What is software-defined

networking (SDN)?
SDN is an architecture designed to make a network more
flexible and easier to manage. SDN centralizes
management by abstracting the control plane from the
data forwarding function in the discrete networking
devices.
SDN elements
An SDN architecture delivers a centralized, programmable network
and consists of the following:

A controller, the core element of an SDN architecture, that enables

centralized management and control, automation, and policy
enforcement across physical and virtual network environments
Southbound APIs that relay information between the controller and
the individual network devices (such as switches, access points,
routers, and firewalls)
Northbound APIs that relay information between the controller and
the applications and policy engines, to which an SDN looks like a
single logical network device
SDN adoption
• SDN has seen wide adoption across data centers (64%), WANs
(58%), and access networks (40%). For more information on
SDN trends, see the 2020 Global Networking Trends report.
• SDN and IBN
• SDN serves as a foundational element of a comprehensive
intent-based networking (IBN) architecture. SDN has been
limited to automated provisioning and configuration. IBN now
adds “translation” and “assurance” so you can automate the
complete network lifecycle and continuously align the
network to business needs. Watch our Beyond SDN webinar
recording to explore more ways that intent is changing how
we network.
Features and benefits
• Simplify operations
Build programmable networks that auto-discover and
auto-configure fabrics and switches.
• Achieve faster troubleshooting
Improve the health of networks with network analytics,
machine learning and predictive insights.
• Improve security
Deploy consistent zero-trust access across your network
with policy-based segmentation
Traditional Networking
Networking has always been very traditional. We have specific
network devices like routers, switches, and firewalls that are
used for specific tasks.
These network devices are sold by networking vendors like
Cisco and often use proprietary hardware. Most of these devices
are primarily configured through the CLI, although there are
some GUI products like CCP (Cisco Configuration Protocol) for
the routers or ASDM for the Cisco ASA firewalls.
• A network device, for example, a router has different functions
that it has to perform. Think for a moment about some of the
things that a router has to do in order to forward an IP packet:
• It has to check the destination IP address in the routing table
in order to figure out where to forward the IP packet to.
• Routing protocols like OSPF, EIGRP or BGP are required to
learn networks that are installed in the routing table.
• It has to use ARP to figure out the destination MAC address
of the next hop or destination and change the destination
MAC address in the Ethernet frame.
• The TTL (Time to Live) in the IP packet has to be decreased
by 1 and the IP header checksum has to be recalculated.
• The Ethernet frame checksum has to be recalculated.
All these different tasks are separated by different
planes. There are three planes:
control plane
data plane
management plane
• Let’s take a look at the difference between these three
planes…
• Control Plane
• The control plane is responsible for exchanging routing
information, building the ARP table, etc. Here are some
tasks that are performed by the control plane:
• Learning MAC addresses to build a switch MAC address
table.
• Running STP to create a loop-free topology.
• Building ARP tables.
• Running routing protocols like OSPF, EIGRP, and BGP and
building the routing table.
• Data Plane
• The data plane is responsible for forwarding traffic. It relies on the
information that the control plane supplies. Here are some tasks that the
data plane takes care of:
• Encapsulate and de-encapsulate packets.
• Adding or removing headers like the 802.1Q header.
• Matching MAC addresses for forwarding.
• Matching IP destinations in the routing table.
• Change source and destination addresses when using NAT.
• Dropping traffic because of access-lists.
• The tasks of the data plane have to be performed as fast as possible which
is why the forwarding of traffic is performed by specialized hardware like
ASICs and TCAM tables.
• Management Plane
• The management plane is used for access and
management of our network devices. For example,
accessing our device through telnet, SSH or the console
port.
• When discussing SDN, the control and data plane are
the most important to keep in mind. Here’s an
illustration of the control and data plane to help you
visualize the different planes:
• Above you can see the control plane where we use routing protocols like OSPF and EIGRP and some static
routing. The best routes are installed in the routing table. Another table that the router has to build is the
ARP table.
• Information from the routing and ARP table is then used to build the forwarding table. When the router
receives an IP packet, it will be able to forward it quickly since the forwarding table has already been built.
Limitations of traditional
networking
• Everything I described above is the way we have
done things for the last ~30 years so it’s
not like there is something “wrong” with
traditional networking. However, nowadays
there are some business challenges that
ask for different solutions.
• Above we see the network infrastructure of a company’s data
center. At the bottom, we find a VMware ESXi server with a
number of virtual machines. This server is connected to some
switches in the access and aggregation layers. We also see two
ASAs that protect our server and two routers for access to the
outside world. On top, there is another router with a host device.
• Let’s say this company has a business requirement for a new
application that requires four new virtual machines to be installed
on the VMware server. For security reasons, each virtual machine
should be in a different VLAN. A user that is using H1 behind R3
should be able to access the application that runs on these virtual
machines.
• Let’s consider some of the things we have to configure on our network to
make this happen:
• The VLANs have to be created on all switches.
• We have to configure a root bridge for the new VLANs.
• We have to assign four new subnets, one for each VLAN.
• We need to create new sub-interfaces with IP addresses on the switches.
• We need to configure VRRP or HSRP on the switches for the new VLANs.
• We have to configure the firewalls to permit access to the new
applications / subnets.
• We have to advertise the new subnets in a routing protocol on our
switches, routers, and firewalls.
• Although there are network automation tools to help us, we
often use the CLI to configure all of these devices, one-by-one.
It’s a slow, manual process that a human has to do. While it
only takes a few minutes to spin up a new virtual machine, it
might take a few hours for the network team to prepare the
network. Changes like these are also typically done during a
maintenance window, not during business hours.
• Server virtualization is one of the reasons why businesses are
looking for something that speeds up the process described
above. Before virtualization, we used to have one physical
server with a single operating system. Nowadays we have
multiple physical servers with hundreds of virtual machines.
• These virtual machines are able to move automatically
from one physical server to another. When they cross an
L3 boundary, you don’t want to wait for the network
team to make the required changes to routing or
access-lists. It should be automatic.
• The “trend” nowadays is that everything should be
virtual. It’s not strange to see that this is also happening
to networking. Large companies like Cisco that used to
sell only proprietary hardware are now also offering
virtual routers, ASAs, wireless LAN controllers, etc. that
you can run on VMWare servers.
SDN (Software Defined
Networking)
• Like the buzzword “cloud” a few years ago, every organization or vendor has a
different opinion about what SDN exactly is and different products that they
offer.
• Traditional networking uses a distributed model for the control plane. Protocols
like ARP, STP, OSPF, EIGRP, BGP and other run separately on each network
device. These network devices communicate with each other but there is no
central device that has an overview or that controls the entire network.
• One exception here (for those that are familiar with wireless networking) are the
wireless LAN controllers (WLC). When you configure a wireless network, you
configure everything on the WLC which controls and configures the access
points. We don’t have to configure each access point separately anymore, it’s all
done by the WLC.
• With SDN, we use a central controller for the control plane.
Depending on the vendor’s SDN solution, this could mean that the
SDN controller takes over the control plane 100% or that it only has
insight in the control plane of all network devices in the network. The
SDN controller could be a physical hardware device or a virtual
machine.
• Here’s an illustration to help you visualize this:
• Above you can see the SDN controller which is responsible for the control plane. The switches are now just
“dumb” devices that only have a data plane, no control plane. The SDN controller is responsible
for feeding the data plane of these switches with information from its control plane.
• There are some advantages and disadvantages of having a distributed vs a central control plane. One of the
advantages of having a central controller is that we can configure the entire network from a single device.
This controller has full access and insight of everything that is happening in our network.
• Let’s add some more detail to this story. The SDN controller uses two
special interfaces, take a look at the image below:

• The interfaces are called the

northbound interface (NBI) and
southbound interface (SBI).
Let me explain both…
Southbound Interface
• The SDN controller has to communicate with our
network devices in order to program the data plane.
This is done through the southbound interface. This is
not a physical interface but a software interface, often
an API (Application Programming Interface).
• An API is a software interface that allows an application
to give access to other applications by using pre-defined
functions and data structures. I’ll explain more about
this in a minute.
• Some popular southbound interfaces are:
• OpenFlow: this is probably the most popular SBI at the moment,
it’s an open source protocol from the
Open Networking Foundation. There are quite a few network
devices and SDN controllers that support OpenFlow.
• Cisco OpFlex: this is Cisco’s answer to OpenFlow. It’s also an
open source protocol which has been submitted to the IETF for
standardization.
• CLI: Cisco offers APIC-EM which is an SDN solution for the
current generation of routers and switches. It uses protocols that
are available on current generation hardware like telnet, SSH,
and SNMP.
Northbound Interface
• The northbound interface is used to access the SDN controller itself. This allows
a network administrator to access the SDN to configure it or to retrieve
information from it. This could be done through a GUI but it also offers an API
which allows other applications access to the SDN controller. You can use this to
write scripts and automate your network administration. Here are some examples:
• List information from all network devices in your network.
• Show the status of all physical interfaces in the network.
• Add a new VLAN on all your switches.
• Show the topology of your entire network.
• Automatically configure IP addresses, routing, and access-lists when a new
virtual machine is created.
• Through the API, multiple applications are able to access the
SDN controller:
• A user that is using a GUI to retrieve information about the
network from the SDN controller. Behind the scenes, the GUI is
using the API.
• Scripts that are written in Java or Python can use the API to
retrieve information from the SDN controller or configure the
network.
• Other applications are able to access the SDN controller.
Perhaps an application that automatically configures the
network once a new virtual machine is created on a VMware
ESXi server.
REST API
• I have mentioned a few times that the north- and southbound
interfaces use APIs. Let’s take a closer look at what an API is.
SDN controllers typically use a REST API (Representational
State Transfer).
• The REST API uses HTTP messages to send and receive
information between the SDN controller and another
application. It uses the same HTTP messages that you use
when you browse a webpage on the Internet or when you enter
a contact form online:
• HTTP GET: used when we want to retrieve information.
• HTTP POST/PUT: used when we want to upload or update
information.
• It is similar browsing a webpage, only this time, you are not
requesting a webpage or picture but a particular object from
the SDN controller, for example, a list with all VLANs in the
network.
• When the SDN controller receives the HTTP GET request, it
will reply with an HTTP GET response with the information
that was requested. This information is delivered in a
common data format. The two most used data formats are:
• JSON (JavaScript Object Notation)
• XML (eXtensible Markup Language)
• Here’s an example to help you visualize this:
• Above we have a python script that is using HTTP GET to fetch the following URL through the API:
• [Link]
• This URL will retrieve some of the variables that are available, for example, information about all nodes (hosts) on the network.
• Once the API receives this, it will respond with an HTTP GET response message:
Decoding the implications of
software-defined networking in
IoT
• SDN is an innovative networking technology becoming increasingly
important in software defined networking in IoT as it allows devices
to communicate more easily and securely
• Software-defined networking (SDN) is an innovative networking
technology that empowers network administrators to efficiently
oversee and govern network traffic through software, thereby
eliminating traditional hardware-based monitoring methods. SDN
not only facilitates the centralized management and security of
networks by taking control over all devices, but it also orchestrates
a fundamental architectural shift. This separation of network
functions from hardware to software augments configurational and
managerial flexibility, ultimately ushering in a new era for network
administrators.
• SDN separates the control of networking devices from the data processing
functionality within the networking devices. This separation allows for more
centralized management and flexibility when it comes to adapting the
network to changing needs.

• Components of SDN
• Management plane: This plane is responsible for the overall network
management of the SDN environment. It includes the SDN controller, which
acts as the central brain of the network and manages the entire system. The
management plane handles tasks such as network configuration, monitoring,
provisioning and policy enforcement.
• Control plane: This plane makes high-level decisions about how a network
should operate. Acting as a bridge, it communicates with the management
plane and translates the high-level network policies into low-level instructions
for the data plane. The control plane uses protocols like OpenFlow to
communicate with the data plane and manage network traffic.
• Data plane: The data plane or the forwarding plane is
responsible for the actual forwarding of network traffic.
It consists of switches or routers that are managed by
the control plane. The data plane forwards packets
based on the instructions received from the control
plane.
• By separating the control plane from the data plane and
centralizing control through an SDN controller, software-
defined networking provides flexibility, agility and
programmability to networks. It allows for efficient
network management, dynamic and adaptive traffic
routing and the ability to implement innovative network
services and applications to streamline and simplify the
responsibilities of network administrators
Application of SDN in IoT
• SDN is becoming increasingly important in IoT because it allows
devices to communicate more easily and securely
• SDN is becoming increasingly important in IoT because it allows
devices to communicate more easily and securely. SDN can also help
reduce the cost of deploying and managing IoT networks.
• SDN is essential for the development of IoT because it provides the
flexibility and centralized management that is necessary for a
network of objects that are constantly collecting and sharing data.
SDN allows for the adaptation of the network to changing needs
which is essential for a network that is constantly growing and
evolving. SDN also allows for the centralized management of
devices, which is necessary for a network that is spread out over a
large area.
• Centralized control: SDN enables centralized control and management of the entire IoT
network, allowing administrators to efficiently monitor, configure and update network
devices from a single point of control. This provides better visibility and control over
network management.
• Scalability: SDN helps in scaling IoT networks by allowing for the easy addition and
removal of devices without complete manual configuration as the number of IoT devices
increases.
• Enhanced security: Security is a critical concern in IoT networks. SDN allows for
centralized security policies, making it easier to implement and enforce security measures
across the entire network. It helps in threat detection for IoT devices.
• Traffic optimization: SDN helps in efficient traffic routing and load balancing in IoT
networks. It ensures that data flows through the most optimal paths. This helps in
improving network performance and reducing latency.
• Resource optimization: With SDN, administrators can optimize resource allocation in IoT
networks. They can allocate bandwidth dynamically, prioritize critical traffic, and optimize
network resources based on real-time requirements. This helps in improving overall
network efficiency.
Potential drawbacks of using
SDN in IoT networks:
• Single point of failure: Since SDN relies on a centralized SDN controller, any failure in the
controller can have a major impact on the entire network. This single point of failure can
potentially disrupt operations until the controller is rectified.
• Network dependency: SDN in IoT networks heavily relies on network connectivity and
uninterrupted communication with the SDN controller. In case of network outages or
connection issues, the network may become inaccessible or experience limited functionality.
• Latency: The dependency on a centralized SDN controller can introduce additional latency
into the network. All decisions and routing instructions must pass through the controller,
which can introduce delays in data transfer to network devices, especially in large-scale IoT
deployments.
• Complexity: Implementing and managing software defined networking in IoT networks
requires expert knowledge and specialization. It can be complex to set up and configure,
requiring administrators to have a deep understanding of SDN concepts and protocols.
• Cost: Implementing SDN in IoT networks may require additional investments in hardware,
software and expertise. The cost of acquiring and maintaining SDN infrastructure, specialized
controllers and compatible devices may be higher compared to traditional networking
solutions.
Data Handling
• Data handling means gathering, organizing, storing, and
working with information to find useful insights.
Generally, It includes tasks like putting in data, checking
it, cleaning it, analyzing, and showing results. However,
Good data handling helps make sure information is
correct, dependable, and safe, helping people make
smart choices in different areas and industries.
Types of Data Handling
• Generally, there are two main types of data, and the methods for
managing it can be customized based on its nature.
• Qualitative Data: Particularly, Qualitative data gives details and
descriptions about a topic.
• Quantitative Data: Quantitative data provides numbers and has
two types.
• Discrete Data: Discrete data means it can only be specific whole
numbers and not in-between values.
• Continuous Data: Continuous data can be any value within a
certain range.
• In addition, knowing what kind of data you have helps you use the
right methods for analyzing and understanding it better.
Data Handling Steps
• Handling data involves 8 major steps to ensure that data is collected,
processed, analyzed, and utilized effectively. Below are the eight key steps:
• Define Objectives: Collect and arrange data to improve understanding and
make informed decisions. The goal is to use data effectively for smarter
choices.
• Data Collection: Gather precise data from diverse sources—databases,
surveys, sensors, and APIs. In short, Verify accuracy, ensure completeness,
and present a comprehensive overview of the issue/question.
• Data Entry: Organize data in a database or spreadsheet, cleaning errors,
duplicates, and irrelevant details to ensure accuracy and clarity.
• Data Cleaning: Find and deal with information that's not there or doesn't
match. This involves adding in missing values, fixing mistakes, and making
sure everything follows the same format to keep the data accurate.
• Data Transformation: Change the data as needed to analyze it better.
However, This might mean making sure everything is on the same scale,
turning categories into numbers, or combining data differently.
• Data Storage: Pick the right place to store your data, like a relational
database, NoSQL database, data warehouse, or cloud storage,
depending on how much data you have and what kind of data it is.
• Data Retrieval: Create ways to get the data you need quickly.
However, This could mean writing SQL queries, using API calls, or other
methods, depending on how you stored the data.
• Data Exploration and Analysis: Look at the data closely to find
interesting information, see patterns, and notice trends. This usually
includes using statistics, creating visual representations, and using
machine learning methods.
• Data handling also contains steps like Data
Interpretation, Presentation, Security and Privacy,
Documentation, Continuous Monitoring, and
Improvement. These steps help organizations handle
and use data well, making smart decisions and solving
problems based on good information. Data Handling
and the Data Science Lifecycle are closely related but
serve different purposes in the data workflow.
Data Handling Uses
• Businesses use it to make decisions and improve how
they work. However, Scientists use it for experiments
and understanding things. In healthcare, it helps
manage patient records and do medical research.
• Schools use it for grading students and managing tasks.
It is also important to keep information safe online. It
helps in many areas to make good choices and work
better.
How to Represent the Data?
• In data handling, we use tables to organize information in rows and columns,
making structured data easy to understand. Generally, Graphs and charts help us
see trends and relationships in the data, making analysis simpler.
• Use diagrams, such as flowcharts or mind maps, to show processes or connections
in your data. However, Pick the representation method that suits your data and the
insights you want to convey, making it easy for others to understand, like:
• Bar Graphs
• Line Graphs
• Pictographs
• Histograms
• Stem and Leaf Plots
• Dot Plots
• Frequency Distributions
• Cumulative Tables and Graphs
Data Handling Skills
Data handling skills mean being good at collecting and
understanding information. Generally, It is important to know
how to use tools for processing data, analyzing statistics, and
managing databases.
Paying close attention to details, thinking critically, and solving
problems are crucial for making sure data is accurate. Also,
showing data in easy-to-understand visuals is part of these
skills.
• However, These abilities are important in areas like business,
research, and technology, where making smart decisions
depends on managing and understanding data well.
Example of Data Handling
• Imagine a small store tracking its daily sales. They use a
table with columns like date, product name, quantity
sold, and total revenue to organize sales data. A bar
chart helps visualize monthly sales trends, and a
flowchart illustrates the sales process, making it easier
to manage inventory and serve customers. In addition,
These methods organize, analyze, and understand data
for better business decisions.