WIXLIB

6Software-Defined Networking For Dummies, Sonus Special Edition because you can create policies (rules) that apply across thenetwork telling each device how to handle traffic and alsocontrolling access to enterprise resources. With an SDN solution, it’s no longer necessary to physically touch routers,switches, gateways, and such in order to change how each ofthem functions.Network intelligenceAn SDN divides the data plane from the network intelligence.So the key to an effective SDN implementation is not just theSDN controllers but the actual intelligence engine that controls the network. Key aspects of network intelligence are Network topology discovery: The ability for a controllerto effectively understand the existing network topology Policy rules: A set of rules that are based on businesspolicies that are key inputs to determine which routestraffic should follow Path computation: A real‐time engine that takes thepolicy rules and the network topology and determinesthe best possible path that packets should take to traverse a networkThis path computation intelligence is what makeschanges to the network based on the needs of a specificpacket or IP Flow.Your customers need to be able to simply specify applicationand business priorities and service level requirements. Besure that your SDN solution has the intelligence to be able totranslate this information into meaningful input that can perform path computation to select the optimal WAN path.Shifting prioritiesMost organizations are experiencing shifting priorities asthey move away from traditional client/server architecturetoward providing users with more flexibility. Instead of beingtied down to a workstation in the office, users are demandingThese materials are 2016 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.

Chapter 1: Introducing SDN7access to corporate data through their laptops, tablets, andsmartphones.This demand for increased flexibility in accessing enterpriseresources has resulted in the need for new ways in definingand managing the networks. Certainly, there’s a greater needthan ever to protect corporate data by enforcing strong security policies. But, those policies can’t come at the expenseof ease of access for the users who have legitimate needs toaccess that data no matter where the user might be working.Network resource managementThe demands for increased flexibility and access have causednetworks to grow in size and become much more complex tomanage and maintain. The result has been that ever more ITresources are needed to handle processes such as provisioning, configuration, and remediation. These processes havetypically been cumbersome so growing your network meantthat someone had to touch and configure each and everydevice.The traditional way of provisioning and managing networkassets is no longer dynamic enough to keep up with the newdemands. You have to deal with competitive pressures thatforce you to be more efficient. You need to consider the following important requirements: Real‐time management: You must manage networkassets in real time based on business priorities.Accommodating changes in network resource requirements needs to be automated as much as possible. Application traffic prioritization: Traffic must be prioritized based on business priorities for different applications, both during both normal and non‐normal workingsituations. Bandwidth utilization: You need to dynamically allocateresources to maximize network utilization and to lowerthe cost of network ownership.These materials are 2016 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.

8Software-Defined Networking For Dummies, Sonus Special Edition An SDN solution enables you to provision and manage yournetwork resources in real time and transforms your networkinto a strategic asset.BenefitsA good SDN solution offers a number of benefits for yourorganization. These range from cost savings through reducedtime spent on manual tasks to better utilization of existingresources. Here are a few of the benefits you’ll see: Automatic provisioning: Simplified provisioning usinga web‐based portal or API means that business policiesare automatically translated into WAN configuration, andprovisioning for network devices can use simple forwarding tables instead of complicated routing. Automationminimizes, and possibly eliminates the need for anymanual provisioning. Any changes in network topologyare automatically detected and an updated topology ismaintained so future path computations are optimized. Dynamic allocation: Bandwidth allocation to meet application requirements is managed on‐demand. The implementation of WAN changes based on business prioritiescan be handled quickly. Examples of these changesinclude time‐of‐day adjustments to bandwidth for anightly data replication program or ensuring a high priority for every 15-minute backup of critical billing records. Flexibility: An SDN provides responsiveness to accommodate changes in network topology or changes in network behavior. To resolve a fairly simple yet commonevent, such as where network congestion is degradingapplication performance, network resources need to bereallocated in real‐time (in milliseconds) to ensure trafficflows around network congestion points. Security: Identification of network devices is automatedand access to network devices is protected and limited. Ifa network device is unknown, no traffic is allowed to flowto/from it. If traffic originates with an unknown user orapplication, it is not allowed onto the network. Visibility: From the IT manager to the CIO, ensuring theexpected network behavior matches actual behavioris crucial, especially for business critical applications.These materials are 2016 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.

Chapter 1: Introducing SDN9Having end‐to‐end monitoring and analytics of trafficflows and application statistics provides the visibilitythat is critical to decision making and ultimately forensuring the WAN is a strategic asset.Understanding Controlversus Data PlaneOne of the key elements in SDN is the concept of separatingthe control plane from the data plane. The control plane is thesystem that makes decisions about where network traffic issent and the data plane consists of the systems that actuallyforward the traffic to its destination.Different vendors often use their own terminology for variousSDN elements. For example, you may see the control planecalled the signaling plane and the data plane is sometimescalled the forwarding plane.Separating the two systems is important because this separation is what enables network functions to be automated. By separating the control plane from the dataplane, the architecture of SDN becomes Programmable: The control of the network can be handled programatically rather than hands‐on manualoperations. Centrally controllable: Technicians no longer have totouch each box in order to control how the networkfunctions, so the network can be managed from a centrallocation. Agile: It’s now much easier for the network to meetchanging traffic needs automatically.Most SDN implementations follow an open standardsapproach, which means that you aren’t tied to productsfrom a single vendor. One such standard that’s often used isOpenFlow, a protocol that enables communications betweenthe control and the data plane of the network.These materials are 2016 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.

10Software-Defined Networking For Dummies, Sonus Special Edition Looking at Underlayversus OverlayIn discussions about SDN applied to networks, you’ll no doubtencounter the terms underlay and overlay. These terms referto how SDN is applied to a network: Underlay: The underlay model is the ability to fully control the network itself, with direct linkages to every layerfrom wavelength/OTN to MPLS/IP, and across differingvendors. The advantages are network abstraction andstandard data models to minimize the OSS‐to‐networkintegration complexity and to provide global, real‐timenetwork visibility and control so network assets can beused more efficiently. This method also scales easilyacross multiple network layers. Overlay: The overlay proposition is simple: LeverageSDN solutions in the data center to extend dynamiccreation of Layer 3 tunnels to other data centers andto remote sites across any intermediary network. Theadvantage is network transparency; the disadvantage islack of visibility into any layer other than Layer 3.Each of these models has relevance and its likely set of usecases, so it’s expected that both implementation models willexist in the future.These materials are 2016 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.

Chapter 2Applying SDN to the CloudExchange NetworkIn This Chapter Getting to know what’s needed Making provisioning simpler Discovering your network Applying business policies Making data flow efficiently Getting it working Handling multiple tenantsThere’s a major shift occurring in the adoption of Clouddeployment models. That shift is to off‐premises solutionsdelivered using either a private Cloud, a hybrid architectureof private and public Cloud, or a public Cloud.As applications and data migrate from on‐premise deployments to Cloud deployments, the Cloud exchange networknow becomes part of the critical path for this successfultransition to take place. The Cloud exchange network is the connectivity between Clouds, regardless of Cloud model (private, public, or hybrid), and between users and theirCloud deployments.This chapter discusses what’s involved in applying a software‐defined networking (SDN) solution to transform the Cloudexchange network into a dynamic and resilient network.These materials are 2016 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.

12Software-Defined Networking For Dummies, Sonus Special Edition Understanding What’s ReallyNeeded to SucceedAdoption of these new off‐premises Cloud models meansthe wide area network (WAN) resources providing Cloudexchange functionality need to be considered as a strategicasset, instead of as a cost item. When viewed as a cost item,the resources are constantly under scrutiny as IT budgets arestagnant or slashed. That scrutiny often means being forcedto use smaller increments of bandwidth, limiting use of guaranteed Quality of Service (QoS), or just having best‐effortdirect Internet connectivity and then having to put up withpotential network delays or bandwidth issues.As applications and corporate data migrate to off‐premisesCloud solutions, the WAN must be viewed differently. Inorder to achieve network optimization, create a predictablecost structure, and ensure network performance, the Cloudexchange network needs to be seen as a strategic asset.The new strategic Cloud exchange network needs to be Capable of handling traffic growth and variable trafficloads with reasonable and predictable cost Dynamic and adaptable to changing network conditions,or changing business policies, on a per‐application basis Secure and reliable enough to depend upon for businesscontinuity and mission‐critical application performance Transparent, providing a level of visibility to trafficbehavior that makes managing the WAN practical andsimpleOver the last 15 years, the standard WAN solution has beenMulti‐Protocol Label Switching (MPLS) because it can differentiate QoS based on packet prioritization. As new strategicWAN goals are being introduced, MPLS has many shortcomings. The most notable drawback of MPLS is its lack ofdynamic capabilities for provisioning and configuration.To compensate, MPLS WANs were often over‐provisionedin order to handle bandwidth spikes. Unfortunately, over‐ provisioning comes at a heavy price, as unused bandwidthThese materials are 2016 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.

Chapter 2: Applying SDN to the Cloud Exchange Network13sits idle. Depending on the carrier, location, bandwidth, andClass of Service (CoS) requirements, an MPLS link couldeasily cost thousands of dollars per month. This solutionis expensive and doesn’t provide a clear path toward cost containment.An alternate solution uses a Direct Internet Access (DIA) service delivered by service providers over cable, xDSL, or Long‐Term Evolution (LTE). While the cost would be substantiallyless than other solutions, this solution also has drawbacks inits ability to be a strategic WAN. Most notably, this solutionlacks guaranteed reliability because its performance can fluctuate greatly due to many factors, including choice of serviceprovider, enterprise location, or even time of day.So what’s the answer? It’s to apply a software‐defined networksolution to the Cloud exchange network, enabling dynamicbandwidth allocation and packet prioritization without havingto rely on over‐provisioning capacity. This also means beingable to take advantage of lower‐cost WAN options if (or when)specific application traffic is tolerant to packet loss or delay.Simplifying and Automatingthe Provisioning ProcessProvisioning is the process of configuring your network toprovide various services to your users/customers. In the past,provisioning was a cumbersome process, so many organizations were reluctant to make very many changes.An SDN solution automates provisioning so business policiesare translated into the WAN configuration. This automatedprovisioning is configured on network devices with simpleforwarding tables instead of complicated routing. This automation minimizes, and possibly eliminates, the need for anymanual provisioning.Discovering Network TopologyKeeping up with changes in how the Cloud exchange networkis laid out — the network topology — can be a time-consumingThese materials are 2016 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.

14Software-Defined Networking For Dummies, Sonus Special Edition process. With the proper SDN solution, any changes in networktopology are automatically detected and an updated topologyis maintained, so future configuration is optimized. For example, new routers or switches that are added to the networkare detected and sent the proper configuration informationautomatically as soon as they come online. In order to makeoptimal packet forwarding decisions, a solution should be ableto discover the network topology at Layer 2 and Layer 3.Because identification of network devices is automated andaccess to network devices is protected and limited, security is maintained. If a network device is unknown, no trafficis allowed to flow to or from it. If traffic originates from anunknown user or application, it is not allowed onto the network, so your enterprise data and resources are protectedfrom intrusions.Sonus’s VellOS incorporates a function known as the TopologyManager that’s responsible for tracking the physical connectivity between the switches. Upon receiving a new switch connection event, this module requests the switch description,and for electronic packet switches selectively and iterativelyinstalls unique flows and injects discovery packets to determine inter‐switch connectivity. It also receives link statuschange events for the ports used by switch interconnectivity.A link status change triggers the same discovery process thathappens when a switch is initially connected.Translating Business Policiesinto Data Flow RequirementsUnless you have unlimited excess bandwidth available onyour network, traffic must be prioritized based on businesspriorities for different applications, during both normal andnon‐normal working situations. Bandwidth allocation to meetapplication requirements needs to be managed on‐demand.For example, if a Unified Communications (UC) user has initiated a voice session, then adds video, the allocation of WANresources has to be dynamically adjusted to the requiredbandwidth to ensure no decrease in QoS.These materials are 2016 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.

Chapter 2: Applying SDN to the Cloud Exchange Network15A

Chapter 1 provides the basics of what makes up SDN. Chapter 2 gives you a feel for how SDN is implemented in a real-world, complex environment. Chapter 3 provides some insight into how SDN can ben-efit the enterprise. Chapter 4 explains how an SDN‐based Network as a Service can help service providers provide better service