Resources to Manage SDN Infra
Required resources to manage SDN Infra from the perspective of Network Engineers vs DevOps Engineers poses a major issue when it comes to Deploying and Managing SDN Infra.
Requires Hardware Refresh
- Can we implement SDN in the existing Networking Infra?
- The answer is NO. Most of the time the existing Networking Infra needs a Hardware Refresh to support the SDN.
- The answer is YES if the OEM releases a code (IOS, JunOS, etc.) that supports SDN OpenFlow Protocol but the probability is very less.
- The attacks on traffic flows, switches, management systems, recovery and fault diagnosis of the controllers and the communication related to the Control plane pose new security concerns that are now specific to SDN.
- Attackers can now exploit the common network services or even control the entire network by compromising the SDN controller.
- New services and applications can introduce never before security challenges for the programmers and the network administrators, through insecure codes which can provide a network wide control through central or distributed controllers.
- Also, the virtual nature of SDN can lead to the creation of many network segments, each with its own set of risks and challenges.
- The SDN architecture consists of centralized or distributed controllers, which interface with the data planes of multiple devices. This could potentially lead to a bottleneck at the controller. As the size of the network increases,
the network requests to the control plane or controller, could increase to an overwhelming amount, which could in turn lead to a degradation of network performance.
- Scalability is a major concern in large or dynamic networks, as the controllers have to take quick decisions, with huge and diverse events, including but not limited to failures, traffic changes, new incoming flows, etc.
- Regardless of how robust, secure, scalable, or interoperable a network is, performance is another major challenge with the SDN technology, without which a network is rendered unusable.
- The performance of this flow-based technology is measured on two metrics, namely: flow-setup time and the number of flows the controller can switch, without degrading the network. As more intelligence is kept at the controller, which maybe centralized or distributed, the large overhead of decision can cause the system to slowdown or eventually fail.
- To overcome the performance limitation, focus is needed on factors affecting flow-setup time and I/O performance of the controller. There are means and ways to increase the performance by considering well-known optimization techniques, such as input/output batching and using the Maestro approach which uses techniques such as input batching threshold (IBT) and pending raw packet threshold (PRT).