater control over their networks.  The OpenDaylight Controller exposes open northbound APIs, which are used by applications. These applications use the controller to collect information about the network, run algorithms to conduct analytics, and then use the OpenDaylight Controller to create new rules throughout the network.  The OpenDaylight Controller is implemented solely in software and is kept within its own Java Virtual Machine (VM) (JVM). This means it can be deployed on hardware and any operating system platforms that support

More Related Content

DOCX
EE552SDNAunAhsan57371357
Aun Ahsan
 
PPTX
Lect12-13_MS_Networks.pptx
MuhammadMazharBashir
 
PPTX
TE581-Software Defined Networking-2019aaaaaaaaaaaaaaaa.pptx
NanaAgyeman13
 
PDF
Software Defined Networking - 2
Pradeep Kumar TS
 
PDF
Software Define Networking (SDN)
Pradeep Kumar TS
 
PPTX
Software defined network-- SDN
Aadarsh Sharma
 
PPTX
SDN Introduction
Yoppy Yunhasnawa
 
PDF
TERM PAPER
Madhav Sharma
 
EE552SDNAunAhsan57371357
Aun Ahsan
 
Lect12-13_MS_Networks.pptx
MuhammadMazharBashir
 
TE581-Software Defined Networking-2019aaaaaaaaaaaaaaaa.pptx
NanaAgyeman13
 
Software Defined Networking - 2
Pradeep Kumar TS
 
Software Define Networking (SDN)
Pradeep Kumar TS
 
Software defined network-- SDN
Aadarsh Sharma
 
SDN Introduction
Yoppy Yunhasnawa
 
TERM PAPER
Madhav Sharma
 

Similar to Study materials for software defined networks (20)

PDF
Denial of Service Attacks in Software Defined Networking - A Survey
IRJET Journal
 
DOCX
Software Defined Networking Attacks and Countermeasures .docx
rosemariebrayshaw
 
PDF
journalism research paper
rikaseorika
 
PDF
research on journaling
rikaseorika
 
PDF
journal to publish research paper
rikaseorika
 
PDF
journal of mathematics research
rikaseorika
 
PDF
journal in research
rikaseorika
 
PDF
A Survey of Past, Present and Future of Software Defined Networking.pdf
Wendy Belieu
 
PPTX
Software defined networking
Prof. Dr. Noman Islam
 
PDF
Controller Placement Problem Resiliency Evaluation in SDN-based Architectures
IJCNCJournal
 
PDF
Controller Placement Problem Resiliency Evaluation in SDN-based Architectures
IJCNCJournal
 
PDF
Controller Placement Problem resiliency evaluation in SDN-based architectures
IJCNCJournal
 
PDF
Provide a diagram and description of the flow table entries that can.pdf
arihantelehyb
 
PDF
OPTIMIZING CONGESTION CONTROL BY USING DEVICES AUTHENTICATION IN SOFTWARE-DEF...
IJNSA Journal
 
PDF
Software-Defined Networking Changes for the Paradigm for Mission-Critical Ope...
Wheeler Flemming
 
PDF
4_SDN.pdf
ssuser054b31
 
PDF
On the latency and jitter evaluation of software defined networks
journalBEEI
 
PPTX
veryOLONADE MAHMpppUD PRESENTATIONrrr.pptx
awelewa1
 
PPTX
Software Defined Networking (SDN)
Aalok Shah
 
PDF
Software Defined Networks - Unit -1- class lecture notes.pdf
softwaretrainer2elys
 
Denial of Service Attacks in Software Defined Networking - A Survey
IRJET Journal
 
Software Defined Networking Attacks and Countermeasures .docx
rosemariebrayshaw
 
journalism research paper
rikaseorika
 
research on journaling
rikaseorika
 
journal to publish research paper
rikaseorika
 
journal of mathematics research
rikaseorika
 
journal in research
rikaseorika
 
A Survey of Past, Present and Future of Software Defined Networking.pdf
Wendy Belieu
 
Software defined networking
Prof. Dr. Noman Islam
 
Controller Placement Problem Resiliency Evaluation in SDN-based Architectures
IJCNCJournal
 
Controller Placement Problem Resiliency Evaluation in SDN-based Architectures
IJCNCJournal
 
Controller Placement Problem resiliency evaluation in SDN-based architectures
IJCNCJournal
 
Provide a diagram and description of the flow table entries that can.pdf
arihantelehyb
 
OPTIMIZING CONGESTION CONTROL BY USING DEVICES AUTHENTICATION IN SOFTWARE-DEF...
IJNSA Journal
 
Software-Defined Networking Changes for the Paradigm for Mission-Critical Ope...
Wheeler Flemming
 
4_SDN.pdf
ssuser054b31
 
On the latency and jitter evaluation of software defined networks
journalBEEI
 
veryOLONADE MAHMpppUD PRESENTATIONrrr.pptx
awelewa1
 
Software Defined Networking (SDN)
Aalok Shah
 
Software Defined Networks - Unit -1- class lecture notes.pdf
softwaretrainer2elys
 
Ad

Recently uploaded (20)

PDF
ANTIBIOTICS.pptx.pdf………………… xxxxxxxxxxxxx
HakHe
 
PPTX
Microbial diseases, their pathogenesis and prophylaxis
DevlinaSengupta
 
PDF
102 student loan defaulters named and shamed – Is someone you know on the list?
Kweku Zurek
 
PDF
TR - Agricultural Crops Production NC III.pdf
avgilmegino3
 
PDF
Microbial disease of the cardiovascular and lymphatic systems
KeyaSharma
 
PDF
Basic Mud Logging Guide for educational purpose
wdandworks
 
PDF
Physiotherapy_for_Respiratory_and_Cardiac_Problems WEBBER.pdf
DrMONISHAphysio
 
PPTX
Introduction_to_Human_Anatomy_and_Physiology_for_B.Pharm.pptx
chetansingh379583
 
PDF
STATICS OF THE RIGID BODIES Hibbelers.pdf
pascualasturiaskaye4
 
PDF
O7-L3 Supply Chain Operations - ICLT Program
labyankof
 
PPTX
Cell Types and Its function , kingdom of life
ClaireMangundayao1
 
PDF
Classroom Observation Tools for Teachers
Nicaramirez
 
PPTX
Institutional Correction lecture only . . .
limvtheghins
 
PPTX
PPH.pptx obstetrics and gynecology in nursing
SrideviDevaraj5
 
PDF
Chapter 2 Heredity, Prenatal Development, and Birth.pdf
MarjorieLopezTiu
 
PPTX
Cell Structure & Organelles in detailed.
DHANASHREESIVAKUMAR
 
PDF
3rd Neelam Sanjeevareddy Memorial Lecture.pdf
Academy of Grassroots Studies and Research of India (AGRASRI)
 
PPTX
human mycosis Human fungal infections are called human mycosis..pptx
shilpa939953
 
PPTX
IMMUNITY IMMUNITY refers to protection against infection, and the immune syst...
shilpa939953
 
PDF
FourierSeries-QuestionsWithAnswers(Part-A).pdf
Raji Murugan
 
ANTIBIOTICS.pptx.pdf………………… xxxxxxxxxxxxx
HakHe
 
Microbial diseases, their pathogenesis and prophylaxis
DevlinaSengupta
 
102 student loan defaulters named and shamed – Is someone you know on the list?
Kweku Zurek
 
TR - Agricultural Crops Production NC III.pdf
avgilmegino3
 
Microbial disease of the cardiovascular and lymphatic systems
KeyaSharma
 
Basic Mud Logging Guide for educational purpose
wdandworks
 
Physiotherapy_for_Respiratory_and_Cardiac_Problems WEBBER.pdf
DrMONISHAphysio
 
Introduction_to_Human_Anatomy_and_Physiology_for_B.Pharm.pptx
chetansingh379583
 
STATICS OF THE RIGID BODIES Hibbelers.pdf
pascualasturiaskaye4
 
O7-L3 Supply Chain Operations - ICLT Program
labyankof
 
Cell Types and Its function , kingdom of life
ClaireMangundayao1
 
Classroom Observation Tools for Teachers
Nicaramirez
 
Institutional Correction lecture only . . .
limvtheghins
 
PPH.pptx obstetrics and gynecology in nursing
SrideviDevaraj5
 
Chapter 2 Heredity, Prenatal Development, and Birth.pdf
MarjorieLopezTiu
 
Cell Structure & Organelles in detailed.
DHANASHREESIVAKUMAR
 
3rd Neelam Sanjeevareddy Memorial Lecture.pdf
Academy of Grassroots Studies and Research of India (AGRASRI)
 
human mycosis Human fungal infections are called human mycosis..pptx
shilpa939953
 
IMMUNITY IMMUNITY refers to protection against infection, and the immune syst...
shilpa939953
 
FourierSeries-QuestionsWithAnswers(Part-A).pdf
Raji Murugan
 
Ad

Study materials for software defined networks

  • 1. 1. SDN stands for Software Defined Network which is a networking architecture approach. It enables the control and management of the network using software applications. Through Software Defined Network (SDN) networking behavior of the entire network and its devices are programmed in a centrally controlled manner through software applications using open APIs. 2. Simplified policy change-With SDN, an administrator can change any network switch's rules when necessary -- prioritizing, deprioritizing or even blocking specific types of packets with a granular level of control and security. Network management and visibility - Other benefits of SDN are network management and end-to- end visibility. A network administrator needs to deal with only one centralized controller to distribute policies to the connected switches. Reduced hardware footprint and Opex - SDN also virtualizes hardware and services that were previously carried out by dedicated hardware. Networking innovations-SDN also contributed to the emergence of software-defined wide area network (SD-WAN) technology. 3. The three main components that make the SDN are: SDN Applications: SDN Applications relay requests or networks through SDN Controller using API. SDN controller: SDN Controller collects network information from hardware and sends this information to applications. SDN networking devices: SDN Network devices help in forwarding and data processing tasks. 4. Flow tables are the fundamental data structures in an SDN device. These flow tables allow the device to evaluate incoming packets and take the appropriate action based on the contents of the packet that has just been received. Flow tables consist of a number of prioritized flow entries. 5. Distributed control plane means that control plane of all networking devices lies within the device itself. Each device have their own control plane to control data plane. In Centralized control plane system, there is a device which contains control plane of all devices. This device control the activities of data plane of all networking devices simultaneously. This device is called Controller or SDN controller.
  • 2. 1. SDN Architecture  In a traditional network, each switch has its own data plane as well as the control plane.  The control plane of various switches exchange topology information and hence construct a forwarding table that decides where an incoming data packet has to be forwarded via the data plane.  Software-defined networking (SDN) is an approach via which we take the control plane away from the switch and assign it to a centralized unit called the SDN controller. Hence, a network administrator can shape traffic via a centralized console without having to touch the individual switches.  The data plane still resides in the switch and when a packet enters a switch, its forwarding activity is decided based on the entries of flow tables, which are pre-assigned by the controller.  A flow table consists of match fields (like input port number and packet header) and instructions.  The packet is first matched against the match fields of the flow table entries. Then the instructions of the corresponding flow entry are executed.  The instructions can be forwarding the packet via one or multiple ports, dropping the packet, or adding headers to the packet. If a packet doesn’t find a corresponding match in the flow table, the switch queries the controller which sends a new flow entry to the switch.  The switch forwards or drops the packet based on this flow entry. A typical SDN architecture consists of three layers.  Application layer: It contains the typical network applications like intrusion detection, firewall, and load balancing  Control layer: It consists of the SDN controller which acts as the brain of the network. It also allows hardware abstraction to the applications written on top of it.  Infrastructure layer: This consists of physical switches which form the data plane and carries out the actual movement of data packets. The layers communicate via a set of interfaces called the north-bound APIs(between the application and control layer) and southbound APIs(between the control and infrastructure layer). SDN Architecture
  • 3. 2. SDN Data plane and Control plane The control plane and the data plane are two key components of a network, each facilitating the flow of network packets, and each with its own set of functions and responsibilities. Understanding the differences between these two planes helps you design and optimize networks for improved performance, scalability, and security. This article will explore the control and data planes, including their functionalities, fundamental differences and use cases. The article also explains the advantages and drawbacks of decoupling these two components. What is the control plane? The control plane is an integral part of a network. It governs everything related to forwarding data packets, or how data is sent from a source to a destination. The control plane is responsible for various functions and processes such as routing table creation, maintenance, forwarding, establishing network policies, managing routing protocols and creating the network topology. (These functions and processes are all part of the larger concept of managing network configuration.) The control plane utilizes several protocols such as  OSPF  RIP  BGP They enable the control plane to exchange routing details and determine the optimal paths for directing network traffic. Usually, the control plane is separated from the data plane, allowing it to become more efficient and scalable. Furthermore, there are distributed and centralized control planes. Those centralized planes are managed by a central controller responsible for making decisions and managing the behavior of network devices. What is the data plane? The data plane is the part of networking that forwards network packets between source and destination devices. As simple analogy to the data and control planes, think of these in a transportation sense:  The control plane works as the traffic controller that controls and routes traffic.  Meanwhile, the data plane acts as the vehicle that transports passengers to the correct destination. (Hence why the data plane is also called the ‘forwarding plane.’) The data plane performs tasks like receiving and inspecting the packets, forwarding them to the correct destination, queuing network packets during network congestion, and ensuring the safe delivery of packets to the correct destination. Similar to the control plane, the data plane also uses protocols such as Internet Protocol (IP) and Ethernet to carry out its functions. The data plane operates at a lower abstraction level than the control plane — forwarding packets based on the routing configured by the control plane.
  • 4. Control vs. data planes: key differences Now let’s look at the major differences between these two planes Focus and functions The main focus of the control plane is managing and controlling the network and defining how data packets should be transmitted. The following are the core functionalities of a control plane.  Creating routing tables  Maintaining routing tables  Establishing network security policies  Deciding the optimal routing paths  Creating and maintaining network topology  Monitoring network health On the other hand, the data plane focuses on forwarding the network packets to the correct destination. The following are its core functionalities.  Receiving and inspecting the data packets  Forwarding the data packets to their correct destinations  Verifying the accurate delivery of the data packets  Queuing data packets during network congestion  Packet error detection  Demultiplexing data packets
  • 5. 2. OpenFlow, Protocol OpenFlow an open srce standard supported by many vendors, is the first software defined networking (SDN) control protocol. It separates the control plane (decision-making) from the forwarding plane (packet routing). OpenFlow is a network control protocol. Network traffic does not go through the OpenFlow d, OpenFlow sends the control signals that tell the network switches how to route the network traffic. SDN architecture enabled by OpenFlow separates the network into three distinguishable layers, connectedvia northbound and southbound APIs. In traditional network design, each switch would contain a routing table that it used to decide how to route each packet. This routing table is largely static; it would be updated by the administrator individually on each router. In OpenFlow, an SDN controller is the control plane. The SDN controller contains the logic and does the decision-making for how the network traffic should flow between the switches. The SDN controller establishes a connection to each switch to pass messages. This connection uses Transmission Control Protocol (TCP) and is often encrypted with Transport Layer Security (TLS). It uses port 6653 with earlier versions using 6633. The controller sends commands to the OpenFlow switches, which handle the network data. The OpenFlow commands change the switch's flow routing table. The flow table is the OpenFlow equivalent of the routing and MAC address forwarding tables. It contains all the instructions for how the switch will handle network traffic.
  • 6. The flow table contains many rows of flow entries which tell the switch how to handle each packet. The flow entries can use each OSI layer of a packet, including MAC address match, IP address match, protocol match or port match. These rules can be multilevel and combined to create complex rules. This level of flexibility allows each OpenFlow switch to act as a basic firewall as well. Switches can forward packets that do not match any rules to the SDN controller for the controller to inspect and create a new flow rule for it. Flow tables can be delivered proactively or reactively. In proactive delivery the controller sends the flow table to all switches. In reactive mode the controller only sends new flow entries when requested by the switch. This can help to reduce the amount of data stored on each switch and improve performance. The OpenFlow SDN controller can communicate with higher-level applications. These higher-level applications contain the business logic and can be configured more easily by a technician. This is then put on a northbound interface API to the controller. The controller then makes the flow rules. Advantages of OpenFlow OpenFlow is an open source SDN technology. It is supported by many vendors and providers. Some switches can use either OpenFlow rules or its own internal ones. It can be used in an entirely virtualized network environment to control virtual switches in cloud computing. The SDN nature of OpenFlow allows for quick response to changes and failures. It is also highly flexible and can manage highly complex rules. To illustrate the use of OpenFlow, imagine a campus area network (CAN) with many buildings, switches and two internet connections. For normal operation, the network traffic flows through the closest connections to get to its destination. If a link connecting two buildings goes down, the switches can report the connection status to the controller, which then sends new flow rules out to the affected switches with a new forwarding path. If an internet connection goes down it can also route any internet-bound traffic over the good link. A large CAN with many different types of devices could also quickly become full of unwanted traffic, but it would be expensive to put a firewall between each building or even each floor within a building.
  • 7. 4. South Bound and North Bound Interface Southbound Interface The SDN controller has to communicate with our network devices in order to program the data plane. This is done through the southbound interface. This is not a physical interface but a software interface, often an API (Application Programming Interface). An API is a software interface that allows an application to give access to other applications by using pre- defined functions and data structures. I’ll explain more about this in a minute. Some popular southbound interfaces are:  OpenFlow: this is probably the most popular SBI at the moment, it’s an open source protocol from the Open Networking Foundation. There are quite a few network devices and SDN controllers that support OpenFlow.  Cisco OpFlex: this is Cisco’s answer to OpenFlow. It’s also an open source protocol which has been submitted to the IETF for standardization.  CLI: Cisco offers APIC-EM which is an SDN solution for the current generation of routers and switches. It uses protocols that are available on current generation hardware like telnet, SSH, and SNMP. Northbound Interface The northbound interface is used to access the SDN controller itself. This allows a network administrator to access the SDN to configure it or to retrieve information from it. This could be done through a GUI but it also offers an API which allows other applications access to the SDN controller. You can use this to write scripts and automate your network administration. Here are some examples:  List information from all network devices in your network.  Show the status of all physical interfaces in the network.  Add a new VLAN on all your switches.  Show the topology of your entire network.  Automatically configure IP addresses, routing, and access-lists when a new virtual machine is created. Here’s an illustration to help you visualize this:
  • 8. Through the API, multiple applications are able to access the SDN controller:  A user that is using a GUI to retrieve information about the network from the SDN controller. Behind the scenes, the GUI is using the API.  Scripts that are written in Java or Python can use the API to retrieve information from the SDN controller or configure the network.  Other applications are able to access the SDN controller. Perhaps an application that automatically configures the network once a new virtual machine is created on a VMware ESXi server. ONOS  Open Network Operating System (ONOS) is an OS designed to help network service providers build carrier-grade software-defined networks architected for high scalability, availability and performance.  Although specifically designed to address the needs of service providers, ONOS can also act as a software-defined networking (SDN) control plane for enterprise campus local area networks (LANs) and data center networks.
  • 9. 5. SDN Vs Traditional The key difference between SDN and traditional networking is infrastructure: SDN is software-based, while traditional networking is hardware-based. Because the control plane is software-based, SDN is much more flexible than traditional networking. It allows administrators to control the network, change configuration settings, provision resources, and increase network capacity—all from a centralized user interface, without adding more hardware. There are also security differences between SDN and traditional networking. Thanks to greater visibility and the ability to define secure pathways, SDN offers better security in many ways. However, because software-defined networks use a centralized controller, securing the controller is crucial to maintaining a secure network, and this single point of failure represents a potential vulnerability of SDN. Difference between SDN and Traditional Networking Software Defined Networking Traditional Networking Software Defined Network is a virtual networking approach. A traditional network is the old conventional networking approach. Software Defined Network is centralized control. Traditional Network is distributed control. This network is programmable. This network is nonprogrammable. Software Defined Network is the open interface. A traditional network is a closed interface. In Software Defined Network data plane and control, the plane is decoupled by software. In a traditional network data plane and control plane are mounted on the same plane.
  • 10. 5 RYU Controller Ryu Controller is an open, software-defined networking (SDN) Controller designed to increase the agility of the network by making it easy to manage and adapt how traffic is handled. In general, the SDN Controller is the brain of the SDN environment, communicating information down to the switches and routers with southbound APIs, and up to the applications and business logic with northbound APIs. The Ryu Controller is supported by NTT and is deployed in NTT cloud data centers as well. The Ryu Controller provides software components, with well-defined application program interfaces (APIs), that make it easy for developers to create new network management and control applications. This component approach helps organizations customize deployments to meet their specific needs; developers can quickly and easily modify existing components or implement their own to ensure the underlying network can meet the changing demands of their applications. The Ryu Controller source code is hosted on GitHub and managed and maintained by the open Ryu community. OpenStack, which runs an open collaboration focused on developing a cloud operating system that can control the compute, storage, and networking resources of an organization, supports deployments of Ryu as the Network Controller.
  • 11. OpenDaylight Project (ODL) Controller  is an open source SDN project aimed at enhancing SDN by offering a community-led and industry- supported framework for the OpenDaylight Controller, which has been renamed the OpenDaylight Platform. It is open to anyone, including end users and customers, and it provides a shared platform for those with SDN goals to work together to find new solutions.  Since the OpenDaylight platform is both multiprotocol and modular, users can build an SDN controller to fit their specific needs. This modular and multiprotocol approach gives IT admins the ability to pick a singular protocol or to select multiple protocols to resolve complex problems as they crop up. The platform includes support for all SDN platforms, including OpenFlow, Open VSwitch (OVS) Database (OVSDB), NETCONF, and BGP.  The OpenFlow protocol, considered the first SDN standard, defines the open communications protocol that allows the SDN Controller to work with the forwarding plane and make changes to the network. This gives businesses the ability to better adapt to their changing needs, and have greater control over their networks.  The OpenDaylight Controller exposes open northbound APIs, which are used by applications. These applications use the controller to collect information about the network, run algorithms to conduct analytics, and then use the OpenDaylight Controller to create new rules throughout the network.  The OpenDaylight Controller is implemented solely in software and is kept within its own Java Virtual Machine (VM) (JVM). This means it can be deployed on hardware and any operating system platforms that support