Software Defined Networks
Description
Software defined networking suggests an alternative worldview, one that comes with a new software stack to which this book is organized, with the goal of presenting a top-to-bottom tour of SDN without leaving any significant gaps that the reader might suspect can only be filled with magic or proprietary code.
Software defined networking (SDN) is an architecture designed to make a network more flexible and easier to manage. SDN has been widely adopted across data centers, WANs, and access networks and serves as a foundational element of a comprehensive intent-based networking (IBN) architecture. Although SDN has so far been limited to automated provisioning and configuration, IBN now adds "translation" and "assurance" so that the complete network cycle can be automated, continuously aligning the network to business needs.
In 14 chapters, this book provides a comprehensive understanding of an SDN-based network as a scalable distributed system running on commodity hardware. The reader will have a one-stop reference looking into the applications, architectures, functionalities, virtualization, security, and privacy challenges connected to SDN.
Audience
Researchers in software, IT, and electronic engineering as well as industry engineers and technologists working in areas such as network virtualization, Python network programming, CISCO ACI, software defined network, and cloud computing.
More details
Other editions
Additional editions
Persons
Anand Nayyar, PhD, received his PhD in Computer Science from Desh Bhagat University in 2017 and is currently an assistant professor, Vice-Chairman (Research) and Director (IoT and Intelligent Systems Lab) in the School of Computer Science, Duy Tan University, Da Nang, Vietnam. A Certified Professional with 100+ Professional certificates from CISCO, Microsoft, Oracle, Google, Beingcert, EXIN, GAQM, Cyberoam, and many more, he has published more than 150 research articles and ISI journals, edited 30+ books, and has 60 patents to his credit.
Bhawna Singla, PhD, received her PhD from Thapar University, Patiala, India and is currently a professor in the Computer Science and Engineering Department, PIET College of Engineering and Technology, Samalkha, Panipat, India. She has more than 18 years of academic experience and has published more than 35 research papers in international journals/conferences and edited books.
Preeti Nagrath, PhD, is an associate professor in Bharati Vidyapeeth's College of Engineering. She has more than 16 years of academic experience and has published more than 60 research papers in SCI-indexed journals.
Content
Preface xxi
1 Introduction to Software Defined Networking 1 Subhra Priyadarshini Biswal and Sanjeev Patel
1.1 Introduction 2
1.2 Terminology and Architecture 5
1.2.1 Infrastructure Layer 9
1.2.2 Southbound Interfaces Layer 11
1.2.3 Network Hypervisors Layer 11
1.2.4 Controller Layer 12
1.2.5 Northbound Interfaces 13
1.3 The Role of Network Operating Systems 14
1.4 SDN Versus NFV 16
1.5 The Role of NFV into SDN-Based IoT Systems 17
1.6 Challenges and Future Directions 19
1.7 Applications of SDN in IT Industries 21
1.8 Conclusion and Future Scope 23
References 24
2 Software-Defined Networks: Perspectives and Applications 29 Inderjeet Kaur, Anupama Sharma, Amita Agnihotri and Charu Agarwal
2.1 Introduction 30
2.2 SDN Architecture 32
2.2.1 Key Takeaways of SDN Architecture 35
2.2.2 Open Flow 36
2.3 Functionalities of SDN 39
2.3.1 SDN Benefits 40
2.4 SDN vs. Traditional Hardware-Based Network 41
2.5 Load Balancing in SDN 44
2.5.1 SDN-Based Load Balancer in Cloud Computing 47
2.5.2 SDN Without Cloud Computing 49
2.6 SDN Security 49
2.6.1 Security Threats and Attacks 51
2.7 SDN Applications 53
2.8 Research Directions 55
2.9 Conclusion 55
References 56
3 Software-Defined Networks and Its Applications 63 Rajender Kumar, Alankrita Aggarwal, Karun Handa, Punit Soni and Mukesh Kumar
3.1 Introduction 64
3.2 SDN vs Traditional Networks 65
3.3 SDN Working: A Functional Overview 67
3.4 Components and Implementation Architecture 68
3.4.1 Components of an SDN 68
3.4.1.1 SDN Application 68
3.4.1.2 SDN Controller 69
3.4.1.3 SDN Datapath 69
3.4.1.4 SDN Control to Data-Plane Interface (CDPI) 69
3.4.1.5 SDN Northbound Interfaces (NBI) 69
3.4.1.6 SDN Control Plane: Incorporated-Hierarchical-Distributed 69
3.4.1.7 Controller Placement 70
3.4.1.8 OpenFlow and Open Source in SDN Architecture 70
3.4.2 SDN Design 70
3.4.2.1 Northward APIs 71
3.4.2.2 Southward APIs 71
3.4.2.3 Orchestrator 71
3.4.2.4 Controller 71
3.4.2.5 Compute 71
3.5 Implementation Architecture 72
3.6 Pros and Cons of SDN 72
3.6.1 SDN Misconceptions 73
3.6.2 Pros of SDN 73
3.6.2.1 Centralized Network Provisioning 73
3.6.2.2 Holistic Enterprise Management 73
3.6.2.3 More Granular Security 74
3.6.2.4 Lower Operating Costs 74
3.6.2.5 Hardware-Savings and Reduced Capital Expenditures 74
3.6.2.6 Cloud Abstraction 75
3.6.2.7 Guaranteed Content Delivery 75
3.6.3 Cons of SDN 75
3.6.3.1 Latency 75
3.6.3.2 Maintenance 75
3.6.3.3 Complexity 75
3.6.3.4 Configuration 76
3.6.3.5 Device Security 76
3.7 SDN Applications 76
3.7.1 SDN Environment for Applications 76
3.7.1.1 Internal SDN Applications 77
3.7.1.2 External SDN Applications 77
3.7.1.3 Security Services 77
3.7.1.4 Network Monitoring and Intelligence 77
3.7.1.5 Data Transmission Management 78
3.7.1.6 Content Availability 78
3.7.1.7 Guideline and Compliance-Bound Applications 78
3.7.1.8 Elite Applications 79
3.7.1.9 Circulated Application Control and Cloud Integration 79
3.7.2 Common Application of SDN in Enterprise Networks 79
3.7.2.1 Further Developed Security 80
3.7.2.2 Diminished Working Expenses 80
3.7.2.3 A Superior Client Experience 81
3.7.3 SDN Drives in the Enterprise 81
3.7.3.1 Bringing Together and Improving on the Administration Plane 81
3.7.3.2 Accomplishing Programmability of the Control Plane 81
3.7.3.3 Simple Client Onboarding 82
3.7.3.4 Simple Endpoint Security 82
3.7.3.5 Simple Traffic Checking 82
3.7.3.6 SES Client Onboarding 83
3.7.3.7 Client Onboarding 83
3.7.3.8 SES Simple Endpoint Security: Distinguishing Dubious Traffic 83
3.7.3.9 SES Simple Traffic Observing 84
3.7.3.10 Synopsis 84
3.7.4 SDN Stream Sending (SDN) 84
3.7.4.1 Proactive Versus Reactive Versus Hybrid 84
3.7.4.2 DMN 85
3.7.4.3 SD-WAN 85
3.7.4.4 SD-LAN 85
3.7.4.5 Security Using the SDN Worldview 85
3.7.5 Security Utilizing the SDN Paradigm 86
3.7.6 Gathering Data Delivery Using SDN 87
3.7.7 Relationship of SDN to NFV 87
3.8 Future Research Directions of SDN 88
3.9 Conclusion & Future Scope 89
References 90
4 Latency-Based Routing for SDN-OpenFlow Networks 97 Hima Bindu Valiveti, Meenakshi K, Swaraja K, Jagannadha Swamy Tata, Chaitanya Duggineni, Swetha Namburu and Sri Indrani Kotamraju
4.1 Introduction to Generations of Networks 98
4.2 Features of 5G Systems 99
4.3 Software-Defined Networking (SDN) 102
4.4 Proposed Work 105
4.4.1 Path Selection Algorithm 106
4.4.2 Optimized Path Selection 106
4.4.2.1 Forwarding Node Selection 106
4.4.2.2 Priority Scheduling 108
4.4.2.3 Priority Classification 108
4.5 Experimentation and Results 109
4.5.1 Implementation of Traffic Streaming 109
4.6 Performance Analysis 113
4.7 Conclusion and Future Scope 116
References 116
5 QoS Improvement Evaluation With An Effective Switch Assignment to the Controller in Real-Time SDN Environment 119 Jehad Ali and Byeong-hee Roh
5.1 Introduction 120
5.1.1 Objectives 121
5.2 Architecture of SDN 121
5.2.1 Data Plane 123
5.2.2 Southbound (SB) APIs 123
5.2.3 NB API 124
5.2.4 Management Plane 125
5.2.5 Control Plane 125
5.3 Controller Placement Effect on the QoS 125
5.4 Communication between the Control and Data Planes 126
5.5 Related Works 128
5.6 Parameters for Computing E2E Delay 129
5.6.1 Path Discovery Delay (PD) 129
5.6.2 Actual Delay (AD) 129
5.7 Clustering Based on the Latency of the Emulated Mininet Network 130
5.8 Results and Discussion 131
5.9 Conclusion and Future Directions 133
References 134
6 An Insight into Traffic Engineering in Software-Defined Networks 137 Prabu U. and Geetha V.
6.1 Introduction 138
6.2 Related Works 142
6.3 Review on Traffic Engineering Techniques in SDN 145
6.4 Review on Traffic Engineering Techniques in Hybrid SDN 163
6.5 Review on Traffic Matrix Estimation and Measurement Techniques in SDN 169
6.6 Analysis and Research Direction 177
6.7 Conclusion and Future Scope 179
References 179
7 Network Functions Virtualization and SDN 191 Priyanka Kujur and Sanjeev Patel
7.1 Introduction 192
7.2 Types of Virtualizations 194
7.2.1 Server Virtualization 194
7.2.2 Network Virtualization 195
7.2.3 Application Virtualization 195
7.2.4 Desktop Virtualization 197
7.2.5 Storage Virtualization 197
7.3 Wireless Network Virtualization 198
7.3.1 Radio Spectrum Resources 198
7.3.2 Wireless Network Infrastructure 199
7.3.3 Wireless Virtual Resources 200
7.3.3.1 Spectrum-Level Slicing 200
7.3.3.2 Infrastructure-Level Slicing 200
7.3.3.3 Network-Level Slicing 200
7.3.3.4 Flow-Level Slicing 200
7.3.4 Wireless Virtualization Controller 201
7.4 Network Functions Virtualization and Software-Defined Network 201
7.4.1 Network Virtualization 201
7.4.2 Network Functions Virtualization 201
7.4.2.1 Network Functions Virtualization Infrastructure 202
7.4.2.2 Virtual Network Functions 203
7.4.2.3 Network Functions Virtualization Management and Orchestration 203
7.4.2.4 NFV Challenges 204
7.4.3 Benefits of NFV 204
7.4.3.1 Coexistence of Dissimilar Network 204
7.4.3.2 Encouraging Network Innovation 204
7.4.3.3 Deployment of Agile Network Capabilities 204
7.4.3.4 Provisioning of Independent and Diverse Networks 205
7.4.3.5 Resource Optimization 205
7.4.3.6 Deployment of Distinct Network Services 205
7.4.4 Software-Defined Networking (SDN) 205
7.4.4.1 Traditional Networks 205
7.4.4.2 Need for New Network Architecture 206
7.4.4.3 Introduction to SDN 206
7.4.4.4 SDN Implementation 208
7.4.4.5 SDN Design 208
7.4.4.6 SDN Operation 209
7.4.5 Open Flow 210
7.4.5.1 Open Flow Architecture 211
7.4.5.2 Defining Flow in Open Flow 212
7.4.5.3 Flow and Group Table 213
7.4.6 SDN Benefits 214
7.4.6.1 Centralized Network 214
7.4.6.2 Programmability of the Network 214
7.4.6.3 Rise of Virtualization 214
7.4.6.4 Lower Operating Cost 215
7.4.6.5 Device Configuration and Troubleshooting 215
7.4.7 SDN Challenges 215
7.4.7.1 Reliability 215
7.4.7.2 Scalability 215
7.4.7.3 Performance Under Latency Constraints 216
7.4.7.4 Use of Low-Level Interface Between the Controller and the Network Device 216
7.4.7.5 Controller Placement Problem 216
7.4.7.6 Security 217
7.4.8 SDN versus Traditional Network 217
7.4.9 Network Function Virtualization versus SDN 218
7.5 SDN Architecture 219
7.5.1 Data Plane 219
7.5.2 Control Plane 220
7.5.3 Application Layer 220
7.6 Software-Defined Networking Application 220
7.6.1 Adaptive Routing 220
7.6.2 Load Balancing 221
7.6.3 Boundless Roaming 221
7.6.4 Network Maintenance 222
7.6.5 Network Security 222
7.6.6 SDN for Cloud Computing 222
7.6.7 Internet of Things 224
7.7 Conclusion and Future Scope 224
References 225
8 SDN-Enabled Network Virtualization and Its Applications 231 Anil Kumar Rangsietti and Siva Sairam Prasad Kodali
8.1 Introduction 232
8.2 Traditional Cloud Data Centers 234
8.2.1 SDN for Enabling Innovative Traffic Engineering Tasks in Cloud Data Centers 236
8.2.1.1 Optimal Routing Mechanisms 236
8.2.1.2 Flexible Traffic Steering During Network Failure Recovery 238
8.2.1.3 Improved Topology Management Mechanisms 238
8.2.1.4 Innovative Traffic Analysis and Monitoring Mechanisms 239
8.2.1.5 General Challenges in Adopting SDN 239
8.2.2 SDN Role in Flexible Network Virtualization 241
8.2.2.1 Sharing of Physical Infrastructure and Enforcing Multiple Customer Policies 242
8.2.2.2 Strict Customer Policies Enforcement and Service Level Agreements (SLA) Guarantee 243
8.2.2.3 Failures of Devices or Links 243
8.2.2.4 Optimal Utilization of Cloud Resources 244
8.3 Importance of SDN in Network Function Virtualization (NFV) 245
8.3.1 Network Service Chaining (NSC) 248
8.3.2 Importance of NFs Placement in a Cloud Environment 249
8.3.3 Importance of NF Placement and Scaling in NSC 251
8.4 SDN and Network Virtualization Role in Evolution of Next-Generation Wi-Fi and Mobile Networks 253
8.4.1 Software-Defined Solutions for Enterprise Wireless LANs (WLANs) 253
8.4.1.1 Software-Defined APs 254
8.4.1.2 SDN Switches and Controller 256
8.4.2 Software-Defined Mobile Networks and Telecommunication Clouds 258
8.4.3 Necessity and Importance of Telecommunication Clouds 259
8.4.3.1 SDN- and NFV-Enabled Cloud Environments 260
8.4.3.2 Lightweight Virtualization Technologies 261
8.4.3.3 Novel Application Architecture, Such as Cloud Native Applications and Microservices 263
8.5 SDN and NFV Role in 5G and Smart Cities 264
8.5.1 SDN and NFV Role in Designing Deployment Environment for IoT Applications 265
8.5.2 Cloud-Fog-Edge Computing Environments 266
8.5.3 SDN- and NFV-Enabled 5G and Network Slicing Deployment 269
8.6 Conclusions and Future Scope 271
References 272
9 Software-Defined Networking: Recent Developments and Potential Synergies 279 Jasminder Kaur Sandhu, Bhawna Singla, Meena Pundir, Sanjeev Rao and Anil Kumar Verma
9.1 Introduction 280
9.2 Characteristics of Software-Defined Networking 282
9.2.1 Open Standards and Vendor Neutral 282
9.2.2 Centrally Managed 283
9.2.3 Decoupled 283
9.2.4 Dynamic/Agile 283
9.2.5 Flow-Based Management 283
9.2.6 Programmable 283
9.3 Applications of Software-Defined Networking 284
9.3.1 Specific Purposes 284
9.3.1.1 Network Management 284
9.3.1.2 Middle-Box 284
9.3.2 Security 285
9.3.3 Networks 285
9.3.3.1 Optical Network 286
9.3.3.2 Home Network 286
9.3.3.3 Wireless Network 286
9.4 Security Issues in Software-Defined Networking 287
9.4.1 Authentication and Authorization 287
9.4.2 Access Control and Accountability 288
9.4.3 Threats from Applications 289
9.4.4 Threats Due to Scalability 289
9.4.5 Denial of Service (DoS) Attacks 290
9.4.6 Challenges in Distributed Control Plane 290
9.5 Potential Attacks in Software-Defined Networking 291
9.5.1 Spoofing 291
9.5.2 ARP Spoofing 291
9.5.2.1 IP Spoofing 293
9.5.3 Tampering 293
9.5.4 Repudiation 294
9.5.5 Information Disclosure 295
9.5.6 DoS 295
9.5.7 Elevation of Privilege 296
9.6 Solutions to Security Issues and Attacks in Software-Defined Networking 297
9.6.1 Spoofing 297
9.6.1.1 ARP Spoofing 297
9.6.1.2 IP Spoofing 301
9.6.2 Tampering 301
9.6.3 Repudiation 301
9.6.3.1 Nonrepudiation Verification 301
9.6.3.2 Accountability 302
9.6.4 Information Disclosure 302
9.6.4.1 Scanning-Based Solutions 302
9.6.4.2 Information Disclosure Countermeasure 302
9.6.5 Denial of Service (DoS) 302
9.6.6 Elevation of Privilege 303
9.7 Software-Defined Networking Framework 303
9.7.1 Global Flow Table 304
9.7.2 VNGuard 304
9.8 Security Enhancement Using the Software-Defined Networking Framework 305
9.8.1 SDN Firewall 305
9.8.2 Access Control 307
9.8.3 Intrusion Detection System/Intrusion Prevention System (IDS/IPS) 307
9.8.4 SDN Policies 307
9.8.5 Monitoring and Auditing 308
9.8.6 Privacy Protection 308
9.8.7 SDN WiFi Networks 308
9.8.8 Mobile SDN 309
9.8.9 BYOD 309
9.8.10 SDN Open Labs 309
9.9 Open Challenge 310
9.9.1 Interaction Between Different Controllers and Switches 310
9.9.2 Controller Security 310
9.9.3 Managing Heterogenous Controllers 310
9.9.4 Standard Protocol for Controller 311
9.9.5 Standard Protocol Between Control and Management Plane 311
9.9.6 Managing the Load Between Controllers 311
9.10 Recommended Best Practices 311
9.10.1 Authentication 312
9.10.2 Access Control 312
9.10.3 Data Confidentiality 312
9.10.4 Nonrepudiation 312
9.10.5 Data Integrity 313
9.10.6 Communication Security 313
9.10.7 Privacy 313
9.10.8 Availability 313
9.11 Conclusion and Future Scope 314
References 315
10 Security Challenges and Analysis for SDN-Based Networks 321 Priyanka Kujur, Subhra Priyadarshini Biswal and Sanjeev Patel
10.1 Introduction 322
10.2 Threat Model 325
10.2.1 Spoofing 325
10.2.2 Tampering 325
10.2.3 Repudiation 325
10.2.4 Information Disclosure 325
10.2.5 Denial of Service 326
10.2.6 Elevation of Privileges 326
10.2.7 Threats in SDN Networks 326
10.2.7.1 Attack Surface in SDN 326
10.2.7.2 Security Issues in SDN 327
10.2.7.3 Addressing SDN Security Matters 328
10.2.7.4 Attack to the SDN Architecture 328
10.2.8 Policy-Based SDN Security Architecture 330
10.3 Control Plane Security of SDN 331
10.3.1 Application Coexistence 331
10.3.2 Flow Constraints vs. Flow Circuits 332
10.3.3 An Application Permission Model 332
10.3.4 Application Accountability 332
10.3.5 Toward a Security-Enhanced Control Layer 332
10.4 Security Analysis 332
10.5 Network-Wide Security in SDN 333
10.5.1 Security Systems Development 334
10.5.2 Flow Sampling 335
10.5.3 Traffic Monitoring 336
10.5.4 Access Control 337
10.5.5 Content Inspection 337
10.5.6 Network Resilience 338
10.5.7 Security Middle Boxes 339
10.5.8 Security Challenges in SDN 339
10.6 SDN-Based Virtual and Cloud Networks Security 340
10.6.1 Virtual Networks Security 340
10.6.2 Cloud Networks Security 340
10.7 SDN-Based Secure IoT Frameworks 341
10.8 Conclusion and Future Scope 341
References 342
11 A Novel Secure SDN Architecture for Reliable Data Transmission in 5G Networks 347 J. Sathiamoorthy, Usha M. and R. Bhagavath Nishant
11.1 Introduction 348
11.1.1 Organization of the Chapter 352
11.2 Related Work 352
11.3 SDN-5G Networks-What Does the Future Hold? 356
11.4 Layers in SDN-5G Networks 358
11.5 Security Threats 359
11.5.1 Control Plane 360
11.5.2 Data Plane 361
11.5.3 Application Plane 361
11.6 SDN-5G Networks-Possible Attacks and Threats 362
11.6.1 Distributed Denial of Services (DDoS) 362
11.6.2 Solution for DDoS-To Analyze User's Behavior via Detection Through Entropy 363
11.6.3 Solution for Packet Sniffing 363
11.6.4 Steps in the Handshake Process 364
11.6.5 ARP Spoofing Attack 365
11.6.5.1 ARP Authentication 365
11.6.5.2 Operating System Patching 365
11.6.5.3 API Exploitation 366
11.6.5.4 Password Guessing or Brute Force 366
11. 7 Proposed Methodology 367
11.7.1 Strong Security Architecture for SDN-Based 5G Networks 367
11.8 Security Analysis 373
11.8.1 IP Spoofing 373
11.8.2 MITM Attack 379
11.8.3 Replay Attack 379
11.9 Conclusion and Future Scope 388
References 388
12 Security and Privacy Issues in 5G/6G-Assisted Software-Defined Networks 391 Durbadal Chattaraj and Ashok Kumar Das
12.1 Introduction 392
12.1.1 SDN Applications 394
12.1.2 Security and Privacy Issues in SDN 396
12.1.3 Chapter Contributions 397
12.1.4 Chapter Organization 397
12.2 Security and Functionality Requirements in SDN 398
12.3 Network and Threat Models 399
12.3.1 Network Model 399
12.3.2 Adversary Model 402
12.4 Taxonomy of Security Protocols in SDN 405
12.5 Security Solutions in SDN 406
12.5.1 Authentication 407
12.5.2 Access Control 408
12.5.3 Key Management 409
12.5.4 Intrusion Detection 410
12.5.5 Blockchain-Based Security Solution 412
12.6 Comparative Analysis 413
12.6.1 Comparative Analysis on Communication and Computational Costs 414
12.6.2 Comparative Analysis on Security Features 415
12.7 Conclusion and Future Scopes 419
References 420
13 Evolving Requirements and Application of SDN and IoT in the Context of Industry 4.0, Blockchain and Artificial Intelligence 427 Sunil Kr. Singh, Sunil Kr Sharma, Dipesh Singla and Shabeg Singh Gill
13.1 Introduction 428
13.2 Objectives of the Chapter 430
13.3 Organization of the Chapter 431
13.4 Software-Defined Network Architecture 431
13.4.1 SDN Planes 434
13.4.1.1 Control Plane 434
13.4.1.2 Data Plane 434
13.4.1.3 Application/Management Plane 435
13.4.2 QoS: Quality of Service 436
13.4.2.1 Jitter 436
13.4.2.2 Packet Loss 436
13.4.2.3 Bandwidth 437
13.4.2.4 Latency 437
13.4.3 OpenQoS 437
13.4.4 Secondnet 438
13.4.5 OpenQFlow 440
13.4.6 CloudNaaS 441
13.4.7 Scalable QoS and Automated Control for Network Convergence 442
13.5 Security 442
13.5.1 Fresco 442
13.5.2 NetFuse 443
13.5.3 Scalability 444
13.5.4 DIFANE 444
13.5.5 DevoFlow 445
13.5.6 Maestro 445
13.5.7 Load Balancing 446
13.5.8 AsterX 446
13.5.9 OpenFlow-Based Server Load Balancing Gone Wild 447
13.6 Software-Defined Network (SDN) With IoT 447
13.7 SDN-Based IoT Architecture 448
13.7.1 IoT's Architecture With Software Programming Functions 449
13.7.2 SDN Controllers 449
13.7.3 Gateways/Routers 451
13.7.4 Sinks 452
13.7.5 Data Center 452
13.7.6 Design Principles 453
13.7.7 Dynamic Deployment of Security Policies 454
13.8 Role of SDN and IoT in Industry 4.0 456
13.8.1 Industry 4.0 Explained 457
13.8.1.1 Mass Customization 457
13.8.1.2 Flexibility 457
13.8.1.3 Additive Manufacturing 457
13.8.1.4 Better Decision Making 458
13.8.1.5 Simulation and Digital Twins 458
13.8.1.6 Integrated Supply Chain 458
13.8.1.7 Energy Management 458
13.8.1.8 Creating Value from Big Data 459
13.8.1.9 Cyber-Physical Systems 459
13.8.2 Brokerage Services 462
13.8.3 Man4Ware 464
13.8.4 Security 466
13.8.5 Additional Advanced Service Alternatives 467
13.8.6 Interconnection and Integration Between IoT and Industry 4.0 467
13.9 Work in Related Domains of IoT 468
13.10 IoT Computing and Management With SDN 470
13.10.1 Edge Computing 470
13.10.2 Convergence of NFV and Edge Computing 471
13.10.3 Use of Artificial Intelligence (AI) in Software-Defined Networks (SDN) 472
13.10.4 SDN Network Structure and OpenFlow (OF) Protocol 473
13.11 Scope of Blockchain to Secure IoT Using SDN 474
13.11.1 The Architecture of Blockchain-Based SDN 475
13.11.2 Workflow of BC-SDN and Smart Contracts 477
13.11.2.1 Key Components of Workflow 478
13.12 SDN in Various Emerging Areas of IoT 481
13.13 Conclusion and Future Scope 486
References 489
14 SDN-Based Cloud Combining Edge Computing for IoT Infrastructure 497 Jyoti Snehi, Manish Snehi, Devendra Prasad, Sarita Simaiya, Isha Kansal and Vidhu Baggan
14.1 Introduction 498
14.1.1 Architecture of SDN vs. Traditional Networks 503
14.1.2 SDN/NFV Tiers 504
14.1.3 Objective of Chapter 509
14.1.4 Organization of Chapter 509
14.2 Challenges with SDN-Based Cloud and NFV Technologies for IoT 510
14.3 Literature Survey 519
14.4 Knowledge-Driven SDN-Based IoT Architecture That Leverages Edge Cloud 526
14.5 Discussion and Future Recommendation 532
14.6 Conclusion 533
References 533
Index 541
1
Introduction to Software Defined Networking
Subhra Priyadarshini Biswal and Sanjeev Patel*
Department of Computer Science and Engineering, National Institute of Technology Rourkela, Odisha, India
Abstract
In recent years, we have seen the rapid growth of software-defined networking (SDN) in development and production. In traditional networking systems, fixed dedicated network devices, such as switches, routers are used to control the network traffic. However, nonprogrammable feature, poor network security and performance drawback have created new challenges for future Internet-based information and communication system. The complexity in traditional networking makes the system difficult to reconfigure the network to counter faults, load, and error. To overcome these issues, SDN is taking control over the traditional manually configured network to make proper utilization of physical network infrastructure. The aggregation of separate control plane and data plane allows network virtualization and dynamically programmable network configuration to improve the performance. The control plane is responsible for routing the data packet from source to destination. Similarly, the data plane is used for forwarding the packets that is also known as the forwarding plane. It is constructed on centralized network topologies that enable resource management. As a result, the network operator or service provider can manage and directly control their resources and network despite knowing any hardware technologies. It gives high flexibility, automation, service integration functionalities to accommodate innovative network designs. The SDN controller regulates the flow of control over the switches/routers to deploy intelligent networks. The open architecture of SDN broadly includes the infrastructure layer, control layer, and application layer. In this chapter, we focus on the architecture along with the advantage of using SDN networking over traditional networking systems.
Keywords: Software-defined networking, SDN architecture, open flow, NFV, centralized controller, network operating systems
1.1 Introduction
In traditional networking system, the communication between devices by transferring packets was possible by the help of various distributed and transport control protocols present inside switches and routers. This is widely used and adopted by many industries and companies in all over the world. But the architecture used in traditional network generates huge difficulties in maintaining and managing the whole network infrastructures. Nowadays, as the growth of technology is rapidly increasing, it may lead to the rise of data communication or transmission in the network. As a result, the number of devices connected to the network will also increase. It may require proper maintenance as the networking devices are maintained manually by human, which may lead to various configuration errors. This problem arises due to the nonprogrammable features of traditional networking. Due to the huge network infrastructure, it is very difficult to add, manage, and maintain the network properly. It is time consuming and less flexible. With the increase in the number of devices, the operational and management cost will also increase. As most of the things in traditional networking are done manually, it is very difficult to make changes in the existing network. It is very difficult to virtualize the entire network. Further, we can say traditional networking is hardware based as it contains fixed function network devices. It is more rigid and very difficult to customize the network.
Moreover, the traditional networking shown in Figure 1.1, the network operator has to set up some low-level commands in each separate network for maintaining the desired network policies. To enforce the desired vendor-specific policies in such dynamic environment is highly challenging. Due to the complexity in configuration, it is very difficult to handle the dynamic changes in load, as well as faults and errors. The communication between different network nodes, like switches, routers, etc., is more complex. In addition, most of the networks give less flexibility as both the data plane and control plane are integrated inside the networking devices. As a result, it is very difficult to change or adjust the forwarding policy by changing the configuration of devices. The control plane is responsible for configuration of different nodes, and it determines the path to route the packet or frame. Similarly, the data plane is responsible for forwarding the packets or frame from one interface to other [1]. Security is one of the biggest challenges in this network. As it has the vendor-specific environment, the network became less capable of protecting data.
Figure 1.1 Traditional networking.
Software-defined networking (SDN) is a type of application-centric and software-based network design concept, which uses different technologies to manage the network. The concept of SDN was first introduced in 2009 at Stanford University, United States [2]. Here, the network operator can target on various network applications, such as security, data traffic, policies, etc., in more flexible way [49]. It also allows the network operator and administrators to maintain the desired bandwidth in the network. As a result, the issues related to complex network configuration will minimize. However, instead of using costly hardware and firmware, it provides an open-source logically centralized network system. It also provides a centralized open flow controller in multivendor environment, which is used as a control point in SDN strategically [48]. The OpenFlow provides interface to the networking devices like switch [40]. As a result, it facilitates the network administrator to abstract configuration of various physical or virtual network devices. Moreover, each networking devices contain flow tables and the controller's job is to update and insert the forwarding rules for the traffic flows in the network.
The separation of both control plane and data planes with centralize network intelligence allows dynamic programmability instead of static manual operation. It fulfills the requirement of virtualization, dynamic scaling, automation, multitenancy, performance optimization, service integration, openness, etc. The benefits of SDN in different scenarios also include different enterprises and cloud data center. In traditional network, each networking device directs the network traffic. But in case of SDN infrastructure, the automated programmable interface determines and route the network traffic. The SDN controller helps to automate the whole network management, which reduces the complexity for the end users. The network administrator can change the network wide infrastructure with a centralized console. It mainly converts the hardware intensive traditional network to fully virtualized and programmable network, which fulfill the need of scalability, agility, and visibility of the network [32]. Due to these many advantages, various industries and enterprises may get support in the field for development and innovations of application services [31]. It helps to improve user security and reliability of the network. In SDN, the deployment of the network is simplified. It provides programmable network services to the user with proper network control. Unlike traditional network, it overcomes the issues related to managing individual networking devices.
The most looked for and promising features of SDN networks are related with:
- providing centralized control policies, which gives a global view of network configuration and activity as various nodes has different functionalities;
- capability to dynamically program all features and configuration of network resources conveniently over automated SDN services instead of static manual operation;
- independent of physical infrastructure as the network administrator can dynamically modify the network traffic flow to meet the changes;
- implement open standard, which simplifies the network design and operations.
The main objective and contribution of this book chapter are outlined as follows:
- To give insight related to this new emerging SDN-based networking along with its challenges and future scopes.
- The aim of this chapter is to elaborate the differences between NFV and SDN.
- To discuss the applications of SDN in IT, challenges, and future direction of the research.
- Our main contribution for this chapter is to present the snapshot of the SDN deployments, its architectures and how it will be efficient in IT industries along with various opportunities.
The rest of this chapter are organized as follows. Section 1.2 starts by explaining different terminologies related to SDN network. Then, the SDN architecture with different layers has been explained properly. Additionally, we have identified and broadly explained each layer's specifications, objectives, and functionalities. In section 1.3, the role of network operating system in SDN infrastructure has been presented. Then the discussion with regard to the differences between Network Function Virtualization (NFV) and SDN is done in Section 1.4. Next, we look at how NFV has been incorporated in SDN-based Internet of Things (IoT) systems in section 1.5. Likewise, then various challenges, future research, and applications of SDN are discussed in section 1.6 and 1.7....
