Unit 3 SDN

Network Programmability
• Network Programmability in SDN refers to using APIs and software
tools to automate, configure, manage, and optimize network
resources dynamically, rather than manually configuring physical
devices.
• This is mainly enabled by separating the control plane (decision-
making) from the data plane (traffic forwarding) in network devices
Network Functions Virtualization
(NFV)
• Core Principle: Decoupling Software from Hardware
• Network Functions Virtualization (NFV) is the process of migrating
network functions (like routers, firewalls, load balancers) from
dedicated hardware appliances to software-based services that run on
standard servers—these are called Virtual Network Functions (VNFs)
• NFV virtualizes network functions that traditionally ran on proprietary,
dedicated hardware appliances.
• These functions are now implemented as software called Virtual
Network Functions (VNFs) that run on standard, high-volume servers
(e.g., x86 architecture), often in a cloud data center.
.SDN Layers

• Application Layer
This is the topmost layer where user applications and network services reside.
Application developers interact with the network by sending their requirements
(such as bandwidth, security policies) via the SDN controller's APIs.
• Control Layer (SDN Controller)
The SDN controller receives requirements from applications, processes them using
global network knowledge, and programs the underlying network devices. It acts as
the “brain” of the network by instructing forwarding devices (switches/routers)
about how data should flow.
• Infrastructure (Data) Layer
This consists of physical or virtual network devices (switches, routers). The devices
follow the rules sent by the SDN controller and perform packet forwarding and
routing.
Network Programmability

• The separation between the control and infrastructure layers allows

developers to automate the configuration and management of
network devices via programmable interfaces.

• The SDN controller provides northbound APIs for applications

and southbound APIs (like OpenFlow) to communicate with the
physical infrastructure
Key Components of NFV
Architecture:
• Virtual Network Functions (VNFs):
Software implementations of specific network functions that were
traditionally hardware-based (e.g., virtual firewall, virtual router).
• NFV Infrastructure (NFVI):
The collection of hardware (servers, storage, networking) and
virtualization layers that host and interconnect VNFs.
• NFV Management and Orchestration (MANO):
Framework for deploying, managing, and orchestrating VNFs and the
related infrastructure.
Benefits of NFV

• Reduced CapEx & OpEx: Use cheaper commodity servers instead of

expensive proprietary hardware. Reduce power and space.
• Scalability & Elasticity: Easily scale VNFs up or down by allocating
more or less virtual resources.
• Flexibility & Speed: Launch new network services in minutes, not
months.
• Innovation: Easily trial and deploy new services.
 Integration of SDN and NFV

• SDN provides a flexible, programmable network fabric for connecting

VNFs. VNFs send requirements to the SDN controller, which optimizes
traffic flows and connectivity dynamically between these virtualized
functions.
• Example:
• When spinning up a new VNF (say, a virtual firewall), MANO
coordinates with SDN to update traffic flows to route data through the
firewall before reaching its destination.
How They Work Together (Step-by-Step Flow):

• User/Application Requests Service:

• An application (e.g., a video streaming service) requests a specific service or
network performance level.

• SDN Controller Programs the Network:

• The SDN controller receives this request through APIs, computes the best
network paths, and configures the network devices accordingly.

• NFV Instantiates Required VNFs:

• If special processing is needed (e.g., firewalling, load balancing), MANO deploys
the required VNFs in the NFVI.
Step-by-Step Flow
• Dynamic Traffic Steering:
• The SDN controller dynamically updates the infrastructure layer to steer traffic
through the required VNFs (e.g., packets first go through a firewall VNF, then to a load
balancer VNF).

• Continuous Optimization:
• The controller monitors the network and VNFs in real time, making changes as
required for efficiency, security, or service quality.

• This architecture enables automation, agility, and cost efficiency in modern networks
while supporting complex services through virtualization and programmability.
Core SDN Principles

• Control and Data Plane Separation: The SDN controller (control

plane) makes intelligent decisions and programs the simple, fast
forwarding devices (data plane - switches, routers).
• Centralized Network Intelligence: The controller has a global view of
the network state.
• Programmatic Open Interfaces: The controller communicates with
applications north of it via northbound APIs (e.g., RESTful APIs),
allowing applications to directly influence network behavior.
NetApp (Network Application)
Development
• NetApp (Network Application) Development creates the software
that consumes network services,
• while Network Slicing is the mechanism that provides tailored,
guaranteed network resources to those applications
Development in SDN with
NetApp
• Agile Infrastructure Provisioning: Developers can use APIs to request network slices with specific
characteristics (bandwidth, latency, security) for their applications. NetApp's storage APIs (e.g., ONTAP
REST APIs, Astra Control APIs) can be integrated into the same orchestration layer. This allows developers
to programmatically provision not just network resources but also the necessary storage volumes, data
services (like SnapMirror for replication), and data protection policies, all as part of their CI/CD pipeline.
• Containerization and Kubernetes: In a cloud-native development environment, applications are often
containerized and managed by Kubernetes. NetApp's Astra Trident CSI provisioner allows Kubernetes to
dynamically provision persistent storage from NetApp systems. When combined with SDN, this means
developers can define their application's network and storage requirements in a declarative way, and the
underlying infrastructure (network slices and NetApp volumes) is automatically provisioned.
• Data Mobility for Dev/Test: Developers often need copies of production data for testing. NetApp's
snapshot and cloning technologies (e.g., FlexClones) can create instant, space-efficient copies of datasets.
In an SDN environment, these cloned datasets can be quickly attached to development and test network
slices, isolating them from production and accelerating the development cycle. This enables "Data as a
Service" for developers
Key Enabling Technologies and Standards in
SDN:

• Northbound API: This is the critical link. It's how the NetApp communicates its requirements (e.g., "I
need a slice with 10ms latency and 100 Mbps bandwidth for the next hour"). This is often a RESTful API.

• SDN Controller: The brain. It receives the request, validates it against policies, translates it into technical
rules (flow rules), and programs the entire network path accordingly.

• OpenFlow: A dominant southbound protocol used by the SDN controller to program the forwarding
rules in the data plane switches. It directly manipulates flow tables to create the isolated paths that
constitute a slice.

• Network Orchestrator: Often works alongside the SDN controller to manage the lifecycle of the slice
across more complex domains, including virtual network functions (VNFs).
Network slicing

• Network slicing is a key SDN concept where a single physical network

infrastructure is divided into multiple virtual, isolated, and customized
logical networks (slices). Each slice can be optimized for specific
services or applications (e.g., one slice for IoT, one for mission-critical
enterprise applications, one for 5G eMBB).
 How NetApp fits in:
• Dedicated Data Paths per Slice: While the network slice defines the path for data between endpoints,
NetApp ensures the data at those endpoints is appropriately served. A high-bandwidth, low-latency slice
for real-time analytics would need to connect to NetApp storage configured for high performance (e.g., all-
flash arrays, NVMeoF). A slice for archival data might connect to object storage on NetApp StorageGRID.
• Quality of Service (QoS) Alignment: The QoS parameters defined for a network slice (bandwidth, latency,
jitter) need to be mirrored or supported by the underlying storage. NetApp can provide QoS capabilities at
the storage layer, ensuring that critical applications within a specific slice receive the necessary storage
performance.
• Data Isolation and Security: Each network slice provides logical isolation. NetApp can extend this isolation
to the data layer through features like multi-tenancy, tenant-specific volumes, and granular access
controls. This ensures that data belonging to one slice or tenant cannot be accessed or impacted by
another.
• Automated Resource Allocation: The SDN orchestrator, when creating a network slice, can trigger actions
to provision corresponding NetApp storage resources. This could involve creating new volumes, assigning
performance policies, or configuring data protection for applications running within that slice. This
automation is crucial for agile service deployment in sliced networks, especially in 5G environments.
[Link] Action (SDN Controller ->
Data Plane):
• The SDN controller receives the request, checks policies (e.g., "is this device
authorized?"), and calculates an optimal end-to-end path.
• It uses OpenFlow to install precise, high-priority flow entries in every switch
along the calculated path. These flows:
• Match: Packets from surgical-robot-456 and the surgeon's console.
• Action: Forward along the pre-determined low-latency path, ensuring priority queuing
and redundancy.
The Result & Feedback Loop
• The Result: A dedicated, logical network slice is created almost
instantly. The surgical data traffic is isolated from best-effort internet
browsing traffic on the same hospital network, guaranteeing the
required performance.
• Feedback Loop: The SDN controller can provide real-time telemetry
back to the NetApp (e.g., "current latency is 4.2ms"), allowing the
application to adapt or alert the surgeon if network conditions begin
to degrade.
Steps
• 1. Physical Network Infrastructure
• The foundation consists of physical networking hardware over which SDN-
enabled slicing operates.
• 2. Network Slicing (SDN Layer)
• The SDN controller manages distinct network slices for different use cases:
• Slice 1: Allocated for 5G applications needing high bandwidth, low latency, and
support for critical apps.
• Slice 2: Designed for IoT & Sensors, emphasizing security and supporting many
connected devices.
• Each slice is isolated, providing customized connectivity and resource
guarantees for the applications it supports
3. Unified Orchestrator

• The orchestration platform (SDN Controller + NetApp APIs, such as ONTAP

REST, Astra, Kubernetes API) handles automation:

• Assigns performance volumes and Quality of Service (QoS) to each slice as

needed.

• Manages isolated testing volumes for slice-specific environments, enabling

safe experimentation without impacting production.

• The orchestrator provides data path and performance feedback, optimizing

slice efficiency and reliability.
4. NetApp Data Infrastructure (Shared Storage)

• Storage resources are allocated and tiered based on slice

requirements:
• NetApp AFA (AFF A-Series): Delivers high-performance, tiered storage for
demanding applications.
• Hybrid FAS: Supplies general-purpose, ONTAP-based shared volumes
adaptable for different use cases.
• NetApp FAS: Hosts general volumes and ephemeral environments managed
by Astra, supporting dynamic app deployments
5. Data Path & Performance
Feedback
• Data flow and performance telemetry are continuously fed back to
the orchestrator, enabling real-time optimization and service
assurance across slices and storage pools.
• The diagram demonstrates how SDN-based network slicing is tightly
integrated with NetApp’s data infrastructure, providing tailored
bandwidth, security, and storage for diverse applications such as 5G,
IoT, and sensor networks, all orchestrated for efficiency and agility