Campus Networking SDN use cases have been largely absent from the SDN discussion.   I have been closely watching the SDN space for over a year and have found that most discussions have been related to the Data Center, and to some extent the WAN/Carrier space. There has been a little discussion in the industry about SDN use cases in campus networks, though campus wireless LAN solutions have been successfully using a similar model to SDN with a centralized control plane in the WLAN controller and data plane in APs. As a campus solution project leader at the Open Networking Foundation (ONF), I am working with folks from several other organizations in developing six (6) SDN use cases for campus and branch networks, but the interest level in that activity is not as much as in other segments.

In this blog and in future blogs, I will make an attempt at explaining SDN use cases and show that SDN applies in campus and branch networks. We believe SDN not only helps in turning up new services quickly, reducing operations significantly, but also provides a better user experience in campus and branch networks.

Before we jump into SDN use cases, let’s look at changes that are impacting campus and branch networks.  If we were to point to one thing that is causing the disruption in campus networks, it is mobility. Mobility is a basic requirement in today's corporate environments. For most of us, WiFi has become the primary choice of access to the network. It has been years since I have connected my laptop to a wired port. In recent years, wireless networks have become as reliable as wired networks, offer comparable performance, and are generally more secure and much more easily manageable than wired networks. Availability of WiFi networks also fueled the BYOD phenomenon.  It is expected that more than 200 million employees will bring their own devices by 2015. Employees are not only bringing their devices, but also bringing their own personal applications  such as iCloud, FaceTime, Dropbox and others to corporate networks.

Today, many wireless networks are deployed as an overlay on existing wired networks. The reason is that the underlying wired switch design and technology predates WLAN introduction.  These campus switches were designed to provide wired connectivity, and accommodate other traffic such as wireless. Campus and branch switches and technologies haven't changed much over a decade. Though there are several enhancements in terms of speeds and feeds, stacking, multi-chassis LAG, and some support for wireless, fundamentally these switches did not change much. Several vendors have launched solutions that essentially glue wireless with wired networks better. I believe campus networking technology is ripe for a major disruption.  Similar to the disruption caused by virtualization in data centers, mobility has a potential to cause a major disruption in campus networks. If we were to develop the campus switching technology today, it would be radically different from what we see in the marketplace. I am currently working to design a new approach to campus networking that does not simply seek to force new technologies onto legacy paradigms but instead is based on a fresh approach leveraging the best that the latest technology can offer. These new products can be designed from the ground up to support wireless and BYOD first and then accommodate wired devices. These solutions will not only provide seamless mobility but also better application experience for users. For network admins, these solutions will eliminate complex protocols and topologies, allowing them to deploy new switches and  services quickly. These solutions leverage innovations from data center, merchant silicon, SDN and wireless technologies.

At ONF, we focused on following six use cases, though there were many more that we discussed and debated.

1. Network Virtualization (Slicing/Traffic Isolation)
   • Network virtualization is a mechanism to isolate certain class of traffic from other classes of traffic for regulatory compliance or administrative reasons. It can also support overlapping IP addresses. This is achieved using VRF-lite today, but VRF-lite is complex to deploy and manage, and provides limited ways of classifying the traffic. SDN can provide a very flexible way of achieving network virtualization while simplifying operations.
2. Application Aware Routing
   • With personal applications such as Facebook and YouTube competing with corporate applications such as UC&C, networks need to prioritize and forward the traffic based on an application. While there are some attempts and technologies to provide this, SDN can provide a simpler and consistent way of identifying applications, and program the network to prioritize and forward it appropriately. In fact, any application can communicate with the SDN controller to provide application specific-needs, and request the SDN controller to program the flow appropriately.
3. BYOD and Seamless Mobility
   • Employees are bringing their own devices and applications, and are expecting seamless connectivity and mobility. Though there are several solutions to achieve this, many of these are developed by vendors, and provide limited flexibility. With ever-growing number of types of devices, operating systems and software patches, vendors cannot catch up quickly enough to meet customers' needs. Organizations need the ability to program their own policies without waiting for vendors to release software upgrades. SDN allows organizations to develop their own enhancements to BYOD applications to meet their particular requirements.
   • Today, mobility is achieved either using tunneling among WLAN controllers or mobile IP technology. While controller-based mobility works, this mode will change as customers are demanding unified wired and wireless solutions. The data plane will be local to an AP. The mobile IP mechanism works but cannot scale and has other limitations. With SDN, a centralized controller knows end-user devices and application flows. It would be able to program the network to forward the traffic appropriately without hair-pinning the traffic on an anchor AP.
4. Video Streaming and Collaboration Applications
   • Video and collaboration applications have become critical for the success of an organization. Most of these applications typically are more efficient when they use multicast technology. IP multicast technology is mature and available, but it is still difficult to deploy and troubleshoot. It is not as widely deployed as IP unicast technology, and it has forced many organizations to deploy video applications using other mechanisms based on IP unicast forwarding. SDN is an ideal solution for these types of applications, as the SDN controller knows the topology, sources and listeners, and can build an efficient multicast topology and program the network on an on-demand basis.
5. Security and Policy Enforcement
   • Most of the security policies today are limited to a VLAN or an interface. These are statically configured without considering the context of an application. Though there are enhancements using 802.1x dynamic policies and identity management systems, these still do not offer flexible security policy management and enforcement. In a SDN environment, the SDN controller understands the context of a flow (user, device, location, time, application, and potentially other external factors) and enables network admins to configure fine granular policies and enforce these at the access or at any intermediate switch as needed.
6. Management Simplification
   • Many devices in a network have individual and static configurations, and these are difficult to change. As mentioned in above use cases, SDN can simplify the management and deployment of network virtualization, application specific policy configuration, BYOD, multicast applications, and security policies in a network.

The full potential of SDN in campus and branch networks is beyond these six use cases. Over the last few weeks, several customers that I spoke to mentioned that SDN can help them in many other ways. I would like to hear from you. If there are any other use cases that would benefit campus or branch networks, please share them below along with your comments, or send me via an email.