Can someone please define SDN?
When the “Software Defined Networking” buzzword first emerged from the halls of UC Berkeley back in 2008, the definition was simply the separation or abstraction of the data plane from the control plane for all network elements. Meaning that my data plane (read: switches, routers, firewalls, load balancers, etc) are all API driven/controlled from a centralized control layer (the control plane). The control plane is in turn driven by the management interface (the management plane).
As is typical of the general IT market, this fairly simple to understand concept has become obscured almost to the point where it can mean different things to different people.
I want to try to shed some light on how I see the SDN landscape evolving. Please understand that this is my take on this subject, and your mileage may vary. This is a dynamically evolving space, and as vendors work to come up with ways to sell you things that fit within the SDN arena, it seems like each approach is slightly different from the last.
There seems to be two primary architectures emerging that fit within the SDN model at this point. These are the most current takes on SDN, and approaches that I feel will actually define this space in the near future. I like to refer to them as “Network dominant” and “Host dominant.”
This approach aims to provide network elasticity by handling the encapsulation at the host level. (This is where NSX fits in). The encapsulation processing (VXLAN for NSX) is already done on the host/hypervisor on behalf of the VM. The data plane, or underlying physical infrastructure is really just plumbing. I only need layer-3 connectivity between disparate network segments, and I will “overlay” or tunnel connectivity between them to allow for the layer-2 extension.
In the network dominant approach, we are falling more in line with what I believe was the original intent of the PHDs at UC Berkeley. In this architecture, the physical network devices/appliances are controlled by a separate control plane. The control plane interacts with these devices typically via a simple API. The SDN edge in this case is typically located in a top-of-rack device outside of the hosts. This is certainly the more traditional approach to networking, and it doesn’t require these endpoints to perform routing functions.
I would carefully state that these two approaches are not really sharply defined. There are instances where you may have a blending of the two. A network dominant approach may include virtual network appliances for instance.
The network dominant approach is one that I see most major hardware vendors leaning towards. Because it means they still get to sell you their physical ASIC devices, and probably a shiny new control plane as well.
The primary disagreement between Cisco and VMWare for instance revolves around Cisco’s belief that the Host Dominant approach is not scalable. An argument I actually find hard to understand since I can simply laterally scale out my infrastructure to enable increased capacity in that architecture.
My personal opinion here, is that VMWare/Nicira has gotten it right. I feel like the host dominant approach is the most logical and provides the architect/administrator much more flexibility in their design. People will argue that this ties you into a specific software vendor. I would argue that the Network Dominant approach does the same thing for the hardware vendor. I would rather have more flexibility in the choice of network hardware devices. Especially when I am dealing with hundreds of locations worldwide with various infrastructure elements.
I expect some interesting debates occurring very soon as new solutions come to market, and as Software Defined Networking becomes (hopefully) more defined.
I am hopeful that I have actually shed some light here instead of making the waters even more muddy. Please feel free to comment.