SDN: From Slideware to Software in 2013?

In a game of IT buzzword bingo, SDN would be near the top of anyone's list for 2012. But aside from ample quantities of tradeshow talk, most of the action was in the halls of finance, not on the floors of data centers. VMware's acquisition of SDN darling Nicira, for a mind-blowing $1.26 billion, served notice that the concept of a software-controlled network has legs. But if analyst predictions and vendor roadmaps are to be believed, 2013 should mark the point when SDN moves from being a debate topic to a serious technology alternative for network upgrades and redesigns.

For instance, IDC hiked its 2013 sales estimate of SDN by 80%, from $200 million to $360 million, on its way to $3.7 billion by 2016. That's an impressive CAGR of over 117%. While still tiny by comparison with an Ethernet switch market that runs over $5 billion per quarter, it does indicate SDN is moving into the networking mainstream.

Indeed, Ben Cherian, CSO of SDN startup Midokura (more on them later), with perhaps more than a bit of self-interest, predicts SDN buyouts will increase during the next couple years. He believes every major networking company will recognize the need to have an SDN strategy and put the technology pieces of the puzzle in place by acquiring one of the myriad SDN startups. That's already beginning to happen, with Juniper Networks' $176 million acquisition of Contrail Systems, an SDN startup that was snapped up before the company even officially launched. Cisco Systems also bought two SDN-related startups in 2012, Insieme and vCider.

Yet for SDN to hit IDC's aggressive sales targets, the underlying technology must not only mature, but segment. It may start in 2013 with the industry settling on terminology and a few clearly defined use cases that illustrate concrete and measurable benefits of an SDN-based approach over traditional alternatives, the groundwork for what Cherian believes will be significant customer adoptions in 2014. Midokura is staking its fortunes on software-defined network virtualization, but other promising SDN product categories include improving carrier WAN resiliency, as a platform for L2 data center fabrics (à la OpenFlow), and automation of network device management and service deployments (e.g. Cisco onePK).

But SDN segmentation won't just occur along product lines and feature sets. 2013 will also mark the point at which distinct SDN technology and architectural categories emerge. OpenFlow grabbed the early mindshare, on the way to (prematurely, I believe) becoming the eponym for the entire category. But the contrast between OpenFlow and Midokura's MidoNet product illustrates two key SDN dividing lines that will become clearer as the year progresses.

Functionally, L2 packet forwarding and routing engines are distinct from software-defined virtual overlays on traditional Ethernet. Brad Hedlund makes a nice distinction between SDN re-inventing the physical network--that is, SDpN (software defined physical network)--and being a platform for the virtual network layer--that is, SDvN (software defined virtual network).

At the physical layer, a software-defined network based on a centralized controller that uses OpenFlow can serve as an alternative to standards like TRILL, SPB and MLAG, or proprietary protocols like Juniper QFabric, Brocade VCS or Gnodal Fabric to implement fast, flat, multipathing L2 networks. That's not the only benefit, of course, because applications can be created to take advantage of the programmatic interface in an OpenFlow controller (see Big Switch Networks), but it is a distinct approach to SDN.

Alternatively, and the path Midokura has chosen, is to ride SDN intelligence on top of existing data center networks, however they are implemented, to build virtualized L3 and L4 services. According to Cherian, not only does MidoNet extend traditional L2 vSwitch features like distributed switching and traffic isolation to L3, but it adds L4 services like ACLs/firewall, NAT, load balancing and virtual port and device monitoring. Essentially, MidoNet transforms a physical network of edge routers, fabric switches and virtualized servers into multiple logical (i.e., virtual) networks with separate virtual service provider routers (in public clouds) and tenant environments, each with its own virtual router, switches and host ports.

Next page: Getting Into the DifferencesArchitecturally, the OpenFlow/MidoNet contrast illustrates two ways of implementing SDN controllers: centralized (OpenFlow, Nicira) versus distributed (MidoNet). OpenFlow's control architecture resembles a client-server application model where a centralized controller (the server) manages and distributes the network state information and configuration to edge switches, hypervisors and VMs (the clients).

In contrast, MidoNet uses fully a fully distributed database (Apache Cassandra) and configuration management service (Apache Zookeeper) to maintain and share network state and configuration across every node in the network. Each MidoNet client has an automatically updated copy of the state database, which fully describes the network topology, flow table, routing rules and network policies, that effectively turns each physical VM host into an SDN controller; a situation that greatly simplifies the virtual network topology.

The obvious advantages of Midokura's approach are those that ascribe to any distributed architecture: scalable performance, fault-tolerance and resilience. But, by using commodity x86 boxes running the Quagga software router ganged together with commodity merchant silicon switches means, it's cheaper to build a MidoNet than traditional network designs. Furthermore, placing network controllers on every host offers the opportunity for tight integration between virtual network and private cloud infrastructure, something that Midokura is piloting via an OpenStack Quantum plugin and associated Nova (compute service) network drivers to expose virtual network services like every other compute and storage cloud resource to OpenStack clouds.fs

But such tight OpenStack integration is a double-edged sword because it means users of VMware or Hyper-V are out of luck. Although, as Hedlund speculates, since Microsoft's virtual networking code is somewhat less proprietary than VMware's, "in theory MidoNet could be a virtual networking solution for customers choosing to build their cloud with Microsoft." Another potential problem is host overhead, because the MidoNet client is definitely not lightweight. That said, overhead should be relatively minimal as there are more than enough CPU cycles on today's eight- to 12-core servers to go around, particularly when you balance any server performance loss against the benefits of a virtualized L3/L4 network.

2013 should be a year of turning SDN visions and trial balloon product announcements into viable product strategies and pilot projects. But look for the market to stratify as it matures, with this segmentation fueling another round of heady debate between proponents of centralized-versus-distributed controller topologies. Market maturation will also lead to a raft of higher-level SDN-based services, as Midokura's L3/L4 capabilities and Cisco's onePK network automation solutions give a tantalizing preview of the myriad ways software control can be applied to both virtual networks and physical equipment.

Kurt Marko is an IT pro with broad experience, from chip design to IT systems. He writes for Network Computing, InformationWeek and InformationWeek Reports.