Broadly speaking, SDN refers to the abstraction of the control plane from the data plane. The implications for this abstraction — the benefits as well as the challenges — are profound, and represent the next iteration of what data center and transit networks will look like. Indeed, the vast majority of large networks today are built on and operated by SDN. CDNs like Akamai and hyperscalers like AWS literally could not function without it. But before we get into those details, it’s helpful to take a step back to understand what the ‘control' and ‘data’ planes are, and what it means to pull the two apart.
When we take a step back from the network and begin to understand the big picture, not only can we can start to make more intelligent decisions about what actions to take, but we can change when, how, and where those decisions take place. This addresses scalability, velocity, deployment, and operational management constraints imposed by traditional networking designs. Your disaggregated controller has a view of all links globally. We may likely still leave local IGP (interior gateway routing protocols, such as OSPF) decision-making in place, but a more high-level status is signaled to and understood by our disaggregated control plane. But in addition to more intelligent and pro-active routing decisions, SDN allows us to, through software, automate provisioning, scaling, operations, and other tasks that humans would normally have to undertake.
What does SDN offer?
Instead of relying on humans to make changes, who are slow and error prone, you can guarantee that the changes you make happen exactly the way you want and when you need, every single time.
When combined with telemetry collected from your devices, you can make necessary changes within your network before a human even knows something is wrong. You can also push necessary changes out to tens of thousands of devices in a reasonable amount of time. Would you want to log into the CLI of 150,000 switches and update a TACACS server address, or push new configurations to 5,000 devices you just unboxed? I wouldn’t.
Define a standard template that needs to get pushed, and your changes happen exactly the same way, every time. It’s as simple as that.
Get your managers off the factory floor, and give them a holistic view of your network. SDN allows the transition from a local, tactical perspective to a global, strategic one.
The Dangers of SDN
The power of SDN is that you can can push a change to 10,000 devices across your global fleet all at once. The danger of SDN is that you can push a change to 10,000 devices across your global fleet all at once. Any time you introduce automation, you need to think very carefully through each granular step. Here are the things you need to keep in mind at all times:
What am I changing?
Why am I changing it?
When is it changing?
How do I know the change is safe?
What’s the risk of doing this change? What’s the risk of not doing it?
How can I make this change in a safe manner?
How can I guarantee my change is safe?
What do I do when my change breaks something?
How do I roll back, and how do I know when to roll back before disaster occurs?
There’s a whole design methodology around automation that is perhaps beyond the scope of this article, but when you’re ready for SDN, you do need to be thinking of these kinds of things before you jump right in.
SDN means something different for everyone because the needs of different networks are not all the same. For some, intelligently balancing traffic across multiple links is an issue. For others, integration of on-premise equipment with cloud providers has to come into consideration. Some networks can take advantage of SDN to speed provisioning of new devices, or make dynamic configuration changes and keep those changes documented and up-to-date with change control and approvals and integration with Git, enabling continuous integration/continuous deployment. Whatever the case, it’s clear that SDN — whatever that means in practice for your network — is a new fact of life.