Software-defined networking remained a buzzy but under-utilized technology this year. In 2015, SDN adoption should start to pick up as engineers and architects get serious about the technology. We talked to several networking pros about the SDN projects they'll be working on next year.
While there are some early adopters of the technology, most mainstream enterprises are still in the SDN learning stage. Doug Marschke, CTO of technology services company SDN Essentials, has been helping networking teams run proofs of concept with SDN technology for a few years now, but a large chunk of his time is spent educating enterprise IT teams about SDN.
"The biggest question they have [in training sessions] is 'Why SDN? Is there a use case that makes sense for me?'"
On the testing and proofs of concept side, Marschke's firm will continue to help a lot of enterprises and service providers in 2015.
"It's very customer-specific," Marschke said. "They'll say, 'This is a problem we're trying to solve. It might be a simple traffic engineering use case or a service chaining idea with multi-tenancy in a data center. It might be bandwidth-on-demand with OpenFlow," he added.
In 2014, most of the proofs of concept he worked on with clients were in the data center. But in 2015, more clients appear to be leaning toward WAN proofs of concept. "We're getting this push to look at the wide area," he said.
Some organizations already have SDN in place, will expand in 2015
Some organizations have moved beyond the proof of concept stage. In fact, some are already replacing their first SDN deployment with a new one. One engineer at a wide-area network operator, who asked for anonymity, said his organization is refreshing its first SDN production network with a new one.
"There will be some significant refresh in our SDN networks over long distances, at speeds of 40 and 100 Gbps," he said. "We'll be using multiple southbound protocols, multiple technologies, multiple buzzwords. There will be some NFV [network functions virtualization] going on in there."
SDN wasn't ready in 2014, but 2015 might be the year
Benjamin Nathan, the director of IT operations and infrastructure at Cornell University's Weill Medical College, built a new data center in 2014, and SDN could have helped him immensely. But neither of the vendors he evaluated -- VMware and Cisco -- were quite ready to deliver what he was looking for. Now that the data center is in production, he's hoping SDN can help him improve operations in 2015 and beyond.
Nathan's new data center has two separate networks. One, which is based on Cisco Nexus technology, serves his college's administrative and clinical operations. The other is a high-speed network based on Arista Networks that serves the college's research organization. Both networks operate side by side, connecting the separate enterprises within the college to multi-tenant storage and compute resources.
"Ideally I think we would have done that with SDN, so that some controller or policy engine could determine that if you have X, Y and Z characteristics, you can make the jump through the firewall from one network to the other," he said. "So if you're coming through the research network, but you've shown that you have a secure enough computer or the proper credentials, we'll let you route into the clinical network. There are plenty of occasions where that's necessary."
Nathan spent some time in 2014 evaluating Cisco's Application Centric Infrastructure (ACI), but the technology was too new, and Nathan needed to move forward with his project. He also looked at VMware's NSX network virtualization software, which had been on the market long enough to consider.
"VMware's product seemed really good, but it is very specific to virtual machines, and we have a mix of physical and virtual that needs to be run that way," Nathan said. "In particular, our clinical systems run on AIX, so that's not really a candidate for that sort of stuff."
Instead, Nathan bought two sets of access switches -- Arista and Cisco -- and dual-homed storage and servers into both networks, as needed. Nathan believes SDN could help streamline operations of his two networks.
"We find that the networking component of deploying things like servers and storage slows [things] down," he said. "There are physical LAN configuration components that would all go away if we could go software-defined. I think there is also a play in the security field, whether it is to take over things like firewall configuration or allow us to white box the firewall."
Nathan will evaluate software vendors that can help him apply SDN to his existing data center.
"There is an emerging list of small companies that provide all the software-defined capabilities at the controller and logic level. I'm very interested in the capabilities they are developing," he said.
Evaluating SDN for the entire enterprise
Brandon Mangold, principal architect at United Airlines Inc., will spend 2015 evaluating SDN for his data center, campus and wide-area networks.
Mangold started considering VMware NSX and Cisco ACI for his data center this year, but he plans to start full-blown testing of both technologies in the new year. "I'll choose one of them by the second quarter. 2017 is when we can actually start deploying this new fabric."
His primary requirements for data center SDN are the implementation of new security models (which VMware has highlighted with the micro-segmentation use case), the abstraction of physical devices so that infrastructure and services are not tied to specific locations, and the ability to unify workloads across the overlay and the underlay.
In the airline's campus networking environments, Mangold is evaluating OpenFlow to improve operations. He considers Openflow the best way to reduce the number of touch points engineers have in the campus. He also hopes it can deliver improved programmability and network slicing.
"All our operations guys SSH to every single part of my network in an overly distributed fashion to configure VLANs and routes on every device in the network," Mangold said. "There is no reason why a moderate-sized site can't be managed by a single controller."
Before he moves forward with OpenFlow, Mangold wants to see the protocol mature more and an ecosystem grow around the technology.
"In reality, whenever I've played with an Openflow controller and switches, it can do a lot of cool things," he said. "But you have to custom-build a ton of stuff. There are some applications for some features, but are they really production-ready? I still have a lot of questions."
HP's OpenFlow ecosystem, particularly its SDN app store, encourages Mangold, but he wants to see more applications emerge.
"HP's partner ecosystem has a grand total of 12 applications that meet about 20% of my requirements," he said. "Does anyone have an 802.1x application for OpenFlow networks right now? No, and I can't build networks without that."
On the WAN side of things, Mangold has talked to a number of vendors, but he finds that most of them have too narrow a focus. Some virtualize customer-premises equipment. Others try to manage hybrid connectivity across private links and public Internet. Mangold wants a vendor who can do everything.
"We have so many requirements that it's hard to find someone that covers them all," he said. "That's a generic problem with enterprises. That's why we've been stuck with Cisco for so long. They can offer everything."
In fact, Mangold sees Cisco's Enterprise Module for its APIC SDN controller as a promising technology for his WAN. "We're talking to Cisco about APIC EM. They've also got OnePK and the Python SDK on the ASR routers. It would be pretty easy for us to home-grow our own custom routing applications that get the functionality that we need, but it's a home-grown application. I don't want to run my WAN hub sites on home-grown applications."