Software defined networking (SDN) is an emerging technology in the field of cloud computing. It is highly dynamic, manageable, cost-effective and adaptable, and is well suited to high-bandwidth, dynamic applications. Many SDN platforms are available—both open source and commercial. Selecting a platform suitable to the requirements of the customer is a tedious task. This article gives an overview of eight open source SDN platforms, so that informed decisions can be made.
Since 2016, software defined networking (SDN) has continued to evolve rapidly and become more mature, redefining corporate networking. Recently, IDC published a study which shows that the SDN market could be valued at around US$ 12.5 billion by 2020. Cloud computing, in addition to third party platforms, has increased the need for SDN, and this need will rise further considering the increase in network-virtualisation software, and SDN applications like virtualised networks and security services.
SDN is becoming popular because networks now lag behind other areas of infrastructure, especially in the computing and storage arenas. Modern advancements like virtualisation, distributed architectures, Big Data and cloud computing require networking that can adapt and be optimised on-the-fly using centralised intelligence. Various commercial and open source SDN platforms are available, so selecting a platform as per the requirements of the customer is a tedious task. This article aims to simplify the selection task.
Introducing software defined networking
The Open Networking Foundation (ONF) is a non-profit consortium dedicated to designing, developing, standardising and commercialising SDN. According to ONF, “Software defined networking (SDN) is an emerging network architecture where network control is decoupled from forwarding and is directly programmable.”
SDN basically refers to the ability of software applications to program individual network devices dynamically and therefore control the behaviour of the network as a whole. SDN is defined by two characteristics—the decoupling of the control and the data planes, and programmability on the control plane.
SDN is an emerging networking paradigm that provides a strong base to change the limitations of the current network infrastructure. First, it breaks the vertical integration by separating the network’s control logic (the control plane) from the underlying routers and switches that forward the traffic (the data plane). Second, with the separation of the control and data planes, network switches become simple forwarding devices and the control logic is implemented in a logically centralised controller (or network operating system), simplifying policy enforcement and network reconfiguration and evolution.
The SDN architecture
The architecture of SDN is highly dynamic, manageable, cost-effective and adaptable, and hence is well suited to high-bandwidth, dynamic applications. SDN architectures decouple network control and forwarding functions, enabling the former to become directly programmable, so all IT infrastructure gets abstracted from applications and network services.
Characteristics of SDN architecture
- Directly programmable: All the network control can be programmed directly because it is decoupled from forwarding functions.
- Agile: Because of abstract control, network administrators can perform dynamic adjustments to the network-wide flow of traffic to make the desired changes.
- Centralised management: All the network management is centralised in SDN controllers and maintains a global view of the network, which appears to applications and policy engines as a single and logical switch.
- Full configuration via programs: SDN facilitates network administrators in configuring, managing, securing and optimising network resources very efficiently through dynamic and automated SDN programs.
- Based on open standards and freedom from vendors: SDN facilitates simple network design and all operations, because the operation instructions are provided by SDN controllers rather than multiple, vendor-specific devices and protocols.
Components of SDN architecture
- SDN applications: These are the programs that explicitly, directly and programmatically communicate their network requirements and desired network behaviour to the SDN controller through the northbound interface (NBI).
- SDN controller: This is a logical entity that receives instructions or requirements from the SDN application layer and relays them to the networking components. It consists of one or more NBI agents, the SDN control logic and the ‘control to data-plane interface’ (CDPI) driver.
- SDN northbound interfaces (NBI): These are the interfaces between SDN applications and SDN controllers. They provide abstract network views and enable direct expression of network behaviour and requirements.
- SDN southbound interfaces (SBI): This is an OpenFlow protocol specification. Its main function is to enable communication between the SDN controller and the network nodes (physical and virtual switches and routers) to facilitate the router in discovering network topology, in defining network flows and relaying requests to the northbound APIs.
- SDN data path: This is a logical network device that exposes visibility and uncontested control over its advertised forwarding and data processing capabilities. It consists of the CDPI agent, a set of one or more traffic forwarding engines, and zero or more traffic processing functions.
- SDN control to data-plane interface (CDPI): This is the interface between the SDN controller and SDN data path to provide programming control of all forwarding operations, advertisements, statistical reporting and the notification of events.
The planes in SDN
SDN spans five different planes:
- Forwarding plane
- Operational plane
- Control plane
- Management plan
- Application plane
In addition to the above, there are two abstraction layers – the device and resource abstraction layer (DAL) and the network service abstraction layer (NSAL). There are also two interfaces—one to facilitate communication between the control plane, the forwarding plane and the management plane; and the other between the management plane and the operation plane.
Let’s take a closer look at the multiple planes of SDN.
Forwarding plane: This primarily performs the task of handling packets in the data path based on the instructions received from the control plane. It is the termination point for control-plane services and applications.
Operational plane: This is responsible for managing the operational state of the network devices, i.e., to observe whether the device is active/inactive, the number of ports on the device and the status of every port, etc. It is the termination point for the management plane’s services and applications.
Control plane: This performs the duty of making decisions on how packets should be forwarded by network devices and focuses on the forwarding plane. It also fine-tunes the forwarding tables in the forwarding plane on the basis of network topology.
Management plane: This performs the tasks of monitoring, configuring and maintaining the network devices. It primarily focuses on the operational plane of the device rather than the forwarding plane. It also drafts all the forwarding rules for the network devices.
Application plane: All the applications and services define the application plane. It contains SDN applications for various functionalities such as network management, policy implementation and security services.
Open source SDN platforms
The OpenDayLight project is a collaborative SDN project initiative of the Linux Foundation. It uses open protocols to provide centralised, programmatic control and network device monitoring. OpenDayLight supports OpenFlow, as well as other ready-to-install network solutions.
It provides an interface to network administrators to connect to network devices efficiently and intelligently, for the best network performance.
It can be deployed in varied network environments and supports a modular controller framework as well as SDN standards and protocols. The OpenDayLight controller uses open northbound APIs, which are used by applications, which in turn use the controller to collect information about the network and create the rules for it, and run different algorithms to conduct analytics.
OpenDayLight can be deployed on hardware and operating system platforms that support Java.
- Facilitates efficient control of devices with standard and open protocols.
- Provides centralised programmatic control of the physical and virtual devices in the network.
- Provides higher-level abstraction with tons of features to help network engineers create new applications and to customise network administration.
- Provides proactive support for network management and traffic flow.
Official website: https://www.opendaylight.org
Latest version: Oxygen
OpenContrail is a 2.0 licensed project that provides network virtualisation functionality on OpenStack and other orchestration systems. It provides all the necessary components for network virtualisation like the SDN controller, virtual router, analytics engine and northbound APIs. It includes extensive REST APIs to configure and gather data for operations and analytics from the system.
OpenContrail acts as a fundamental network platform for the cloud infrastructure.
The following are the components of the OpenContrail platform:
- Controller: This performs functions like accepting and converting orchestrator requests for VM creation, translating requests, and assigning networks. The real-time analytics engine collects, stores and analyses network elements; interacts with network elements for VM network provisioning and ensures uptime.
- vRouter: This virtualised routing element handles localised control plane and forwarding plane work on the compute node.
- Gateway: This eliminates the need for a software gateway and improves scalability and performance.
- Service chaining: Routing of traffic based on predefined policy rules.
- Provides public IP addresses without NAT.
- Trunking: Provides support for all applications that require 802.1q trunk.
- Full support for the SCTP (stream control transmission protocol).
- Provides high availability to the SDN network via the allowed address pair feature.
- Port health checking.
Official website: http://www.opencontrail.org/
Latest version: 4.0.1
Open Network Operating System (ONOS)
ONOS is an open source SDN platform for service providers, designed and developed by ON.Lab. The primary goal is to create an SDN operating system that enables communications service providers to provide scalability, efficient performance and high availability.
It is designed for building next-generation SDN/NFV solutions, and provides the flexibility to create and deploy new dynamic network services with a simple programming interface. It supports both configuration and real-time control of the network, eliminating the need to run routing and switching control protocols inside the network fabric.
The platform provides applications with a number of high-level abstractions, through which the applications can learn about the state of the network and through which it can control the flow of traffic through the network. The network graph abstraction provides information about the structure and topology of the network. The flow objective is a device-centric abstraction that allows applications to direct the flow of traffic through a specific device without the need to be aware of the device table pipeline.
- ONOS can be deployed as a service on a cluster of services, and ONOS software can run on each server. It makes ONOS highly scalable and facilitates seamless capacity.
- ONOS features northbound and southbound application program interfaces (APIs) grounded in abstraction to prevent configuration and protocol lock-in for applications and devices, respectively. ONOS uses its Intent Framework subsystem that allows applications to specify what they need from the system—if an application needs more bandwidth.
- ONOS Core is distributed to provide reachability to each network switching device. The ONOS controller remains logically centralised and the separate subdivisions or instances in the complete ONOS architecture can be viewed and accessed as a single system.
- Software modularity in ONOS means that the community has been diligent about keeping software functions well defined and localised by defining the right abstractions and interfaces. This has many important benefits, including software that is easier to read, test and maintain.
- ONOS abstracts device characteristics so that the core operating system does not have to be aware of the particular protocol being used to control or configure a device. ONOS has an extensive and growing list of southbound support including P4, OpenFlow, NETCONF, TL1, SNMP, CLI, BGP, RESTCONF and more.
- The ONOS YANG tool-chain provides a compiler capable of parsing YANG source files and generating Java artefacts, which can be used for writing applications against the abstractions defined by the YANG models. It also provides a runtime capable of encoding and decoding between such internal models and their external JSON or XML data representations.
- Other features include high performance, resilience, next-gen device support and legacy device support.
Official website: https://onosproject.org
Open vSwitch is an open source implementation of the distributed virtual multi-layer switch, licensed under the open source Apache 2 licence. It was originally created by a team at Nicira and now it has been acquired by VMware. Open vSwitch is designed to enable effective network automation through programmatic extensions, while supporting standard management interfaces and protocols like NetFlow, sFlow, SPAN, RSPAN, CLI, LACP and 802.1ag.
Tools provided by Open vSwitch
- ovs-ofctl: For querying and controlling OpenFlow switches and controllers.
- ovs-pki: For creating and managing public-key infrastructure for OpenFlow switches.
- ovs-testcontroller: This is useful for testing.
- IPv6 support: Multiple tunnelling protocols – GRE, VXLAN, STT with IPSec support.
- Best QoS: Support for HFSC qdisc; kernel and user-space forwarding engine options.
- BFD and 802.1ag link monitoring: Standard 802.1Q VLAN model with trunking.
- Transactional configuration database with C and Python bindings.
- Forwarding layer abstraction to ease pointing to new software and hardware platforms.
Official website: http://www.openvswitch.org
Latest version: 2.9.0
Open Platform for Network Functions Visualisation (OPNFV)
Open Platform for NFV is a collaborative open source platform started by the Linux Foundation in 2014. It facilitates the deployment and evolution of NFV components across various open source ecosystems. Via system level integration, deployment and testing, OPNFV creates a reference NFV platform to accelerate the transformation of enterprise and service provider networks for creating an open source platform that speeds up the development and deployment of NFV.
The objectives behind the development of OPNFV are to create an integrated and verified open source platform for NFV functionality, provide proactive cooperation of end users to validate OPNFV needs, and contribute to and engage in open source projects.
- Provides automated deployment tools, robust continuous integration and global test infrastructure. It enables developer collaboration and rapid integration across the cloud, SDN and cloud ecosystems.
- Provides a set of scenarios that accelerate time-to-market for the development and deployment of NFV.
- Ensures interoperability in deployment, network integration and VNF applications.
- Works in collaboration with various SDOs like ETSI NFV ISG, IETF, MEF, TM Forum and others.
Official website: https://www.opnfv.org
Latest version: Euphrates; 5.1
Project Floodlight is an SDN open source project supported by Big Switch Networks and the SDN community. It has been designed for easy setup with minimal dependencies and to be user friendly for developers. It offers a modular system, making it simple to enhance with a feature set. It supports a broad range of hypervisor-based virtual switches like Open vSwitch.
The Floodlight controller has a set of common functionalities to control and enquire an OpenFlow network, while applications on top of it have different features to solve various user needs over the network.
Floodlight controller works with the OpenFlow protocol to orchestrate traffic flows in an SDN environment. OpenFlow is one of the first and most widely used SDN standards; it defines the open communications protocol in an SDN environment that allows the SDN controller (the brains of the network) to speak to the forwarding plane (switches, routers, etc) for making changes to the network.
The SDN controller is responsible for maintaining all the network rules and provides the necessary instructions to the underlying infrastructure on how traffic should be handled. This enables businesses to better adapt to their changing needs and have better control over their networks.
- Offers a module-loading system that makes it simple to extend and enhance.
- Easy to set up with minimal dependencies.
- Supports a broad range of virtual and physical OpenFlow switches.
- Can handle mixed OpenFlow and non-OpenFlow networks – it can manage multiple islands of OpenFlow hardware switches.
- Designed to be high-performance, it is the core of a commercial product from Big Switch Networks.
- Offers support for OpenStack (link) cloud orchestration platform.
Official website: http://www.projectfloodlight.org/floodlight/
Latest version: 1.2
POX is an open source Python-based platform for communicating with SDN switches either using OpenFlow or the OVSDB protocol. It can function as an OpenFlow controller or switch, and can also be used for writing network software. It is a very popular tool for researching SDN and network application programming. The POX controller comes pre-installed with the Mininet virtual machine. Using the POX controller, systems administrators can control OpenFlow devices like the hub, switch, firewall, etc.
Different parameters can be passed to POX according to real or experimental topologies, thus allowing you to run experiments on real hardware, testbeds or in a Mininet emulator.
- Provides a Pythonic OpenFlow interface.
- Has reusable sample components for path selection, topology discovery, etc.
- Fully compliant and efficient to run in any operating system environment, and comes pre-installed with a Mininet simulator.
- Supports a graphical user interface (GUI) and virtual architecture similar to NOX.
- Provides better performance as compared to NOX written in Python.
Official website: https://github.com/noxrepo/
Latest version: 0.2.3
Indigo is an open source project that supports OpenFlow on a wide range of physical and non-virtual switch platforms, and is supported under the Apache 2.0 licence. It is based on SwitchLight by Big Switch Networks and is composed of the following components.
- Indigo Agent: This represents the core libraries and includes a HAL abstraction layer to facilitate easy integration with regard to forwarding and the port management interfaces of physical or virtual switches. It includes a configuration abstraction layer to support running OpenFlow in a hybrid mode.
- LoxiGen: This is a compiler that generates OpenFlow marshalling/un-marshalling in multiple languages.
The architecture of Indigo is divided into the platform-independent and platform-specific categories. The platform-independent modules are Socket Manager, OpenFlow Connection Manager and OpenFlow State Manager. The configuration platform-specific modules are the Forwarding and Port Manager.
- Pure OpenFlow 1.0 implementation.
- Creates flexibility in how the network is used and operated as well as for data analytics.
- Easy integration with computing for research management and maintenance.
- Lowers operating expenses, resulting in fewer errors and less network downtime via automated network configuration.
Official website: http://www.projectfloodlight.org/indigo/
Latest version: 2.0
[…] The architecture of SDN is highly dynamic, manageable, cost-effective and adaptable, and hence is we… […]