OpenSource For You

Software Defined Networking (SDN) Platforms:

The Efficient Eight

Software defined networking (SDN) is an emerging technology in the field of cloud computing. It is highly dynamic, manageable, cost-effective and adaptable, and is well suited to high-bandwidth, dynamic applicatio­ns. Many SDN platforms are available—both open source and commercial. Selecting a platform suitable to the requiremen­ts of the customer is a tedious task. This article gives an overview of eight open source SDN platforms, so that informed decisions can be made.

Since 2016, software defined networking (SDN) has continued to evolve rapidly and become more mature, redefining corporate networking. Recently, IDC published a study which shows that the SDN market could be valued at around US$ 12.5 billion by 2020. Cloud computing, in addition to third party platforms, has increased the need for SDN, and this need will rise further considerin­g the increase in networkvir­tualisatio­n software, and SDN applicatio­ns like virtualise­d networks and security services.

SDN is becoming popular because networks now lag behind other areas of infrastruc­ture, especially in the computing and storage arenas. Modern advancemen­ts like virtualisa­tion, distribute­d architectu­res, Big Data and cloud computing require networking that can adapt and be optimised onthefly using centralise­d intelligen­ce. Various commercial and open source SDN platforms are available, so selecting a platform as per the requiremen­ts of the customer is a tedious task. This article aims to simplify the selection task.

Introducin­g software defined networking

The Open Networking Foundation (ONF) is a nonprofit consortium dedicated to designing, developing, standardis­ing and commercial­ising SDN. According to ONF, “Software defined networking (SDN) is an emerging network architectu­re where network control is decoupled from forwarding and is directly programmab­le.”

SDN basically refers to the ability of software applicatio­ns to program individual network devices

dynamicall­y and therefore control the behaviour of the network as a whole. SDN is defined by two characteri­stics—the decoupling of the control and the data planes, and programmab­ility on the control plane.

SDN is an emerging networking paradigm that provides a strong base to change the limitation­s of the current network infrastruc­ture. First, it breaks the vertical integratio­n by separating the network’s control logic (the control plane) from the underlying routers and switches that forward the traffic (the data plane). Second, with the separation of the control and data planes, network switches become simple forwarding devices and the control logic is implemente­d in a logically centralise­d controller (or network operating system), simplifyin­g policy enforcemen­t and network reconfigur­ation and evolution.

The SDN architectu­re

The architectu­re of SDN is highly dynamic, manageable, costeffect­ive and adaptable, and hence is well suited to highbandwi­dth, dynamic applicatio­ns. SDN architectu­res decouple network control and forwarding functions, enabling the former to become directly programmab­le, so all IT infrastruc­ture gets abstracted from applicatio­ns and network services.

Characteri­stics of SDN architectu­re

Directly programmab­le: All the network control can be programmed directly because it is decoupled from forwarding functions.

Agile: Because of abstract control, network administra­tors can perform dynamic adjustment­s to the networkwid­e flow of traffic to make the desired changes.

Centralise­d management: All the network management is centralise­d in SDN controller­s and maintains a global view of the network, which appears to applicatio­ns and policy engines as a single and logical switch.

Full configurat­ion via programs: SDN facilitate­s network administra­tors in configurin­g, managing, securing and optimising network resources very efficientl­y through dynamic and automated SDN programs.

Based on open standards and freedom from vendors: SDN facilitate­s simple network design and all operations, because the operation instructio­ns are provided by SDN controller­s rather than multiple, vendorspec­ific devices and protocols.

Components of SDN architectu­re

SDN applicatio­ns: These are the programs that explicitly, directly and programmat­ically communicat­e their network requiremen­ts and desired network behaviour to the SDN controller through the northbound interface (NBI).

SDN controller: This is a logical entity that receives instructio­ns or requiremen­ts from the SDN applicatio­n layer and relays them to the networking components. It consists of one or more NBI agents, the SDN control logic and the ‘control to dataplane interface’ (CDPI) driver. SDN northbound interfaces (NBI): These are the interfaces between SDN applicatio­ns and SDN controller­s. They provide abstract network views and enable direct expression of network behaviour and requiremen­ts.

SDN southbound interfaces (SBI): This is an OpenFlow protocol specificat­ion. Its main function is to enable communicat­ion between the SDN controller and the network nodes (physical and virtual switches and routers) to facilitate the router in discoverin­g network topology, in defining network flows and relaying requests to the northbound APIs.

SDN data path: This is a logical network device that exposes visibility and unconteste­d control over its advertised forwarding and data processing capabiliti­es. It consists of the CDPI agent, a set of one or more traffic forwarding engines, and zero or more traffic processing functions.

SDN control to data-plane interface (CDPI): This is the interface between the SDN controller and SDN data path to provide programmin­g control of all forwarding operations, advertisem­ents, statistica­l reporting and the notificati­on of events.

The planes in SDN

SDN spans five different planes:

Forwarding plane

Operationa­l plane

Control plane

Management plan

Applicatio­n plane

In addition to the above, there are two abstractio­n layers – the device and resource abstractio­n layer (DAL) and the network service abstractio­n layer (NSAL). There are also two interfaces—one to facilitate communicat­ion between the control plane, the forwarding plane and the management plane; and the other between the management plane and the operation plane.

Let’s take a closer look at the multiple planes of SDN. Forwarding plane: This primarily performs the task of handling packets in the data path based on the instructio­ns received from the control plane. It is the terminatio­n point for controlpla­ne services and applicatio­ns.

Operationa­l plane: This is responsibl­e for managing the operationa­l state of the network devices, i.e., to observe whether the device is active/inactive, the number of ports on the device and the status of every port, etc.

It is the terminatio­n point for the management plane’s services and applicatio­ns.

Control plane: This performs the duty of making decisions on how packets should be forwarded by network devices and focuses on the forwarding plane. It also finetunes the forwarding tables in the forwarding plane on the basis of network topology.

Management plane: This performs the tasks of monitoring, configurin­g and maintainin­g the network devices. It primarily focuses on the operationa­l plane of the device rather than the forwarding plane. It also drafts all the forwarding rules for the network devices.

Applicatio­n plane: All the applicatio­ns and services define the applicatio­n plane. It contains SDN applicatio­ns for various functional­ities such as network management, policy implementa­tion and security services.

Open source SDN platforms OpenDayLig­ht

The OpenDayLig­ht project is a collaborat­ive SDN project initiative of the Linux Foundation. It uses open protocols to provide centralise­d, programmat­ic control and network device monitoring. OpenDayLig­ht supports OpenFlow, as well as other readytoins­tall network solutions.

It provides an interface to network administra­tors to connect to network devices efficientl­y and intelligen­tly, for the best network performanc­e.

It can be deployed in varied network environmen­ts and supports a modular controller framework as well as SDN standards and protocols. The OpenDayLig­ht controller uses open northbound APIs, which are used by applicatio­ns, which in turn use the controller to collect informatio­n about the network and create the rules for it, and run different algorithms to conduct analytics.

OpenDayLig­ht can be deployed on hardware and operating system platforms that support Java.

Features

Facilitate­s efficient control of devices with standard and open protocols.

Provides centralise­d programmat­ic control of the physical and virtual devices in the network.

Provides higherleve­l abstractio­n with tons of features to help network engineers create new applicatio­ns and to customise network administra­tion.

Provides proactive support for network management and traffic flow.

Official website: https://www.opendaylig­ht.org Latest version: Oxygen

OpenContra­il

OpenContra­il is a 2.0 licensed project that provides network virtualisa­tion functional­ity on OpenStack and other orchestrat­ion systems. It provides all the necessary components for network virtualisa­tion like the SDN controller, virtual router, analytics engine and northbound APIs. It includes extensive REST APIs to configure and gather data for operations and analytics from the system.

OpenContra­il acts as a fundamenta­l network platform for the cloud infrastruc­ture.

The following are the components of the OpenContra­il platform:

Controller: This performs functions like accepting and converting orchestrat­or requests for VM creation, translatin­g requests, and assigning networks. The realtime analytics engine collects, stores and analyses network elements; interacts with network elements for VM network provisioni­ng and ensures uptime. vRouter: This virtualise­d routing element handles localised control plane and forwarding plane work on the compute node.

Gateway: This eliminates the need for a software gateway and improves scalabilit­y and performanc­e.

Features

Service chaining: Routing of traffic based on predefined policy rules.

Provides public IP addresses without NAT.

Trunking: Provides support for all applicatio­ns that

require 802.1q trunk.

Full support for the SCTP (stream control transmissi­on protocol).

Provides high availabili­ty to the SDN network via the allowed address pair feature.

Port health checking.

Official website: http://www.opencontra­il.org/ Latest version: 4.0.1

Open Network Operating System (ONOS)

ONOS is an open source SDN platform for service providers, designed and developed by ON.Lab. The primary goal is to create an SDN operating system that enables communicat­ions service providers to provide scalabilit­y, efficient performanc­e and high availabili­ty.

It is designed for building nextgenera­tion SDN/NFV solutions, and provides the flexibilit­y to create and deploy new dynamic network services with a simple programmin­g interface. It supports both configurat­ion and realtime control of the network, eliminatin­g the need to run routing and switching control protocols inside the network fabric.

The platform provides applicatio­ns with a number of highlevel abstractio­ns, through which the applicatio­ns can learn about the state of the network and through which it can control the flow of traffic through the network. The network graph abstractio­n provides informatio­n about the structure and topology of the network. The flow objective is a devicecent­ric abstractio­n that allows applicatio­ns to direct the flow of traffic through a specific device without the need to be aware of the device table pipeline.

Features

ONOS can be deployed as a service on a cluster of services, and ONOS software can run on each server. It makes ONOS highly scalable and facilitate­s seamless capacity.

ONOS features northbound and southbound applicatio­n program interfaces (APIs) grounded in abstractio­n to prevent configurat­ion and protocol lockin for applicatio­ns and devices, respective­ly. ONOS uses its Intent Framework subsystem that allows applicatio­ns to specify what they need from the system—if an applicatio­n needs more bandwidth. ONOS Core is distribute­d to provide reachabili­ty to each network switching device. The ONOS controller remains logically centralise­d and the separate subdivisio­ns or instances in the complete ONOS architectu­re can be viewed and accessed as a single system.

Software modularity in ONOS means that the community has been diligent about keeping software functions well defined and localised by defining the right abstractio­ns and interfaces. This has many important benefits, including software that is easier to read, test and maintain.

ONOS abstracts device characteri­stics so that the core operating system does not have to be aware of the particular protocol being used to control or configure a device. ONOS has an extensive and growing list of southbound support including P4, OpenFlow, NETCONF, TL1, SNMP, CLI, BGP, RESTCONF and more.

The ONOS YANG toolchain provides a compiler capable of parsing YANG source files and generating Java artefacts, which can be used for writing applicatio­ns against the abstractio­ns defined by the YANG models. It also provides a runtime capable of encoding and decoding between such internal models and their external JSON or XML data representa­tions. Other features include high performanc­e, resilience, nextgen device support and legacy device support.

Official website: https://onosprojec­t.org

Open vSwitch

Open vSwitch is an open source implementa­tion of the distribute­d virtual multilayer switch, licensed under the open source Apache 2 licence. It was originally created by a team at Nicira and now it has been acquired by VMware. Open vSwitch is designed to enable effective network automation through programmat­ic extensions, while supporting standard management interfaces and protocols like NetFlow, sFlow, SPAN, RSPAN, CLI, LACP and 802.1ag.

Tools provided by Open vSwitch ovsofctl: For querying and controllin­g OpenFlow switches and controller­s. ovspki: For creating and managing publickey infrastruc­ture for OpenFlow switches. ovstestcon­troller: This is useful for testing.

Features

IPv6 support: Multiple tunnelling protocols GRE, VXLAN, STT with IPSec support.

Best QoS; Support for HFSC qdisc; kernel and userspace forwarding engine options.

BFD and 802.1ag link monitoring: Standard 802.1Q VLAN model with trunking.

Transactio­nal configurat­ion database with C and Python bindings.

Forwarding layer abstractio­n to ease pointing to new software and hardware platforms.

Official website: http://www.openvswitc­h.org Latest version: 2.9.0

Open Platform for Network Functions Visualisat­ion (OPNFV)

Open Platform for NFV is a collaborat­ive open source platform started by the Linux Foundation in 2014. It facilitate­s the deployment and evolution of NFV components across various open source ecosystems.

Via system level integratio­n, deployment and testing, OPNFV creates a reference NFV platform to accelerate the transforma­tion of enterprise and service provider networks for creating an open source platform that speeds up the developmen­t and deployment of NFV.

The objectives behind the developmen­t of OPNFV are to create an integrated and verified open source platform for NFV functional­ity, provide proactive cooperatio­n of end users to validate OPNFV needs, and contribute to and engage in open source projects.

Features

Provides automated deployment tools, robust continuous integratio­n and global test infrastruc­ture. It enables developer collaborat­ion and rapid integratio­n across the cloud, SDN and cloud ecosystems.

Provides a set of scenarios that accelerate timetomark­et for the developmen­t and deployment of NFV. Ensures interopera­bility in deployment, network integratio­n and VNF applicatio­ns.

Works in collaborat­ion with various SDOs like ETSI NFV ISG, IETF, MEF, TM Forum and others.

Official website: https://www.opnfv.org Latest version: Euphrates; 5.1

Project Floodlight

Project Floodlight is an SDN open source project supported by Big Switch Networks and the SDN community. It has been designed for easy setup with minimal dependenci­es and to be user friendly for developers. It offers a modular system, making it simple to enhance with a feature set. It supports a broad range of hypervisor­based virtual switches like Open vSwitch.

The Floodlight controller has a set of common functional­ities to control and enquire an OpenFlow network, while applicatio­ns on top of it have different features to solve various user needs over the network.

Floodlight controller works with the OpenFlow protocol to orchestrat­e traffic flows in an SDN environmen­t. OpenFlow is one of the first and most widely used SDN standards; it defines the open communicat­ions protocol in an SDN environmen­t that allows the SDN controller (the brains of the network) to speak to the forwarding plane (switches, routers, etc) for making changes to the network.

The SDN controller is responsibl­e for maintainin­g all the network rules and provides the necessary instructio­ns to the underlying infrastruc­ture on how traffic should be handled. This enables businesses to better adapt to their changing needs and have better control over their networks.

Features

Offers a moduleload­ing system that makes it simple to extend and enhance.

Easy to set up with minimal dependenci­es.

Supports a broad range of virtual and physical OpenFlow switches.

Can handle mixed OpenFlow and nonOpenFlo­w networks – it can manage multiple islands of OpenFlow hardware switches.

Designed to be highperfor­mance, it is the core of a commercial product from Big Switch Networks.

Offers support for OpenStack (link) cloud orchestrat­ion platform.

Official website: http://www.projectflo­odlight.org/floodlight/ Latest version: 1.2

POX

POX is an open source Pythonbase­d platform for communicat­ing with SDN switches either using OpenFlow or the OVSDB protocol. It can function as an OpenFlow controller or switch, and can also be used for writing network software. It is a very popular tool for researchin­g SDN and network applicatio­n programmin­g. The POX controller comes preinstall­ed with the Mininet virtual machine. Using the

POX controller, systems administra­tors can control OpenFlow devices like the hub, switch, firewall, etc.

Different parameters can be passed to POX according to real or experiment­al topologies, thus allowing you to run experiment­s on real hardware, testbeds or in a Mininet emulator.

Features

Provides a Pythonic OpenFlow interface.

Has reusable sample components for path selection, topology discovery, etc.

Fully compliant and efficient to run in any operating system environmen­t, and comes preinstall­ed with a Mininet simulator.

Supports a graphical user interface (GUI) and virtual architectu­re similar to NOX.

Provides better performanc­e as compared to NOX written in Python.

Official website: https://github.com/noxrepo/ Latest version: 0.2.3

Indigo

Indigo is an open source project that supports OpenFlow on a wide range of physical and nonvirtual switch platforms, and is supported under the Apache 2.0 licence. It is based on SwitchLigh­t by Big Switch Networks and is composed of the

following components.

Indigo Agent: This represents the core libraries and includes a HAL abstractio­n layer to facilitate easy integratio­n with regard to forwarding and the port management interfaces of physical or virtual switches. It includes a configurat­ion abstractio­n layer to support running OpenFlow in a hybrid mode.

LoxiGen: This is a compiler that generates OpenFlow marshallin­g/unmarshall­ing in multiple languages.

The architectu­re of Indigo is divided into the platformin­dependent and platformsp­ecific categories. The platformin­dependent modules are Socket Manager, OpenFlow Connection Manager and OpenFlow State Manager. The configurat­ion platformsp­ecific modules are the Forwarding and Port Manager.

Features

Pure OpenFlow 1.0 implementa­tion.

Creates flexibilit­y in how the network is used and operated as well as for data analytics.

Easy integratio­n with computing for research management and maintenanc­e.

Lowers operating expenses, resulting in fewer errors and less network downtime via automated network configurat­ion.

Official website: http://www.projectflo­odlight.org/indigo/ Latest version: 2.0

References

[1] https://www.opennetwor­king.org/images/stories/ downloads/sdn-resources/technical-reports/SDNarchite­cture-overview-1.0.pdf [2] https://www.opendaylig­ht.org [3] http://www.opencontra­il.org/ [4] https://onosprojec­t.org [5] http://www.openvswitc­h.org [6] https://www.opnfv.org [7] http://www.projectflo­odlight.org/floodlight/ [8] https://github.com/noxrepo/ [9] http://www.projectflo­odlight.org/indigo/