A Survey of Software-Defined Networking: Past, Present, and Future of Programmable Networks
Summary (5 min read)
Introduction
- And often they need to accomplish these very complex tasks with access to very limited tools.
- Because of its huge deployment base and the fact it is considered part of their society’s critical infrastructure (just like transportation and power grids), the Internet has become extremely difficult to evolve both in terms of its physical infrastructure as well as its protocols and performance.
- In Section V, the authors discuss several SDN applications in areas such as data centers and wireless networking.
II. EARLY PROGRAMMABLE NETWORKS
- SDN has great potential to change the way networks operate, and OpenFlow in particular has been touted as a “radical new idea in networking” [67].
- The working group is officially concluded and the latest standards proposal, GSMPv3, was published in June 2002.
- The premise is that control and management functions of the many devices (ATM switches in the case of DCAN) should be decoupled from the devices themselves and delegated to external entities dedicated to that purpose, which is basically the concept behind SDNs.
- The protocol allowed network devices to expose an API through which extensible configuration data could be sent and retrieved.
- The immediate predecessor to OpenFlow was the SANE / Ethane project [34], which, in 2006, defined a new network architecture for enterprise networks.
III. SOFTWARE-DEFINED NETWORKING ARCHITECTURE
- Data communication networks typically consist of enduser devices, or hosts interconnected by the network infrastructure.
- As mentioned previously, the so-called Internet “ossification” [71] is largely attributed to the tight coupling between the data– and control planes which means that decisions about data flowing through the network are made on-board each network element.
- The deployment of new network applications or functionality is decidedly nontrivial, as they would need to be implemented directly into the infrastructure.
- As visualized in Figure 1, the separation of the forwarding hardware from the control logic allows easier deployment of new protocols and applications, straightforward network visualization and management, and consolidation of various middleboxes into software control.
A. Current SDN Architectures
- The authors review two well-known SDN systems, namely ForCES [40] and Openflow [71].
- ForCES defines a logic entity called the Forwarding Element (FE), that implements the ForCES protocol, i.e. the communication protocol between FEs and CEs, and is responsible for using the underlying hardware to provide per-packet handling.
- The protocol works based on a master-slave model, where FEs are slaves and CEs are masters.
- Driven by the SDN principle of decoupling the control– and data forwarding planes, OpenFlow [71], like ForCES, standardizes information exchange between the two planes, also known as OpenFlow.
- In the OpenFlow architecture, the forwarding device, or OpenFlow switch, contains one or more flow tables.
B. Forwarding Devices
- Forwarding devices such as switches and routers in a software-defined network are often represented as basic forwarding hardware accessible via an open interface, as the control logic and algorithms are off-loaded to a controller.
- Hybrid switches support OpenFlow in addition to traditional operation and protocols.
- Some recent proposals [68], [74] have advocated adding a general-purpose CPU, either onswitch or nearby, that may be used to supplement or take over certain functions and reduce the complexity of the ASIC design.
- Preliminary results reported show a packet switching throughput increase up to 25% compared to the throughput of regular software-based OpenFlow switching.
- Simulation validation of the proposed model is presented.
D. Southbound Communication: Controller-Switch
- An important aspect of SDNs is the link between the data-plane and the control-plane.
- As forwarding elements are controlled by an open interface, it is important that this link remains available and secure.
- The OpenFlow protocol can be viewed as one possible implementation of controller-switch interactions, as it defines the communication between the switching hardware and a network controller.
- For security, OpenFlow 1.3.0 provides optional support for encrypted TLS communication and a certificate exchange between the switches/controller(s); however, the exact implementation and certificate format is not currently specified.
- Also outside the scope of the current specification are fine-grained security options regarding scenarios with multiple controllers, as there is no method specified to only grant partial access permissions to an authorized controller.
E. Northbound Communication: Controller-Service
- External management systems or network services may wish to extract information about the underlying network or control an aspect of network behavior or policy.
- Additionally, controllers may find it necessary to communicate with each other for a variety of reasons: an internal control app may need to reserve resources across multiple domains of control, a primary controller may need to share policy information with a backup, etc.
- Unlike controller-switch communication, there is no currently accepted standard for northbound interactions and they are more likely to be implemented on an ad hoc basis for particular applications.
IV. SDN DEVELOPMENT TOOLS
- SDN facilitates network evolution and innovation by allowing rapid deployment of new services and protocols.
- The authors provide an overview of currently available tools and environments for developing SDN-based services and protocols.
A. Emulation and Simulation Tools
- Mininet [64] allows an entire OpenFlow network to be emulated on a single machine, simplifying the initial development and deployment process.
- New programs can first be developed and tested on an emulation of the anticipated deployment network before moving to the actual hardware.
- The ns-3 [55] network simulator supports OpenFlow switches within its environment, though the current version only implements OpenFlow v0.89.
B. Available Software Switch Platforms
- There are currently several SDN software switches available that can be used, for example, to run a SDN testbed or when developing services over SDN.
- Table I presents a list of current software switch implementations with a brief description including implementation language and the OpenFlow standard version that the current implementation supports.
C. Native SDN Switches
- One of the main SDN enabling technologies currently being implemented in commodity networking hardware is the OpenFlow standard.
- But rather give a brief list of a few options on what is currently available in the market and give a status about OpenFlow version compliance.the authors.
- One clear evidence of industry’s strong commitment to SDN is the availability of commodity network hardware that are OpenFlow enabled.
- Table II lists commercial switches that are currently available, their manufacturer, and the version of OpenFlow they implement.
D. Available Controller Platforms
- Table III shows a snapshot of current controller implementations.
- Below, the authors provide a brief overview of the controllers listed in Table III. POX [17] is a general, open-source SDN controller written in Python. NOX [49] was the first OpenFlow controller written in Python and C++. MUL [9] is an OpenFlow controller that has a C-based multi-threaded infrastructure at its core.
- Maestro [30] is a network operating system based on Java; it provides interfaces for implementing modular network control applications and for them to access and modify network state.
- Included in Table III are also two special purpose controller implementations: Flowvisor [89], mentioned previously, and RouteFlow [79].
- The routing engines generate the forwarding information base (FIB) into the Linux IP tables according to the routing protocols configured (e.g., OSPF, BGP).
E. Code Verification and Debugging
- Verification and debugging tools are vital resources for traditional software development and are no less important for SDN.
- The main benefit of this approach is that it is protocol-agnostic; it will also catch errors that result from faulty switch firmware or inconsistencies with the control plane communication.
- VeriFlow [60] has a similar goal, but goes further by proposing a real-time verification tool that resides between the controller and the forwarding elements.
- Other efforts propose debugging tools that provide insights gleaned from control plane traffic.
- STS [19] is a software-defined network troubleshooting simulator.
V. SDN APPLICATIONS
- Software-defined networking has applications in a wide variety of networked environments.
- By decoupling the control– and data planes, programmable networks enable customized control, an opportunity to eliminate middleboxes, as well as simplified development and deployment of new network services and protocols.
- Below, the authors examine different environments for which SDN solutions have been proposed or implemented.
A. Enterprise Networks
- Enterprises often run large networks, while also having strict security and performance requirements.
- Furthermore, different enterprise environments can have very different requirements, characteristics, and user population, For example, University networks can be considered a special case of enterprise networks: in a University environment, many of the connecting devices are temporary and not controlled by the University, further challenging security and resource allocation.
- Additionally, Universities must often provide support for research testbeds and experimental protocols.
- In the case of more complex middleboxes with functionalities that cannot be directly implemented without performance degradation (e.g., deep packet inspection), SDN can be used to provide unified control and management[46].
- The work presented in [86] addresses the issues related to consistent network updates.
B. Data Centers
- Data centers have evolved at an amazing pace in recent years, constantly attempting to meet increasingly higher and rapidly changing demand.
- Heller et al. [53] indicates that much research has been focused on improved servers and cooling (70% of total energy) through better hardware or software management, but the data center’s network infrastructure (which accounts for 10-20% of the total energy cost) still consumed 3 billion kWh in 2006.
- While simplified traffic management and visibility are useful, it must be sensibly balanced with scalability and performance overheads.
- The OpenRoads project [109], [108] envisions a world in which users could freely and seamlessly move across different wireless infrastructures which may be managed by various providers.
- Based on the idea of separation of the decision and forwarding planes, an operator may express decision plane rules and corresponding actions, which are assembled from processing plane modules (e.g., FFT, Viterbi decoding, etc); the end result is a state machine that expresses a fully-functional protocol.
D. Home and Small Business
- Several projects have examined how SDN could be used in smaller networks, such as those found in the home or small businesses.
- As these environments have become increasingly complex and prevalent with the widespread availability of lowcost network devices, the need for more careful network management and tighter security has correspondingly increased.
- Poorly secured networks may become unwitting targets or hosts for malware, while outages due to network configuration issues may cause frustration or lost business.
- Calvert et al. [31] assert that the first step in managing home networks is to know what is actually happening; as such, they proposed instrumenting the network gateway/controller to act as a “Home Network Data Recorder” to create logs that may be utilized for troubleshooting or other purposes.
A. Controller and Switch Design
- SDN raises significant scalability, performance, robustness, and security challenges.
- Below the authors review a number of research efforts focusing on addressing these issues at the switch– and controller design level.
- The work proposed in [74] advocates replacing counters on ASIC by a stream of rule-matching records and processing them in the CPU to allow efficient access to counters.
- FLARE [78] is a new network node model focusing on “deeply programmable networks” that provides programmability for the data plane, the control plane, as well as the interface between them.
- The work presented in [26] discusses important aspects in controller design including hierarchical control, data model, scalability, and extensibility.
B. Software-Defined Internetworking
- The Internet has revolutionized the way we, as individuals and as a society, live, work, conduct business, socialize, get entertainment, etc.
- As a result, the Internet is now considered part of their society’s critical infrastructure much like the power, water, and transportation grids.
- This has led the research community to examine “clean-slate” solutions [44].
- Environments whose administration is inherently decentralized, like the Internet, call for a control plane that is logically distributed.
- The work in [83] proposes a software-defined Internet architecture that borrows from MPLS the distinction between network edge and core to split tasks between inter-domain and intradomain components.
C. Controller-Service Interaction
- While controller-switch (“southbound”) interaction is fairly well defined in protocols such as OpenFlow and ForCES, there is no standard for interactions between controllers and network services or applications (“northbound”).
- One possible explanation is that the northbound interface is defined entirely in software, while controller-switch interactions must enable hardware implementation.
- Procera [102] builds a policy layer on top of existing controllers to interface with configuration files, GUIs, and external sensors; the proposed policy layer is responsible for converting highlevel policies to flow constraints given to be used by the controller.
- Other SDN controllers can be used as a network backend to support virtualization in cloud operating systems, such as Floodlight for OpenStack [5] and NOX for Mirage [2].
F. Heterogeneous Network Support
- In the meantime, mobile traffic has been increasing exponentially over the past several years, and is expected to increase 18–fold by 2016, with more mobile-connected devices than the world’s population, which is already a reality [22].
- Self-organizing networks (e.g., wireless multi-hop ad-hoc networks) may form to extend the range of infrastructure-based networks or handle episodic connectivity disruptions.
- This is due to a number of factors including the use of shared physical medium compounded, wireless channel impairments, and the absence of managed infrastructure.
- While previous work has examined the use of SDN in wireless environments, the scope has primarily focused on infrastructure-based deployments (e.g., WiMAX, Wi-Fi access points).
VII. CONCLUDING REMARKS
- The authors provided an overview of programmable networks and, in this context, examined the emerging field of Software-Defined Networking (SDN).
- In Proceedings of the 2010 internet network management conference on Research on enterprise networking, pages 3–3.
Did you find this useful? Give us your feedback
Citations
3,589 citations
1,968 citations
1,634 citations
669 citations
Cites background or methods from "A Survey of Software-Defined Networ..."
...forwarding in ICN is aligned with the decoupling of the data plane and control plane in SDN [18]....
[...]
...Current Internet is information-driven, yet networking technology is still focused on the idea of location-based addressing and host-to-host communications [18]....
[...]
...OpenFlow provides optional support for encrypted Transport Layer Security (TLS) communication and a certificate exchange between the switches and the controller(s) [18]....
[...]
...ONF presents a high-level architecture for SDN that is vertically split into three main functional layers including infrastructure layer, control layer and application layer [9], [11], [18]–[20], as shown in Fig....
[...]
661 citations
Cites methods from "A Survey of Software-Defined Networ..."
...Leveraging the concepts of software and virtualization, SDN [157] and Network Function Virtualization (NFV) [158] are redefining the network architecture to support...
[...]
References
9,138 citations
"A Survey of Software-Defined Networ..." refers background or methods in this paper
...h) OpenFlow: Driven by the SDN principle of decoupling the control– and data forwarding planes, OpenFlow [71], like ForCES, standardizes information exchange between the two planes....
[...]
...In this section, we review two well-known SDN systems, namely ForCES [40] and Openflow [71]....
[...]
...As mentioned previously, the so-called Internet “ossification” [71] is largely attributed to the tight coupling between the data– and control planes which means that decisions about data flowing through the network are made on-board each network element....
[...]
...A group of network operators, service providers, and vendors have recently created the Open Network Foundation [13], an industrial-driven organization, to promote SDN and standardize the OpenFlow protocol [71]....
[...]
...In particular we described the SDN architecture in detail as well as the OpenFlow [71] standard....
[...]
3,556 citations
3,122 citations
"A Survey of Software-Defined Networ..." refers background in this paper
...by a number of architecture proposals, such as ContentCentric Networking (CCN), also known as the Named Data Networking (NDN) project [57]....
[...]
2,226 citations
1,890 citations
"A Survey of Software-Defined Networ..." refers background in this paper
...Mininet [64] allows an entire OpenFlow network to be emu-...
[...]
Related Papers (5)
Frequently Asked Questions (18)
Q2. How can SDN be used to simplify the network?
SDN can be used to simplify the network by ridding it from middleboxes and integrating their functionality within the network controller.
Q3. What is the main benefit of this approach?
The main benefit of this approach is that it is protocol-agnostic; it will also catch errors that result from faulty switch firmware or inconsistencies with the control plane communication.
Q4. What are some examples of middleboxes that have been implemented using SDN?
Some notable examples of middlebox functionality that has been implemented using SDN include NAT, firewalls, load balancers [51] [104], and network access control [80], etc.
Q5. What is the main reason why the controller is not physically distributed?
for increased scalability and especially for reliability and robustness purposes, it has been recognized that the logically-centralized controller mustbe physically distributed.
Q6. What is a framework for developing open flow controllers?
Trema is a framework for developing OpenFlow controllers written in Ruby and C. • Beacon is a cross-platform, modular, Java-based OpenFlow controller that supports event-based and threaded operation.
Q7. What are the potential downsides of a distributed control plane?
The potential downside are trade-offs [65] that may be made with consistency and staleness when distributing state throughout the control plane, which has the potential to cause applications that believe they have an accurate view to act incorrectly.
Q8. How many times fewer flow table entries were there over OpenFlow?
In a load-balancing simulation, their solution had 10-53 times fewer flow table entries and 10-42 times fewer control messages on average over OpenFlow.
Q9. What is the purpose of self-organizing networks?
Self-organizing networks (e.g., wireless multi-hop ad-hoc networks) may form to extend the range of infrastructure-based networks or handle episodic connectivity disruptions.
Q10. What is the main challenge facing future networks?
A major challenge facing future networks is efficient utilization of resources; this is especially the case in wireless multi-hop ad-hoc networks as the available wireless capacity is inherently limited.
Q11. How does the controller manage the flow?
This is accomplished by pushing responsibility over most flows back to the switches andadding more efficient statistics collection mechanisms, through which “significant” flows (e.g. long-lived, high-throughput) are identified and managed by the controller.
Q12. What is the reason why the northbound interface is still being developed?
Until a clear northbound interface standard emerges, SDN applications will continue to be developed in an ”ad hoc” fashion and the concept of flexible and portable “network apps” may have to wait.
Q13. Why is the data center provisioned for peak demand?
Due to the challenges of engineering networks of this scale and complexity to dynamically adapt to application requirements, it is often the case that data centers are provisioned for peak demand; as a result, they run well below capacity most of the time but are ready to rapidly service higher workloads.
Q14. What is the possible explanation for the northbound interface?
One possible explanation is that the northbound interface is defined entirely in software, while controller-switch interactions must enable hardware implementation.
Q15. What are the reasons controllers may need to communicate with each other?
controllers may find it necessary to communicate with each other for a variety of reasons: an internal control app may need to reserve resources across multiple domains of control, a primary controller may need to share policy information with a backup, etc.
Q16. What are some of the applications that will be able to be delivered over self-organizing?
Self-organizing networks may thus enable a variety of new applications such as cloud-based services, vehicular communication, community services, healthcare delivery, emergency response, and environmental monitoring, to name a few.
Q17. What is the common way to forward packets?
Another possibility, in the case of hybrid switches, i.e., switches that have both OpenFlow– and non-OpenFlow ports, is to forward non-matching packets using regular IP forwarding.
Q18. What are the actions to be performed when no match is found for an incoming packet?
These actions include dropping the packet, continue the matching process on the next flow table, or forward the packet to the controller over the OpenFlow channel.