OpenFlow And Network Value

Not much has changed in networking since the collapse of the dot-com bubble, with few new protocols or significant technology advances. While network infrastructure hasgotten faster and bigger, there has been limited innovation around improved routing protocols, management, operation, security or even better firewalls. In many ways, networking has stagnated while other IT infrastructure segments, such as servers and OS software, have matured swiftly.

On the positive side, network products have progressively become more reliable, more stable, and better understood by those who support and manage them. Networking is quickly becoming commoditized as the different vendor products from Cisco, Juniper and HP are increasingly undifferentiated. Products are reliable enough,software features are roughly at parity, and the performance of all vendors is roughly the same. There are some specific industries--such as high-performance computing or financial networks--that require something different and are met by niche providers such as Force10 at the high end. In situations where lots of low-cost equipment is in order, the likes of Extreme and Broadcom are providing equipment at the low end.

Consider the success of Cisco’s Catalyst 6500 chassis-based switch. First introduced in 1999 and upgraded many times, it is a true veteran product. The C6500 Supervisor 720 module is largely unchanged since its introduction in 2006, and is still widely sold today. Compare this with server and storage multigenerational developments in that time frame, and you can see the innovation gap more clearly.

In the current industry model, networking vendors create customer value by designing the silicon, chassis and operating software as a single source for a network product. Thus, Cisco has been designing and manufacturing chips for its switches and routers since its first phase of growth in the early 1990s. This ownership of the process means that Cisco has complete control over the product, its operation, utilization and the user experience. As a result, the customer perceives the greatest value in the network device, and not network management tools and applications that are less important and tend to act in a supporting role or as operational tools.

Consider network management applications, which were once the great hope of vendors and customers to extend the value of their networks by creating a tightly integratedsoftware product that could monitor and manage devices. Ten years later, HP OpenView, Bay Optivity and Spectrum have all failed to deliver and exist in niches. Even CiscoWorks is barely more than a nod to minimum requirements to tick the boxes on a tender.Therefore, a value model of network equipment could be represented like this and reflects the vendor value in the device:

It’s worth noting that while many protocols have been developed over the last decade to extend management and operational capability--such as BEEP and NetConf--none have been able to gain acceptance by the major vendors or the market.

But the rise of merchant silicon has changed this dynamic. Vendors such as Arista, Broadcom and Extreme, purchase and use merchant (or off-the-shelf) silicon or even entiresystems, and then differentiate offerings with their own operating system, command line interface (CLI) and APIs for integration with external systems. The hardware is the same for systems from many vendors, and the emphasis is on OS and implementation features at a low cost at acceptable to good performance

Enter OpenFlow. The announcement of OpenFlow has some people in networking optimistic that we are about to see a significant change in innovation and progress on network management. OpenFlow is a nascent networking specification that has three key elements: a software controller, the OpenFlow protocol and a client on the network device. It’s important to comprehend that all three elements combine to create a single coherent solution.

Consider the service process for the configuration and management of current devices and their management. The network policy is translated by network engineers intocommands that are commonly configured using SSH at the CLI. In this Information Technology Infrastructure Library (ITIL) process world, the value of the device is currently measured as the operational capability of theinterface. OpenFlow changes this paradigm by moving some of the configuration functions to a “controller.”The controller is a software application that can “program” the network by manipulating the forwarding tables on infrastructure and creating dynamic configuration that isoften described as Software Defined Networking. The controller derives forwarding paths through the network driven by algorithms, logic and process. The OpenFlowcontroller can be integrated with management applications providing automated network configuration change control. It’s the automation that is the current focus for many cloud companies and eagerly anticipated.

The wider impact of merchant silicon has seen the emphasis shift from manufacturing to features, and now it’s shifting to manageability. A network is a discontiguous system, with hundreds of individual elements all loosely coupled via routing protocols and spanning tree. An Ethernet switch that has a minimal OS can be “programmed” by OpenFlow. The switch OS is simple, possibly Open Source and a commodity product.

The impact to the perception of product value is significant. Instead of the focus being completely on the network device, primary functions will shift to the controller. Thus, the value proposition moves from the equipment to the software controller.

Because the configuration complexity has now been shifted into the controller, the profile of network equipment is much reduced. Day-to-day administration activities such as virtual LAN (VLAN) creation, port allocation and access control lists (ACLs) can now be handled by an OpenFlow controller. The controller can be rules-driven or heuristically capable. Importantly, it will also have a coherent view of all devices in its database, and will be able to model configuration changes ensuring they are sane and correct before deployment.

Compare this with your network designer, who must be able to sort through hundreds of details and options to be able to determine the requirements for any change to the network from his or her own experience. The reduction in operational friction is perfect for public and private cloud networks in the data center, but also for large campus networks with switches and wireless devices, where the operational challenge is huge.In addition, The OpenFlow specification offers deeper functionality by providing the ability to more fully control the forwarding table inside the network device, but thisfunctionality seems like it will take longer to arrive. Future Openflow controllers may be able to provide advanced capabilities and automation. The centralizedforwarding database and software controller means that your entire wired and wireless network can become a firewall at the edge through flow table manipulation. Even further in the future, the controller will be able to program edge networking devices to act as load balancers by manipulating the forwarding table to use different paths across the backbone, possibly on a constantly changing basis.

Because the controller software becomes the primary focus for the day-to-day management, it moves the critical point for the network away from the devices and their operating systems. For some companies, this means that they no longer need to invest in expensive proprietary software that provides functions they do not use. Combine this with merchant silicon, and there will be a new market for low-cost, low-value Ethernet network devices that provide simple support for OpenFlow. There are already companies taking merchant silicon from Broadcom and Fulcrum Micro to produce extremely low-cost Ethernet switches that have a forwarding table and an OpenFlow client support. This is opening a whole new market segment for “whitebox” switches to compete against the established vendors.

The value proposition of OpenFlow is that it reduces the friction of implementing network changes for many organizations. In public cloud networks, where low cost is a primary driver, it’s likely there will be a move to adopt OpenFlow as the primary configuration tool for almost all network requirements and to downshift purchasing even further to “white box” hardware to achieve lowest possible capex and opex while building flexibility and faster deployment speeds. The OpenFlow software networking will enable public clouds to dynamically adapt to changes and improve service levels with intelligent management platforms. In the future, deeper manipulation and control of the forwarding table will offer a range of performance, forwarding and security features that further extend the network’s value.

Enterprise and private clouds will still deploy “full service” network switches because their software and applications require much greater diversity and flexibility. OpenFlowwill offer significant operational benefits as many repetitive functions will be moved into the OpenFlow controller, and indications suggest that VMware/Citrix and KVMare already moving to implement OpenFlow controller functions as way of improving their provisioning. The future possibilities of OpenFlow to manipulate the forwarding table have much greater impact on the enterprise by creating new design options and features for new services.

For the major vendors, it means that OpenFlow is changing the product landscape. Public clouds don’t buy a lot of Cisco or Juniper today because it’s too expensive and they don’t use the features. This is set to continue and deepen over time. For the enterprise, the reliance on IOS or JunOS will be reduced, and much more business value will reside in the OpenFlow controller as the primary network management tool. Of course, if OpenFlow reaches its potential, then all the major vendors will have OpenFlow controllers for sale, but it remains a disruptive force and the market dominance of Cisco is likely to be further undermined.

The OpenFlow controller offers orchestration and integration with virtualization platforms that have never been possible. By reducing the friction between the server and the network, customers will get improved IT infrastructure. Using software to more effectively use the network in the data center and the campus means even more advances in the near future. OpenFlow is definitely one to watch.

See more on this topic by subscribing to Network Computing Pro Reports Research: IT Automation (subscription required).