Firmware of network switches and routers ("control plane") have traditionally remained proprietary, locked and under control of companies that manufactured the equipment. SDN seeks to change this disposition, and to make of firmware of the switches and routers ("control plane") remotely accessible and remotely modifiable via third-party software clients, using open protocols such as OpenFlow.
Thus SDN allows for
quick experimenting and optimization of switching/routing policies, and for
external access to the innards of switches and routers that formerly were closed and proprietary.
Access Control in SDN Remote access to "control plane" is made available to administrators or users of the network, typically with a role-based access system (RBAC) in order to provide security in the network control plane.
Decoupling between data plane access and control plane access In one instance of SDN, the network control plane hardware can be physically decoupled from the data forwarding plane hardware, i.e. a network switch can forward packets and a separate server can run the network control plane.
The rationale for this approach is twofold. First, the decoupling allows for the control plane to be implemented using a different distribution model than the data plane. Second, it allows the control plane development and runtime environment to be on a different platform than the traditionally low-powered management CPUs found on hardware switches and routers.
SDN requires some method for the control plane to communicate with the switch datapath. One such mechanism is OpenFlow which is a standard interface for controlling computer networking switches. OpenFlow is often confused to be equivalent to SDN. However, there is no requirement for the use of OpenFlow within an SDN. Source: Wikipedia.
Current Work
- S. C. Ergen and M. Ergen, "A Network Tomography App for Software Defined Networking", submitted.