SDN - 10 years from idea to implementation
For any technology, and especially in the field of IT, 10 years is quite a noticeable period so that, on the one hand, it is possible to assess the penetration and impact on the infrastructure, on the other - to evaluate and predict future prospects. So, SDN - Software Defined Network - a software-defined network, has it become a kind of panacea, “unicorn” or bubble in the structure of telecommunications?
This concept was first presented at the 15th Usenix Security Symposium in Vancouver in August 2006 as part of the SANE report : A Protection Architecture for Enterprise Networks , and, oddly enough, this report was focused on the security of this network solution, because SANE used a “very conservative method of ensuring security - only a single central domain controller defined all rights and access to the network”. This report united three university schools - Stanford, Berkeley and Carnegie Mellon, however, Nicira, which was the first to implement projects based on SDN, included only Stanford and Berkeley, where in 2008 the first network based on SDN was deployed.
What is the difference between this network concept and IDN - Infrastructure Defined Networks?
SDN has three levels
')
It is the division into these three obvious levels and the creation of standards for the management and transmission of data that actually is the SDN. There was a small revolution, and from the world where iron producers ruled with their OS at the router level, a new world appeared, where they were offered new rules of doing business, new standards.
At the moment, the main actively developing and supported by the Open Networks Foundation organization, the standard for SDN is OpenFlow, an open standard that describes the requirements for a switch that supports the OpenFlow protocol for remote control.
With the help of existing routers, two main tasks are usually solved: data transfer (forwarding) - packet forwarding from the input port to a certain output port, and data management - packet processing and deciding where to send it further, based on the current state of the router.
The development of routers has so far proceeded along the path of converging these levels, but with a bias towards transmission (hardware acceleration, software improvement and the introduction of new functionality to increase the speed of decision making on routing each packet), while the control level remained fairly primitive and relied on complex distributed routing algorithms and convoluted instructions for configuring and configuring the network. Of course, the router software that implements the control level was proprietary and closed. Which led to our favorite technical certifications and vendor peel at exorbitant prices.
In the OpenFlow standard, the controller interacts with the switch via the OpenFlow protocol — each switch must contain one or more flow tables (group tables) and support the channel (OpenFlow channel) to communicate with the remote controller server. The specification does not regulate the controller architecture and API for its applications.
Thus, the sounded idea of ​​SDN to create a unified, vendor-independent network equipment, software-controlled interface between the controller and the network transport environment is reflected in the OpenFlow protocol, which allows users to determine and control who is with whom, under what conditions and with what quality interact online.
As in the 2006 report, the key element is the controller - although, if it was previously “engaged” in security issues, now its functions are wider - it is a separate physical server that can manage both one and several OpenFlow switches and contains a network an operating system that provides network services for low-level management of the network, network segments and the state of network elements, as well as applications that perform high-level control of the network and data flows.
Each controller has at least one application that controls the switches connected to this controller, and forms an idea of ​​the topology of the physical network under the control of the controller, thereby centralizing management.
This is all a boring and clever description, which ultimately leads to the fact that due to centralization, possible virtualization of networks and load management, practical results are measured in reducing operating costs due to more complete utilization of existing resources. Moreover, the introduction and addition of functionality to the data center does not lead to changes in the architecture, and therefore simplifies subsequent support. In fact, SDN allows you to build scalable clouds for specific tasks, while possessing great flexibility and “intelligence” in managing resources.
And what about our heroes, who first appeared in Vancouver, and then created Nicira and were the first to implement a number of commercial projects? In the middle of 2012, this company, along with all the developments, was bought for $ 1.26 billion by VMware, which led to a boom in purchases of such startups of the SDN market in 2012 - a total of about $ 1 billion was spent. At the moment, almost all of the world's leading IT and telecom vendors support and offer certain SDN-based solutions, and, despite 10 years of history, this technology is still considered promising and does not show everything that it is capable of in building highly loaded and secure solutions. . In the first five years, the SDN concept has come a long way - from a small report to first-born companies - pioneering companies that have managed to prove the benefits of the new network format. The actual result of the adoption by the telecom market of this principle has become both the migration of providers, for example, Google, and the recognition and support of this standard by the leading infrastructure telecom vendor - Cisco.
However, not everything was easy and simple, there were also difficulties - imagine what it means to play in a virtually monopolized market, undermining the primacy and supremacy of a generally recognized leader. The training of new specialists, the emergence of network architects of another level, who will see the potential and structure of networks in a completely new way, visualize and implement with the introduction of new ones. In addition, all the same, before making a profit by saving and full network load, SDN requires investments, if not in hardware, then in design, calculation and implementation. It all took time, effort, a proper level of understanding of the market. We will write further on this, as well as practical cases of implementation, in the following materials.
This concept was first presented at the 15th Usenix Security Symposium in Vancouver in August 2006 as part of the SANE report : A Protection Architecture for Enterprise Networks , and, oddly enough, this report was focused on the security of this network solution, because SANE used a “very conservative method of ensuring security - only a single central domain controller defined all rights and access to the network”. This report united three university schools - Stanford, Berkeley and Carnegie Mellon, however, Nicira, which was the first to implement projects based on SDN, included only Stanford and Berkeley, where in 2008 the first network based on SDN was deployed.
What is the difference between this network concept and IDN - Infrastructure Defined Networks?
SDN has three levels
')
- infrastructure level, providing a set of network devices (switches and data links);
- a management level that includes a network operating system that provides network services to applications and a software interface for managing network devices and the network;
- network application layer for flexible and efficient network management.
It is the division into these three obvious levels and the creation of standards for the management and transmission of data that actually is the SDN. There was a small revolution, and from the world where iron producers ruled with their OS at the router level, a new world appeared, where they were offered new rules of doing business, new standards.
At the moment, the main actively developing and supported by the Open Networks Foundation organization, the standard for SDN is OpenFlow, an open standard that describes the requirements for a switch that supports the OpenFlow protocol for remote control.
With the help of existing routers, two main tasks are usually solved: data transfer (forwarding) - packet forwarding from the input port to a certain output port, and data management - packet processing and deciding where to send it further, based on the current state of the router.
The development of routers has so far proceeded along the path of converging these levels, but with a bias towards transmission (hardware acceleration, software improvement and the introduction of new functionality to increase the speed of decision making on routing each packet), while the control level remained fairly primitive and relied on complex distributed routing algorithms and convoluted instructions for configuring and configuring the network. Of course, the router software that implements the control level was proprietary and closed. Which led to our favorite technical certifications and vendor peel at exorbitant prices.
In the OpenFlow standard, the controller interacts with the switch via the OpenFlow protocol — each switch must contain one or more flow tables (group tables) and support the channel (OpenFlow channel) to communicate with the remote controller server. The specification does not regulate the controller architecture and API for its applications.
Thus, the sounded idea of ​​SDN to create a unified, vendor-independent network equipment, software-controlled interface between the controller and the network transport environment is reflected in the OpenFlow protocol, which allows users to determine and control who is with whom, under what conditions and with what quality interact online.
As in the 2006 report, the key element is the controller - although, if it was previously “engaged” in security issues, now its functions are wider - it is a separate physical server that can manage both one and several OpenFlow switches and contains a network an operating system that provides network services for low-level management of the network, network segments and the state of network elements, as well as applications that perform high-level control of the network and data flows.
Each controller has at least one application that controls the switches connected to this controller, and forms an idea of ​​the topology of the physical network under the control of the controller, thereby centralizing management.
This is all a boring and clever description, which ultimately leads to the fact that due to centralization, possible virtualization of networks and load management, practical results are measured in reducing operating costs due to more complete utilization of existing resources. Moreover, the introduction and addition of functionality to the data center does not lead to changes in the architecture, and therefore simplifies subsequent support. In fact, SDN allows you to build scalable clouds for specific tasks, while possessing great flexibility and “intelligence” in managing resources.
And what about our heroes, who first appeared in Vancouver, and then created Nicira and were the first to implement a number of commercial projects? In the middle of 2012, this company, along with all the developments, was bought for $ 1.26 billion by VMware, which led to a boom in purchases of such startups of the SDN market in 2012 - a total of about $ 1 billion was spent. At the moment, almost all of the world's leading IT and telecom vendors support and offer certain SDN-based solutions, and, despite 10 years of history, this technology is still considered promising and does not show everything that it is capable of in building highly loaded and secure solutions. . In the first five years, the SDN concept has come a long way - from a small report to first-born companies - pioneering companies that have managed to prove the benefits of the new network format. The actual result of the adoption by the telecom market of this principle has become both the migration of providers, for example, Google, and the recognition and support of this standard by the leading infrastructure telecom vendor - Cisco.
However, not everything was easy and simple, there were also difficulties - imagine what it means to play in a virtually monopolized market, undermining the primacy and supremacy of a generally recognized leader. The training of new specialists, the emergence of network architects of another level, who will see the potential and structure of networks in a completely new way, visualize and implement with the introduction of new ones. In addition, all the same, before making a profit by saving and full network load, SDN requires investments, if not in hardware, then in design, calculation and implementation. It all took time, effort, a proper level of understanding of the market. We will write further on this, as well as practical cases of implementation, in the following materials.
Source: https://habr.com/ru/post/313320/
All Articles