SDN - Not What You Think It Is

By R. Leigh Hennig | Principal Network Architect

Overview

Broadly speaking, SDN refers to the abstraction of the control plane from the data plane. The implications for this abstraction — the benefits as well as the challenges — are profound, and represent the next iteration of what data center and transit networks will look like. Indeed, the vast majority of large networks today are built on and operated by SDN. CDNs like Akamai and hyperscalers like AWS literally could not function without it. But before we get into those details, it’s helpful to take a step back to understand what the ‘control' and ‘data’ planes are, and what it means to pull the two apart.

 

The control plane is where your routing decisions happen. It’s the ‘brain’ of your network. Traditionally these decisions are made by routing engines (supervisors, in Cisco language). In chassis-based systems like Juniper’s MX or Cisco’s Nexus platforms, these are the line cards that slot into the device. They have hard drives, system memory, and run an operating system like Junos, IOS, or NxOS. They have kernels, APIs you can call, and run daemons that handle things like chassis management, routing protocols, and encryption programs to handle IKE or IPsec. When you connect to a router or switch via SSH, it’s the routing engine you’re talking to. On fixed platforms (sometimes lovingly referred to as ‘pizza boxes’), these are not separate line cards that you can add or remove, but are instead built into the device and presented as a single unit. When a new route is obtained, the control plane is the part of the device that learns that route.

Think of the control plane as the management team of a factory, deciding what orders to issue (routes to take) to the workers.
The data plane is what actually moves traffic from one port to another. Learned routes from the control plane are programmed into the data plane. When traffic moves from one port to another, most of the time the control plane isn’t involved, unless it’s a special type of traffic, like IKE or ICMP. In a chassis-based system (like the above examples), these too are line cards that you can add or remove. There are a lot of different models here, and they support everything from copper connections at 1Gb and 10Gb, to fiber connections at 1Gb, 10Gb, 100Gb, and 400Gb. In a fixed-form device, such as a Juniper QFX-5110 or a Cisco Catalyst 3750, these are not removable. A hardware failure here usually necessitates replacing the entire device.

Think of the data plane as the workers in an assembly line. They don’t make decisions, their job is to just move things (packets) as quickly as possible.

©Markley Group 2023.
All rights reserved.

1.617.451.6464 | info@markleygroup.com | markleygroup.com