While traditional networks use dedicated hardware devices (routers and switches) to control network traffic, software-defined networking (SDN) uses software-based controllers or application programming interfaces (APIs) to direct traffic on the network and communicate with the underlying hardware infrastructure. SDN can create and control a virtual network or control a traditional hardware network with software.
While network virtualization enables the ability to segment different virtual networks within one physical network or connect devices on different physical networks into one virtual network, software-defined networking enables a new way of controlling the routing of data packets through a centralized server.
In SDN (like anything virtual), the software is decoupled from the hardware. SDN separates the two network device planes, moving the control plane that determines where to send traffic to the software, and leaving the data plane that actually forwards the traffic in the hardware. This allows network administrators to control the entire network via a single pane of glass instead of on a device by device basis.
There are three parts to a typical SDN architecture: applications, controllers, and networking devices. These three elements may be located in different physical locations. The process starts when an application communicates resource requests or information about the network as a whole to the controller. The controller then decides what to do with that information, or how to route a data packet, and gives instructions to the networking devices about where to move the data.
Physical or virtual networking devices actually move the data through the network. In some cases, virtual switches, which may be embedded in either the software or the hardware, take over the responsibilities (and even consolidate the functions) of physical switches into a single, intelligent switch. The switch checks the integrity of both the data packets and their virtual machine destinations and moves the packets along.
SDN gives network administrators more control over a network and allows them to make changes quickly. Developers program open standard software-based controllers instead of vendor-specific proprietary hardware devices to control the flow of traffic over a network, changing the network software instead of manually programming multiple individual hardware devices to get the same outcome. Networking administrators have more flexibility in choosing networking equipment since then can choose an open source protocol to communicate with any number of hardware devices through a central controller.
With a software-defined network, administrators can configure network services and allocate virtual resources to change the network infrastructure in real time through one centralized location. This allows network administrators to optimize the flow of data through the network, prioritizing applications like video conferencing or voice over IP that require more availability.
A software-defined network also provides enhanced security by allowing visibility into the entire network and a more holistic view of security threats. With the proliferation of smart devices that connect to the internet, SDN offers clear advantages over traditional networking. Developers can create separate zones for devices that require different levels of security, or immediately quarantine compromised devices so that they cannot infect the rest of the network.
While the premise of centralized software controlling the flow of data in switches and routers applies to all software-defined networking, there are different models of SDN. In open SDN, network administrators use a protocol like OpenFlow to control the behavior of virtual and physical switches at the data plane level. In SDN by APIs, instead of using an open protocol, application programming interfaces control how data moves through the network on each device.
A third type of software-defined networking, the SDN overlay model, runs a virtual network on top of an existing hardware infrastructure, creating dynamic tunnels to different on-premise and remote data centers. The virtual network allocates bandwidth over a variety of channels and assigns devices to each channel, leaving the physical network untouched.
Hybrid SDN combines software-defined networking with traditional networking protocols in one environment to support different functions on a network. Standard networking protocols continue to direct some traffic, while SDN takes on responsibility for other traffic, allowing network administrators to introduce SDN in stages to a legacy environment.
Many of today’s services and applications, especially when they involve the cloud, could not function without SDN. SDN’s main advantage is that it supports moving workloads around a network quickly. For instance, dividing a virtual network into sections, using a technique called network functions virtualization (NFV), allows telecommunications providers to move customer services to less expensive servers or even the customer’s own servers. Service providers can use a virtual network infrastructure to shift workloads from private to public cloud infrastructures as necessary, and to make new customer services available instantly.
SDN also makes it easier for any network to flex and scale as network administrators add or remove virtual machines, whether those machines are on-premise or in the cloud.