Next Generation Networking: Defining The Software-Defined Network
Jump to TL;DR
The purpose of this post is to define the concepts of the Software-Defined Network (SDN), and some current architectures. The detail here will underpin many of the posts to come.
As with all things technical, there are many concepts to get to grips with and new terminology to understand; this topic is no exception. With SDN, however, this challenge is exacerbated by the potential sea change in the industry.
This is a large topic for another post, but it is important to highlight the following point to help develop context. Network engineers have invested significant time, effort and in a lot of cases money building specialised skillsets. When conversations about (to use a crude example) the future of networking being "nothing more than" APIs, this only serves to cause confusion from an engineering perspective.
A network engineer thinks to themselves:
- You still need to move your data from A to B
- You still need to plug your servers in somewhere
- You still need to know how to route there
- You still need to configure the firewalls/load-balancers
This is far from an exhaustive list! There are bigger questions around operational support, monitoring, troubleshooting to name a few. We'll come back to this in another post, but in short the next generation network brings challenges of new concepts.
Over the next few posts, I'll describe what virtualization of the network really means. This will help to build out the concepts into what I hope will look more like a framework.
The diagram I have (rather hastily) put together below helps visualize SDN, and the virtualization elements of which it comprises. I've used VMware shapes here for illustrative purposes, as I happen to be focussing on those technologies presently, but this diagram should be considered vendor agnostic.
The following sections describe the elements shown above in more detail. This is not intended to be exhaustive, and later posts will deep dive into various elements of the future of data centre and wide area networking.
As a point of note, I have purposefully omitted SD-WAN from the diagram, but have described it briefly below. For reasons which I touch on further in the following sections, I plan to write a separate piece on this area of future network
Broadly speaking, "SDN" covers the architecture as a whole. Characteristics of that architecture are:
- Highly programmable
- API driven
- Centrally controlled
It is defined by the modern technological focus on software and applications, and borne out of a need to improve delivery of services that a business offers. The SDN can (and should) be automated, as this will help drive the business benefits.
Network Virtualization (NV) and Network Function Virtualization (NFV) can be thought of as the components of the overall architecture; these main elements are addressed in the following two sections.
Network Virtualization provides the abstraction layer, or move conventionally overlay network, that operates on top of the existing traditional network.
An example that might immediately spring to mind is a VPN; somewhat given away by the name Virtual Private Network. There are a number of different varieties of course, and whilst they all provide abstraction, some have a better fit into the context we are discussing here.
An arguably more (perhaps the most) appropriate, NV technology to mention here is VXLAN. This is particularly beneficial inside the data centre where, in conjunction with VXLAN Tunnel Endpoints (VTEPs), even VLANs on the traditional network are no longer required for new deployments to provide logical separation; this can now all be done within the SDN.
From what we now understand about SDN and NV, the definition of Network Function Virtualization is likely apparent. NFV in is simplest form, is the virtualization of traditional networking infrastructure such as firewalls, load balancers, routers and switches.
Of course, there is a lot more to it than simply installing a firewall VM, and then operating it in the same was an traditional network infrastructure! Once virtualized, APIs are available and the power of automation begins.
Traditional network infrastructure (hardware) vendors have been slowly increasing their virtualized in recent years. Cisco's CSR 1000V, F5's Big IP Virtual Editions are examples of this. With the advent of more robust and complete SDN solutions however, the pace will increase significantly in the drive to full the virtualization space with solutions that are ever more automated in an effort to meet modern business demands.
Disjointed from the slightly more "purist" SDN, due in no small part to the wildly different challenges and architectures of wide area networks, SD-WAN is another topic unto itself that requires a separate post to clearly describe.
The principle of a separated (and centralized) control-plane, from the distributed data-plane, along with it's highly programmatic nature remains the same as with SDN. This meets the requirement to describe the terminology, but the architecture will require a lot more.
It is not possible to summarise the benefits of each solution without going into detail. Suffice it to say VMware and Cisco are the heavy weights in this arena, however OpenStack offers those who want adopt a "homebrew" approach a very real alternative.
I'll resist the urge, and just provide links below; more on each to follow:
VMware NSX: By bringing the operational model of a virtual machine to your data center network, you can transform the economics of network and security operations. NSX lets you treat your physical network as a pool of transport capacity, with network and security services attached to VMs with a policy-driven approach.
Cisco Application Centric Infrastructure (ACI): Cisco Application Centric Infrastructure (ACI) reduces TCO, automates IT tasks, and accelerates data center application deployments. It accomplishes this using a business-relevant software defined networking (SDN) policy model across networks, servers, storage, security, and services.
Openstack Networking (Neutron): Neutron is an OpenStack project to provide "networking as a service" between interface devices (e.g., vNICs) managed by other Openstack services (e.g., nova).
I have specifically highlighted a few areas that will be expanded on in future posts, however I realise there are a number of other points that deserve further clarity. The main purpose of this post as described in the abstract has, I hope, been covered.
The content of this post has been significantly Data Centre centric; this is both unavoidable and intentional. SDN offers most business value and technical benefits right now as the key component (in my view) of the Software-Defined Data Centre (SDDC). You've guessed it already... more to come on that later!
Please do leave a comment if any further clarity is required, or if there is something specific you'd like to see in the next post.
- A Software-Defined Network (SDN) is an architecture that is API driven and centrally programmable.
- Network Virtualization (NV) is a logical network overlay; a common example of which is VXLAN.
- Network Function Virtualization (NFV) is appliance virtualization; virtual switches, firewalls, routers etc.
- Software-Defined Wide Area Network (SD-WAN) has the same characteristics as SDN, but accomplishes the more specific task of optimizing routing to (and across) a WAN.