A software-defined networking (SDN) architecture (or SDN architecture) defines how a networking and computing system can be built using a combination of open, software-based technologies and commodity networking hardware that separate the SDN control plane and the SDN data plane of the networking stack.
Traditionally, both the SDN control plane and data plane elements of a networking architecture were packaged in proprietary, integrated code distributed by one or a combination of proprietary vendors. The OpenFlow standard, created in 2008, was recognized as the first SDN architecture that defined how the control and data plane elements would be separated and communicate with each other using the OpenFlow protocol. The Open Network Foundation (ONF) is the body in charge of managing OpenFlow standards, which are open source. However, there are other standards and open-source organizations with SDN resources, so OpenFlow is not the only protocol that makes up SDN.
Three SDN “Stacks”
In the SDN architecture, the splitting of the control and data forwarding functions is referred to as “disaggregation,” because these pieces can be sourced separately, rather than deployed as one integrated system. This architecture gives the applications more information about the state of the entire network from the controller, as opposed to traditional networks where the network is application aware.
SDN architectures generally have three components or groups of functionality:
- SDN Applications: SDN Applications are programs that communicate behaviors and needed resources with the SDN Controller via application programming interfaces (APIs). In addition, the applications can build an abstracted view of the network by collecting information from the controller for decision-making purposes. These applications could include networking management, analytics, or business applications used to run large data centers. For example, an analytics application might be built to recognize suspicious network activity for security purposes.
- SDN Controller: The SDN Controller is a logical entity that receives instructions or requirements from the SDN Application layer and relays them to the networking components. The controller also extracts information about the network from the hardware devices and communicates back to the SDN Applications with an abstract view of the network, including statistics and events about what is happening.
- SDN Networking Devices: The SDN networking devices control the forwarding and data processing capabilities for the network. This includes forwarding and processing of the data path.
The SDN architecture APIs are often referred to as northbound and southbound interfaces, defining the communication between the applications, controllers, and networking systems. A Northbound interface is defined as the connection between the controller and applications, whereas the Southbound interface is the connection between the controller and the physical networking hardware. Because SDN is a virtualized architecture, these elements do not have to be physically located in the same place.
Webscale Built with SDN
The first SDN architectures were built by large “webscale” players such as Google and Amazon as they looked for new way to build a series of huge, scalable data centers with commodity and open source parts. By using a combination of open source code and commodity hardware, data-center technology can be built in a flexible and modular way, adding new servers and networking gear in larges scale and connected with SDN software.
One of the strengths of the SDN architecture is that it provides applications with the unique ability to obtain an abstracted view of the entire network. These make the network “smarter” by being able to analyze itself and integrate real-time information about networking activity with the applications.
An Extension of SDN: SD-WAN
An extension of SDN is the software-defined wide-area network (SD-WAN), which applies SDN to networking connections covering a wide geographical area. SD-WAN is becoming increasingly popular among enterprises as it unifies various connections within an enterprise. For example, SD-WAN connects branch offices and data centers that in a wide-geographical area within an enterprise. In addition, the SD-WAN architecture brings heightened security to a network with end-to-end encryption across the network.