Software-defined networking (SDN) promises something akin to enterprise networking utopia by separating the control plane from the physical network topology to create an environment where all switches and routers take their traffic forwarding cues from a centralized management controller. In a software-defined networking environment, this software-based controller must have an end-to-end view of network resources and capacity.
With that end-to-end view of the network, the SDN controller is also uniquely positioned as a platform where network applications and services can reside.
OpenFlow has emerged as a leading specification for enabling software-defined networking, but as promising as OpenFlow looks on paper, significant questions remain about how software-defined networking will develop the intelligence that powers these advanced networks. The answers begin with the architecture of software-defined networking, which will enable an ecosystem of OpenFlow applications to emerge.
As software-defined networking gains traction, vendors and enterprises will adopt a three-tiered architecture, according to Kyle Forster, co-founder of Big Switch Networks, which develops OpenFlow-based controllers. The architecture's first tier will involve the physical network equipment, including Ethernet switches and routers. The middle tier consists of the controllers that initiate and terminate traffic leveraging a library of enterprise-wide information about capacity and demand from the networking gear that shuttles the traffic. The top tier will involve applications to direct security, management and other specific functions through the controller.
"Vendors could play on one, two or even all three of the tiers," Forster said, noting that Big Switch is focused on both the controller and the application development tiers.
At the same time, Big Switch Networks and other vendors are working with third-party partners to write applications for controllers to take on specific security, management and other functions.
These controller-based applications will serve the same roles that physical appliances play in the network today, Forster said. For example, network architects who are building software-defined networks could deploy applications like a virtual load balancer, a virtual intrusion detection system (IDS), or a virtual firewall on a controller. The application could tap into information the controller possesses about traffic patterns, application data and capacity. If the IDS application recognizes malware traffic based on the flows tracked by a controller, it could automatically isolate those packets before they infect the network.
It's too early to know how a market of software-defined networking applications will take shape, but an OpenFlow architecture could supply controller applications with some key information they could use to fuel more flexible, efficient and secure network environments, said Glen Hunt, principal analyst of transport and routing infrastructure at Current Analysis.
Software-defined networking applications: Boon to cloud computing
Cloud computing applications could be a big beneficiary of software-defined networking and OpenFlow because these technologies make provisioning in a multi-vendor virtual environment much simpler, Hunt said. A controller-based load balancing application could automate the movement of workloads among virtual machines by using the controller's library of data about the capacity of individual network devices.
Much like virtualized network services appliances that are deployed on virtual machines, controller-based applications are more scalable, flexible, efficient and manageable than more conventional models that rely on physical devices to support functions.
"From a service provider perspective, OpenFlow could also promote better service to the end user by allowing for optimization with less oversubscription," Hunt said.
Software-defined networking: How will traditional networking vendors participate?
While controller vendors like Big Switch are encouraging the development of the application tier of software-defined networking, it's unclear how routing and switching vendors will embrace the trend. These vendors rely on network-based applications and features to differentiate their hardware. How can they maintain profitability in a software-defined networking world? The answer is actually simple, according to Mike Spanbauer, principal analyst of enterprise networking and data center technology at Current Analysis.
"Most of the network equipment vendors will still invest in custom software," Spanbauer said. "OpenFlow will run concurrent or adjacent to the native operating system and act as a complement to the existing control plane."
Juniper recently opened the source code that drives OpenFlow on its routers and switches to developers who use its Junos software development kit, allowing third-party developers to start experimenting with controller-based applications for a software-defined network. Hunt said other vendors will follow Juniper's lead.
Of course, there are still plenty of questions about exactly what an OpenFlow ecosystem will look like. What seems clear is incumbent switching and routing vendors are not going to cede ground -- willingly at least -- to controller vendors or any upstart rival. In other words, look for a complex and crowded ecosystem where the establishment is joined by innovators, some of which may have yet to emerge.
About the author: Amy Larsen DeCarlo is a principal analyst at Current Analysis, where her research focuses on assessing managed and cloud-based data center and security services.
This was first published in January 2012