It is evident that Software Defined Networking (SDN) and Network Functions Virtualization (NFV) technologies are going to place a critical role in the next generation of telecommunications, data center and enterprise networking. However, both the definitions and scope of SDN and NFV are still evolving. The goal of this primer page is to provide you with an up-to-date definition of both concepts and a basic understanding of what is included.
There are many phrases used as short definitions of software-defined networking (SDN): ‘control is decoupled from hardware’ (SearchSDN), ‘computer networks that separate and abstract elements of these systems’ (Wikipedia), ‘smart network which will monitor and reconfigure itself based on traffic demands’ (WildPackets) and ‘network control is decoupled from forwarding and is directly programmable’ (Open Networking Foundation).
Like many attempts to simplify a technology concept, each of these phrases is correct but they also view the SDN concept from slightly different perspectives. Many early definitions were simply based upon OpenFlow, a new standard communications interface between the control and forwarding layers of a SDN-based network. Current definitions take more of an architectural view which includes all of the protocols and technologies that work to create a global view and provide for centralized, intelligence-based control of the network.
The promise of SDN is transform our hardwired, inflexible networks full of underutilized resources into adaptive networks that respond and reconfigure themselves to meet the dynamic resource requirements of today’s highly virtualized data center and cloud computing environments.
A Historical Perspective – It Started with a Need for Flexible Traffic Management
Packet forwarding in a conventional network (pre-SDN) is fundamentally hardwired into the switches. Based on the packet’s destination, rules built into the switch indicate where to forward a packet and all packets going to the same destination are treated in the same manner. While there are ‘smart’ switches that can recognize various message types and handle them differently, these switches tend to use customized ASICs and can be more expensive than the standard, commodity hardware network engineers prefer. This approach to routing uses strictly a local view of the network, i.e. the switch is only aware of traffic moving over its own network links and has no understanding of traffic density elsewhere in the network. In heavy traffic situations, a hardwired switch will forward a packet right into a ‘traffic jam’ even though less congested routes to the destination are available.
To overcome this ‘locally optimized, globally confused’ approach to traffic management, it was clear that two things had to be done. First, the network’s control logic had to be separated from the physical routers and switches that forward traffic and handed over to a centralized network control point that could manage traffic based upon a real-time view of the entire network. Second, a secure, reliable mechanism to ‘re-program’ the switches, that is to dynamically update their routing tables, needed to be created.
This new networking paradigm where control of the network is decoupled from the hardware allowing a logically centralized software program to control the behavior of an entire network was dubbed Software-defined Networking. In a software-defined network, traffic is managed from a centralized control point by changing the rules used by any switch in the network when necessary. These early roots of SDN explain why many definitions are focused on programmable network protocol standards (such as OpenFlow) and the routers, switches and network orchestration software that utilize them.
SDN is Not Just a Protocol – The Need for a Broader View
Today’s enterprise computing environment is dramatically different from the client/server model of the 1990s and the fundamental driver of the change is obvious – the explosion of mobile devices being used and their almost insatiable need for content. The new computing models and trends such as cloud computing, server virtualization, everything-as-a-service (the utility computing model) and the transition to mobile broadband (LTE) can be traced back to the industry’s efforts to meet the mobile user’s data needs.
Meeting the mobile user’s needs with conventional networks is proving to be increasing difficult if not downright impossible. Not only is it increasingly difficult to provide the range of services demanded by users, the ability to scale becomes vastly more complex with the addition of hundreds-of-thousands (if not millions when you consider machine-to-machine connections) of network devices that must be configured and managed. Modern traffic patterns are incredibly dynamic (and therefore unpredictable) and simply cannot be managed by an inflexible, hardwired-network.
SDN as a Network Architecture
The Open Networking Foundation is a non-profit consortium dedicated to the transformation of networking through the development and standardization of a unique architecture called Software-Defined Networking. In their seminal white paper Software-Defined Networking: The New Norm for Networks, they define SDN as follows:
“Software Defined Networking (SDN) is an emerging network architecture where network control is decoupled from forwarding and is directly programmable. This migration of control, formerly tightly bound in individual network devices, into accessible computing devices enables the underlying infrastructure to be abstracted for applications and network services, which can treat the network as a logical or virtual entity.”
Stated slightly differently, SDN is an architecture that abstracts the underlying infrastructure of the network so it can be treated as a logical or virtual entity. Figure-1 is a high-level depiction of the SDN architecture showing the physical infrastructure layer separate from the control layer and applications using an API abstraction to access all network services. Not directly shown in this image, but key to the architecture’s success, is that the network can be programmatically configured.
SDN will transform networks into programmable (i.e. flexible) platforms that enable more efficient resource utilization, thereby becoming more cost effective, and can scale to meet the demands of the ever grow community of mobile users. As a new application delivery vehicle, it will also transform the computing industry, not just the networking segment. The new network platform changes everything!
In computer speak, to virtualize an IT resource (e.g. a server, an operating system, a data storage device or network service) means to create a virtual version which is not the physical device itself but both behaves and appears to the user as the actual device. Put slightly differently, a virtual resource is an abstraction of an IT resource that uses various techniques to create the identical effect without the presence of the actual resource.
All PC users are familiar with a simple example of a virtual device – the disk partition. Partitioning a hard drive has the effect of making the single physical drive appear as multiple logical drives. To applications and users, the system behaves as if it has multiple disks, making it easier for users to manage files.
Another familiar example is hardware (or system) virtualization where a single host computer uses software to make it appear as if it is multiple computers, each running their own operating system. For example, a PC running Windows may host a virtual machine that looks like a computer running the Linux OS. The software that creates the virtual environment on the host machine is called a hypervisor.
Network Functions Virtualization (NFV) is an initiative of the ETSI Industry Specification Group to virtualize network functions previously performed by proprietary dedicated hardware. The goal of the ETSI effort is to reduce the cost of network devices such as routers, firewalls and security appliances by allowing them all to run on a common, commodity platform that would host the necessary environments.
Types of Network Functions Virtualization
Almost any network function can be virtualized. The NFV focus in the market today includes:
- Virtual Switching – physical ports are connected to virtual ports on virtual servers with virtual routers using virtualized IPsec and SSL VPN gateways.
- Virtualized Network Appliances – network functions that today require a dedicated box can be replaced with a virtual appliance. Examples include firewalls, web security, IPS/IDS, WAN acceleration and optimization.
- Virtualized Network Services – examples here are network management applications such as traffic analysis, network monitoring tools, load balancers and accelerators.
- Virtualized Applications – almost any application you can imagine. For example, there is a great deal of development today for cloud applications, such as virtualized storage and photo imaging services, to support the explosion in tablet and smartphone usage.
The basic answer to ‘why NFV’ is simple – to reduce network operator CAPEX and OPEX through reduced equipment costs and reduced power consumption. The bigger answer is to reduce complexity and make managing a network and deploying new capabilities easier and faster.
The computing infrastructure required to support today’s mobile-device-driven networking world contains an increasing variety of proprietary hardware appliances (see Figure-2). Each network appliance is slightly different in that it is optimized to support its particular function, whether it is traffic management, security or video transcoding. Launching new network services frequently requires adding a new appliance. Finding space and power for the new box can be challenging and the overall lifecycle management of multiple network platforms is complex and costly. Many operators believe that this ‘function-per-box’ model constrains the innovation and deployment of new network services and reduces ROI.
Figure-2 – Classical vs Virtual Approaches to Network Appliance
Courtesy NFV Initiative
A standard approach to the virtualization of network functions works to reduce these challenges by allowing the consolidation of proprietary network platforms onto industry standard, high-volume servers. The ability to deploy virtual versions of network functions on standard hardware anywhere in the network eliminates the need to install new equipment and greatly simplifies network management.
In addition to CAPEX and OPEX reductions, NFV works to reduce time-to-market of new services and provides greater scalability (up or down) of individual services. Being standards-based creates a more open virtual appliance market allowing for new entrants and greater innovation.
The Role of ETSI
ETSI (the European Telecommunications Standards Institute) is a standardization organization in Europe with worldwide influence. The ETSI Industry Specification Group (ISG) for Network Functions Virtualization is developing requirements and architecture specifications for the hardware and software infrastructure required to support the virtualized functions. The ISG NFV includes the 7 founding members and over 50 other network operators, telecom equipment and IT vendors.