In addition to routing data from one location to another, modern data networks provide personalized services. For example, many networks provide intrusion detection services that inspect sequences of packets to detect and prevent network attacks. Providing these services may require changes to routing of traffic flow. For example, traffic may be routed through a particular device that provides the service.
Traditional routing algorithms rely on local information each router has from its neighboring links and devices to route data. A router maintains such information in a routing table. Based on the destination address of an incoming packet, a router uses its routing table to forward the packet to a specific neighboring device.
A technique, referred to as Software Defined Networks (SDNs), separates the control and forwarding functions into separate devices. A control device may use a global knowledge of the network topology to determine a path through the network of forwarding devices for individual data flows. In this way, the control device may, for example, establish paths that minimize delay or maximize bandwidth through the network, or route a data flow through a particular device that provides a particular network service.
Routing data flows through network services introduces performance concerns. For example, intrusion detection systems may perform complex operations to detect attack patterns. These operations may increase latency and decrease bandwidth or may consume expensive network resources.