Essay: Software Defined Networks: Use Cases

Abstract
Software Defined Networking (SDN) is a gradually evolving approach to network design and functionality based on the capability to programmatically alter the behavior of network devices. It will make networks more flexible, dynamic, and cost-efficient, while greatly simplifying operational intricacy. There are several use cases of SDN which would aptly deal with the emerging trends in the computing industry. Among them some of the real world use cases are considered in this paper. This paper’s main focus will be to define, review and understand SDN and its use cases. A use case is a system engineering term that describes how a user uses a system to accomplish a particular goal. Further, this paper examines how recent advances in software-defined networking (SDN) and network programmability can be used to simplify operations, enhance agility, and support the recent advances such as cloud computing, data centers, big data science. Specific attention will be given to the cloud computing use case. As an example of this use case ‘Andromeda’, the Software Defined Network underlying Google’s cloud is discussed. The analysis of the use cases provide real-world examples as well as snippets of code, which developers can use as guides when customizing their own networks. In future when working on customizing the SDN for particular environments the results of the analysis of use cases can be used to directly suit the SDN for that environment globally.
1. INTRODUCTION
The emergence of Software Defined Networking (SDN) [14] has sparked significant interest in rethinking classical approaches to network architecture and design. SDN [8] [17] is a concept that is to break with the traditional networks where the switch decides the actions to do. The SDN concept was introduced by Nick McKeown [9], a professor at Stanford University and is based on defining a model where all switches move the capacity of decision to a central element, to a controller. The SDN concept is closely related to the following idea: the Network as a service. SDN [2] makes it possible to manage an intact network in software, by writing programs that alter network activities to go well with specific applications and environments. SDN programmers deal with several complications related to two-tiered architecture, low level operations and event reordering.
An SDN ‘program’ has two distinct components: the controller to program it and the packet processing rules installed on switches. These pieces have intricate dependencies that make reasoning difficult’e.g., installing or removing a rule can prevent the controller from receiving future network events. Hence, a programmer must reason about the behavior of the controller program, the rules on switches, and the interactions between the two via asynchronous messages.
SDN platforms such as OpenFlow force programmers to use a low-level API to express high-level intentions, which makes reasoning about SDN unnecessarily hard. Recent revisions of OpenFlow expose even more hardware details, such as multiple typed tables, port groups, and vendor-specific features, which makes the problem worse.
Hardware switches employ a number of techniques to maximize performance, including reordering controller messages. This makes the semantics of SDN programs highly non-deterministic, further complicating reasoning. For example, in the absence of barriers, a switch may process messages from the controller in any order.
SDN technology allows network operators to specify network services, without coupling these specifications with network interfaces, which will simplify extending VLANs (network segments) beyond the building perimeter, increasing the chances of data remaining secure and quickly changing to network requirements [7].
SDN architecture is depicted in Figure 1. Control plane is physically decoupled from the data forwarding plane and provides centralized control over the network. The controlling is logic may be run by a server which decides where and how to forward packet and data plane resides on network switch which forward packets by flow tables(similar to routing table and access control list(ACL))[12].
Figure1: Software Defined Network Architecture
The separation of the forwarding hardware from the control logic allows easier deployment of new protocols and applications, straightforward network visualization and management, and consolidation of various middleboxes into software control. Instead of enforcing policies and running protocols on a convolution of scattered devices, the network is reduced to ‘simple” forwarding hardware and the decision-making network controller(s). The forwarding hardware consists of (1) a flow table containing an entry and an action to take on active flows; and (2) an abstraction layer that securely communicates with a controller about new entries that are not currently on the flow table.
Software Defined Networks (SDN) gives network designers freedom to refactor the network control plane [5]. SDN aims to reduce network reaction time to traffic changes by moving path allocation from individual devices to centralized controller software that lives on a workstation or server. The controller component communicates with each device in the network, receiving updates on load and link status and then managing the traffic flows among the devices. When a data source begins communication with a destination across the network, the controller determines an optimal path through the network based on existing load and network status. The controller then creates a flow defined by source and destination addresses and communicates with each device along the path, informing them of the new flow and how to handle packets in the flow.
2. OVERVIEW OF USE CASES
A use case is a system engineering term that describes how a user uses a system to accomplish a particular goal. As software-defined networking (SDN) and Network Functions Virtualization (NFV) becomes more widely adopted, there have been a multitude of SDN & NFV use cases proposed to solve today emerging networking problems. Following are the most common SDN and NFV use cases as shown in Table 1:
Table1: Use Cases of SDN
Use Case Use Case
Description Use Cases
Network Access Control Set appropriate privileges for users or devices accessing the networks, including access control limits. 1. Campus NAC
2. Remote Office / Branch NAC
3. M2M NAC
4. Unified Communications Optimization
Network Virtualization Creates an abstracted virtual network on top of a physical network, allowing a large number of multi-tenant networks to run over a physical network. 1. Data Center Virtual Networks
2. Campus / Branch Virtual Networks
3. Data Center Micro Segmentation
4. Network Functions as a Service
Dynamic Interconnects Creation of dynamic links between locations. 1. Dynamic Enterprise VPN
2. Cross Domain Interconnect
3. Multi-Layer Optimization
Virtual Core and Aggregation Virtualized core systems for service providers including support infrastructure 1. vEPC & vIMS
2. vPE
3. Mobile Network Virtualization
Datacenter Optimization Using SDN and NFV, optimizing networks to improve application performance by detecting and taking into account affinities. 1. Big Data Optimization
For data centers, network virtualization for multi-tenants is an important use case as it offers better utilization of resources and faster turnaround times for creating a segregated network.
The Virtual Network Overlay relies on a completely virtualized network infrastructure and services to abstract the underlying physical network, which allows the overlay to be mobile to other physical networks. This is an important requirement for cloud computing, where applications and associated network services are migrated to cloud service providers and remote data centers on the fly as resource demands dictate. Network virtualization is the ability to create an abstracted virtual network on top of a physical network, allowing a large number of multi-tenant networks to run over a physical network, spanning multiple racks in the datacenter or locations if necessary, including fine-grained controls and isolation as well as insertion of acceleration or security services. Network virtualization [10] provided by the software defined networks is the key to the current and future success of cloud computing. The key reasons for virtualization are:
(1) Sharing: When a resource is too big for a single user, it is best to divide it into multiple virtual pieces, as is the case with today’s multi-core processors. Each processor can run multiple virtual machines (VMs), and each machine can be used by a different user. The same applies to high-speed links and large-capacity disks.
(2) Isolation: Multiple users sharing a resource may not trust each other, so it is important to provide isolation among users.
(3) Aggregation: If the resource is too small, it is possible to construct a large virtual resource that behaves like a large resource. This is the case with storage, where a large number of inexpensive unreliable disks can be used to make up large reliable storage.
(4) Dynamics: Often resource requirements change fast due to user mobility, and a way to reallocate the resource quickly is required.
(5) Ease of management: Virtual devices are easier to manage because they are software- based and expose a uniform interface through standard abstractions.
SDN (software-defined networking) is a vital component of effective cloud computing for both the provider and the customer. In fact, it should involve more than just the network — and extend to all aspects of the infrastructure, from the data center environment to server processing resources. This expanded definition is termed SDI (software-defined infrastructure).
SDN can be used to program the switches to provide optimal flow paths during each stage of the Big Data analysis ‘ enabling better QoS between the servers than need it, or dedicating more cross-links between servers based on which stage of the analysis is in progress. Network Access Control (NAC) is the ability to set appropriate privileges for users or devices accessing the networks, including access control limits, incorporation of service chains as well as appropriate quality of service. Generally follows the user/device as they connect from different parts of the network.
Andromeda is an SDN based substrate for Google’s network virtualization efforts. An Andromeda controller is the orchestration point for provisioning, configuring and managing virtual networks and in-network packet processing. It orchestrates across virtual machines, hypervisors, operating systems, network interface cards, top-of-rack switches, fabric switches, border routers and network peering edge. Google’s high network performance comes from its ability to control every single component throughout the network stack. The Andromeda technology allows Google to offer developers “distributed-denial-of-service (DDoS) protection, transparent service load balancing, access control lists, and firewalls” along with bandwidth provisioning, virtual machine migration, and increased performance regarding network latency.
3. LITERATURE REVIEW
Thomas D. Nadeau et al. [20] described SDN as ‘an architectural approach that optimizes and simplifies network operations by more closely binding the interaction among applications and network services and devices, whether they are real or virtualized’. Mendonca et al. [11] stated that ‘Software’Defined Networking (SDN) has been proposed as a way to programmatically control networks, making it easier to deploy new applications and services, as well as tune network policy and performance. The key idea behind SDN is to decouple the data- from the control plane by: (1) removing control decisions from the forwarding hardware, (2) allowing the forwarding hardware to be ‘programmable’ via an open interface, and (3) having a separate entity called ‘controller’ defined by software the behavior of the network formed by the forwarding infrastructure, thereby creating a ‘software defined network’.
Grandl et al. [15] proposed a system called Harmony that manages aspects of compute, storage, and networks for Software-Defined Clouds (SDCs). Baset et al. [16] discussed how the concepts that compose SDCs can be leveraged to achieve efficient fault recovering and enhanced understanding of what constitutes regular system operation’ a feature authors call ‘operational excellence’. The proposed architecture focuses on high level features that enable operational excellence, and therefore it complements the features proposed by our architecture that enable the realization of the concept of SDCs.
Recent research on system virtualization focused on optimizing the technology for cloud data centers, in order to improve its security [6], or providing scalable management systems for the VMs in the data center [4]. Network virtualization has been extensively studied to augment the standard network technologies stack, which is hard to modify. Chowdhury and Boutaba [13] present an extensive survey in the area. Koponen et al. [18] presented a system enabling network virtualization in multi-tenant data centers such as cloud data centers. The technology is based on the concept of network hypervisor. Software-Defined Networking is a core emerging concept enabling SDCs. In this field, Koponen et al. [19] proposed a system, called Onix, that operates as a control platform in large-scale data centers.
Monsanto et al. [3] proposed an approach enabling composition of SDNs. This can be seen as an important step towards component-based SDNs and SDN elements, which in turn will enable reuse of infrastructures and easier description of networks by users (which will be able to use ‘network templates’ to describe their networking requirements).
Regardless the specific approach for realization of virtual networking in a cloud data center (network hypervisors or SDNs), the problem of mapping computing and network elements to physical resources, as well as mapping virtual links into physical paths, needs to be addressed. A survey on this problem’Virtual Network Embedding (VNE)’has been proposed by Fisher at al. [1].
4. OBJECTIVES OF THE STUDY
The main objective of the study was to have an in-depth knowledge of the overall concept of Software Defined Networks and the understanding of the use cases. However, the specific objectives of the study are:
1. To study Software Defined Networking (SDN) concepts and techniques in detail.
2. To have an understanding of the different SDN use cases.
3. To define a solution for one of the use case.
5. RESEARCH METHODOLOGY
Extensive analysis of books, research papers, blogs and any kind of information available on the internet was done. Based on the analysis an understanding was developed on SDN and its use cases. Using the concepts and techniques of SDN a solution has been defined for one of the use case.
6. Analysis
For any of the real world environment SDN gives us the freedom to customize the network according to the needs of that environment. This forms the basis of the different use cases of the SDN. To customize the network we need to first get the properties and settings for the particular application. For the system property, the settings involve for the CPU, memory, platform, serial number, versions etc.
For the interface property, the settings involve the management of port, slot, errors, configuration, link changes etc. For the discovery of the network involved the settings are to be made of the topology graph, edges, nodes, and topology changes.
Of all the use cases of SDN an in-depth analysis has been done for the campus networks. Today’s campus networks are facing major challenges. Mobile clients, video, and the ever-growing number of connected devices and applications are rapidly changing the network landscape, no matter whether the campus is corporate or educational. These dramatic changes tax the ability of current solutions to deliver agility, performance, and seamless user experience. One of the primary reasons for these challenges is that network technology evolution is simply not keeping pace with evolving demands. Software Defined Networking (SDN) can alleviate these challenges, offering flexibility and the ability to develop new capabilities quickly and cost-effectively. Today’s tech-dependent campuses require IT groups to support diverse sets of:
‘ Users: employees, customers, visitors, students, faculty, etc.
‘ Devices: Smart phones, tabs, laptops, desktops, cameras, IP phones, etc.”’which could be owned by the users themselves rather than by the organization
‘ Applications: business-critical and financial, collaboration, physical security, sensors, Internet, and casual gaming applications.
Typical campus network architectures are structured into three layers’core, aggregation/distribution, and access’that connect diverse endpoints, as shown in Figure 2. Typically, Layer 2 is used for the access layer, and Layer 3 is used for the core layer. Wireless is yet another layer and typically deployed as an overlay. This not only increases management costs and complexity (because wired and wireless networks are separate), it also precludes a seamless user experience (because the two networks provide different capabilities and feature sets).
Figure2: Architecture of Typical Campus Network
Because campus networks are by nature heterogeneous, they are often difficult to manage, leading to excess costs along with scalability and reliability problems. Network configuration changes are subject to lengthy provisioning times and configuration errors because network devices must be configured individually, typically through the CLI or proprietary element management systems.
An OpenFlow-based SDN network architecture simplifies the campus network while offering significantly greater flexibility.
‘ Rapid service deployment and tear down without impacting other logical networks, thanks to network virtualization.
‘ Improved service availability because alternate paths can be pre-computed, which also improves responsiveness compared with traditional network convergence upon topology changes.
‘ Traffic isolation of logical networks at both Layer 2 and Layer 3.
‘ Optimal resource utilization, because management, services, and applications are virtualized to maximize utilization while minimizing space and power consumption.
OpenFlow-based SDN introduces the multi-layer flow paradigm, which provides a higher level of control. By virtualizing the campus network in slices, granular policies can be applied to individual and/or groups of flows at the centralized controller, decoupling policy from hardware. Such policies are much simpler to enforce, especially for the increasingly mobile workforce. By slicing the network as shown Figure 3 for the multi-user environment we can make the network-as-a-service (NaaS). For each slice we have a separate controller which takes care of the user requirement in that particular slice. Now, these controllers also need to communicate among themselves so over all the controllers we have a Hypervisor to coordinate the activities of these in the software defined network.
Figure3: Solution for Campus Networks
Campus networks require logically partitioned networks, each with its own policy. Currently, solutions such as MPLS are used. Deploying and managing these technologies is static, time-consuming, and very cumbersome. SDN/OpenFlow-enabled switches enable these logical networks to be created on demand in a matter of minutes instead of weeks. These switches can also enforce flexible policies to control and limit interaction among the logical networks.
Figure4: SDN in Campus Networks
Figure 4 depicts a typical university network where a single physical network is shared by many diverse entities in a single location.
7. CONCLUSION AND FUTURE SCOPE
OpenFlow-based SDN can overcome the limitations with existing campus networks. Typically, a logical network is created by associating a physical port of a switch or VLAN to a specific logical network ID, with its own routing protocol instance and forwarding table. A port or a VLAN can belong to only one logical network and therefore cannot support multiple flows that terminate on different logical networks. With SDN, the controller can determine the logical network for every flow, and then tunnel the traffic to the end of the logical network. It becomes easier to define logical networks as needed, avoiding the need to create a routing protocol instance in every router for each logical network. This approach is scalable and much more flexible than VLAN/VRF approaches. In addition, SDN-based logical networks can easily be created, updated, and terminated based on dynamic requirements. By programming the traffic forwarding rules across the data forwarding devices, it becomes easy to reorder service execution and implement service chaining. In future using Floodlight controller for the different slices and the hypervisor the use case of campus network will be implemented using the emulation and simulation tools for SDN.
8. REFRENCES
[1] A. Fischer, J. F. Botero, M. T. Beck, H. de Meer, and X. Hesselbach, ‘Virtual network embedding: A survey,’ IEEE Communications Surveys & Tutorials, vol. 14, no. 4, pp. 1888’1906, Oct. 2013.
[2] A. Guha, M. Reitblatt Nate Foster ‘ Formal Foundations For Software Defined Networks’.
[3] C. Monsanto, J. Reich, N. Foster, J. Rexford, and D. Walker, ‘Composing software-defined networks,’ in Proceedings of the 10th USENIX conference on Networked Systems Design and Implementation, 2013.
[4] D. Nurmi, R. Wolski, C. Grzegorczyk, G. Obertelli, S. Soman, L. Youseff, and D. Zagorodnov, ‘The Eucalyptus open-source cloud-computing system,’ in Proceedings of the 1st workshop on Cloud Computing and its Applications, 2008.
[5] Dan Levin, Andreas Wundsam, Brandon Heller Logically Centralized? State Distribution Trade-offs in Software Defined Networks.
[6] F. Zhang, J. Chen, H. Chen, and B. Zang, ‘CloudVisor: retrofitting protection of virtual machines in multi-tenant cloud with nested virtualization,’ in Proceedings of the 23rd ACM Symposium on Operating Systems Principles, 2011.
[7] Gurbani, Vijay K., et al. “Abstracting network state in Software Defined Networks (SDN) for rendezvous services.” Communications (ICC), 2012 IEEE International Conference on. IEEE, 2012.
[8] How the emergence of OpenFlow and Software-Defined Networking (SDN) will change the networking landscape. Brocade. 2012.
[9] http://yuba.stanford.edu/. Nick Meckown
[10] Jain,R. Paul, S. ‘Network virtualization and software defined networking for cloud computing: a survey’ IEEE 2013.
[11] M. Mendonca, Bruno Astuto A. Nunesy, Katia Obraczka and Thierry Turlettiy in Software Defined Networking for Heterogeneous Networks University of California, Santa Cruz, USA.
[12] Mehdi M. A. Salehi, R. K. Pisipati, K. S. Deepak, and R. Buyya, ‘Preemptionaware energy management in virtualized datacenters,’ in Proceedings of the 5th International Conference on Cloud Computing, 2012.
[13] N. M. M. K. Chowdhury and R. Boutaba, ‘A survey of network virtualization,’ Computer Networks, vol. 54, no. 5, pp. 862’876, Apr. 2010.
[14] N. McKeown, T. Anderson, H. Balakrishnan, G. Parulkar, L. Peterson, J. Rexford, S. Shenker, and J. Turner. OpenFlow: enabling innovation in campus networks. ACM Sigcomm CCR, 38(2), 2008.
[15]R. Grandl, Y. Chen, J. Khalid, S. Yang, A. Anand, T. Benson, and A. Akella, ‘Harmony: Coordinating network, compute, and storage in software-defined clouds,’ in Proceedings of the 4th Annual Symposium on Cloud Computing, 2013.
[16] S. A. Baset, L. Wang, B. C. Tak, C. Pham, and C. Tang, ‘Toward achieving operational excellence in a cloud,’ IBM Journal of Research and Development, vol. 58, no. 2/3, Mar. 2014.
[17] Software-defined Networking: The New Norm for Networks. Open Networking Foundation. April 13, 2012.
[18] T. Koponen K. Amidon, P. Balland, M. Casado, A. Chanda,, ‘Network virtualization in multi-tenant datacenters,’ in Proceedings of the 11th USENIX Symposium on Networked Systems Design and Implementation, 2014.
[19] T. Koponen M. Casado, N. Gude, ‘Onix: A distributed control platform for large-scale production networks,’ in Proceedings of the 9th USENIX conference on Operating systems design and implementation, 2010.
[20] Thomas D. Nadeau, Ken Gray, ‘SDN: Software Defined Networks’, O’Reily Publications.