SDN’s Promise Lives On

I’m not sure if anyone else remembers the early days of OpenFlow and Software Defined Networking (SDN), but it was going to change networking for good. The idea was being able to embed programmable forwarding and filtering policy directly into your switches. You would then use a controller which spoke to the switches via the OpenFlow protocol to distribute network policy like you would find in firewalls & load balancers, right inside your switch. The problem was that OpenFlow had scalability issues, was tough to integrate with switch pipelines and just never saw the enterprise adoption that many expected. 10 years after the first drafts of OpenFlow, we are seeing some of the promise of SDN & OpenFlow’s key ideals back again for consumption in different forms.

Out with the DumbNICs, In with the SmartNICs

Some big names in the networking such as Broadcom, Mellanox & Xilinix are beginning to tout SmartNIC offerings which they have created at the behest of the cloud scaler crowd the likes of Amazon, Microsoft and Google. These organizations are looking ways to offload the network processing away from the general purpose CPUs which power their cloud offerings over to specialized SmartNICs that take it on. A nice side effect of putting the packet mojo into the SmartNIC is forwarding and policy capabilities outside of what a standard NIC can accomplish using Field Programmable Gate Arrays (FPGA) or SOC (system on a chip) to provide extended functionality. This makes for some interesting distributed policy and monitoring capabilities such as telemetry, encryption, filtering, stateful IPS/IDS, load balancing and compression right at the host side edge of the network. This is tremendously powerful in that it presents a lot of options for large operators by distributing and accelerating workloads while preserving the compute infrastructure for what it should be doing: computing.

Comparison of NIC capabilities care of Mellanox

A “SmartToR” Edge

Late last year, Broadcom announced their Trident based SmartToR offerings to take similar functionality you would find in SmartNICs to the Top of Rack (ToR) switch, the network side edge of the datacenter. This makes possible some of those same features in the SmartNIC and pushes them down to the network edge before the packets get to the hosts. Examples of potential applications could be for traffic you wish to manipulate before it actually gets to the hosts. So you can introduce load balancers to distribute inbound sessions, firewalls to stop DDoS from melting the hosts, Network Address Translation (NAT) to translate public to private addresses, penultimate decryption of traffic and all with switch Application Specific Integrated Circuits ASICs for blazing forwarding performance. Leveraging really fast switch ASICs to analyze and control traffic gives you orders of magnitude greater scale. Analysts believe that the SmartToR concept will be more suitable for enterprise versus the SmartNIC approach because of the preference for a “bare metal” appliance in enterprise environments.

In a forwarding battle of CPU vs SmartToR, I’m betting on the SmartTor

What’s the deal with P4?

So after OpenFlow, a consortium of network luminaries including some of the smart people responsible for OpenFlow decided to try something new. Programming Protocol-independent Packet Processors (or P4 for short) was created with a different type of network architecture in mind. Instead of speaking to fixed-function switches who have locked in functionality baked right into their ASICs which OpenFlow leverages, P4 was meant to be a programming language used on a programmable chip (aka PISA or Protocol Independent Switch Architecture). The idea was instead of letting the switch chip makers dictate what features and functions were available, one could potentially write their own rules right into the switch for operation. Want write a custom IPv4 pipeline to support a specific need in your backbone? Go for it. Want to write your own Internet Protocol, IPv[Your Name Here]? Knock yourself out. It was a fully extensible and programmable chip so the sky was the limit. Though powerful, this is inaccessible for the average organization and wielded more deftly in the hands of cloud scale companies and network vendors. P4 is being leveraged to write some cool network applications, but has limited application in the enterprise.

So is SDN Coming Back?

SDN never really went away. Many cloud-scalers and academic networks continued on with their SDN efforts with and without OpenFlow long after the rest of the industry. The “one size fits all” approach of OpenFlow just was not a fit for most of the market but many of the basic tenets appear to live on in different forms. From the looks of trends like SmartNICs, P4 and switches the likes of Broadcom’s SmartTor, the idea lives on that you can embed many of today’s disparate edge network functions right into the network itself. Taking what has traditionally been separate network appliances scattered throughout the network and embedding them inline presents many advantages with regard to capacity, visibility and control. As with anything, it takes a few tries to get things right but the promise of a fully programmable network within which you can directly embed key network functions is too great to go away.

Let me know what you think, feel free to comment or engage on LinkedIn or Twitter. To see what other things I’m up to, check out my Now page. Thanks for reading!