By taking a completely new approach to networking, SDN is all about innovation. Out with CLI, in with programming! In separating the data and control planes with an eye on making networks agile and flexible, software-defined networking is fundamentally cutting-edge technology.
Still, for all its inherent innovation, software-defined networking isn't really a new kid on the block anymore. The industry has been talking about it for a few years now, and organizations -- mainly large Internet companies -- are deploying it. Growing numbers of enterprises are beginning to implement it, or at least develop SDN roadmaps. In a recent report, Gartner estimated that there are about 1,000 enterprise SDN data center deployments, about three times more than a year ago.
Given SDN's growing role in some data centers and the expanding SDN market, we thought it would be interesting to poll some networking industry experts to find out what SDN technology has impressed them as the most innovative so far this year. There's a lot going on in the SDN market, and these experts are keeping tabs on the latest and greatest developments. Continue on to find out what's piqued their interest for taking SDN to a new level.
"The innovation in this area is strong, attracting a number of startups as well as some incumbents into the space. The innovation comes in that SD-WAN thinks about routing in a whole new way. Traditional routing protocols are focused on finding the 'best path' using a fairly simple metric that ends up with a one size fits all result. However, a true 'best path' through a WAN is actually complex, changing often, and variable depending on the type of traffic traversing the WAN," said Ethan Banks (@ecbanks), a network architect and Packet Pushers Podcast host. "SD-WAN throws out the traditional routing paradigm and computes "best path" in a way that correlates to business policy requirements, SLAs, traffic classes, security needs, and changing traffic conditions. The end result is a WAN fabric that is transport and carrier agnostic, as well as independent of traditional routing protocols."
"With around 10 companies that I'm aware of releasing products in this space, it's probably the best application of SDN I've seen, and the one most likely to actually see some adoption in the near term, especially by companies who don't want to have to develop their own solution," said John Herbert (@mrtugs), a network pro and blogger. "I'm going to call it innovative because it's what I've been asking for since I first heard of SDN, i.e., an off-the-shelf solution that gets on with its job without requiring you to have a team of coders maintaining it. Point, click, let the system do the clever stuff. It's bleeding edge only in the sense of 'new product on the market' rather than the very latest thought leadership out there, but as a solution it's very applicable to many businesses and it just happens to have a 'Contains SDN ✔' sticker on the box."
Nuage Networks Virtualized Services Platform
"The most innovative SDN technology Ive seen this year is the Nuage Networks Virtualized Services Assurance Platform. The team has gone a long way to ensure that our biggest concerns about the network are being addressed in the overlay," wrote Tom Hollingsworth (@networkingnerd), a network engineer and blogger. "We shouldnt need to mess around with the underlay to find out if its working correctly to provide applications and services. We should have an engine that takes care of all that work for us. Thats what Nuage is providing. Its a network management platform they way those systems should be built."
"Without this type of functionality, it will be difficult to pinpoint the cause of problems that are affecting applications running on an SDN," said Terry Slattery (@netcraftsmen), principal engineer at network consulting firm NetCraftsmen.
ONOS distributed controller architecture
"In service provider networks, scale is a huge challenge. SPs need to handle hundreds of thousands of path setups as well as track potentially millions of state changes per second. Centralized SDN controllers can struggle to scale to these sorts of requirements, because they are designed to work on a single platform -- a single platform can only scale so big. ON.Lab has designed ONOS to be a different sort of controller in this regard," network architect Ethan Banks (@ecbanks) said. "ONOS is a distributed controller that uses well-known distributed computing principles to run ONOS on as many hosts as required to scale the solution for service provider needs. While most SDN controllers run in a cluster and several are able to federate multiple SDN domains together, I'm not aware of any controller architecture other than ONOS that follows a truly distributed computing paradigm."
"OpenConfig is an informal collaboration among a bunch of network operators (Google, Facebook, Verizon, AT&T and more) that attempts to apply SDN concepts to the management plane of networking. SDN has so far focused very much on innovating in the control and data planes, so this is a refreshing change. With OpenConfig, these network engineers are coding a common data model with Yang that will simplify the process of large-scale network configuration and monitoring," wrote Shamus McGillicuddy (@ShamusEMA), senior analyst, Enterprise Management Associates.
"Today, networking vendors have built proprietary models for managing their own devices, and these models require a very imperative, device-by-device approach to configuration. Also, the models vary so much from vendor to vendor that it's difficult to maintain a simple, centralized approach to configuration and monitoring. Many engineers have to write a bunch of vendor- and device-centric scripts for making changes to the network. And the ability to understand the overall sate of the network with such an approach is impossible. ...The people behind OpenConfig are trying to build a vendor-agnostic data modeling approach that is more 'intent' based, where individual configs are abstracted away and engineers can think more in terms of overall topology. Instead of config files living on each individual switch, there is a central authoritative, vendor-agnostic data model that serves as the configuration authority. It takes high-level configuration logic from network engineers and translates it into specific configurations that it pushes out to all the devices, regardless of vendor or model."
""OpenConfig is basically some open source code at this point. It's unclear to me how it will be productized and brought into the mainstream. But the engineers who are working on it say they are collaborating with leading networking vendors, who would implement these data models in their software."
Image: Justin Marty
"I think the work by Facebook on its modular switch (yes, I realize its hardware, but there is a SDN aspect to it) is innovative," said Dan Conde (@dconde_esg), analyst at Enterprise Strategy Group. "The design is called hybrid SDN and its innovative because No. 1, the design came from an operator (not a vendor) and No. 2, each element is treated as a server, which enables management in a similar manner to the rest of the Facebook server fleet. Each switching element talks to a central controller (this is the SDN part).
"I'm not sure if this type of architecture will be adopted by enterprises soon, but a different approach from a large-scale operator can push the limits of whats technically possible if youre willing to start afresh."
"In my view one of the most useful and effective SDN technologies is 'micro-segmentation.' Traditional networks have been like a Ferrero Rocher, i.e., a hard crispy outside and a soft gooey inside. That means once you have penetrated this crispy coating, there are no additional boundaries to contend with and anything inside the hard perimeter is free to access anything it wants to, assuming its target is also inside the perimeter," wrote Colin Lynch (@UCSguru), principal consultant at Computacenter. "Previously internal segregation was an absolute pain to implement and manage, and was at best fairly static, i.e., it could not cope or adjust if something moved or changed, and if you needed to prevent two workloads on the same subnet from communicating you were in a world of MAC address filtering pain. And if you needed secure, isolated, multi-tenancy on the same infrastructure you might as well forget it!
"With the birth of policy-based firewalling in conjunction with a centralized SDN controller, dynamic micro-segmentation is now a reality, and its impact is so powerful it is changing the way networks are being designed. Every SDN vendor has its own method of micro-segmentation. Whether it be with the distributed firewall used within VMwares NSX or by using an Application Network Template within Cisco ACI, the fact remains micro-segmentation has changed and empowered the data center forever and customers are turning to SDN-based solutions purely for this one feature."
Image: Pete Linforth
Cavium XPliant Switch
At the Open Networking Summit 2015, chipmaker Cavium snagged the conference's annual SDN Idol award for its XPliant Switch. The product was one of four finalists selected on the basis of their business value, technology value, differentiation against competition, advancement of overall SDN, and live demo performances. The XPliant Switch Ethernet switch silicon is designed to provide flexible, high-performance OpenFlow support. Its architecture includes programmable tables plus flexible lookups and editing of packets. Cavium acquired XPliant last July for $90 million and was an early investor in the startup.