Software defined networking vendors -- both SDN startups and incumbents -- have focused their energy on the data center because that's where large enterprises are facing network bottlenecks. The average-sized organization doesn't run a huge data center or cloud, however, and that means typical networking pros are still waiting to see the "killer" SDN app before they'll consider investing. I believe those killer apps will be network virtualization and network slicing in the enterprise campus network.
Data center SDN and network virtualization
Recently OpenFlow godfather and Nicira founder Martin Casado said publicly that virtual switches in hypervisors are the key to data center network automation and programmability -- not OpenFlow. That comparison is odd, considering the OpenFlow protocol can be used to program the forwarding tables of both physical and virtual switches. But the important part of that statement is that the virtual switch, which now sits in the SDN war zone, is at the heart of network virtualization and "network slicing," which are the greatest promises of SDN.
Many in the industry have focused on network overlays as the means to achieve network virtualization. Some vendors offer technology that manages these overlay tunnels through logically centralized or distributed controllers -- some of which use OpenFlow, and others that don't. Either way, this technology has been used to provision multi-tenant clouds, network isolation, network programmability and ultimately, greater network flexibility for the data center network.
Alternatively, SDN can be used for network slicing -- partitioning multiple tenants for distinct client or user groups. In this scenario, an SDN controller would be used to program flow entries into the forwarding tables of the individual switches to accomplish network isolation. This was one of the initial use cases of the OpenFlow protocol at Stanford, even before the term "SDN" had been coined.
Network-slicing use cases vary. It can be used to create testing space in order to develop new network-wide protocols; or you can use it to compartmentalize and isolate certain types of user traffic. The individual slices in a network can be managed by a single SDN controller or multiple controllers leveraging a proxy, such as FlowVisor.
Network virtualization and slicing in the campus
How do SDN and network virtualization and network slicing help the midsize enterprise? We'd have to start by analyzing multi-tenancy and network isolation in the campus network.
Today, network operators have lots of virtual local area networks, private VLANs (PVLANs) and even Virtual Routing and Forwarding (VRF) instances throughout the campus. As in the data center, there are different types of tenants across the enterprise campus to handle applications, such as IP-enabled HVAC units, telephony, video and building controls. There are also different networks for different types of traffic: back-office traffic vs. business-critical traffic, or student traffic vs. faculty traffic, for example. Each of these tenants can handle distinct applications.
Deploying SDN in the campus by leveraging overlays or network slicing on physical switches might be a valid alternative to managing multiple VLANs, PVLANs and VRFs per network node. To support SDN network virtualization in the campus LAN, you would need a physical intermediate distribution frame, or IDF, switch that could support such tunneling mechanisms as Control and Provisioning of Wireless Access Points, or CAPWAP; Stateless Transport Tunneling, or STT; Virtual Extensible LAN, or VXLAN; and others. Or it could be controlled by an application programming interface or software development kit like OpenFlow or Cisco's onePK to begin slicing up the network. These technologies haven't yet emerged for the campus LAN, but it's the next obvious step. Eventually, these strategies can be deployed independently or together.
Once you start looking at the bigger picture of SDN, it is easy to see that it is more than virtual switches in the data center. SDN may currently be thought of as cloud and data center networking technology, but eventually it will be just as associated with bring your own device, or BYOD, and campus networking.
Jason Edelman, CCIE 15394, is a senior solutions architect at Presidio, based in the New York City metro area. He covers a wide variety of technologies, but lately has focused on emerging and disruptive technologies. Of these technologies, he has particular interest in software defined networking (SDN) and how it will impact the enterprise over the coming years. Jason writes frequently about SDN on his personal blog, which can be found at jedelman.com. You can also follow him on Twitter at @jedelman8. All views expressed here are personal and are not those of any past or present employer.