Software Defined Networking defines an architectural approach to building networks, primarily focusing on the separation of controller and data plane to allow more flexibility in how the controller plane is built and what it exposes to applications. The specific way to achieve this separation, the protocols and technologies used are all implementation and vendor specific at this time. Despite this variation in approach, the common theme remains, that of re-engineering how network switches are controlled and opening more power to applications to affect this control. As more networks adopt SDN concepts, it opens up opportunities to re-imagine how an application such as an Session Border Controller (SBC) functions in an SDN environment.
The traditional model for an SBC is an integrated unit consisting of control and data plane. The control plane handles call signaling (Session Initiation Protocol), and specifies how the Internet Protocol (IP) packets for media pass through its data plane. And by virtue of this interaction the SBC is able to police, control, modify and otherwise impact the packets that are specifically routed through it.
Although this traditional approach has performed as required for many years, it has limitations and could be far more effective if the SBC were able to influence Internet Protocol flows at other points in the network and not just as the packets hit the SBC's media plane. For example, it is typically desirable to block “bad” flows/packets, e.g., denial of service attack flow/packets as early as possible by moving the decision to forward or drop as close to the source as possible. Likewise an SBC is often expected to guarantee bandwidth for certain classes of traffic and indeed prioritize how to allocate contended bandwidth among flows based on one or more policies or rules. There is a limit to the SBC's effectiveness to do this task, when it is only able to perform this function at the point where the packets cross its data plane. The SBC has no visibility or influence on how bandwidth is utilized at other points in the network.
A conventional integrated or distributed SBC provides media services that include, among other things, Denial of Service (DOS)/Distributed Denial of Service (DDOS) protection, bandwidth policing, topology hiding, IPv4/IPv6 interworking, VLAN (Virtual Local Area Network) tagging, DSCP (Differentiated Services Code Point) marking, Network Address and Port Translation (NAPT), Far end Network Address and Port Translation Learning, and RTP/RTCP (Real-time Transport Protocol) Inactivity detection. These services need to be provided independent of whether the flow is relayed or requires media interworking. However, in conventional approach the SBC is only able to effectuate these functions by taking action when it receives the media packets of a media packet flow for a media stream that is when the packet flow hits the SBC's data plane. This results in congestion and bottlenecks at the SBC and requires that for the SBC to able to scale up as the number of sessions increases the SBC must be able to scale both its session establishment and control processing capabilities (SIP capabilities) as well as it media resources capabilities. As the SBC is limited in the number of media sessions it can service by the amount of media resources/bandwidth it has available. If it only has media resources for N call sessions, e.g., Voice Over Internet Protocol sessions, it can only handle the control signaling for establishing N call sessions.
From the aforementioned reasons, it is apparent that there is a need for new and or improved systems and/or SBCs that are more efficient and effective which can provide and/or effectuate media services and impact packets/flows closer to their sources. There is also a need for systems that can provide media services in a scalable manner wherein providing media services is independent of dedicated media resources in an SBC controlling the signaling for the media session. There is a further need for new and improved methods, apparatus and systems that allow for SBCs to provide media services without anchoring the media sessions or flows at the SBC even though the SBC is anchoring the control signaling for the session.