Software Defined Networks E-Book

Table of Contents

Cover

Title Page

Copyright

Preface

1 Introduction to Software Defined Networking

1.1 Introduction

1.2 Terminology and Architecture

1.3 The Role of Network Operating Systems

1.4 SDN Versus NFV

1.5 The Role of NFV into SDN-Based IoT Systems

1.6 Challenges and Future Directions

1.7 Applications of SDN in IT Industries

1.8 Conclusion and Future Scope

References

2 Software-Defined Networks: Perspectives and Applications

2.1 Introduction

2.2 SDN Architecture

2.3 Functionalities of SDN

2.4 SDN vs. Traditional Hardware-Based Network

2.5 Load Balancing in SDN

2.6 SDN Security

2.7 SDN Applications

2.8 Research Directions

2.9 Conclusion

References

3 Software-Defined Networks and Its Applications

3.1 Introduction

3.2 SDN vs Traditional Networks

3.3 SDN Working: A Functional Overview

3.4 Components and Implementation Architecture

3.5 Implementation Architecture

3.6 Pros and Cons of SDN

3.7 SDN Applications

3.8 Future Research Directions of SDN

3.9 Conclusion & Future Scope

References

4 Latency-Based Routing for SDN-OpenFlow Networks

4.1 Introduction to Generations of Networks

4.2 Features of 5G Systems

4.3 Software-Defined Networking (SDN)

4.4 Proposed Work

4.5 Experimentation and Results

4.6 Performance Analysis

4.7 Conclusion and Future Scope

References

5 QoS Improvement Evaluation With An Effective Switch Assignment to the Controller in Real-Time SDN Environment

5.1 Introduction

5.2 Architecture of SDN

5.3 Controller Placement Effect on the QoS

5.4 Communication between the Control and Data Planes

5.5 Related Works

5.6 Parameters for Computing E2E Delay

5.7 Clustering Based on the Latency of the Emulated Mininet Network

5.8 Results and Discussion

5.9 Conclusion and Future Directions

References

6 An Insight into Traffic Engineering in Software-Defined Networks

6.1 Introduction

6.2 Related Works

6.3 Review on Traffic Engineering Techniques in SDN

6.4 Review on Traffic Engineering Techniques in Hybrid SDN

6.5 Review on Traffic Matrix Estimation and Measurement Techniques in SDN

6.6 Analysis and Research Direction

6.7 Conclusion and Future Scope

References

7 Network Functions Virtualization and SDN

7.1 Introduction

7.2 Types of Virtualizations

7.3 Wireless Network Virtualization

7.4 Network Functions Virtualization and Software-Defined Network

7.5 SDN Architecture

7.6 Software-Defined Networking Application

7.7 Conclusion and Future Scope

References

8 SDN-Enabled Network Virtualization and Its Applications

8.1 Introduction

8.2 Traditional Cloud Data Centers

8.3 Importance of SDN in Network Function Virtualization (NFV)

8.4 SDN and Network Virtualization Role in Evolution of Next-Generation Wi-Fi and Mobile Networks

8.5 SDN and NFV Role in 5G and Smart Cities

8.6 Conclusions and Future Scope

References

9 Software-Defined Networking: Recent Developments and Potential Synergies

9.1 Introduction

9.2 Characteristics of Software-Defined Networking

9.3 Applications of Software-Defined Networking

9.4 Security Issues in Software-Defined Networking

9.5 Potential Attacks in Software-Defined Networking

9.6 Solutions to Security Issues and Attacks in Software-Defined Networking

9.7 Software-Defined Networking Framework

9.8 Security Enhancement Using the Software-Defined Networking Framework

9.9 Open Challenge

9.10 Recommended Best Practices

9.11 Conclusion and Future Scope

References

10 Security Challenges and Analysis for SDN-Based Networks

10.1 Introduction

10.2 Threat Model

10.3 Control Plane Security of SDN

10.4 Security Analysis

10.5 Network-Wide Security in SDN

10.6 SDN-Based Virtual and Cloud Networks Security

10.7 SDN-Based Secure IoT Frameworks

10.8 Conclusion and Future Scope

References

11 A Novel Secure SDN Architecture for Reliable Data Transmission in 5G Networks

11.1 Introduction

11.2 Related Work

11.3 SDN-5G Networks—What Does the Future Hold?

11.4 Layers in SDN-5G Networks

11.5 Security Threats

11.6 SDN-5G Networks—Possible Attacks and Threats

11.7 Proposed Methodology

11.8 Security Analysis

11.9 Conclusion and Future Scope

References

12 Security and Privacy Issues in 5G/6G-Assisted Software-Defined Networks

12.1 Introduction

12.2 Security and Functionality Requirements in SDN

12.3 Network and Threat Models

12.4 Taxonomy of Security Protocols in SDN

12.5 Security Solutions in SDN

12.6 Comparative Analysis

12.7 Conclusion and Future Scopes

References

13 Evolving Requirements and Application of SDN and IoT in the Context of Industry 4.0, Blockchain and Artificial Intelligence

13.1 Introduction

13.2 Objectives of the Chapter

13.3 Organization of the Chapter

13.4 Software-Defined Network Architecture

13.5 Security

13.6 Software-Defined Network (SDN) With IoT

13.7 SDN-Based IoT Architecture

13.8 Role of SDN and IoT in Industry 4.0

13.9 Work in Related Domains of IoT

13.10 IoT Computing and Management With SDN

13.11 Scope of Blockchain to Secure IoT Using SDN

13.12 SDN in Various Emerging Areas of IoT

13.13 Conclusion and Future Scope

References

14 SDN-Based Cloud Combining Edge Computing for IoT Infrastructure

14.1 Introduction

14.2 Challenges with SDN-Based Cloud and NFV Technologies for IoT

14.3 Literature Survey

14.4 Knowledge-Driven SDN-Based IoT Architecture That Leverages Edge Cloud

14.5 Discussion and Future Recommendation

14.6 Conclusion

References

Index

End User License Agreement

List of Illustrations

Chapter 1

Figure 1.1 Traditional networking.

Figure 1.2 SDN centralized control [5].

Figure 1.3 SDN architecture overview [7].

Figure 1.4 OpenFlow-based SDN device [7].

Figure 1.5 Network operating system [14].

Figure 1.6 NFV framework [17].

Chapter 2

Figure 2.1 Software-defined network benefits.

Figure 2.2 SDN layers.

Figure 2.3 OpenFlow protocol model.

Figure 2.4 OpenFlow instruction set example.

Figure 2.5 Traditional hardware-based network.

Figure 2.6 SDN network.

Chapter 3

Figure 3.1 Traditional network versus software-defined network.

Figure 3.2 SDN components and functions.

Figure 3.3 SDN architecture.

Chapter 4

Figure 4.1 Unified radio access network/heterogeneous network.

Figure 4.2 Basic architecture of SDN.

Figure 4.3 Proposed SDN framework.

Figure 4.4 Graphical representation of OpenFlow switches with weights.

Figure 4.5 Delay and bandwidth weights of nodes in the mesh network.

Figure 4.6 Latency analysis of proposed and existing routing techniques.

Chapter 5

Figure 5.1 Overview of the SDN planes [5].

Figure 5.2 Southbound API in SDN.

Figure 5.3 Northbound API in SDN.

Figure 5.4 The controller placement problem in SDN.

Figure 5.5 Packet processing in SDN.

Figure 5.6 E2E delay between switches and controller.

Figure 5.7 Partitioning of the OS3E topology.

Figure 5.8 Comparison of E2E delay between K-mean and E-Clustering with 6 cluste...

Figure 5.9 Comparison of E2E delay between K-mean and E-Clustering with 7 cluste...

Chapter 6

Figure 6.1 SDN architecture [29].

Figure 6.2 Features of SDN components.

Figure 6.3 An insight into issues addressed based on literature survey.

Chapter 7

Figure 7.1 Server virtualization.

Figure 7.2 Network virtualization architecture.

Figure 7.3 Application virtualization.

Figure 7.4 Architecture of desktop virtualization.

Figure 7.5 Architecture of storage virtualization

Figure 7.6 Framework of wireless network virtualization [4].

Figure 7.7 Architecture of network functions virtualization [51].

Figure 7.8 Traditional network.

Figure 7.9 SDN controller updating router [13].

Figure 7.10 Open Flow architecture [11].

Figure 7.11 Flow table and fields [16].

Figure 7.12 Architecture of software-defined networking.

Figure 7.13 Proposed system RT-SDN

Figure 7.14 Load balancing in SDN [51].

Figure 7.15 SDN security [17].

Figure 7.16 SDN-enabled cloud computing architecture.

Figure 7.17 SDN architecture with IoT [47].

Chapter 8

Figure 8.1 Traditional data center hierarchical topology.

Figure 8.2 Simple SDN-enabled cloud data center.

Figure 8.3 An SDN-enabled cloud data center, and various customer’s virtual netw...

Figure 8.4 NFV architecture and its major components.

Figure 8.5 An example network service chain using a variety of network functions...

Figure 8.6 SDN and NFV-enabled cloud data center.

Figure 8.7 SDN controller and its global view of the underlying cloud infrastruc...

Figure 8.8 SDN controller with its global view can decide various possibilities ...

Figure 8.9 A general software-defined WLAN architecture contains software-define...

Figure 8.10 Design of Wi-Fi Agent, and its protocol messages with SDN controller...

Figure 8.11 SDN- and NFV-enabled telecommunication clouds.

Figure 8.12 Virtual machines (left hand side) vs containers (right hand side).

Figure 8.13 Smart cities and their novel applications.

Figure 8.14 Hybrid cloud environments.

Figure 8.15 5G and network slicing applications.

Chapter 9

Figure 9.1 Software-defined networking architecture.

Figure 9.2 Characteristics of software-defined networking.

Figure 9.3 Authentication process in SDN.

Figure 9.4 Access control.

Figure 9.5 DoS threat in OpenFlow switch.

Figure 9.6 Fully distributed control plane.

Figure 9.7 ARP spoofing.

Figure 9.8 IP spoofing.

Figure 9.9 Parameter tampering.

Figure 9.10 Repudiation.

Figure 9.11 Information disclosure.

Figure 9.12 Denial of service attack.

Figure 9.13 Privilege escalation.

Figure 9.14 Structure of GFT.

Figure 9.15 Determination of global path using weak vertex cover method.

Figure 9.16 VNGuard framework.

Figure 9.17 Security enhancement methods.

Chapter 10

Figure 10.1 SDN architecture [1].

Figure 10.2 OpenFlow protocol architecture.

Figure 10.3 Threats associated with SDN.

Figure 10.4 Policy-based SDN security architecture.

Figure 10.5 Multiapplication coexistence scenario.

Chapter 11

Figure 11.1 5G networks.

Figure 11.2 SDN architecture.

Figure 11.3 Possible attack points in the SDN architecture.

Figure 11.4 DoS/DDoS attack on controller.

Figure 11.5 Packet sniffing attack.

Figure 11.6 Illustration of synchronous secrets.

Figure 11.7 Strong security architecture.

Figure 11.8 Authorization process in the control channel.

Figure 11.9 Authorization process in the data channel.

Figure 11.10 (a) Dataflow diagram—Algorithm 1; (b) Dataflow diagram—Algorithm 2.

Figure 11.11 Performance under IP spoofing.

Figure 11.12 Comparison under IP spoofing. (a) Sparse (b), moderate. (c) dense.

Figure 11.13 Performance under MITM attack.

Figure 11.14 Comparison under MITM attack. (a) Sparse, (b) moderate, (c) dense.

Figure 11.15 Performance under replay attack.

Figure 11.16 Comparison under replay attack. (a) Sparse (b) moderate (c) dense.

Chapter 12

Figure 12.1 A generic diagram of SDN with practical application.

Figure 12.2 Applications of SDN in various domains.

Figure 12.3 The core network model of software-defined networking.

Figure 12.4 Taxonomy of security protocols in SDN.

Chapter 13

Figure 13.1 Simplified representation of SDN’s architecture.

Figure 13.2 Quality of service parameters criteria.

Figure 13.3 Open QoS architecture.

Figure 13.4 The Architecture of Secondnet [11]. The red dashed lines form a sign...

Figure 13.5 Integration of Q-Flow PM and Q-Flow IM.

Figure 13.6 Benefits of Cloud NaaS.

Figure 13.7 Software-Defined Network (SDN) layered architecture.

Figure 13.8 Software-defined network controllers interfaces.

Figure 13.9 OpenFlow Structure V1.0.0 matching rules.

Figure 13.10 Blockchain in IoT for 5G and beyond networks.

Figure 13.11 Blockchain-based SDN’s architecture.

Figure 13.12 Flow validation’s workflow.

Figure 13.13 Flow verification workflow.

Figure 13.14 Zigbee versus WiFi protocol stack.

Chapter 14

Figure 14.1 Traditional network architecture.

Figure 14.2 SDN architecture.

Figure 14.3 SDN/NFV tiers.

Figure 14.4 Knowledge-driven SDN-based IoT architecture leveraging edge cloud.

List of Tables

Chapter 1

Table 1.1 Comparison between NFV and SDN.

Chapter 2

Table 2.1 SDN vs traditional network.

Table 2.2 SDN load balancing strategies.

Table 2.3 Type of threats in SDN.

Chapter 3

Table 3.1 Comparison of SDN and traditional networks.

Chapter 4

Table 4.1 Comparisons of different wireless technologies.

Table 4.2 Simulation parameters.

Table 4.3 Generation of flow table for the stepwise routing scenario.

Chapter 5

Table 5.1 A sample flow table.

Table 5.2 The network topologies.

Chapter 6

Table 6.1 Related survey and coverage.

Table 6.2 Overview: traffic engineering techniques in SDN.

Table 6.3 Overview: mathematical models/algorithms used in traffic engineering t...

Table 6.4 Overview: mathematical models/algorithms used in related works.

Table 6.5 Overview: Traffic engineering techniques in hybrid SDN.

Table 6.6 Overview: Mathematical models/algorithms used in traffic engineering t...

Table 6.7 Overview: Mathematical models/algorithms used in related works.

Table 6.8 Overview: Traffic matrix measurement and estimation in SDN.

Table 6.9 Overview: Mathematical models/algorithms used in traffic matrix measur...

Table 6.10 Overview: Mathematical models/algorithms used in related works.

Chapter 7

Table 7.1 Comparison between SDN and NFV.

Chapter 9

Table 9.1 SDN attacks with its countermeasures.

Chapter 11

Table 11.1 Security problems in 5G networks.

Table 11.2 IP spoofing: sparse.

Table 11.3 IP spoofing: moderate.

Table 11.4 IP spoofing: dense.

Table 11.5 MITM attack: sparse.

Table 11.6 MITM attack: moderate.

Table 11.7 MITM attack: dense.

Table 11.8 Replay attack: sparse.

Table 11.9 Replay attack: moderate.

Table 11.10 Replay attack: dense.

Chapter 12

Table 12.1 Comparative study on communication overhead and communication rounds.

Table 12.2 Comparative study on computational costs.

Table 12.3 Comparative study on security and functional features.

Chapter 13

Table 13.1 Issues in scalability in SDN.

Table 13.2 Characteristics of common home automation technologies.

Chapter 14

Table 14.1 Challenges associated with SDN-based cloud and NFV technologies for I...

Table 14.2 SDN-based Cloud edge technologies for IoT Infrastructure and their us...

Guide

Cover

Table of Contents

Title Page

Copyright

Preface

Begin Reading

Index

End User License Agreement

Pages

v

ii

iii

iv

xxi

xxii

xxiii

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

63

64

65

66

67

68

69

70

71

72

73

74

75

76

77

78

79

80

81

82

83

84

85

86

87

88

89

90

91

92

93

94

95

96

97

98

99

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

248

249

250

251

252

253

254

255

256

257

258

259

260

261

262

263

264

265

266

267

268

269

270

271

272

273

274

275

276

277

279

280

281

282

283

284

285

286

287

288

289

290

291

292

293

294

295

296

297

298

299

300

301

302

303

304

305

306

307

308

309

310

311

312

313

314

315

316

317

318

319

321

322

323

324

325

326

327

328

329

330

331

332

333

334

335

336

337

338

339

340

341

342

343

344

345

346

347

348

349

350

351

352

353

354

355

356

357

358

359

360

361

362

363

364

365

366

367

368

369

370

371

372

373

374

375

376

377

378

379

380

381

382

383

384

385

386

387

388

389

390

391

392

393

394

395

396

397

398

399

400

401

402

403

404

405

406

407

408

409

410

411

412

413

414

415

416

417

418

419

420

421

422

423

424

425

426

427

428

429

430

431

432

433

434

435

436

437

438

439

440

441

442

443

444

445

446

447

448

449

450

451

452

453

454

455

456

457

458

459

460

461

462

463

464

465

466

467

468

469

470

471

472

473

474

475

476

477

478

479

480

481

482

483

484

485

486

487

488

489

490

491

492

493

494

495

496

497

498

499

500

501

502

503

504

505

506

507

508

509

510

511

512

513

514

515

516

517

518

519

520

521

522

523

524

525

526

527

528

529

530

531

532

533

534

535

536

537

538

539

540

541

542

543

544

545

546

547

Scrivener Publishing

100 Cummings Center, Suite 541J

Beverly, MA 01915-6106

Publishers at Scrivener

Martin Scrivener ([email protected])

Phillip Carmical ([email protected])

Software Defined Networks

Architecture and Applications

Edited by

and

This edition first published 2022 by John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, USA and Scrivener Publishing LLC, 100 Cummings Center, Suite 541J, Beverly, MA 01915, USA© 2022 Scrivener Publishing LLCFor more information about Scrivener publications please visit www.scrivenerpublishing.com.

All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording, or otherwise, except as permitted by law. Advice on how to obtain permission to reuse material from this title is available at http://www.wiley.com/go/permissions.

Wiley Global Headquarters111 River Street, Hoboken, NJ 07030, USA

For details of our global editorial offices, customer services, and more information about Wiley products visit us at www.wiley.com.

Limit of Liability/Disclaimer of WarrantyWhile the publisher and authors have used their best efforts in preparing this work, they make no representations or warranties with respect to the accuracy or completeness of the contents of this work and specifically disclaim all warranties, including without limitation any implied warranties of merchantability or fitness for a particular purpose. No warranty may be created or extended by sales representatives, written sales materials, or promotional statements for this work. The fact that an organization, website, or product is referred to in this work as a citation and/or potential source of further information does not mean that the publisher and authors endorse the information or services the organization, website, or product may provide or recommendations it may make. This work is sold with the understanding that the publisher is not engaged in rendering professional services. The advice and strategies contained herein may not be suitable for your situation. You should consult with a specialist where appropriate. Neither the publisher nor authors shall be liable for any loss of profit or any other commercial damages, including but not limited to special, incidental, consequential, or other damages. Further, readers should be aware that websites listed in this work may have changed or disappeared between when this work was written and when it is read.

Library of Congress Cataloging-in-Publication Data

ISBN 978-1-119-85730-3

Cover image: Pixabay.ComCover design by Russell Richardson

Set in size of 11pt and Minion Pro by Manila Typesetting Company, Makati, Philippines

Printed in the USA

10 9 8 7 6 5 4 3 2 1

Preface

Software defined networking (SDN) is an architecture designed to make a network more flexible and easier to manage. Because it centralizes management by abstracting the control plane from the data forwarding function in the discrete networking devices, SDN has been widely adopted across data centers, WANs, and access networks. It serves as a foundational element of a comprehensive intent-based networking (IBN) architecture. Although SDN has so far been limited to automated provisioning and configuration, IBN now adds “translation” and “assurance” so that the complete network cycle can be automated, continuously aligning the network to business needs. This book provides an in-depth understanding of an SDN-based network as a scalable distributed system running on a commodity hardware.

Software defined networking suggests an alternative worldview, one that comes with a new software stack. This book is organized around that new stack, with the goal of presenting a top-to-bottom tour of SDN without leaving any significant gaps that the reader might suspect can only be filled with magic or proprietary code.

Although a general understanding of the Internet is assumed in this book, a deeper appreciation for the role switches and routers play in forwarding ethernet frames and IP packets is helpful. Links to related background information are included to help bridge any gaps.

All 14 chapters of this book provide in-depth comprehensive information on each and every aspect of SDN. Chapter 1, “Introduction to Software Defined Networking,” highlights in-depth information on SDN, from primary to advanced concepts, covering architectures, the role of network operating system, SDN-based IoT systems and diverse applications of SDN in IT industries. Chapter 2, “Software Defined Networking: Perspectives and Applications,” elaborates on architectures, functionalities, SDN vs. traditional hardware-based network, and SDN security and research directions. Chapter 3, “Software Defined Networking and Its Applications,” elaborates on the comparison of SDN vs. traditional networks, the components, design, pros and cons of SDN, and how SDN in enterprise networks supports enterprises, with a special focus on research directions. Chapter 4, “Optimized Packet Routing for SDN OpenFlow-Based Wireless Networks,” conceptualizes a novel algorithm for SDN-based wireless networks with experimental results cum performance analysis. Chapter 5, “QoS Improvement Evaluation with an Effective Switch Assignment to the Controller in Real-Time SDN Environment,” highlights SDN architecture, data plane, southbound APIs, and control plane with results and discussions. Chapter 6, “An Insight into Traffic Engineering in Software Defined Networks,” gives an in-depth review on traffic engineering techniques in SDN, hybrid SDN, traffic matrix estimation and measurement techniques in SDN along with research directions and analysis of SDN. Chapter 7, “Network Functions Virtualization and SDN,” gives an overview of virtualization types, wireless network virtualization, network function virtualization with SDN and SDN applications. Chapter 8, “SDN-Enabled Network Virtualization and Its Applications,” highlights SDN for enabling innovative traffic engineering tasks in cloud data centers, the role of SDN in flexible network virtualization, network service chaining, software defined solutions for enterprise wireless LANs, and the role of SDN and NFV in 5G for smart cities, and SDN/NFV-enabled 5G and network slicing deployment. Chapter 9, “Software Defined Networking: Recent Developments and Potential Synergies,” highlights SDN foundations and related terminologies, applications, security issues and potential attacks in SDN cum solutions to diverse attacks and threats to SDN networks, and enlists open challenges for SDN networks. Chapter 10, “Security Challenges and Analysis for SDN-Based Networks,” provides comprehensive coverage of security issues, threats to SDN networks, control plane security, network-wide security, and SDN-based secure IoT frameworks. Chapter 11, “A Novel Secure SDN Architecture for Reliable Data Transmission in 5G Networks,” proposes a novel security architecture for SDN-based 5G networks cum testing of the proposed framework on diverse attacks. Chapter 12, “Security and Privacy Issues in 5G/6G Assisted Software Defined Networks,” elaborates on various network models and adversary models, and the taxonomy of security protocols in SDN, security solutions, and comprehensive analysis on communication and computation cost and security features. Chapter 13, “Evolving Requirements and Application of SDN and IoT in the Context of Industry 4.0, Blockchain, and Artificial Intelligence,” highlights SDN architectures, QoS services, SDN-based IoT architectures, the role of SDN and IoT in Industry 4.0, and blockchain-based SDN networks cum applications and challenges. Finally, Chapter 14, “SDN-Based Cloud Combining Edge Computing for IoT Infrastructure,” elaborates on knowledge-driven SDN-based IoT architecture for leveraging edge cloud.

In closing, we would like to thank all the contributors and reviewers for making this book a huge success.

Dr. Anand NayyarDr. Bhawna SinglaDr. Preeti NagrathMay 2022

1Introduction to Software Defined Networking

Subhra Priyadarshini Biswal and Sanjeev Patel*

Department of Computer Science and Engineering, National Institute of Technology Rourkela, Odisha, India

Abstract

In recent years, we have seen the rapid growth of software-defined networking (SDN) in development and production. In traditional networking systems, fixed dedicated network devices, such as switches, routers are used to control the network traffic. However, nonprogrammable feature, poor network security and performance drawback have created new challenges for future Internet-based information and communication system. The complexity in traditional networking makes the system difficult to reconfigure the network to counter faults, load, and error. To overcome these issues, SDN is taking control over the traditional manually configured network to make proper utilization of physical network infrastructure. The aggregation of separate control plane and data plane allows network virtualization and dynamically programmable network configuration to improve the performance. The control plane is responsible for routing the data packet from source to destination. Similarly, the data plane is used for forwarding the packets that is also known as the forwarding plane. It is constructed on centralized network topologies that enable resource management. As a result, the network operator or service provider can manage and directly control their resources and network despite knowing any hardware technologies. It gives high flexibility, automation, service integration functionalities to accommodate innovative network designs. The SDN controller regulates the flow of control over the switches/routers to deploy intelligent networks. The open architecture of SDN broadly includes the infrastructure layer, control layer, and application layer. In this chapter, we focus on the architecture along with the advantage of using SDN networking over traditional networking systems.

Keywords: Software-defined networking, SDN architecture, open flow, NFV, centralized controller, network operating systems

1.1 Introduction

In traditional networking system, the communication between devices by transferring packets was possible by the help of various distributed and transport control protocols present inside switches and routers. This is widely used and adopted by many industries and companies in all over the world. But the architecture used in traditional network generates huge difficulties in maintaining and managing the whole network infrastructures. Nowadays, as the growth of technology is rapidly increasing, it may lead to the rise of data communication or transmission in the network. As a result, the number of devices connected to the network will also increase. It may require proper maintenance as the networking devices are maintained manually by human, which may lead to various configuration errors. This problem arises due to the nonprogrammable features of traditional networking. Due to the huge network infrastructure, it is very difficult to add, manage, and maintain the network properly. It is time consuming and less flexible. With the increase in the number of devices, the operational and management cost will also increase. As most of the things in traditional networking are done manually, it is very difficult to make changes in the existing network. It is very difficult to virtualize the entire network. Further, we can say traditional networking is hardware based as it contains fixed function network devices. It is more rigid and very difficult to customize the network.

Moreover, the traditional networking shown in Figure 1.1, the network operator has to set up some low-level commands in each separate network for maintaining the desired network policies. To enforce the desired vendor-specific policies in such dynamic environment is highly challenging. Due to the complexity in configuration, it is very difficult to handle the dynamic changes in load, as well as faults and errors. The communication between different network nodes, like switches, routers, etc., is more complex. In addition, most of the networks give less flexibility as both the data plane and control plane are integrated inside the networking devices. As a result, it is very difficult to change or adjust the forwarding policy by changing the configuration of devices. The control plane is responsible for configuration of different nodes, and it determines the path to route the packet or frame. Similarly, the data plane is responsible for forwarding the packets or frame from one interface to other [1]. Security is one of the biggest challenges in this network. As it has the vendor-specific environment, the network became less capable of protecting data.

Figure 1.1 Traditional networking.

Software-defined networking (SDN) is a type of application-centric and software-based network design concept, which uses different technologies to manage the network. The concept of SDN was first introduced in 2009 at Stanford University, United States [2]. Here, the network operator can target on various network applications, such as security, data traffic, policies, etc., in more flexible way [49]. It also allows the network operator and administrators to maintain the desired bandwidth in the network. As a result, the issues related to complex network configuration will minimize. However, instead of using costly hardware and firmware, it provides an open-source logically centralized network system. It also provides a centralized open flow controller in multivendor environment, which is used as a control point in SDN strategically [48]. The OpenFlow provides interface to the networking devices like switch [40]. As a result, it facilitates the network administrator to abstract configuration of various physical or virtual network devices. Moreover, each networking devices contain flow tables and the controller’s job is to update and insert the forwarding rules for the traffic flows in the network.

The separation of both control plane and data planes with centralize network intelligence allows dynamic programmability instead of static manual operation. It fulfills the requirement of virtualization, dynamic scaling, automation, multitenancy, performance optimization, service integration, openness, etc. The benefits of SDN in different scenarios also include different enterprises and cloud data center. In traditional network, each networking device directs the network traffic. But in case of SDN infrastructure, the automated programmable interface determines and route the network traffic. The SDN controller helps to automate the whole network management, which reduces the complexity for the end users. The network administrator can change the network wide infrastructure with a centralized console. It mainly converts the hardware intensive traditional network to fully virtualized and programmable network, which fulfill the need of scalability, agility, and visibility of the network [32]. Due to these many advantages, various industries and enterprises may get support in the field for development and innovations of application services [31]. It helps to improve user security and reliability of the network. In SDN, the deployment of the network is simplified. It provides programmable network services to the user with proper network control. Unlike traditional network, it overcomes the issues related to managing individual networking devices.

The most looked for and promising features of SDN networks are related with:

• providing centralized control policies, which gives a global view of network configuration and activity as various nodes has different functionalities;

• capability to dynamically program all features and configuration of network resources conveniently over automated SDN services instead of static manual operation;

• independent of physical infrastructure as the network administrator can dynamically modify the network traffic flow to meet the changes;

• implement open standard, which simplifies the network design and operations.

The main objective and contribution of this book chapter are outlined as follows:

• To give insight related to this new emerging SDN-based networking along with its challenges and future scopes.

• The aim of this chapter is to elaborate the differences between NFV and SDN.

• To discuss the applications of SDN in IT, challenges, and future direction of the research.

• Our main contribution for this chapter is to present the snapshot of the SDN deployments, its architectures and how it will be efficient in IT industries along with various opportunities.

The rest of this chapter are organized as follows. Section 1.2 starts by explaining different terminologies related to SDN network. Then, the SDN architecture with different layers has been explained properly. Additionally, we have identified and broadly explained each layer’s specifications, objectives, and functionalities. In section 1.3, the role of network operating system in SDN infrastructure has been presented. Then the discussion with regard to the differences between Network Function Virtualization (NFV) and SDN is done in Section 1.4. Next, we look at how NFV has been incorporated in SDN-based Internet of Things (IoT) systems in section 1.5. Likewise, then various challenges, future research, and applications of SDN are discussed in section 1.6 and 1.7. Section 1.8 concludes the chapter with future scope.

1.2 Terminology and Architecture

To recognize different elements of SDN, various essential terminologies are given below.

Network device: It is a physical component or device that is used to connect to a network to perform various network related operations like communication, packet manipulation, data forwarding, etc. We can also say that it is a type of hardware component or network equipment that helps to operate the network properly [38]. The device may contain several resources in it. Moreover, it also provides secure data transmission between devices like printers, computers, fax machines, etc. Here each individual device has different functionalities and characteristics that work for specific purposes in various segments. Some examples of such devices are hub, switch, router, bridge, gateway, modem, repeater, access point, etc. The network hub is used to process the data and transfer the packet to all the connected ports. Similarly, switch is used for connecting multiple devices and operates in the data link layer of Open System Interconnection (OSI) model. It filters the data packets and forward it to the receiver. A modem stands for modulator-demodulator is a networking device that translates the signals and converts it to the digital form. Moreover, the network router routes the data traffic from one network to another. Bridge is used to gather multiple network segments and transfer the data frames into various segments of the network. In SDN architecture, all these network devices work in the data plane or infrastructure layer, and these devices are available in physical or virtual mode [34].

Resource: In networking environment, a resource can be defined as a piece of information or hardware device present inside the system. If it is a shared resource, then it can be accessed by remote computers transparently by the help of local area network (LAN) or intranet through peer-to-peer transmission. Some examples of network resources are data storage, computer programs, printers, scanners, fax machines, etc. It may be available in the form of virtual or physical mode and can be complex or simple or constitute of multiple resources [3].

Service: It is a way that facilitates the network operations properly. It can be offered by the server typically runs at the application layer of OSI model based on network protocols like dynamic host configuration protocol (DHCP), domain name system (DNS) or voice over internet protocol (VoIP), etc. We can say that it is a combination of network functions that provides applications and services to multiple APIs. It facilitates data manipulations, storage, communications, etc. in client-server or peer to peer architecture. We can say it is a connectivity tools or software that is handled by centralized or distributed computer systems. Several examples of network services are directory services, file services, communication services, application services, etc. The directory service helps to organize and store information properly in the network. It can provide services like accounting, domain name services, authentication, and authorizations. Similarly, application service serves the end user by providing access to the resource, database managements and web services. The communication services facilitate user through email, remote access, social network, etc. The file service includes file transfer and sharing through all over the networks.

Interface: It is a communication point between two equipments or entities or protocol layers. It can be hardware or software based on a computer network. It can be implemented by different network protocol or application programming interface (API) or interprocess communication (IPC), depending on the equipment locations. It can be represented as in the form of network address like port number or node identifier. It also facilitates standardize functions, like connect, disconnect, message passing etc. A network interface can be represented in the form of virtual interface or related to a physical device. It may be connected to LAN or wide area network (WAN) and associate with several protocols [37].

Control Plane (CP): It is considered as brain of the SDN network architecture as it contains the centralized controller, which controls network devices. It is responsible for taking routing decisions to forwarding the traffic of incoming packets. It controls the packet forwarding mechanisms, i.e., how the data packets are forwarded from source to destination. It always monitors the flows, state of the networking devices, and provide path for the data flow in the network [4]. The controller present in the control plane can be hosted in the cloud or by using physical server [39]. The controller and switches are interoperated by the help of OpenFlow protocols. In SDN architecture, the control plane contains various control channels in between the networking devices and controllers. The below Figure 1.2 represents the control plane and data plane with networking devices. It also controls various applications in the application layer. It can control and communicate properly it is both upper-layer and lower-layer elements by the help of APIs through the interface.

•

Data Plane (DP):

It takes the necessary actions to forward the packets by the help of router based on the configuration provided by the control plane. The incoming packets are handled by the data plane by checking the header information of the packets. The decision for forwarding or dropping of packets is determined with the help of lookup table operated by the SDN controller. If any received packet information does not match with lookup table, then it will be sent to controller for further processing. The final decision for forwarding of packets is taken based on the checking carried out at control plane whether to forward or drop. All the networking devices present in data plane operate on the specified network policies provided by the centralized controller [6]. All the networking devices are based on OpenFlow. It is also known as the user plane or forwarding plane or carrier plane that contains network related information and conceptualizes the data traffic in the network. In traditional network, the data plane was coupled with the control plane present inside of the same networking device. But in SDN architecture, as the data plane was separated from the control plane, so that its main aim is to only forward the data efficiently.

Figure 1.2 SDN centralized control [5].

•

Southbound interface (SI):

Southbound API is a part of SI which defines the instruction set and communication protocols for forwarding devices. It is a type of lower interface layer that will be served as protocol specifications. It divides the network concept into small technical descriptions. Furthermore, it also facilitates management and communications between the centralized controller, networking devices like switches or routers and nodes. It permits the data plane networking devices to discover different network topology and to identify the data flow in the network.

•

Northbound interface (NI):

Northbound API part of northbound interface that link the SDN controller with the application [24, 47]. As a result, the application can specify the required resource like storage, data, bandwidth etc. to the network and the network will deliver the resource as per the requirement. In SDN architecture, it provides the network view in an abstract way. It also supports and can be optimize a wide variety of applications like firewalls, load balancers, etc. [29].

The SDN architecture represents how a networking and computer system will be designed to use a mixture of open, software-based technologies with trade goods networking hardware. The traditional networking system depends on the manual processing procedure to specify several requirements. It was difficult to specify or express wide range of user requirements like delay, throughput, availability, bandwidth, etc. To overcome the disadvantage of this traditional networking system, SDN architecture was introduced where the control plane is decoupled from the data plane and logically centralized [28]. It allows the network infrastructure to be intelligently, centrally controlled and dynamically programmable using various software applications. The centralized controller acts as an important component in the network that conceptualizes the application requirements and its state. The general architecture of SDN based on network plane and interconnection between them is sowed in Figure 1.3. It consists of three distinguishable layers, i.e., infrastructure, control, and application layer, where each layer has different functionalities. The application layer communicates with the control layer by the help of northbound APIs. Similarly, the control layer communicates with the infrastructure layer or the data plane using southbound APIs. The control plane of this architecture is always considered as the brain of SDN as it contains the controller inside it. It manages the flow of data traffic, as well as the policies. It contains the total control of the network in terms of data path, data plane elements, etc. As a result, it enables several features to the network infrastructure like network programmability, openness, abstraction of the network [26]. The infrastructure layer constitutes of network infrastructure and southbound interface. Similarly, the control layer contains network hypervisor, network operating system, and northbound interface. The topmost layer, i.e., the management layer contains language-based virtualization, programming languages, and network applications.

1.2.1 Infrastructure Layer

The SDN open flow architecture has two important elements, i.e., the forwarding devices and the centralized controller as shown in Figure 1.3 [7]. The infrastructure or data plane layer is similar to traditional network which contains various networking devices and supporting physical hardware, such as switches and routers [23, 35]. These devices are mainly used for packet forwarding. This layer contains various networking equipments that form the underlying network to forward the network traffic [8]. It acts as a physical layer on which the network virtualization would be placed over it through control layer. The data plane device does not contain any network intelligence to logically centralize the system. As a result, all these devices are considered as simple forwarding component despite any software or embedded control to take automatic decisions. There are several different OpenFlow devices are available on the market as both open source and commercial product [43]. It can be implemented over both software and hardware. Each forwarding device present in the network contains a flow table which suggests how to handle the packets. The flow table consists of three parts, i.e., a rule, action supposed to be taken on packets and a counter required to keep record of the packets as shown in Figure 1.4.

Figure 1.3 SDN architecture overview [7].

The main goal of data plane layer is to send the incoming flow to the destination by the help of routes, which are illustrated in the flow tables. In OpenFlow table, the forwarding devices needs to maintain various rules. As a result, when traffic hits to the network, the SDN controller push rules into the forwarding devices, so that they can take proper decisions [9]. The path sequence present in flow table present of OpenFlow device illustrates different routes to handle the packets. When a new packet appears, then the process first search rule starting from the first table. If any rule matched, then it stops searching else it will continue and end with a miss for that packet [10]. As a result, if no match rule found, then the packet will be discarded. To avoid such situation, in most of the cases it is required to set a default rule to send the packet directly to the controller. By seeing the sequence number and the row order in the flow table, the priority of the rules has been setup. Different actions that are taken on the packets includes encapsulation of packets, forward it to the controller, send it to another flow table or drop the packets etc.

Figure 1.4 OpenFlow-based SDN device [7].

1.2.2 Southbound Interfaces Layer

This layer is also known as southbound API which is used to link the control plane and forwarding devices like physical/virtual switches, routers, nodes etc. In addition, it is the Open Flow protocol specification that allows communication between the controller and lower-level devices. The OpenFlow standard specification was provided by Open Networking Foundation (ONF). It is widely accepted and used in southbound standard for SDN as it supplies a common specification for implementation of OpenFlow-based forwarding devices. It also permits the router to locate different network topology, determine the network flow and serves various request relayed to it through northbound API [11]. The OpenFlow protocol provides three essential data to the network operating systems (NOS) [36]. First, the message forwarded to the controller from forwarding devices when any link or port changes has been triggered. Secondly, the flow statistics produced by forwarding equipments or devices and gathered by the controller. Third, the packets forwarded by the forwarding devices to the controller when the forwarding devices have no idea that how to deal with an incoming flow as the explicit action is present in the matched entry of flow table.

1.2.3 Network Hypervisors Layer

A hypervisor, also known as virtual machine monitor (VMM) separate the applications and operating system from the underlying hardware. As a result, the virtual machines share the same resources such as memory, processing etc. It is widely used in the cloud computing where each user present in infrastructure-as a-service (IaaS) layer have their own separate virtual resources like computing, storage etc. To host different virtual machines, it also provides high efficiency, speed, flexibility, mobility, and portability. By allowing virtualization concept in software defined networks enables SDN controller to program their virtual SDN networks [12]. The hypervisor acts as a middleware or intermediate layer between the SDN controller and their virtual SDN networks and control the traffic exchanged between them. The network must be having the same computing layer properties in order to provide complete virtualization in the network. It also contains several networking functions like abstraction, isolation or translation etc. In recent years, the demand for network virtualization is increasing day by day as it is enabling different technology and commercial virtualized based SDN platforms. For example, VMware introduced a network virtualization platform (NVP), which allow user to virtualize their applications and server that are completely independent and decoupled from the physical network hardware. It also allows to create virtualized network for multitenant large-scale environments by allowing abstraction with separate individual topology, configuration, service model, addressing architecture over the same physical networks. The hypervisor provided by NVP abstracts all the requirements and configurations that is supposed to be installed on forwarding devices.

1.2.4 Controller Layer

The controller layer is treated as the brain of the SDN architecture. All the required intelligence for this layer is supplied by centralized SDN controller software. The centralized controller resides inside of a server that manages the policies and traffic flow of the network [20]. It consists of several controller nodes that provide consistent control logic for the whole network. The SDN controller gives a centralize view and control of the entire network. It makes the network management simpler in a uniform and consistent way. It governs the forwarding plane to control the traffic properly. The control plane indicates an action which controls the data plane. It controls the networking devices present on data plane in a centralize manner. The controller enforces different policies to dedicate the network behavior.

From an architectural point of view, the existing controllers can be divided into two categories, i.e., centralized and distributed. A centralized controller acts as a single individual element that takes care of all forwarding devices present in the network. Sometimes, the centralized controller may lead to single point failure limitations. It also faces difficulties in managing the network having huge number of data plane devices. Few examples of centralized controller include Beacon, Maestro, and NOX-MT. A distributed controller is suitable for any small- to large-scale environment. It contains several sets of distributed elements that address the issues related to reliability and scalability. Some examples of distributed controller include Onix, HyperFlow, HP VAN SDN, ONOS etc. The disadvantage of using a distributed controller in the network is if any update is required on the node, then it is also necessary to update it on the entire controller nodes which will give impact on the system performance. Despite this, other common property includes when one node failed then its neighbor node takes responsibilities of the services and duties of failed node. It leads to the advantage of fault tolerance. But if any node behaves abnormal then it cannot be replaced by well-behaved node.

1.2.5 Northbound Interfaces

It is a software-defined application program interface present in SDN architecture. It plays an important role that link the SDN controller with the underline applications. As a result, the application can specify their desired needs like storage, data, processing, and bandwidth to the network and the network will forward these resources. It allows the applications to consume the network resources and allow to dynamically configure the network [19]. It is also considered as the most important element as it represents the abstract network programmable interface to the management and application system over the top of SDN stack [13]. It is also dynamic in nature, and many developments occur in it. The northbound APIs generally supplies various user base network functions, which are used to configure the vendor-specific infrastructure and the controller job is to translate it into a language so that each node can understand it properly. It manages the system and network applications externally. The primary goal is to extract the abstracted data model and its functionalities within the controller. It supports a wide verity with different types of applications.

In addition, it also allows different basic networking functions like routing, path computation, security, loop avoidance, etc. Different types of north bound APIs include specialized ad-hoc APIs, RESTful APIs and programming languages that are used for northbound interfaces. REST stands for representational state transfer API, also known as an API, which is RESTful. Basically, it is a constraint or set of conditions that an API supposed to follow to become a RESTful API. It is a type of client-server based followed by layered architecture. Here the communication is stateless in nature. So that the client’s request contains all the desired information in order to understand the request and it does not take benefit of already stored information on server. This constraint leads to the advantage of reliability, scalability, and visibility. Some of the other constraint examples are like uniform interface, cache, code on demand, starting with null style etc. By allowing and adapting REST in northbound API gives the advantage of dynamic resource management in decentralized way. It also allows various networking elements like switches, routers that are dynamically deployed and present in distribution order. It also allows heterogeneous clients, service composition, localize migration, scalability etc. Similarly, by using programming language, it creates a problem focused network environment for the programmer. Few examples of programming languages used in SDN are Procera, Nettle, NetCore, Pyretic, NetKAT, Frenetic etc.

1.3 The Role of Network Operating Systems

The traditional operating system provides different security mechanisms, as well as allowing accessing various resources like CPU, memory, hard drive, etc. As a result, it will make the system more flexible, transparent, and increase the productivity. The network operating system (NOS) provides centralized control in order to manage the networking issues to improve application performance and network management. The network operating system is one of the sublayers of control plane layer of SDN. All the functioning of the SDN controller is implemented by NOS. The main purpose of NOS in SDN is to use the shared files, hardware, and network resources from multiple devices in the networks. It provides a mechanism to control the hardware and network components through a software. It is a single entity which acts as the core component of SDN architecture. It also supplies network configurations followed by policies defined by the network operator. According to the policies, the controller directs traffic to minimize manual configuration of network devices and provides automatic network management and configuration based on policies. The NOS is highly concurrent and helps to achieve the desired throughput of the enterprise networks and datacenters. It is a type of operating system (OS) that supports various workstations. It is also treated as brain of the server which offers applications and utilities.

In a network, it allows multiple different devices for the communication and to share resource among each other. There are several types of NOS are available in system like peer-to-peer network operating system, client-server network operating system. The peer-to-peer NOS permit user to share and access the available network resources that are present in common with out of any distribution. Here all the available devices are managed and serve uniformly with respect to functionality. It is cheaper and suitable for small to medium LANs. The client-server-based NOS, the user can access resource through a server. This type of NOS requires high technical maintenance and also expensive in compared to peer-to-peer NOS. Despite this, it has centralized control on the network configuration. The architectural view of SDN network operating system was illustrated in Figure 1.5 [14].

In SDN architecture, the OpenFlow protocol provides solution for the networking infrastructure. The network operating system permits the management applications that supposed to be written as centralized program in the net network [15]. In OpenFlow-based SDN, the control layer has been introduced as network operating system (NOS) has several different implementations that facilitates different performance evaluation and functionalities like POX, NOX, Floodlight and ONIX [16]. It also provides abstraction and interface in terms of operating system that offers proper abstraction to the application developers for interaction with the host system in the network. For an example, we make take different server-based operating systems, like Android, Windows, or Linux. By providing high-level abstractions, the NOS makes it simpler and easier for application implementations and various functionalities related to the network control. It means, it abstracts the details of networking devices like switches or router and offer abstraction on network mapping to the developers. The NOS also identifies various modifications in the underlying network infrastructures like in ports, switches, nodes, links etc. As a result, it allows the applications that can be written using any programming language. It also enables an application may constitute of multiple sources i.e., it should be assumed that all applications work with various abstracted black-box application in a network. It seems like each application may depends on another and it must be existed on a stable API. These applications are decoupled from the hardware infrastructure and the communication between various applications must be defined by the NOS present in controller. These applications are modular and extensive in nature and provide more scalability.

Figure 1.5 Network operating system [14].

1.4 SDN Versus NFV

The network function virtualization (NFV) is a type of architecture framework where the network functions are dedicated to software instead of hardware. It also runs on the server that is top of the general-purpose hardware devices [17]. It supports various types of network functions to support virtualization in order to facilitate a new way to design the networks like firewalls, load balancer, transcoders etc. In addition, it also supports to optimize the network and cost reduction. NFV decoupled the virtualized network appliances from the hardware components [27, 37]. Moreover, the NFV framework consists of physical server, hypervisor, guest virtual machines, etc. By using wide use of various hardware components, it helps to solve most of the network related problem. It reduces the cost and offers network optimization, and its applications runs on industry standard servers.

Moreover, it uses the concept of virtualization to virtualize the whole class of network functions which helps to create the communication services [21, 22]. It helps to reduce the cost and speed up the process of service deployment for the network operators by the help of transferring various functions like firewall from specific hardware to the servers. The NVF technology helps to take advantage of the growth of IT virtualizations. It splits the network functions from the underlying hardware appliances. The NVF architecture transfers the network functions to software-based applications from the dedicated hardware equipments. The above applications can be executed on various standardized IT platforms like storage, servers, switches etc. By the help of NFV, the network functions can be distributed among different locations such as network nodes, datacenters, and end users. The design framework of NFV is illustrated in Figure 1.6 [17]. In addition, it provides various advantages to the telecommunication industry like scalability, flexibility, performance improvements, openness of platforms, reduce unnecessary investments or cost of the network [18].