An approach to designing, building and operating large-scale networks that is essentially based on programming the forwarding decisions in routers and switches via software from a central server. Software-defined networking (SDN) differs from traditional networking, which requires configuring each device separately and which relies on protocols that cannot be altered.
The primary applications of SDN have been in wide area network (WAN) traffic engineering, datacenter network virtualization and monitoring. SDN gives network administrators the flexibility to customize their networks for their traffic requirements.
Separate the Control from the Forwarding
SDN routers and switches (“bare metal devices”) perform basic forwarding functions under program control from a central server that commands the hardware via the OpenFlow interface. Fewer built-in protocols and vendor-specific features in the hardware mean less complexity and greater reliability, and central control makes setting up new networks, as well as making changes, much easier than deploying scripts to each device or waiting for vendors to update their firmware. Software control also enables the creation of innovative forwarding algorithms, and simulating and testing them is simplified, because the hardware can be easily emulated. See SD-WAN.
SDN and OpenFlow
The OpenFlow protocol is the basic instruction set in SDN routers and switches. This protocol was standardized in 2009, and the first large-scale deployments occurred starting in 2011. See OpenFlow and NFV.
- Increased control with greater speed and flexibility: Instead of manually programming multiple vendor-specific hardware devices, developers can control the flow of traffic over a network simply by programming an open standard software-based controller. Networking administrators also have more flexibility in choosing networking equipment, since they can choose a single protocol to communicate with any number of hardware devices through a central controller.
- Customizable network infrastructure: With a software-defined network, administrators can configure network services and allocate virtual resources to change the network infrastructure in real time through one centralized location. This allows network administrators to optimize the flow of data through the network and prioritize applications that require more availability.
- Robust security: A software-defined network delivers visibility into the entire network, providing a more holistic view of security threats. With the proliferation of smart devices that connect to the internet, SDN offers clear advantages over traditional networking. Operators can create separate zones for devices that require different levels of security, or immediately quarantine compromised devices so that they cannot infect the rest of the network.