Software Defined Networking - SDN - Part II

In the last article I mentioned that each network element has an external controller, now using a dedicated controller for each network element would be impractical. 

The network elements are grouped in multiple domains and each domain is managed  by a controller assigned for that domain.

Example if you have 20 domains, than there would be 20 controllers managing these domains and also communicating with each other. Since all controllers are in a sync, a policy pushed to one controller will auto update to all other controllers.

Also one should note that the management application running on the controller does not require microsecond processing, the management applications only run occasionally, example the routing protocols only send updates periodically.


SDN Communication

Controller-to-element communication (OpenFlow)

The OpenFlow protocol is the most popular and widely accepted,  the protocol specifies the controller to element communication method, Item definition,classification and the message format.



Controller-to-Controller communication



Classification Engine in Switches

The data plane in a high-end switch consists of a piece of hardware known as classification engine, A network admin never encounters the classification engine directly, as the classification is hidden in the data plane hardware, eg: when a network admin configures a switch, a software module in the control plane changes the classification rules accordingly.

Now what OpenFlow does is to expose the classification to the network management software, which allows the external SDN controller to change the classification rules directly.



Hardware or Software based classification ?


TCAM (Ternary Content Addressable Memory) And High Speed Classification


If a classification is implemented in software, only one pattern can be checked at a time, i.e if there are N patterns than a software based classification will need to iterate each of the N patterns one-by-one.  A hardware based classifier can perform the comparison of these N patterns in a single step!!


A hardware based classifier implements something called TCAM. A TCAM memory cell
contains logic that can perform a bit-wise comparison and all cells work in parallel to perform a pattern match.

Once a packet is received and is placed in the TCAM hardware, all the pattern matchers receive a copy of the bits in the packet, and they all act at the same time. If a match occurs the pattern matcher  selects the associated action (an integer value), and the classifier returns the integer as the result of the lookup 


Classification Across Multiple Layers

As we can now see that the pattern matching can cross multiple layers of the protocol stack !

Example if you want to send all voice (port 50000) traffic from switch port 25. The pattern will have three components (IP, TCP, Dest Port 50000) in a single pattern.

Now this ability of the classifier to span multiple protocol layers with a single pattern makes SDN more powerful than any conventional packet forward mechanisms..