Sdn Software Defined Networking

Category: Advanced Networking Concepts
Type: Network Concepts
Generated on: 2025-07-10 09:10:18
For: Network Engineering, Administration & Technical Interviews

SDN (Software-Defined Networking) Cheatsheet

What is SDN? Software-Defined Networking (SDN) is a network architecture approach that separates the control plane from the data plane in network devices. This separation allows network administrators to programmatically configure, manage, and optimize network resources in a dynamic and agile manner.

Why is it important? SDN enables:

Centralized Control: Simplified network management and automation.
Flexibility: Dynamic network reconfiguration to adapt to changing traffic patterns.
Programmability: Innovation through custom network applications.
Cost Reduction: Optimized resource utilization and reduced operational expenses.
Innovation: Allows network engineers to quickly implement new services and features.
Control Plane: Makes decisions about how traffic should be handled (routing, switching, etc.). In traditional networking, the control plane resides on each network device. In SDN, it’s centralized.
Data Plane (Forwarding Plane): Forwards traffic based on the decisions made by the control plane. This remains distributed across network devices.
Northbound Interface (NBI): The interface between the SDN controller and network applications. Allows applications to communicate network requirements to the controller.
Southbound Interface (SBI): The interface between the SDN controller and the network devices (switches, routers, etc.). Allows the controller to program the data plane. Common examples include OpenFlow.
SDN Controller: The central brain of the SDN architecture. It implements the control plane logic and communicates with network devices through the SBI.
Network Virtualization: Abstraction of network resources, allowing them to be treated as software.
OpenFlow: A widely used SBI protocol that defines how the controller communicates with the data plane elements.
Overlay Networks: Virtual networks built on top of physical networks, often used in data centers.

SDN operates in three main layers:

Application Layer: Network applications (e.g., firewalls, load balancers, intrusion detection systems) communicate their requirements to the SDN controller via the NBI.
Control Layer: The SDN controller receives requests from the application layer, translates them into forwarding rules, and programs the data plane elements via the SBI.
Infrastructure Layer: The network devices (switches, routers) forward traffic according to the rules installed by the SDN controller.

Simplified Diagram:

+---------------------+
| Application Layer   |  (e.g., Firewall, Load Balancer)
+---------------------+
         | NBI
         v
+---------------------+
| SDN Controller      |
+---------------------+
         | SBI
         v
+---------------------+ +---------------------+ +---------------------+
| Network Device 1  | | Network Device 2  | | Network Device N  |
| (Data Plane)      | | (Data Plane)      | | (Data Plane)      |
+---------------------+ +---------------------+ +---------------------+

Step-by-Step Example (Packet Flow):

A packet arrives at a network device (e.g., a switch).
If the device has a matching flow entry in its flow table, it forwards the packet accordingly.
If there’s no matching flow entry, the device sends a packet-in message to the SDN controller.
The controller examines the packet and determines how it should be handled.
The controller installs a new flow entry (rule) in the device’s flow table, specifying how to forward similar packets in the future.
The device forwards the original packet according to the new flow entry.
Subsequent packets matching the flow entry are forwarded directly by the device without involving the controller.

OpenFlow is a common SBI used by SDN controllers to communicate with network devices.

OpenFlow Header:
- Version: OpenFlow protocol version.
- Type: Message type (e.g., packet-in, flow-mod, port-status).
- Length: Total length of the message.
- XID: Transaction ID (used to match requests and responses).
Key Message Types:
- Packet-In: Sent by a switch to the controller when a packet doesn’t match any flow entry.
- Flow-Mod: Sent by the controller to add, modify, or delete flow entries in a switch’s flow table. Includes:
  - Match Fields: Defines the criteria for matching packets (e.g., source IP, destination IP, port numbers).
  - Actions: Specifies what to do with matching packets (e.g., forward to a port, drop, modify headers).
- Port-Status: Sent by a switch to the controller when a port’s status changes (e.g., link up, link down).

Example Flow-Mod Message (Simplified):

Type: Flow-Mod (Add)
Match:
  Source IP: 192.168.1.10
  Destination Port: 80
Actions:
  Forward to Port: 2

Data Center Network Management: SDN allows for dynamic allocation of network resources to virtual machines, improving efficiency and scalability.
Traffic Engineering: SDN can optimize network paths based on real-time traffic conditions, reducing congestion and improving performance.
Security: SDN can be used to implement centralized security policies, such as access control lists (ACLs) and intrusion detection systems. For example, blocking traffic from a specific source IP across the entire network.
Network Virtualization: SDN enables the creation of virtual networks that are isolated from each other, allowing for multi-tenancy and improved security.
Quality of Service (QoS): SDN can prioritize traffic based on application requirements, ensuring that critical applications receive the necessary bandwidth.
Scalability: The SDN controller can become a bottleneck if it’s not properly designed to handle a large number of devices and traffic flows.
- Solution: Use a distributed controller architecture or optimize the controller’s performance.
Security: A compromised SDN controller can have a devastating impact on the entire network.
- Solution: Implement strong authentication and authorization mechanisms, regularly patch the controller software, and segment the control plane from the data plane.
Complexity: SDN can be complex to implement and manage, especially for large and heterogeneous networks.
- Solution: Use automation tools, develop clear operational procedures, and provide adequate training to network administrators.
Vendor Lock-in: Some SDN solutions are proprietary and can lock you into a specific vendor.
- Solution: Choose open-source SDN solutions or solutions that support open standards like OpenFlow.
Latency: Centralized control can introduce latency, especially if the controller is located far from the network devices.
- Solution: Use a geographically distributed controller architecture or optimize the network topology to reduce the distance between the controller and the devices.
Controller Failure: A single point of failure with the controller.
- Solution: Use controller clustering or redundancy to ensure high availability.

Mininet Example (Python):

from mininet.net import Mininet
from mininet.topo import Topo
from mininet.node import RemoteController
from mininet.cli import CLI

class MyTopo(Topo):
    def __init__(self):
        Topo.__init__(self)
        h1 = self.addHost('h1', ip='10.0.0.1/24')
        h2 = self.addHost('h2', ip='10.0.0.2/24')
        s1 = self.addSwitch('s1')

        self.addLink(h1, s1)
        self.addLink(h2, s1)

if __name__ == '__main__':
    topo = MyTopo()
    net = Mininet(topo=topo, controller=lambda name: RemoteController(name, ip='127.0.0.1'))
    net.start()
    CLI(net)
    net.stop()

This script creates a simple Mininet topology with two hosts and one switch, connected to a remote controller (assumed to be running on the local machine).

Ryu Controller Example (Python):

from ryu.base import app_manager
from ryu.controller import ofp_event
from ryu.controller.handler import CONFIG_DISPATCHER, MAIN_DISPATCHER
from ryu.controller.handler import set_ev_cls
from ryu.ofproto import ofproto_v1_3
from ryu.lib.packet import packet
from ryu.lib.packet import ethernet
from ryu.lib.packet import ether_types

class SimpleSwitch(app_manager.RyuApp):
    OFP_VERSIONS = [ofproto_v1_3.OFP_VERSION]

    def __init__(self, *args, **kwargs):
        super(SimpleSwitch, self).__init__(*args, **kwargs)
        self.mac_to_port = {}

    @set_ev_cls(ofp_event.EventOFPSwitchFeatures, CONFIG_DISPATCHER)
    def switch_features_handler(self, ev):
        datapath = ev.msg.datapath
        ofproto = datapath.ofproto
        parser = datapath.ofproto_parser

        # install the table-miss flow entry. This ensures all packets are sent to the controller
        match = parser.OFPMatch()
        actions = [parser.OFPActionOutput(ofproto.OFPP_CONTROLLER,
                                          ofproto.OFPCML_NO_BUFFER)]
        self.add_flow(datapath, 0, match, actions)

    def add_flow(self, datapath, priority, match, actions, buffer_id=None):
        ofproto = datapath.ofproto
        parser = datapath.ofproto_parser

        inst = [parser.OFPInstructionActions(ofproto.OFPIT_APPLY_ACTIONS,
                                             actions)]
        if buffer_id:
            mod = parser.OFPFlowMod(datapath=datapath, buffer_id=buffer_id,
                                    priority=priority, match=match,
                                    instructions=inst)
        else:
            mod = parser.OFPFlowMod(datapath=datapath, priority=priority,
                                    match=match, instructions=inst)
        datapath.send_msg(mod)

    @set_ev_cls(ofp_event.EventOFPPacketIn, MAIN_DISPATCHER)
    def _packet_in_handler(self, ev):
        if ev.msg.msg_len < ev.msg.total_len:
            self.logger.debug("packet truncated: only %s of %s bytes",
                              ev.msg.msg_len, ev.msg.total_len)
        msg = ev.msg
        datapath = msg.datapath
        ofproto = datapath.ofproto
        parser = datapath.ofproto_parser
        in_port = msg.match['in_port']

        pkt = packet.Packet(msg.data)
        eth = pkt.get_protocols(ethernet.ethernet)[0]

        if eth.ethertype == ether_types.ETH_TYPE_LLDP:
            # ignore lldp packet
            return
        dst = eth.dst
        src = eth.src

        dpid = datapath.id
        self.mac_to_port.setdefault(dpid, {})

        self.logger.info("packet in %s %s %s %s", dpid, src, dst, in_port)

        # learn a mac address to avoid FLOOD next time.
        self.mac_to_port[dpid][src] = in_port

        if dst in self.mac_to_port[dpid]:
            out_port = self.mac_to_port[dpid][dst]
        else:
            out_port = ofproto.OFPP_FLOOD

        actions = [parser.OFPActionOutput(out_port)]

        # install a flow to avoid packet_in next time
        if out_port != ofproto.OFPP_FLOOD:
            match = parser.OFPMatch(in_port=in_port, eth_dst=dst, eth_src=src)
            # verify if we have a valid buffer_id, if yes avoid to send both
            # flow_mod & packet_out
            if msg.buffer_id != ofproto.OFP_NO_BUFFER:
                self.add_flow(datapath, 1, match, actions, msg.buffer_id)
                return
            else:
                self.add_flow(datapath, 1, match, actions)

        data = None
        if msg.buffer_id == ofproto.OFP_NO_BUFFER:
            data = msg.data

        out = parser.OFPPacketOut(datapath=datapath, buffer_id=msg.buffer_id,
                                  in_port=in_port, actions=actions, data=data)
        datapath.send_msg(out)

This Ryu controller implements a simple learning switch. It learns MAC addresses and forwards packets accordingly. Packets with unknown destination MAC addresses are flooded.

ONOS Example (Intent Framework):

ONOS uses an “Intent Framework” for high-level network programming. Intents describe desired network behavior.

// Example:  Connect two hosts (HostToHostIntent)

HostId host1 = HostId.hostId("00:00:00:00:00:01/1"); // MAC/VLAN
HostId host2 = HostId.hostId("00:00:00:00:00:02/1");

HostToHostIntent intent = HostToHostIntent.builder()
        .appId(appId)
        .one(host1)
        .two(host2)
        .build();

intentService.submit(intent);

This Java code snippet creates a HostToHostIntent to connect two hosts. The ONOS controller then translates this intent into the necessary flow rules on the network devices.

What is SDN and how does it differ from traditional networking?
- Answer: SDN separates the control plane from the data plane, allowing for centralized control and programmability. Traditional networking distributes the control plane across network devices.
Explain the difference between the Northbound Interface (NBI) and the Southbound Interface (SBI) in SDN.
- Answer: The NBI is the interface between the SDN controller and network applications. The SBI is the interface between the SDN controller and the network devices.
What is OpenFlow, and why is it important in SDN?
- Answer: OpenFlow is a widely used SBI protocol that defines how the controller communicates with the data plane elements. It enables standardized communication between the controller and devices from different vendors.
What are the advantages and disadvantages of SDN?
- Answer: Advantages: Centralized control, programmability, flexibility, cost reduction. Disadvantages: Scalability challenges, security risks, complexity, potential for vendor lock-in.
How can SDN improve network security?
- Answer: SDN allows for centralized security policy enforcement, dynamic threat mitigation, and improved visibility into network traffic. Examples include quickly blocking a malicious IP address or redirecting traffic for inspection.
Describe a real-world use case where SDN can be beneficial.
- Answer: Data center network management, traffic engineering, security, network virtualization, QoS. Be prepared to elaborate on the specific benefits in that use case.
What are the main components of an SDN architecture?
- Answer: Application Layer, Control Layer (SDN Controller), Infrastructure Layer (Network Devices).
How does the SDN controller make forwarding decisions?
- Answer: The controller receives packet-in messages from the data plane, analyzes the packets, and installs flow entries in the devices’ flow tables to define how to forward similar packets.
What are the challenges associated with implementing SDN in a large-scale network?
- Answer: Scalability, security, complexity, interoperability, migration from traditional networks.
Explain the concept of network virtualization and its relationship to SDN.
- Answer: Network virtualization is the abstraction of network resources, allowing them to be treated as software. SDN enables network virtualization by providing a centralized control plane for managing virtualized network resources.
What are Intents in ONOS?
- Answer: Intents are high-level descriptions of desired network behavior. They abstract away the low-level details of configuring individual network devices. The ONOS controller translates intents into specific flow rules.
Network Functions Virtualization (NFV): Virtualization of network functions (e.g., firewalls, load balancers) that can run on commodity hardware. Often used in conjunction with SDN.
Cloud Computing: SDN is a key enabler for cloud computing by providing dynamic and programmable network infrastructure.
Network Automation: SDN is a form of network automation that uses software to manage and control network resources.
Network Orchestration: The automated arrangement, coordination, and management of network resources. SDN can be a component of a broader network orchestration system.
Data Center Networking: SDN is widely used in data centers to improve efficiency, scalability, and agility.
5G Networks: SDN plays a crucial role in 5G networks by enabling flexible and programmable network slicing and resource allocation.

Further Reading:

Open Networking Foundation (ONF): https://opennetworking.org/
Ryu SDN Framework: https://ryu-controller.org/
ONOS SDN Operating System: https://onosproject.org/
OpenDaylight (ODL) SDN Controller: https://www.opendaylight.org/

This cheatsheet provides a solid foundation for understanding and working with SDN. Remember to practice with tools like Mininet and Ryu to gain hands-on experience. Good luck!