vol 7, issue 11

Software-defined networking - taking the intelligence out of the network?

19 November 2012
By Martin Courtney
Share |
Lots of wires going into an electrical device

The concept of separating the control plane from the data plane within the data network is not new

Open Network Foundation logo

Open Network Foundation members include some of the networking industry’s biggest hitters

A man moving a very large server into a rack of servers

Doubts remain about the ability of SDN-based network applications and services to scale - in particular virtualised data-centres

Can the 'software-defined networking' concept deliver simple, cheap data-centre network and application management, or will market forces thwart its mainstream adoption?

"You cannot manage what you cannot monitor," goes the old IT adage. So getting that visibility is the first step towards better network management, especially within complex the computing environment of a data centre is. With that purpose in mind, a relatively new technology, software-defined networking (SDN), aims to take the intelligence out of networking hardware and put it into centralised software. This enables it to monitor and control those data packets, applications and services that run over the many different types of router, switch, bridge and gateway that comprise data-communications networks.

"My basic idea of SDN is that it gets rid of the clever stuff that needs throughput management - the layer 3 switching stuff - so it becomes a 'dumbed down' layer 2 switch at much lower cost," explains Ian Keene, vice president at research firm Gartner. "Then you have the controller software sitting on a central server that does that for you. It provides policy-based control that says 'this is how you treat traffic on the network, monitor it, provide infrastructure as a service (IaaS) and Quality of Service (QoS)'."

There is some confusion around what SDN is and what it does. The OpenFlow Switching Specification is a layer 2 communications protocol, and a leading initiative in SDN. It focuses on separating the control path from the forwarding path in order to allow better traffic management than that available through the access-control lists maintained by routers and switches. OpenFlow also provides a standard framework for network component 'programmability'.

It is, however, just one flavour of SDN which solves a particular problem, with a host of other proponents focusing on other aspects of network service delivery and management.

Previously, adding services and applications like load-balancing and firewalls to the data centre involved adding physical devices; now, SDN enables you to deliver those same services as an application within the network itself. For example, it uses existing devices to implement packet-forwarding decisions, and can go far beyond the capabilities of typical network-management platforms.

The birth of SDN is attributed by some sources to Stanford University's Ethane security management architecture. Conceived in 2006, SDN allowed administrators to centrally-define a single security policy which could be implemented at every switch on the network. It then expanded to include routing, network address translation (NAT) and layer 2 processes.

Yet the concept of separating the control plane from the data plane within the network is not a new one. It has been discussed for over 10 years; automatically-switched optical networks (ASON) and even multi-protocol label switching (MPLS) were envisaged around a similar theme.

"SDN is what network management was supposed to be - but it just didn't happen," says Markus Nispel, chief technology strategist at Enterasys Networks. "Back in the 1990s some vendors were already looking at SDN-type technology - Cabletron with its centralised-based controller, for example, though it was scrapped because of scalability issues.

"If you look at what Isilon was doing with storage [via its OneFS software], and MPLS switching capabilities, that is basically SDN - where you modify networking infrastructure behaviour and enable other IT applications, management systems and provision services as you need to. It goes beyond automation and towards the orchestration of different IT services, including network infrastructure."

Who will be first to migrate?

With the technology still in its relative infancy, nobody is yet clear upon the type of data-centre environment that may benefit most from SDN. Individual vendors all have their own view, but in many cases forecasts are heavily coloured by the need to continue selling legacy hardware and software to existing customers, depending on whether their strengths or ambitions lie in the telecoms, service provider or enterprise customer base.

It almost goes without saying that green-field data-centre environments with no legacy hardware and software to accommodate are those most likely to see the benefits of SDN first, and are therefore likely to move faster. But big Web-based data centres run by the likes of Google, Microsoft, and Facebook - companies backing the OpenFlow standard - also have a lot to gain from implementing the technology.

This type of campus environment has traditionally eschewed buying vendor boxes in favour of doing things themselves in a different way, and at potentially lower cost. So, while they probably embrace the DIY approach to routing control that SDN provides, the same is not necessarily true within other large data centre environments - or at least not for the same reasons.

The absence of a single 'killer app' for SDN makes the technology difficult to pigeonhole, but it also opens up the potential for different data-centre and IT service environments to find individual use-cases'and applications for the technology that are pertinent to specific industries. Google et al may populate the first wave of SDN adoption, but cloud service-providers and public-sector or other large-scale commercial data-centre organisations could follow over time as potential benefits become more apparent, or at least the vendor community succeeds in making them appear so.

Complementary SDN

IBM's networking know-how goes back decades; it takes the view that SDN will infiltrate only specific parts of the network infrastructure rather than replace all of it. It will provide a platform to support other applications and services ranging from big data, analytics and others that require dynamic control of resources in a cloud service-provider environment.

"Who will benefit most?" asks Charles Ferland, business unit executive at IBM's European system networking division. "It will be the cloud [service-provider] people; those setting up workloads on the fly, who want those workloads to be mobile and move them overnight from Europe to Asia, for example, where they can serve other customers.

"For them the potential is huge; no longer'just providing the pipe, but having a view on everything going on - [the identification of] recurring traffic patterns, which can be used to sell more bandwidth, content distribution and storage. They can advise back on the quickest route, take that control plane and that intelligence to a single location, then add additional services based on that information and knowledge."

SDN in the enterprise

Whether SDN ever makes sense deployed at the enterprise level is harder to ascertain, and will no doubt rest on the size of the data centre in question, and the scale and complexity of the network, applications and services it is running.

In many cases, it is unlikely to make financial sense for companies to invest in data-centre build-outs when they could, say, outsource virtualised workloads to cloud providers. "SDN is better suited to sophisticated IT shops with Web-based data centres, typically those in the educational or finance sectors," argues Pim Bilderbeek, of Bilderbeek Consulting. "But the average IT professional is not going to build out their own data centre; they are going to go to the public cloud. So, for them SDN is not on the roadmap at all."

While a lot of the activity around SDN focuses on open, interoperable, programmable controllers - not just OpenFlow but the cloud service orientated OpenStack and other network service management platforms - the real advantage could come in the application layer. It will help solve network virtualisation and aid companies that host and provision mobile applications at scale to handle the end-user demands caused by the so-called 'bring your own device' (BYOD) trend.

"Several recent trends have created stresses on the network in terms of scale, cost, and complexity that were not there five years ago - increased end-user mobility, the proliferation of mobile devices and apps, virtual machine (VM) portability within the data centre and cloud computing, for example," says Shehzad Merchant, vice president of technology at Extreme Networks.

"If you look at how SDN will be deployed, it will be [like] a surgical knife - picking a specific problem to solve, then another. For some companies this will be network service and process automation, for others it will be BYOD and for others challenges around virtualisation and multi-tenancy issues for cloud service-providers."

Google is in a unique position because it has a finite number of apps it can deliver at scale, insists Mike Banic, vice president of marketing at HP. "But other customers have a more diverse set of requirements, based on which workloads they choose to virtualise and which services they automate. The real value is in delivering applications - network virtualisation is the obvious focus, but what about security, automation, load balancing and WAN optimisation."

Cost savings and scalability

Cost savings are being touted as a significant potential benefit of SDN, with reductions of up to 50 per cent in operational expenditure realistic, according to some, though more likely only in the case where network management was previously either primitive or non-existent.

"If you look back on what we achieved with the architecture today - the use-management paradigms, network service provision - we can achieve up to 50 per cent of operational savings and that is our customers saying that," says Enterasys Network's Nispel. "It can be reality depending on how you managed and operated the network in the past."

Inevitably, a large portion of those potential opex savings will come from increased application and service automation. Also, theoretically, there will be a staff reduction as data centres no longer have to employ quite as many people to manage the network, alter code, or write apps for different types of network equipment.

"SDN is not something that is set on 500 boxes across the network which would take quite a bit of time to configure," says Gartner's Keene. "The idea is that you do not have to put in a request to an equipment vendor and say 'I need this function', and they come back six months later and say 'here you are' you can do it yourself."

The big value is that SDN allows data centres to do applications in a simpler, more scalable way than before, according to HP's Banic. "The enterprise IT department does not want to write its own apps - very few companies do that. Most clients want to buy complete solutions and that is one of the things HP wants to be critical as the SDN market progresses.

"Automating things [with SDN] can take five to ten certified or trained humans out of the equation, which is the single biggest cost for any company."

Network hardware vendors may suffer in the long run

One thing that is more assertible is that the next two years will prove crucial in the development of SDN technology, as end-users decide whether or not it is useful. HP claims that it is 18-24 months away from deploying SDN on scale, despite having released or announced 25 SDN-compatible network switches, with current demand for the technology characterised by early adopters.

HP, alongside rivals Dell, Juniper, Extreme, and others, is trying to protect existing revenue streams, which could potentially be reduced. Data centres can use less intelligent network hardware from multiple vendors who will compete on nothing more than price.

Not only could hardware innovation become a thing of the past, but open SDN controllers could be supplied by more nimble software start-ups with any requirement to configure support for specific, proprietary components into their network management platforms.

"SDN is an idea that is rocking a $20bn sales boat. Big boats can sink, of course - though it doesn't happen very often," says Keene. "All the big vendors have an SDN story to tell, if not necessarily yet a product to sell. They have a migration path. So product replacement could accelerate and this could grow the market rather than shrink it. But because all you need now is server software, could this be an issue for equipment vendors later down the line?"

Further information

Share |

OpenFlow initiative explained: SDN open to business, but is business open to it?

Not everybody is sold on the SDN proposition to make centralised management and control of network devices from multiple vendors a reality; interoperability and standardisation are key. OpenFlow is backed by the Open Networking Foundation (ONF), which counts Brocade, Cisco, Force10 (owned by Dell), Extreme Networks, IBM, Juniper Networks, and HP among its members, alongside Google, Microsoft and Facebook as well as carriers Verizon, Deutsche Telekom and SingTel. The ONF's standardisation efforts are relatively advanced though individual data-centre operators will rightly want to test out any interoperability claims within their own facilities before committing to anything.

And elsewhere in the SDN 'ecosystem', similar standardisation and interoperability efforts have yet to emerge. Network administrators have heard promises around new technology to improve management processes many times before. Evidence suggests there is some doubt whether centralised control can successfully be applied to large, complex network environments built up to include a diverse array of hardware, and whether shared network components supporting applications with conflicting requirements can be programmed at all.

"You simply cannot manage something this complex with a single box. You cannot take a single device, reconfigure it, and expect that operation not to affect other parts of the system," wrote John Strassner, chief technical officer at Huawei's software lab in a recent blog post. "Do people really think of the network as one single entity, with no moving parts, that can be programmed like a little robot mouse to find a piece of cheese?"

There is also doubt about the ability of SDN-based network applications and services to scale, particularly when it comes to virtualised data-centre environments, which regularly provision, move around and decommission thousands of virtual servers simultaneously, an issue which will present more problems in carrier and cloud infrastructure. Even within the enterprise, security automation processes are likely to produce high volumes of traffic flow, which could flood available bandwidth and hardware processing capabilities.

With the technology and products still at an early stage of development, the cost argument for SDN remains unclear. New SDN compatible hardware is required, and any savings in further hardware expenditure down the line or headcount reduction can be easily offset by high software-licensing costs.

Related forum discussions
forum comment To start a discussion topic about this article, please log in or register.    

Latest Issue

E&T cover image 1408

"What the Scottish independence referenda could mean for engineers and engineering on both sides of the border"

E&T jobs

E&T Marketplace

The essential source of engineering products and suppliers.

E&T podcast

Tune into our latest podcast

iTunes logo

Subscribe

Choose the way you would like to access the latest news and developments in your field.

Subscribe to E&T