Software Defined Networks (SDN) is a mechanism for separating the control plane and data planes in the network. The data plane lives in the switching fabric, as before. The control plane is a program that runs on a standard operating system, written in a standard programming language. A standard protocol (e.g., OpenFlow, or any suitable SDN protocol) connects the two together. SDN is interesting for several reasons. Creation of logical boundaries is purely in the control plane. Virtualization platforms can create a topology (entirely) in software, simplifying virtual applications and virtual machine “motion”, and network appliances become dependent on SDN, since the location of the appliance must be provisioned in the SDN control plane. Application-specific or non-local factors can be considered in switching decisions. SDN control plane enables maintaining global state information or information specific to an application, e.g., global link state and quality of service, providing cable TV+internet on the same fabric. Moreover, OSI network layer 3 (L3) routing can be done more efficiently using OSI network layer 2 (L2)+SDN.
OpenFlow is one of many communications protocols or other computer interface mechanisms that gives access to the forwarding plane of a network switch or router over the network through the concept of SDN. The Open Networking Foundation (ONF), a user-led organization dedicated to promotion and adoption of software-defined networking (SDN), manages the OpenFlow standard. ONF defines OpenFlow as the first standard communications interface defined between the control and forwarding layers of an SDN architecture. OpenFlow allows direct access to and manipulation of the forwarding plane of network devices such as switches and routers, both physical and virtual (hypervisor-based). A protocol like OpenFlow is needed to move network control out of proprietary network switches and into control hardware and software that is open source and locally managed. Other SDN protocols may include: Frenetic programming language, VMWare vSphere Client, TRI, etc.
OpenFlow or other suitable SDN protocols allows the path of network packets through the network of switches to be determined by software running on multiple routers (e.g., “OpenFlow switches”). An OpenFlow controller (or generally, a SDN controller) may be provided to manage the OpenFlow switches running on the routers (or some other appropriate network element). This separation of the control from the forwarding allows for more sophisticated traffic management than is feasible using access control lists (ACLs) and routing protocols.
A number of network switch and router vendors have announced intent to support or are shipping supported switches for OpenFlow. Some network control plane implementations use the protocol to manage the network forwarding elements. OpenFlow may be used between the switch and controller on a secure channel such as Transport Layer Security (TLS).