IT Focus Area: Connectivity
July 16, 2014
Software-Defined Networking: Your Questions Answered
Data center architecture has evolved from fixed to virtual and, more recently, to cloud enabled. However, there has always been one missing link delaying the realization of the dynamic, orchestrated data center: the network. While information technology (IT) can orchestrate the deployment and optimization of virtual servers, storage, and software in hours or even minutes, it often has to wait hours, days, or weeks for network administrators to make complex configuration adjustments to each individual network switch and router in order to accommodate new services and changing performance requirements.
That is about to change, thanks to software-defined networking (SDN).
SDN is an up-and-coming technology that may one day make the network as dynamic, automated, and centrally managed as its virtual server and storage brethren.
As with any maturing technology, SDN’s evolving standards, architectures and solutions can be confusing for enterprises trying to figure out when, where, and how to get started with this new technology.
Here are some questions IT often asks about SDN, with some answers that can help it choose where to deploy SDN and what solutions are best for its data center environment.
Why should I be interested in SDN?
Any organization looking for enhanced business agility and faster time to market for new products and services should pay careful attention to SDN. By separating the network control plane from the data plane and centralizing network control in software, SDN promises to make networks a much more open, agile component of a virtual cloud infrastructure that can streamline and automate delivery and optimization of new services. With its centralized monitoring and management, SDN can also potentially provide network visibility to a degree never provided by the manually programmed networks in place today.
Is SDN ready for prime time?
SDN is a relatively recent technology, and, as with any new technology, it is evolving in a number of different directions, with solutions that combine adherence to established SDN standards (such as OpenFlow) with proprietary technology. Today, SDN is used principally in the uniform, massively scalable data centers of Yahoo, Facebook, and cloud infrastructure providers built from the ground up for standardization, virtualization, and massive scalability.
Massively scalable data centers also tend to have IT staff with the advanced programming and infrastructure expertise to make classic SDN (further defined below) in its current early form a practical reality.
New solutions introduced or about to be introduced by Cisco, VMware, and other networking vendors promise to make SDN a more practical solution for enterprise data centers combining legacy, proprietary, virtual, and cloud applications and architectures.
Which form of SDN is right for my data center?
SDN comes in three principal flavors often called classic, hybrid, and overlay.
In the classic model, the entire network infrastructure is programmed by a single central SDN controller. Typically, the controller adheres to a standard called OpenFlow, which standardizes programming instruction sets so that the OpenFlow controller can program any and all OpenFlow-compliant network components. For a controller, many massively scalable data centers turn to the OpenDaylight Project, which provides and maintains one of the most popular open source OpenFlow SDN controllers available. With OpenDaylight, applications can potentially provide instructions to the control layer through application program interfaces (APIs). The controller then carries out the instructions across the network via OpenFlow.
The classic model comes closest to the SDN ideal of a standardized, centrally managed network of inexpensive commodity network hardware, with SDN-aware applications that can orchestrate and optimize services and receive network intelligence via OpenFlow. However, you should be aware that the SDN applications developed today typically focus on technical network functions such as traffic engineering, time-of-day policies and cable mapping. While perhaps important, these applications are not service-oriented aligned and do not promote process improvement. Most legacy network hardware found in today’s enterprises is also largely OpenFlow unaware. That is why the classic model in its current form provides questionable business benefit for today’s enterprises and is mostly found in massively scalable data centers.
The hybrid model combines classic SDN and vendor-proprietary management protocols, with OpenFlow providing some instructions and vendor-proprietary protocols, providing an extended instruction set beyond what OpenFlow may support. Many products from major network manufacturers accommodate the hybrid deployment model. However, as with the classic model, current hybrid applications focus on technical network functions of interest to IT and network managers. Enterprises also tend to be reluctant to turn networking functions over from network engineers to software developers. That is why, as with classic, the hybrid model offers little business benefit to the enterprise today.
Enterprises are most likely to be interested in the overlay model, which implements virtual networks and policies on top of the physical network (see SDN Overlay Network graphic below), typically via software switches running in virtual machines on a hypervisor. The virtual switches create tunnels through the underlying network hardware, so there is no need for them to configure the hardware in any way to send and receive traffic. Overlay SDN solutions typically come prepackaged with much of the required programming already configured in the controller.
VMware’s NSX is a prime example of a network overlay solution that can run on top of network hardware from many different vendors. Recently Cisco announced its Application Centric Infrastructure (ACI), an overlay SDN solution that embeds virtual networking in Cisco Nexus 9000 series switches and requires the underlying hardware to be of Cisco manufacture. Unlike VMware’s NSX solution, which is completely abstracted from underlying hardware, Cisco’s ACI can monitor and exchange information with network hardware. Cisco doesn’t advise complete abstraction, and perhaps it has a point, as performance still depends largely on the proper functioning of underlying hardware switches.
Both solutions are in preliminary, controlled releases. Both can be considered proprietary but have the appeal of being shrink-wrapped SDN solutions that can be deployed fairly easily by enterprise IT.
Until products such as these ship and mature, enterprises are best advised to take a wait-and-see attitude, following the maturation of the primary overlay solutions hitting the market.
Which overlay SDN solution is best for my data center?
Once you have decided to focus on overlay solutions, the question then becomes which overlay solution is likely to be right for your network? Much of the answer depends on how each solution integrates operationally and politically within your organization.
If your IT organization has a hard division of labor between server, storage, and network groups, with all networking functions passed to a network group with deep Cisco network engineering expertise, then a solution such as Cisco’s ACI may fit best operationally. For seasoned Cisco networking experts, Cisco’s ACI has the advantage of integrating with the same Cisco configuration and management interface as other Cisco products and can interact with and get feedback from underlying Cisco network hardware.
Proponents of non-proprietary SDN often emphasize the cost benefits of standardized technology, and for good reason. However, the good news is that the pricing of the Cisco Nexus 9000, which uses some inexpensive merchant silicon and runs on ACI, is in line with more commoditized network hardware. A white box-oriented solution may not be as attractive in a legacy Cisco-based network that can take advantage of a Cisco Nexus 9000, priced competitively with the white box market. If your organization’s pain point emanates from networking, then network-focused solutions such as ACI make sense as well.
An organization with limited Cisco expertise and a less rigid division of labor between network, server, and storage groups may find a solution such as VMware NSX easier to use—especially for longtime users of VMware ESX. This is particularly relevant if the organization is looking to automate network deployment in the same workstream as servers and storage.
Here are some other questions to ask when considering which solution works best for your organization.
- What is the overlay vendor’s track record for automating infrastructure and how will the vendor’s solution integrate with other infrastructure automation solutions? Smooth integration is important, as orchestrating the creation and delivery of new services usually requires bringing together network, server, and storage automation.
- How easily does the vendor solution integrate with your existing firewalls, load balancers and policy configuration engines? How well do all of these work together to streamline service orchestration?
- How important is it to be able to configure and monitor servers and the network from one console?
- How intuitive and familiar is the SDN vendor’s console?
- How much network visibility are you looking for and which solution gives you the degree of visibility you need? Network staff might want the more comprehensive physical network visibility and feedback provided by a solution such as ACI, while others might be willing to do without fine-grained network visibility in return for combining server and network automation and visibility into a single console.
SDN and network virtualization to become a key component of the data center
Software-defined networking standards, architectures, and solutions will continue to mature. Today, most enterprises will find it best to take a wait-and-see approach that follows SDN developments and products as they progress, keeping the questions and perspectives discussed above in mind. When your organization decides to take the SDN leap depends on the answers to these questions, your business requirements, and the level of IT and networking expertise your organization possesses. What is increasingly clear, however, is that SDN and network virtualization is likely to become an essential component of the cloud-enabled, orchestrated data center of the not-too-distant future.