Surveying the emerging field of Software-Defined Networking (SDN)
This feature first appeared in the Fall 2018 issue of Certification Magazine. Click here to get your own print or digital copy.
At the beginning of this decade, a sexy new three-letter acronym began making the rounds in the IT industry: SDN, which stands for Software-Defined Networking. At the time, SDN was an emergent network architecture that promised to make it easier to centralize control of existing networks while also making them more intelligent and configurable.
Now that SDN has been percolating for a few years, it has evolved into an intriguing new technology that could become the de facto network architecture of the next decade. So what exactly is Software-Defined Networking, and where did it come from? What advantages does SDN offer over conventional data networks? And where can interested IT professionals go to learn more about it?
It is difficult to find a consistent description of Software-Defined Networking within the IT industry. There is unnecessary complexity in the terminology used to describe SDN, and some of these terms require a little more parsing in order to clarify them.
The key concept found in most descriptions of SDN is that it enables “decoupling of the control plane from the data plane.” This statement isn’t particularly helpful for someone approaching the topic of SDN for the first time. Let’s add an air traffic controller to this situation and see if we can keep our planes straight.
In a conventional network, physical routers and switches are responsible for passing along data packets as they arrive. This hardware and the functionality it provides is what makes up the data plane (also sometimes referred to as the forwarding plane).
The control plane contains the information used to make decisions about how data packets will be handled. Think of the control plane as a data traffic cop who uses the information it knows about a network’s topology and other factors to decide how data packets should flow. The control plane communicates with the network’s routers and switches to ensure that data traffic decisions are properly executed.
In conventional networking, the data plane and the control plane are tightly integrated, often using firmware and software created by the same vendor that manufactured the physical routers and switches. This proprietary scenario often results in organizations getting locked into a single vendor’s networking product ecosystem.
In Software-Defined Networking, the role of data traffic cop (the control plane) is separated from the networking hardware (the data plane) and assigned to an SDN controller, a computer that contains the necessary SDN software to configure and manage network traffic.
The separation of planes provided by SDN gives network admins a centralized point from which to configure and manage all types of data traffic across the entire network. Even better, separating the data and control planes prevents organizations from the scenario of being locked into a vendor’s proprietary networking framework.
One of the key components of SDN-based networks is a technology called OpenFlow. First released in 2009, OpenFlow is a communication protocol managed by the Open Networking Foundation (ONF), a user-driven organization that acts as an advocate for SDN adoption and open networking standards.
OpenFlow enables an SDN controller to interact with multiple routers and switches from a variety of vendors, making it platform agnostic when it comes to networking hardware. OpenFlow can also interface with virtual switches and routers, making it compatible for use with virtual networking solutions.
A growing number of vendors have recently jumped into the SDN market, and a number of competing communication protocols and SDN controller applications have been released as alternatives to OpenFlow.
Advantages of SDN
Why would an organization consider transitioning to a Software-Defined Network? The primary motivator is related to how network traffic and web services have evolved over the last two decades.
At the turn of the century, network traffic primarily consisted of files: documents, images, web pages, e-mail, and so on. There was some low-resolution video streaming, but most network traffic consisted of files and the data packets related to network maintenance.
Today, network traffic consists of a multitude of different services and protocols. Streaming movies and television shows, video conference calls, Voice over IP (VoIP), Software as a Service (SaaS), digital surveillance, encrypted virtual currencies — the list goes on and on.
Conventional networks can use Quality of Service (QoS) controls to regulate and prioritize different types of data traffic. The problem with QoS is it doesn’t provide for dynamic, real-time routing adjustments based on the makeup of network traffic at any given moment, as well as the bandwidth being used for each type of data.
SDN gives network admins the ability to essentially program a network to automatically respond to network traffic conditions. An SDN controller can adjust data packet handling on every router and switch in the network. SDN also enables very granular network traffic control so that specific services can be dynamically prioritized or demoted in real time.
Since the SDN applications are running on conventional computer hardware, the performance of the SDN controller can be ramped up with familiar solutions like server clustering. This makes SDN easily scalable if the requirements demand it.
SDN can also be less expensive than conventional networking, because SDN enables the use of less expensive commodity switches and routers rather than the high-end, premium networking hardware usually associated with complex networks.
There is also a special subset of SDN called SD-WAN that is designed for use with wide area networks. Tech media company SDxCentral has said that the goal of SD-WAN is “to deliver a business-class, secure, and simple cloud-enabled WAN connection with as much open and software-based technology as possible.”
In some ways, SDN can be considered to be the product of the natural progression of virtualization technology, which has spread across many areas of the IT industry. Just as virtualization has taken the focus away from complex physical computing environments, SDN is taking the emphasis off of high-end specialized networking hardware.
To summarize, the key advantages offered by Software-Defined Network solutions over conventional networking are:
● SDN networks can be programmed to automatically provide better data flow.
● An entire SDN network can be controlled from one centralized console.
● SDN networks can be built with cheaper commodity routers and switches.
● An SDN network can be optimized for specific services or applications.
● SD-WAN technologies can create more flexible, cloud-based wide-area networks.
SDN training and certification
Market research company IDC is predicting that SDN will become a $12.5 billion business by 2020. As you would expect with a relatively new technology with the potential for widespread adoption, there has been a spike in interest for SDN training and certification programs.
The aforementioned Open Networking Foundation (ONF) has partnered with more than two dozen companies to create the ONF-Certified SDN Professional Program (OCSP). As you would expect from an organization that advocates for open standards, the ONF training program places an emphasis on vendor-neutral SDN knowledge and skills.
There are currently two distinct levels of ONF certification. The ONF Certified SDN Associate (OCSA) credential is meant for technical sales and support professionals, and for entry-level network technicians. To earn the OCSA certification, candidates must pass a one-hour, 40-question exam with a score of 70 percent or higher.
The exam questions are selected from a pool made up of the following knowledge domains and content weightings:
● Networking Concepts — 15 percent
● SDN Concepts — 25 percent
● OpenFlow — 25 percent
● SDN Architecture and Ecosystem — 25 percent
● SDN Open Source — 10 percent
The second credential is the ONF Certified SDN Engineer (OCSE) certification. The OCSE is an expert-level credential meant for well-experienced network admins, analysts, and engineers. The OCSE exam consists of 70 questions which candidates have 90 minutes to answer, and the passing grade is 70 percent.
Here are the knowledge domains and content breakdown for each domain:
● SDN Concepts — 10 percent
● OpenFlow — 20 percent
● SDN Architecture and Ecosystem — 15 percent
● SDN Implementation and Migrations — 25 percent
● Troubleshooting and Testing — 15 percent
● SDN Security — 10 percent
● SDN Futures — 5 percent
There are more details for each certification exam on the Open Networking Foundation website at www. opennetworking.org/certification. Cisco has entered the SDN market with its own products, and has expanded its training and certification program with a number of credentials. These certifications include the following:
● Cisco Network Programmability Developer Specialist (NPDEV)
● Cisco Network Programmability Design and Implementation Specialist (NPDESI)
The Cisco NPDEV Specialist certification is described as follows:
“Unlike SDN courses that focus on network theory, this certification adds to your practical networking understanding and utilizes Cisco’s experience in WAN, data center, and campus environments to provide you with the skills you will need to become a network developer.”
To earn this credential, candidates must pass Cisco’s 300-560 NPDEV exam. This exam is made up of a mix of 65-to-75 questions which candidates have 90 minutes to complete.
The Cisco NPDESI Specialist certification is less software-development-intensive than the Developer Specialist credential. To get this certification, candidates must pass the 300-550 NPDESI exam. This is also a 90-minute, 65-to-75 question exam. Both of these Cisco SDN exams can be booked through Pearson VUE test centers.
Apart from ONF and Cisco, there are also SDN-related certifications available or in development from Brocade, HP, and VMware.
SDN and the future
Is Software-Defined Networking the future of information systems? In this particular Magic 8-Ball, there are several signs that point to “Yes.”
SDN is widely considered to be complementary to the industry’s preference for cloud computing solutions and virtualized systems. SDN implementations make it possible for companies to break free from vendors’ proprietary network hardware platforms. And Network admins can exercise very granular control over data traffic from a single SDN controller console.
SDN is indeed a technology with a future, and IT professionals should consider adding the SDN skill set to their portfolios. You don’t want to miss this particular flight … whether it’s on the control plane or the data plane.