What is software-defined networking (SDN)?
Software-defined networking (SDN) is a category of technologies that make it possible to manage a network via software. SDN technology enables IT administrators to configure their networks using a software application, instead of changing the configuration of physical equipment. SDN software is interoperable, meaning it should be able to work with any router or switch, no matter which vendor made it.
Think of the difference between typing an essay on a typewriter and typing it in a word processing application: Any changes to the typewritten essay mean it has to be retyped, while a word processing document can be revised endlessly. Similarly, SDN technology lets admins reconfigure their networks from a computer, instead of continually plugging and unplugging cables and devices.
What is the control plane?
Technically speaking, SDN is made possible by separating the control plane from the data plane. "Plane" is a networking term that refers to an abstract conception of where networking processes take place. The control plane refers to networking processes that direct network traffic, while the data plane is the actual data traversing the network. The control plane does this by establishing network routes and communicating which protocols should be used.
Think of the control plane as being like the collective group of stoplights that operate at the intersections of a city. Meanwhile, the data plane is more like the cars that drive on the roads, stop at the intersections, and obey the stoplights.
In networking setups that only use physical hardware, each individual router or switch has to be configured on its own. The control plane is closely intertwined with the data plane and with the underlying network hardware. With SDN, the control plane is separated from the data plane and the actual hardware, making it possible to configure the control plane from a central location (e.g. an IT admin's laptop).
What is network topology?
"Network topology" is a term that refers to the way data flows in a network. The control plane establishes and changes network topology. Again, think of the stoplights that function at the intersections of a city. Network topology is like the arrangement of the roads and the various destinations in the city, with network routes being like the roads and computing devices like destinations. Meanwhile, routers and switches are the stoplights operating at the "intersections" of these routes.
Network topology does not refer to the physical positions of routers, switches, and computers in relation to each other. Rather, it has to do solely with the paths data takes within the network. If two computers connect directly to a network switch via Ethernet cables, and Computer A is on the near side of the room next to the switch while Computer B is on the far side of the room, both computers are equidistant from the switch in the network topology.
In SDN, because the control plane is separated from the underlying hardware, it is possible to change the network topology without physically connecting and disconnecting the network equipment involved. Referring back to the example, if an admin using SDN wanted to change where Computer B was in the network topology, they could use their networking software to redefine the topology so that traffic went from the switch to (for instance) another router before going to Computer B.
What are some of the main uses for SDN?
Software-defined networks are increasingly used in large data centers. A data center is a collection of servers and networking equipment, typically within a single building, which stores, processes, and exchanges data. Almost all web servers are located inside data centers, and many companies operate their own data centers for storing corporate data and running internal applications (e.g. corporate email). Because data centers use so much physical networking equipment, SDN makes administrative work within them much easier.
SDN also enables companies to more easily connect their on-premise infrastructure with their cloud infrastructure, as in a hybrid cloud deployment. Corporate clouds can connect with software much more easily than with hardware; hardware often introduces compatibility issues, while cloud software and SDN software can integrate regardless of the underlying hardware. In fact, many vendors offer both cloud services and an SDN product, making hybrid cloud integrations even simpler.
What is the difference between SDN and SD-WAN?
A software-defined wide area network, or SD-WAN, is a type of virtual, software-based network architecture. SD-WANs are one application of software-defined networking. Essentially, all SD-WANs use SDN, but not all software-defined networks are SD-WANs.
Many companies are turning to SDN or SD-WANs as their technology stacks move to the cloud. A software-based virtualized approach to networking enables them to be more flexible. However, software-defined networks are open to various kinds of attacks, including DDoS attacks. Cloudflare Magic Transit protects on-premise, hybrid, and cloud networks from such attacks.