NP 64123

Network Programing
Software-Defined Networking Basics

By: M.Sc.Mahmoud Elhejazi

Python for Everybody
www.py4e.com
 Objectives
• Defining SDN.
• Explaining SDN layers.
• Introducing Open Network Foundation, OpenFlow.
• Interacting with SDN Component.
 Control Plane and Data Plane
• A network device contains the following planes:
• Control plane - This is typically regarded as the brains of a device. It is used to make
forwarding decisions. The control plane contains Layer 2 and Layer 3 route forwarding
mechanisms (RIB), such as routing protocol neighbor tables and topology tables, IPv4 and IPv6
routing tables, STP, and the ARP table. Information sent to the control plane is processed by
the CPU.
• Data plane - Also called the forwarding plane, this plane is typically the switch fabric
connecting the various network ports on a device. The data plane of each device is used to
forward traffic flows (FIB). Routers and switches use information from the control plane to
forward incoming traffic out the appropriate egress interface. Information in the data plane is
typically processed by a special data plane processor (ASIC) without the CPU getting involved.
• Note:
• RIB is (routing information base) (Routing table)
• FIB is (forwarding information base) (Interfaces table)
• ASIC (Application Specific Integrated Circuit)(piece of hardware circuitry
designed to perform a particular operation in a highly efficient way, like performs
encryption and decryption)(combine several different circuits all on one chip – it's
a "system-on-a-chip" (SoC))
 Control Plane and Data Plane (Cont.)
• Express forwarding switches: is an
advanced, Layer 3 IP switching
technology that enables forwarding of
packets to occur at the data plane
without consulting the control plane.
• SDN: is basically the separation of the
control plane and data plane. The
control plane function is removed from
each device and is performed by a
centralized controller.
• The centralized controller:
communicates control plane functions
to each device. Each device can now
focus on forwarding data while the
centralized controller manages data
flow, increases security, and provides
other services.
 Control Plane and Data Plane (Cont.)

• The management plane is responsible for managing a device through its connection
to the network.
• Network administrators use applications such as Secure Shell (SSH), Trivial File
Transfer Protocol (TFTP), Secure FTP, and Secure Hypertext Transfer Protocol
(HTTPS) to access the management plane and configure a device.
• The management plane is how you have accessed and configured devices in your
networking studies. In addition, protocols like Simple Network Management Protocol
(SNMP), use the management plane.
 Network Virtualization Technologies
SDN
• Two major network architectures have been developed to support network
virtualization:
• Software-Defined Networking (SDN) - A network architecture that virtualizes the
network, offering a new approach to network administration and management that
seeks to simplify and streamline the administration process.
• Application Centric Infrastructure (ACI) - A purpose-built hardware solution for
integrating cloud computing and data center management.
 Traditional and SDN Architectures
• In a traditional router or switch architecture, the control plane and data plane
functions occur in the same device. Routing decisions and packet forwarding are the
responsibility of the device operating system.
• In SDN, management of the control plane is moved to a centralized SDN controller.
The figure compares traditional and SDN architectures.
 Traditional and SDN Architectures (Cont.)
• The SDN controller is a logical entity that enables
network administrators to manage and dictate how
the data plane of switches and routers should handle
network traffic. It orchestrates, mediates, and
facilitates communication between applications and
network elements.
• The complete SDN framework is shown in the figure.
Note the use of Application Programming Interfaces
(APIs). An API is a standardized definition of the
proper way for an application to request services from
another application.
• The SDN controller uses northbound APIs to
communicate with the upstream applications, helping
network administrators shape traffic and deploy
services. The SDN controller uses southbound APIs
to define the behavior of the data planes on
downstream switches and routers. OpenFlow is a
widely implemented southbound API.
 SDN Controller and Operations

• The SDN controller defines the data flows

between the centralized control plane and the
data planes on individual routers and switches.
• Each flow traveling through the network must
first get permission from the SDN controller,
which verifies that the communication is
permissible according to the network policy.
• All complex functions are performed by the
controller. The controller populates flow tables.
Switches manage the flow tables.
 SDN Controller and Operations (Cont.)
• Within each switch, a series of tables implemented in
hardware or firmware are used to manage the flows of packets
through the switch. To the switch, a flow is a sequence of
packets that matches a specific entry in a flow table.
• The three table types shown in the previous figure are as
follows:
• Flow Table - This table matches incoming packets to a
particular flow and specifies the functions that are to be
performed on the packets. There may be multiple flow tables
that operate in a pipeline fashion.
• Group Table - A flow table may direct a flow to a Group Table,
which may trigger a variety of actions that affect one or more
flows.
• Meter Table - This table triggers a variety of performance-
related actions on a flow including the ability to rate-limit the
traffic.
• Each table from previous tables have sub-table structure that
contain [action / counters / rules]
 SDN Types
• Device-based SDN: Devices are programmable by
applications running on the device itself or on a server
in the network, as shown in the figure.(Script-base)

• Controller-based SDN: Uses a centralized controller

that has knowledge of all devices in the network, as
shown in the figure. The applications can interface with
the controller responsible for managing devices and
manipulating traffic flows throughout the network. The
Cisco Open SDN Controller is a commercial distribution
of OpenDaylight.

• Policy-based SDN: Similar to controller-based SDN

where a centralized controller has a view of all devices
in the network, as shown in the figure. Policy-based
SDN includes an additional Policy layer that operates at
a higher level of abstraction. It uses built-in applications
that automate advanced configuration tasks via a
guided workflow and user-friendly GUI. No
programming skills are required. Cisco APIC-EM is an
example of this type of SDN.
 Basic conducting of SDN
• Mininet : is a high-performance network emulator, in
which a Virtual Machine (VM) running on a single
physical machine function as a virtualized networking
device.
• POX controller:a networking software platform
written in Python. POX started life as an OpenFlow
controller, but can now also function as an
OpenFlow switch, and can be useful for writing
networking software in general.

• OpenDaylight controller : is a collaborative open-

source project hosted by the Linux Foundation. The
project serves as a platform for software-defined
networking for customizing, automating and monitoring
computer networks of any size and scale.

• HPE-VAN Controller: HPE Virtual Application

Networks (VAN) SDN Controller Software provides a
unified control point in an SDN-enabled network,
simplifying management, provisioning, and
orchestration.
 Summary
• Explaining SDN layers.
• Introducing Open Network Foundation, OpenFlow.
• Interacting with SDN Component.
• Explainning SDN Types.