Evolution of Software Defined Networking

Software-Defined Networking (SDN) has the capability to revolutionize the current data center architecture and its
associated networking model. This new paradigm, with its promised benefits, has the potential to create an inflection point
in deploying cloud services.
Challenges within the Data Center
Businesses are increasingly under pressure to respond to the ever-increasing demand from end-users and
employees, who demand more from computer systems, networks, and mobile devices than ever before. As a result, service
providers and enterprises are constantly exploring ways to keep up with fast evolving technology trends, business and end-
user requirements, and to provide innovative applications and services with faster time to market.
Software Defined Networking provides a new paradigm that attempts to respond to the new requirements of
business agility and improved user experience. Many cloud-computing environments operate in an application-centric world,
where virtualized applications are hosted within a public or private cloud. As a result, users can access their applications
from anywhere, on any device, at any time.
The Open Network Foundation (ONF) defines Software-Defined Networking as follows: “The physical separation of
the network control plane from the forwarding plane, and where a control plane controls several devices.”
Within an SDN infrastructure, applications can request and obtain services from the underlying network
infrastructure. This capability leads to the development of more proactive and dynamic applications that improve the user
experience. SDN changes the way networks are designed and deployed, where the applications have more control on the
configuration of the network infrastructure. SDN offers businesses the chance to build networks with increased application
awareness and intelligence about Layer 4 - Layer 7 protocol attributes and delivery requirements. Software-defined
networking allows infrastructure become much more automated and therefore adaptive to the needs of the applications
performing (or requesting) the automation.
SDN Architectural Framework and Solution Characteristics
Although centralization of control is a key tenet of SDN, there are a number of other characteristics that vary with
different SDN solutions. The following are certain common characteristics that are deployed in most SDN solutions today.

SDN
Software Defined Networking (SDN) provides a method to centrally configure and manage physical and
virtual network devices such as routers, switches, and gateways in your datacenter. You can use your existing SDN-
compatible devices to achieve deeper integration between the virtual network and the physical network. Virtual
network elements such as Hyper-V Virtual Switch, Hyper-V Network Virtualization, and RAS Gateway are designed
to be integral elements of your SDN infrastructure.

SDN is possible because network planes are no longer bound to the network devices themselves. However,
other entities, such as datacenter management software like System Center 2016 use network planes. SDN allows
you to manage your datacenter network dynamically, providing an automated, centralized way to meet the
requirements of your applications and workloads.

You can use SDN to:

 Dynamically create, secure, and connect your network to meet the evolving needs of your apps
 Speed up the deployment of your workloads in a non-disruptive manner
 Contain security vulnerabilities from spreading across your network
 Define and control policies that govern both physical and virtual networks
 Implement network policies consistently at scale

SDN allows you to accomplish all of this while also reducing your overall infrastructure costs.

In software-defined networks, traffic decision making shifts from hardware to software. That brings flexibility
but also greater risk.
Software-defined networking fundamentally changes where in the network the action happens. While that
might not seem exciting at first, let’s break it down.

In the old world, dumb hardware decided where to route traffic, how to redistribute volume to prevent
chokepoints and what to do with malicious actors. Software-defined networking (SDN) initiates a shift, with
the network controller wresting power from hardware. That shift enables the network to handle far more
volume and complexity– while allowing for greater automation within the network. Growing companies can
handle spikes in Web traffic, and innovation can gain traction by accommodating new cloud-based
applications, because the network can finally handle it.
At the same time, SDN and network controllers aren’t cure-alls for some of the problems that dumb hardware
faced. The network can help navigate traffic flows and govern security, but the physical infrastructure needs
to be ready to accommodate these developments as well.

So what are some important considerations when evaluating network controllers? What are some of the
unique features and pitfalls that network controllers introduce? Let’s take a look.

The upside of SDN: Network controller

extensibility and integration
In the old days, if you wanted more features and functionality in your network, you needed to buy new
devices, rack them up in your data center, configure and add them to your management universe. Conversely,
with SDN, you can purchase or source plug-ins that perform all sorts of network activities, including load
balancing, firewalling, reverse-proxying, and so on.

This allows for far greater flexibility in the network, and these plug-ins work directly within the network
controller and virtual switches on the network, boosting performance and flexibility. Most products are
designed to be extensible and integrate well with an open controller. Generally, you can install modules or
plug-ins into the network controller to enable additional functionality.

In fact, many controllers, offer programmatic interfaces, including the following:

 REST application programming interfaces (APIs) that enable applications to integrate deeply into the
network;

 Java APIs that allow developers to create custom functions to enable advanced scenarios;

 "southbound" (i.e., for north-south client/server traffic that travels from a data center to an external
location) plug-ins for the network controller device that hook up virtual networks to physical networks to
make heterogeneous network environments take the leap into an SDN world.

Open source network controllers

Many network controllers are also open source, which means they have open source code under the hood.
This code is written and contributed to by a community of network professionals and developers. POX and
Beacon are good examples of open source network controllers.

Various providers offer other network controllers to enable special integration among network hardware and
software. Both open source and proprietary network controllers have their role.

Open source controllers ensure a standards-based network, particularly when they are used with network
devices from multiple vendors. They often have a vibrant community behind them, enhancing the technology
as the state of the SDN art advances. On the other hand, proprietary network controllers working on vendor-
specific hardware often offer increased traffic speeds and capabilities. They also come with a support
infrastructure for when things go haywire, as they eventually will.

Fault tolerance and high availability

While SDN creates a centralized point of management, it also creates a centralized point of risk. Simple
clustering and replicating virtual machines and states across the wire don’t transcend hardware in an SDN
environment. Network switches maintain a hard state. Most clustering and replication systems do not account
for the state of individual ports—they seek to roll over the entire system into an “up” state. That’s acceptable
for servers and most workloads, but not when it comes to continuous streams of data, which switches
generally handle.

Good network controllers account for the state of switches into a transactional replication system. This
ensures that, in the event of a fault, one can replicate instances of the network controller while also
maintaining a consistent switch state—without taking down the network—so that the network switches can
establish a consensus.

But fault tolerance also includes the controller’s ability to continually manage all the devices on the software-
defined network after a failover or a fail-back procedure. It's important to know how well these fault-
tolerance procedures scale beyond the corporate campus and to a cloud-based data center with hundreds of
thousands of customers and thousands of hosted network configurations. Can your network controller vendor
keep pace with that scale?

Network controller serviceability

As you consider network controllers from various vendors, a key differentiator is how serviceable they are.
Often the logs from a controller will be a first source to consult when troubleshooting network issues. Are the
logs easy to find? Can they be shipped to central logging facilities, where an existing network monitoring
environment can capture events as they happen and proceed through alerting workflows? Another servicing
concern is how easy it is to patch the network controller for feature enhancements as well as to repair or
mitigate security flaws. Since the network controller is a key role, most controllers can patch the role without
bringing it down.

The network controller role in today’s

environments
While centralized management through a network controller opens up the possibilities for managing your
network, there are, of course, caveats. As the network controller takes over more of the decision making in
the environment, risks abound.

There are a couple of points to make here:

 Benefits of a network controller approach. The clear advantage of a network controller via software-
defined networking is a single location, or a single pane of glass (or a few panes in the case of complex
networks), where your entire network strategy can be handled, monitored, and, if need be, reconfigured. A
network controller becomes the console and point of control for the network, the one place that handles all
of the abstraction of resources.
 Challenge of a network controller approach. Environments incur more risk with many virtualized
networks and components directing activity through a network controller. If the controller goes down, what
kind of a stranglehold does it put on network functionality? The extent to which services are impaired
depends on each network configuration. But without fault tolerance and high availability capabilities built
into your production software-defined network, a failed network controller could inflict severe damage.

Hardware reigned supreme in the networking world until the emergence of software-defined networking (SDN),
a category of technologies that separate the network control plane from the forwarding plane to enable more
automated provisioning and policy-based management of network resources.

SDN's origins can be traced to a research collaboration between Stanford University and the University of
California at Berkeley that ultimately yielded the OpenFlow protocol in the 2008 timeframe. 

[Learn more about the difference between SDN and NFV. Get regularly scheduled insights by signing up for
Network World newsletters]

OpenFlow is only one of the first SDN canons, but it's a key component because it started the networking
software revolution. OpenFlow defined a programmable network protocol that could help manage and direct
traffic among routers and switches no matter which vendor made the underlying router or switch. 

In the years since its inception, SDN has evolved into a reputable networking technology offered by key vendors
including Cisco, VMware, Juniper, Pluribus and Big Switch. The Open Networking Foundation develops myriad
open-source SDN technologies as well.

"Datacenter SDN no longer attracts breathless hype and fevered expectations, but the market is growing
healthily, and its prospects remain robust," wrote Brad Casemore, IDC research vice president, data center
networks, in a recent report, Worldwide Datacenter Software-Defined Networking Forecast, 2018–2022.
"Datacenter modernization, driven by the relentless pursuit of digital transformation and characterized by the
adoption of cloudlike infrastructure, will help to maintain growth, as will opportunities to extend datacenter SDN
overlays and fabrics to multicloud application environments." 

SDN will be increasingly perceived as a form of established, conventional networking, Casemore said.

IDC estimates that the worldwide data center SDN market will be worth more than $12 billion in 2022, recording
a CAGR of 18.5% during the 2017–2022 period. The market generated revenue of nearly $5.15 billion in 2017,
up more than 32.2% from 2016.

In 2017, the physical network represented the largest segment of the worldwide datacenter SDN market,
accounting for revenue of nearly $2.2 billion, or about 42% of the overall total revenue. In 2022, however, the
physical network is expected to claim about $3.65 billion in revenue, slightly less than the $3.68 billion
attributable to network virtualization overlays/SDN controller software but more than the $3.18 billion for SDN
applications.

“We're now at a point where SDN is better understood, where its use cases and value propositions are familiar
to most datacenter network buyers and where a growing number of enterprises are finding that SDN offerings
offer practical benefits,” Casemore said. “With SDN growth and the shift toward software-based network
automation, the network is regaining lost ground and moving into better alignment with a wave of new
application workloads that are driving meaningful business outcomes.”

What is SDN? 
The idea of programmability is the basis for the most precise definition of what SDN is: technology that
separates the control plane management of network devices from the underlying data plane that forwards
network traffic.
IDC broadens that definition of SDN by stating: “Datacenter SDN architectures feature software-defined
overlays or controllers that are abstracted from the underlying network hardware, offering intent-or policy-based
management of the network as a whole. This results in a datacenter network that is better aligned with the
needs of application workloads through automated (thereby faster) provisioning, programmatic network
management, pervasive application-oriented visibility, and where needed, direct integration with cloud
orchestration platforms.”

The driving ideas behind the development of SDN are myriad. For example, it promises to reduce the
complexity of statically defined networks; make automating network functions much easier; and allow for simpler
provisioning and management of networked resources, everywhere from the data center to the campus or wide
area network.

Separating the control and data planes is the most common way to think of what SDN is, but it is much more
than that, said Mike Capuano, chief marketing officer for Pluribus.

“At its heart SDN has a centralized or distributed intelligent entity that has an entire view of the network, that can
make routing and switching decisions based on that view,” Capuano said. “Typically, network routers and
switches only know about their neighboring network gear. But with a properly configured SDN environment, that
central entity can control everything, from easily changing policies to simplifying configuration and automation
across the enterprise.”

How does SDN support edge computing, IoT and remote access?
A variety of networking trends have played into the central idea of SDN. Distributing computing power to remote
sites, moving data center functions to the edge, adopting cloud computing, and supporting Internet of
Things environments – each of these efforts can be made easier and more cost efficient via a properly
configured SDN environment.  

Typically in an SDN environment, customers can see all of their devices and TCP flows, which means they can
slice up the network from the data or management plane to support a variety of applications and configurations,
Capuano said. So users can more easily segment an IoT application from the production world if they want, for
example. 

Some SDN controllers have the smarts to see that the network is getting congested and, in response, pump up
bandwidth or processing to make sure remote and edge components don’t suffer latency.

SDN technologies also help in distributed locations that have few IT personnel on site, such as an enterprise
branch office or service provider central office, said Michael Bushong, vice president of enterprise and cloud
marketing at Juniper Networks.

“Naturally these places require remote and centralized delivery of connectivity, visibility and security. SDN
solutions that centralize and abstract control and automate workflows across many places in the network, and
their devices, improve operational reliability, speed and experience,” Bushong said. 

How does SDN support intent-based networking?

Intent-based networking (IBN) has a variety of components, but basically is about giving network administrators
the ability to define what they want the network to do, and having an automated network management platform
create the desired state and enforce policies to ensure what the business wants happens.

“If a key tenet of SDN is abstracted control over a fleet of infrastructure, then the provisioning paradigm and
dynamic control to regulate infrastructure state is necessarily higher level,” Bushong said. “Policy is closer to
declarative intent, moving away from the minutia of individual device details and imperative and reactive
commands.”

IDC says that intent-based networking “represents an evolution of SDN to achieve even greater degrees of
operational simplicity, automated intelligence, and closed-loop functionality.”

For that reason, IBN represents a notable milestone on the journey toward autonomous infrastructure that
includes a self-driving network, which will function much like the self-driving car, producing desired outcomes
based on what network operators and their organizations wish to accomplish, Casemore stated.
“While the self-driving car has been designed to deliver passengers safely to their destination with minimal
human intervention, the self-driving network, as part of autonomous datacenter infrastructure, eventually will
achieve similar outcomes in areas such as network provisioning, management, and troubleshooting —
delivering applications and data, dynamically creating and altering network paths, and providing security
enforcement with minimal need for operator intervention,” Casemore stated.

While IBN technologies are relatively young, Gartner says by 2020, more than 1,000 large enterprises will use
intent-based networking systems in production, up from less than 15 in the second quarter of 2018.

How does SDN help customers with security?

SDN enables a variety of security benefits. A customer can split up a network connection between an end user
and the data center and have different security settings for the various types of network traffic. A network could
have one public-facing, low security network that does not touch any sensitive information. Another segment
could have much more fine-grained remote access control with software-based firewall and encryption policies
on it, which allow sensitive data to traverse over it.

“For example, if a customer has an IoT group it doesn’t feel is all that mature with regards to security, via the
SDN controller you can segment that group off away from the critical high-value corporate traffic,” Capuano
stated. “SDN users can roll out security policies across the network from the data center to the edge and if you
do all of this on top of white boxes, deployments can be 30 – 60 percent cheaper than traditional gear.”

The ability to look at a set of workloads and see if they match a given security policy is a key benefit of SDN,
especially as data is distributed, said Thomas Scheibe, vice president of product management for Cisco’s
Nexus and ACI product lines.

"The ability to deploy a whitelist security model like we do with ACI [Application Centric Infrastructure] that lets
only specific entities access explicit resources across your network fabric is another key security element SDN
enables," Scheibe said.  

A growing number of SDN platforms now support microsegmentation, according to Casemore.

“In fact, micro-segmentation has developed as a notable use case for SDN. As SDN platforms are extended to
support multicloud environments, they will be used to mitigate the inherent complexity of establishing and
maintaining consistent network and security policies across hybrid IT landscapes,” Casemore said. 

What is SDN’s role in cloud computing?

SDN’s role in the move toward private cloud and hybrid cloud adoption seems a natural. In fact, big SDN
players such as Cisco, Juniper and VMware have all made moves to tie together enterprise data center and
cloud worlds. 

Cisco's ACI Anywhere package would, for example, let policies configured through Cisco's SDN APIC
(Application Policy Infrastructure Controller) use native APIs offered by a public-cloud provider to orchestrate
changes within both the private and public cloud environments, Cisco said. 

“As organizations look to scale their hybrid cloud environments, it will be critical to leverage solutions that help
improve productivity and processes,” said Bob Laliberte, a senior analyst with Enterprise Strategy Group, in a
recent Network World article. “The ability to leverage the same solution, like Cisco’s ACI, in your own private-
cloud environment as well as across multiple public clouds will enable organizations to successfully scale their
cloud environments.”

Growth of public and private clouds and enterprises' embrace of distributed multicloud application environments
will have an ongoing and significant impact on data center SDN, representing both a challenge and an
opportunity for vendors, said IDC’s Casemore.

“Agility is a key attribute of digital transformation, and enterprises will adopt architectures, infrastructures, and
technologies that provide for agile deployment, provisioning, and ongoing operational management. In a
datacenter networking context, the imperative of digital transformation drives adoption of extensive network
automation, including SDN,” Casemore said.
Where does SD-WAN fit in?
The software-defined wide area network (SD-WAN) is a natural application of SDN that extends the technology
over a WAN. While the SDN architecture is typically the underpinning in a data center or campus, SD-WAN
takes it a step further.

At its most basic, SD-WAN lets companies aggregate a variety of network connections – including MPLS, 4G
LTE and DSL – into a branch or network edge location and have a software management platform that can turn
up new sites, prioritize traffic and set security policies.

SD-WAN's driving principle is to simplify the way big companies turn up new links to branch offices, better
manage the way those links are utilized – for data, voice or video – and potentially save money in the process.

SD-WAN lets networks route traffic based on centrally managed roles and rules, no matter what the entry and
exit points of the traffic are, and with full security. For example, if a user in a branch office is working in
Office365, SD-WAN can route their traffic directly to the closest cloud data center for that app, improving
network responsiveness for the user and lowering bandwidth costs for the business.

"SD-WAN has been a promised technology for years, but in 2019 it will be a major driver in how networks are
built and re-built," Anand Oswal, senior vice president of engineering in Cisco’s Enterprise Networking Business,
said a Network World article earlier this year.

It's a profoundly hot market with tons of players including Cisco, VMware, Silver Peak, Riverbed, Aryaka,
Fortinet, Nokia and Versa.

IDC says the SD-WAN infrastructure market will hit $4.5 billion by 2022, growing at a more than 40% yearly clip
between now and then.

n support of software-defined networking, Cisco has introduced several products to strengthen networks and
meet the increased demand for flexible and cost-efficient solutions. The Cisco SDN solution in the data center is
ACI. Outside the data center the primary Cisco solution is DNA.
 

Cisco Application Centric Infrastructure (ACI)

In April 2013, Cisco announced the release of ACI, which is the premier software-defined networking solution in
the data center. ACI is based entirely on the declarative programming model. Cisco ACI must contain three
categories of hardware:

Spine
Leaf
Cisco Application Policy Infrastructure Controller (Cisco APIC)
The spine and leaf switches are always Cisco Nexus 9000 series products. All leafs are cabled to all spines.
Leafs are never cabled to each other and spines are never cabled to each other.
In ACI, the SDN overlay protocol is always VXLAN and the underlay is always IS-IS. These protocols require
zero configuration and operate functionally as a team the instant ACI is provisioned. Network infrastructure
engineering is fully automated.
The APIC is the mandatory SDN controller. Three or five APICs are supported in an ACI production
environment. The APICs are all in an active arrangement and each contains the identical database of all
network and security configurations. The APICs always cable into the leafs. All network intelligence is in the
APIC, and its policies are pushed to all spines and leafs with the SDN southbound protocol called opflex. There
is nothing to configure in opflex—it is functional from the first instance that ACI is provisioned. Instead of
configuring every network device, only the APIC requires configuration.
ACI is exceptionally secure as it operates on a whitelist model, which only allows network connectivity between
data center devices to exist if it is declared.
 

Cisco Digital Network Architecture (DNA)

DNA is Cisco’s newest management solution and is an implementation of SDN. While ACI is SDN in the data
center, DNA is SDN and can be implemented for campus and WAN devices.

DNA is based on intuitive workflows and also on a declarative model. The result is a reduction of time to
provision network devices.
DNA Center is the Cisco single dashboard for network automation that contains zero touch provisioning and can
be used for the campus, branch and WAN networks. Policy driven provisioning can be implemented with DNA
Center with guided remediation.
Troubleshooting networks can be time consuming. DNA Center contains DNA Assurance, which learns, adapts
and troubleshoots problems before they happen.
With intent-based APIs, DNA Center can improve the billing and compliance of applications such as
Salesforce.com, Microsoft Exchange and Oracle. Previously, security was focused only on dedicated devices
such as firewalls. Now, DNA Center increases security visibility by advanced security analytics with encrypted
traffic.
 

Cisco SD-Access
Software-defined access, or SD-Access, is built on the principles of Cisco DNA and operates from a controller.
Traditionally, the main focus of networking was to create connectivity. The reality is that if all devices can
communicate to all devices in a network, security becomes inherently lower.
Of course, devices that need to communicate to each other require connectivity. But for all devices that do not
have a business need to communicate, isolation is best for networking security. In a large network, such
detailed isolation can be a massive task. SD-Access provides a solution to scalable isolation by providing end-
to-end segmentation for different users and devices over the LAN and WLAN.
 

Cisco SD-WAN
Cisco DNA can be extended further into the WAN transport of MPLS and 3G/4G LTE with SD-WAN. Users
connect to services hosted by multiple cloud providers, which often causes user performance to suffer due to
non-optimal WAN networking. SD-WAN optimizes user experience to cloud-based applications, offered as
SaaS, by optimizing bandwidth utilization and improving security. SD-WAN uses a centralized controller to
create a secure experience over the WAN that is scalable to thousands of users.
SD-WAN can also be extended into unified communications by improving QOS from the WAN to integrated
service routers acting as voice gateways.
 

Network Programmability
The most powerful programming language to perform network changes in either imperative or declarative
programming is Python. Python is a free open source programming language. Its value has grown exponentially
in network engineering as a result of the robust Application Programming Interface (API) support.
An API is simply a mechanism to allow two or more software programs to communicate with each other. The
API with the largest growth in implementation is representational state transfer, or REST. If you take a web
browser and go to a website with HTTP or HTTPS, you are using a RESTful interface. The most popular SDN
controller, API, is REST. The sheer number of global websites that exist demonstrates the value and
implementation of REST. Python has full support for RESTful interfaces. A Python script can run from a Linux or
Windows machine across the network to a RESTful interface on an SDN controller like the ACI APIC. This
powerful combination allows the network programmer to automate.
Software-defined networking has evolved. It now encompasses many different products and protocols that allow
network changes to be made more efficiently than ever. The traditional approach of network configuration one
device at a time with the CLI is being replaced by software-defined networking and network programmability.
The Python programming language has evolved to become the most powerful language to implement SDN as
well as traditional networking. The result of implementing Python and SDN is a major increase in agility as well
as network productivity.

SDN WIKIPEDIA
Software-defined networking (SDN) technology is an approach to network management that enables dynamic,
programmatically efficient network configuration in order to improve network performance and monitoring, making it
more like cloud computing than traditional network management. [1] SDN is meant to address the fact that the static
architecture of traditional networks is decentralized and complex while current networks require more flexibility and easy
troubleshooting. SDN attempts to centralize network intelligence in one network component by disassociating the
forwarding process of network packets (data plane) from the routing process (control plane). The control plane consists
of one or more controllers, which are considered the brain of the SDN network where the whole intelligence is
incorporated. However, the intelligent centralization has its own drawbacks when it comes to security, [1] scalability and
elasticity[1] and this is the main issue of SDN.
SDN was commonly associated with the OpenFlow protocol (for remote communication with network plane
elements for the purpose of determining the path of network packets across network switches) since the latter's
emergence in 2011. However, since 2012 [2][3] OpenFlow for many companies is no longer an exclusive solution, they
added proprietary techniques. These include Cisco Systems' Open Network Environment and Nicira's network
virtualization platform.

Architectural components[edit]

A high-level overview of the software-defined networking architecture

The following list defines and explains the architectural components: [27]
SDN Application
SDN Applications are programs that explicitly, directly, and programmatically communicate their network requirements
and desired network behavior to the SDN Controller via a northbound interface (NBI). In addition, they may consume an
abstracted view of the network for their internal decision-making purposes. An SDN Application consists of one SDN
 Application Logic and one or more NBI Drivers. SDN Applications may themselves expose another layer of abstracted
network control, thus offering one or more higher-level NBIs through respective NBI agents.
SDN Controller
The SDN Controller is a logically centralized entity in charge of (i) translating the requirements from the SDN Application
layer down to the SDN Datapaths and (ii) providing the SDN Applications with an abstract view of the network (which
may include statistics and events). An SDN Controller consists of one or more NBI Agents, the SDN Control Logic, and
the Control to Data-Plane Interface (CDPI) driver. Definition as a logically centralized entity neither prescribes nor
precludes implementation details such as the federation of multiple controllers, the hierarchical connection of controllers,
communication interfaces between controllers, nor virtualization or slicing of network resources.
SDN Datapath
The SDN Datapath is a logical network device that exposes visibility and uncontested control over its advertised
forwarding and data processing capabilities. The logical representation may encompass all or a subset of the physical
substrate resources. An SDN Datapath comprises a CDPI agent and a set of one or more traffic forwarding engines and
zero or more traffic processing functions. These engines and functions may include simple forwarding between the
datapath's external interfaces or internal traffic processing or termination functions. One or more SDN Datapaths may be
contained in a single (physical) network element—an integrated physical combination of communications resources,
managed as a unit. An SDN Datapath may also be defined across multiple physical network elements. This logical
definition neither prescribes nor precludes implementation details such as the logical to physical mapping, management
of shared physical resources, virtualization or slicing of the SDN Datapath, interoperability with non-SDN networking, nor
the data processing functionality, which can include OSI layer 4-7 functions.
SDN Control to Data-Plane Interface (CDPI)
The SDN CDPI is the interface defined between an SDN Controller and an SDN Datapath, which provides at least (i)
programmatic control of all forwarding operations, (ii) capabilities advertisement, (iii) statistics reporting, and (iv) event
notification. One value of SDN lies in the expectation that the CDPI is implemented in an open, vendor-neutral and
interoperable way.
SDN Northbound Interfaces (NBI)
SDN NBIs are interfaces between SDN Applications and SDN Controllers and typically provide abstract network views
and enable direct expression of network behavior and requirements. This may occur at any level of abstraction (latitude)
and across different sets of functionality (longitude). One value of SDN lies in the expectation that these interfaces are
implemented in an open, vendor-neutral and interoperable way.

SDN Control Plane[edit]

Centralized - Hierarchical - Distributed
The implementation of the SDN control plane can follow a centralized, hierarchical, or decentralized design.
Initial SDN control plane proposals focused on a centralized solution, where a single control entity has a
global view of the network. While this simplifies the implementation of the control logic, it has scalability
limitations as the size and dynamics of the network increase. To overcome these limitations, several
approaches have been proposed in the literature that fall into two categories, hierarchical and fully
distributed approaches. In hierarchical solutions, [28][29] distributed controllers operate on a partitioned network
view, while decisions that require network-wide knowledge are taken by a logically centralized root
controller. In distributed approaches,[30][31] controllers operate on their local view or they may exchange
synchronization messages to enhance their knowledge. Distributed solutions are more suitable for
supporting adaptive SDN applications.
Controller Placement
A key issue when designing a distributed SDN control plane is to decide on the number and placement of
control entities. An important parameter to consider while doing so is the propagation delay between the
controllers and the network devices,[32] especially in the context of large networks. Other objectives that
have been considered involve control path reliability, [33] fault tolerance,[34] and application requirements.[35]