The networking industry is struggling to understand what Software Defined Networking (SDN) is about. The result is a variety of views on the existing state of SDN. As with any new technology that creates fundamental changes, it will take time to learn how to best apply it. Discussions and experimentation will allow us to learn its strengths and weaknesses.
Shallow and Deep SDN
Tom Nolle recently did an interesting article titled SDN Will Win--But Which SDN? in which he suggests that there are different types of SDN: Deep SDN and Shallow SDN. Shallow SDN is described as what VMware/Nicira implements. In this form of SDN, a virtual overlay network is created between vSwitches. The traffic paths between vSwitches run over a traditional routed/switched network, or perhaps a switched fabric network. Because it relies on vSwitches as the overlay network endpoints, it is primarily a data center SDN solution.
Because the virtual overlay network runs over a traditional route/switch network, it continues to function on a "traffic pull" model, where network protocols advertise destination network addresses in order to pull traffic to a destination. Controlling traffic paths leads to the use of complex policy routing mechanisms.
The primary use of shallow SDN is to provide segmentation and isolation between business functions or between multiple tenants. The existing network equipment continues to be used, which is favored by corporate executives who are charged with holding down costs while running the business.
Tom describes deep SDN as a method of controlling packet forwarding behavior, one that can perform policy routing without complex combinations of protocols, as is required in shallow SDN. The logically centralized controller is able to see the entire network topology and make smarter decisions about the paths to use for each traffic type.
The Evolution of SDN
I view the different types of SDN as points along the evolution from current networking technology to future networking technology. VMware/Nicira is providing a version of SDN that works well with existing vSwitches and legacy route/switch infrastructures. It is easy to implement and has a low cost because it only requires the addition of vSwitches for its implementation. It allows an easy migration to the SDN world without wholesale equipment replacement.
However, as noted above, this version of SDN is primarily oriented at data center use, particularly in data centers that are running out of VLANs to provide network segmentation. As such, it competes with VXLAN and NVGRE as an overlay segmentation technology. Tom suggests that shallow SDN, combined with data-center-centric standards like TRILL may be good enough* to pre-empt further SDN development in the data center.
The problem I have with combinations of the above technologies is that they do not help to reduce complexity. They add another layer of complexity on top of the existing set of network protocols. There is complexity of architecture, complexity of configuration, and complexity of monitoring/troubleshooting. In my view, the primary value of SDN is derived from a reduction in complexity; these types of overlays do not achieve this goal.
Deep SDN is further along the SDN technology evolutionary curve. It uses a true SDN controller that has an overall view of the network topology. It can reduce the complexity that is normally found in policy routing designs. But why should it be constrained to the data center? As Tom indicated in his article, SDN needs to evolve from a data center technology to technology that is suitable for more places in the network.
Beyond the Data Center
The parts of SDN that work in the data center will morph and migrate to the network edge as we identify functions that apply to other places within the network. For example, the centralized controller can know about redundant links and devices and move traffic to specific links as needed by the applications, providing policy routing control without the complexity of maintaining policy routing configurations. Organizations that have to provide separation of business functions or that need multi-tenancy can extend the segregation out to the network edge without the complexity of BGP/MPLS required for Layer 3 VPNs.
Many network engineers will discount using SDN for the more extensive functions because there are already mechanisms to handle these scenarios. However, as we understand how SDN can be used, we will identify new ways to apply it. I maintain that the dynamic operation that SDN enables will allow networks to be more responsive to business demands.
* "Good is the enemy of great." Attributed to James Collins, author of Good to Great, describing the tendency of organizations to stop working on a problem when the solution becomes good enough.